computing security
DESCRIPTION
TRANSCRIPT
Table of Contents
2
1. Background …………….…………………………………………………………………………………. 4
1.1 IT Trend ……….……………………………………………………………………………………... 5
1.2 Prediction ..…………………………………………………………………………………..…….. 8
1.3 Benchmarking ….…………………………………………………………………………………. 10
1.4 What They Do .......………………………………………………………………………………. 11
1.5 CES 2012 ………….…………………………………………………………………………………. 14
2. What is Profiling …….…………………………………………………………………………………. 15
2.1 Definition …….……………………………………………………………………………………... 16
2.2 Type of Profiling ………………………………………………………………………………….. 17
2.3 Different View ……………………………………………………………………………..…….. 18
2.4 Expectation …………………………………………………………………………………..…….. 19
3. Why Do We Profiling …………………………………………………………………………………. 20
3.1 Origins ..………………………………………………………………………………………..……. 21
3.2 Present .………………………………………………………………………………………..……. 22
3.3 Future ………………………………………………………………………………….........……. 24
4. Mobile User Profiling …………………………………………………………………................ 25
4.1 Context Aware ………………………………………………………………………............... 26
4.2 Set of Raw Data ……………………………………………………………………............... 28
4.3 Extract Attribute ………………………………………………………………………………... 30
4.4 Constraints …………………………………………………………………………………………. 31
Table of Contents
3
5. Intelligence ……………………………………………………………………………………………..... 32
5.1 Introduce …………………………………………………………………………………………….. 33
5.2 Intellectual Intelligence.………………………………………………………………………. 34
5.3 Emotional Intelligence ……………………………………………………………………….. 35
5.4 Qualified Intelligence …………………………………………………………………………. 36
6. Related Works ……………………………………………………………………………………........ 37
6.1 Web Profiling……………………………………………………………………………………….. 38
6.2 Location Sensing………………………………………………………………………………….. 39
6.3 Energy Efficiency………………………………………………………………………………….. 40
6.4 Emotion Sensing …………………………………………………………………………………. 41
6.5 Privacy ……………………………………………………………………………………………….. 43
7. Approach ………………………..…………………………………………………………………......... 44
7.1 Privacy Problem ..…………………………………………………………………................ 45
7.2 User Profiling ..………………………………………………………………………............... 46
7.3 Research Goal .………………………………………………………………………............... 48
Appendix 49
References 59
4
0. Speaker Profile
(2007. 11 ~ 2010. 12)
nchovy team in INZEN Security Nchovy.com Foundation Member Krakenapps.org Committer IDS Neowatcher Maintainer Malware, Exploit Analysis Security Group Chief
(2011. 02 ~ 2011. 12)
Freelance at Future System , Itnade
Conference 2008.02 PADOCON Spoofing & Scanning
Certification
CCNP LPIC CISA
5
6
1. Prologue 1.1 Are you Safe?
7
1. Prologue 1.2 Do You Know?
8
1. Prologue 1.2 Do You Know?
9
1. Prologue 1.3 Cyber Attack
10
1. Prologue 1.4 Threat
11
1. Prologue 1.5 We Need This?
12
13
2. Hackers 2.1 History
Hacking has been around for more than a
century. In the 1870s, several teenagers were flung off the country's brand new phone system by enraged authorities
University facilities with huge mainframe computers, like MIT's artificial intelligence lab, become staging grounds for hackers. At first, "hacker" was a positive term for a person with a mastery of computers who could push programs beyond what they were designed to do.
John Draper makes a long-distance call for free by blowing a precise tone into a telephone that tells the phone system to open a line. Draper discovered the whistle as a give-away in a box of children's cereal
14
2. Hackers 2.1 History
Two members of California's Homebrew
Computer Club begin making "blue boxes," devices used to hack into the phone system. The members, who adopt handles "Berkeley Blue" (Steve Jobs) and "Oak Toebark" (Steve Wozniak), later go on to found Apple Computer.
Morris, Son of former National Security Agency scientist Robert Morris, is known as the creator of the Morris Worm, the first computer worm to be unleashed on the Internet. As a result of this crime, he was the first person prosecuted under the 1986 Computer Fraud and Abuse Act.
15
2. Hackers 2.1 History
Kevin Mitnick secretly monitors the e-mail of
MCI and Digital Equipment security officials. He is arrested (again), N.C., after he is tracked down via computer by Tsutomu Shimomura at the San Diego Supercomputer Center.
Tsutomu Shimomura is a senior fellow at the San Diego Supercomputer Center, where he works on problems in areas as diverse as computational physics and computer security. In February 1995 he helped several online service and Internet companies track down computer outlaw Kevin Mitnick.
