Computing security

Download Computing security

Post on 15-Jan-2015

203 views

Category:

Technology

0 download

Embed Size (px)

DESCRIPTION

 

TRANSCRIPT

<ul><li> 1. Human, Computer and Vulnerability :(20113920)tgnice@nchovy.com 1</li></ul> <p> 2. Table of Contents 1. Background ..41.1 IT Trend .... 51.2 Prediction ...... 81.3 Benchmarking .. 101.4 What They Do ........ 111.5 CES 2012 ..14 2. What is Profiling .. 152.1 Definition .... 162.2 Type of Profiling .. 172.3 Different View ....182.4 Expectation .... 19 3. Why Do We Profiling .203.1 Origins .....213.2 Present .... 223.3 Future