16
2. Hackers 2.2 Now
17
2. Hackers 2.2 Now
18
2. Hackers 2.3 Kind of
19
2. Hackers 2.4 Near Enemy
20
21
3. Information Security 3.1 Definitions
Protecting information and information
systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction
Computer security and information assurance are frequently used interchangeably
Confidentiality, Integrity, Availability
Plus Accountability(Non-Repudiation)
Process, Risk Management, BCP/DRP
22
3. Information Security 3.2 Attributes
Confidentiality
used to prevent the disclosure of information to unauthorized individuals or systems
Integrity
means that data cannot be modified undetectably. This is not the same thing as referential integrity in databases
Availability
A requirement intended to assure that systems work promptly and service is not denied to authorized users
Accountability(Non-Repudiation)
The requirement that actions of an entity may be traced uniquely to that entity.
23
3. Information Security 3.3 Risk Management
Risk management is the identification,
assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities
Composite Risk Index = Impact of Risk event x Probability of Occurrence
24
3. Information Security 3.4 Process
Security Governance
The Software Engineering Institute at Carnegie Mellon University, in a publication titled "Governing for Enterprise Security (GES)", defines characteristics of effective security governance
Incident Response Plans computer security incident management involves the monitoring and detection of
security events on a computer or computer network, and the execution of proper responses to those events
Change Management
Change management is an IT service management discipline. The objective of change management in this context is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes to control IT infrastructure, in order to minimize the number and impact of any related incidents upon service
25
3. Information Security 3.5 BCP/DRP
BCP may be a part of an organizational
learning effort that helps reduce operational risk.
BCP is working out how to continue operations under adverse conditions that include local events like building fires, theft, and vandalism, regional incidents like earthquakes and floods, and national incidents like pandemic illnesses.
Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster
26
27
4. Social Engineering 4.1 Survey
28
4. Social Engineering 4.2 Fact
29
4. Social Engineering 4.3 Human Vulnerability
30
4. Social Engineering 4.4 Based on Trust
31
4. Social Engineering 4.5 Physical Security
Basic Security
Robbery / Access Control
Protect Asset from External Threat
Include People
32
33
5. Network Hacking 5.1 DoS
A denial-of-service attack (DoS attack) or
distributed denial-of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users
Method Consumption of computational resources,
such as bandwidth, disk space, or processor time.
Disruption of configuration information, such as routing information.
Disruption of state information, such as unsolicited resetting of TCP sessions.
Disruption of physical network components. Obstructing the communication media
between the intended users and the victim so that they can no longer communicate adequately.
34
5. Network Hacking 5.2 ARP Spoofing
ARP spoofing is a computer hacking technique
whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network.
Even ARP entries which have not yet expired will be overwritten when a new ARP reply packet is received. There is no method in the ARP protocol by which a host can authenticate the peer from which the packet originated. This behavior is the vulnerability which allows ARP spoofing to occur.
Defense Static ARP entries OS Security
35
5. Network Hacking 5.3 XSS
Cross-site scripting (XSS) is a type of computer insecurity vulnerability typically found in
Web applications (such as web browsers through breaches of browser security) that enables attackers to inject client-side script into Web pages viewed by other users.
XSS vulnerabilities have been reported and exploited since the 1990s. Prominent sites affected in the past include the social-networking sites Twitter, Facebook, MySpace, and Orkut.
36
37
6. Malware 6.1 Types of Malware
38
6. Malware 6.2 Original Sin
39
6. Malware 6.3 Definition
Short for Malicious Software
Software designed to disrupt computer
operation, gather sensitive information, or gain unauthorized access to computer systems
Computer viruses, worms, trojan horses, spyware, adware, most rootkits, and other malicious programs
Is not the same as defective software
40
6. Malware 6.4 Infection
Called Virus, Worm
Many early infectious programs. They were
generally intended to be harmless or merely annoying, rather than to cause serious damage to computer systems
Before Internet access became widespread, viruses spread on personal computers by infecting the executable boot sectors of floppy disks
Virus is used for a program has infected some executable software and, when run, causes the virus to spread to other executables.
A worm is a program that actively transmits itself over a network to infect other computers.
41
6. Malware 6.5 Concealment
Called Trojan Horses, Rootkit, Backdoor
When a malicious program is disguised as
something normal or desirable, users may be tempted to install it without realizing it. This is the technique of the Trojan horse or trojan.
A rootkit was a set of tools installed by a human attacker on a Unix system, allowing the attacker to gain administrator (root) access
A backdoor is a method of bypassing normal authentication procedure
42
43
7. Encryption 7.1 Origins
44
7. Encryption 7.1 Origins
45
A watermark is a recognizable image or
pattern in paper that appears as various shades of lightness/darkness when viewed by transmitted light (or when viewed by reflected light, atop a dark background), caused by thickness or density variations in the paper
Cryptology From Greek κρυπτός, "hidden, secret" graphein, "writing", or -λογία, -logia, "study", respectively
Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity
7. Encryption 7.2 Water Marking
In philately, the watermark is a key feature
of a stamp, and often constitutes the difference between a common and a rare stamp
A watermark is very useful in the examination of paper because it can be used for dating, identifying sizes, mill trademarks and locations, and the quality of a paper.
Encoding an identifying code into digitized music, video, picture, or other file is known as a digital watermark.
46
7. Encryption 7.3 Cryptography
It is about constructing and analyzing protocols
that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity, and authentication.
Symmetric-Key Cryptography DES,AES
Public-Key Cryptography
RSA(Ronald Rivest, Adi Shamir, Len Adleman)
Cryptanalysis
47
Bruce Schneier
7. Encryption 7.4 Steganography
The first recorded uses of steganography can be
traced back to 440 BC when Herodotus mentions two examples of steganography in his Histories.
Steganography includes the concealment of information within computer files. In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol
Steganography is used by some modern printers, including HP and Xerox brand color laser printers. Tiny yellow dots are added to each page. The dots are barely visible and contain encoded printer serial numbers, as well as date and time stamps
48
49
8. Privacy 8.1 Issues
50
8. Privacy 8.1
Latin : Privatus “Separated from the Rest”
Want Anonymous
Keyboard Warrior Debate Sensitive Topic Social Fatigue Security Problem(Like Social ID)
Do Not Want Watch Your Behavior Know Your Feeling Know Where You Are/Live
51
52
9. Related Works 9.1 Kraken
It means Legendary sea monsters of
giant proportions said to dwell off the coasts of Norway and Iceland.
OSGi Based Network Security Platform
Pcap Packet Analysis
53
9. Related Works 9.2 Network Scanning
54
9. Related Works 9.3 Metasploit
The Metasploit Project is an open-source,
computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine
Created by H.D Moore in 2003
Penetration Testing Tool
55
9. Related Works 9.4 Backtrack
BackTrack is a distribution based on the Ubuntu
GNU/Linux distribution aimed at digital forensics and penetration testing use
It is named after backtracking
Merged WHAX and Auditor Security Collection
Penetration Testing Tool
56
9. Related Works 9.5 Anti Virus
is software used to detect and
remove computer viruses, as well as many other types of harmful software, collectively referred to as malware.
Identification methods Signature-based detection Suspicious behavior
monitoring Heuristics
57
58
10. Conclusion Acknowledge
59
10. Conclusion Anxious
60
10. Conclusion Fact
61
10. Conclusion iOS is Not Secure
62
10. Conclusion Process
63
10. Conclusion Password
64
10. Conclusion Did you See?
65
10. Conclusion Deal With Devil
66
10. Conclusion Too Much Anxious?
67
10. Conclusion Is This Right?
68
10. Conclusion Don’t be pirate
69
10. Conclusion Defend Yourself
70
10. Conclusion
71
You can't defend. You can't prevent. The only thing you can do is detect and respond. – Bruce Schneier
72
Appendix Issues
73
Appendix Issues
74
Appendix Problem
75
Appendix Risk Management
76
Appendix Social Engineering Book
77
Appendix Information Security Directions
78
Appendix Social Engineering Example
79
Appendix VB100 Anti-Virus Test
80
Appendix Apple’s Security Issue
81
Appendix Infection/Attack
82
Appendix X-large Password
83
Appendix Google’s Technique
84
Appendix Example of Steganography
85
86
References Papers
Hacking : The Art of Exploitation The Art of Deception Social Engineering Authorized translation of the English of Information Security : Principles and
Practice(WILEY) Hacking : The Next Generation(O’REILLY) Practical : Cryptography(WILEY) Rootkits : subverting the windows kernel (Addison-Wesley) Malware Forensic(SYGRESS) Professional Penetration Testing(SYGRESS) Botnet Detection(Springer) Malware Detection(Springer)
87
References Keyword
Information Security Virus Bulletin Malware Trojan Worm Botnet Steganography DES,3DES,AES,RSA DoS, DDoS Hacker Cyber Attack Lulz Sec, Anonymous(Hacker Group), Anti-Sec RSA
88
89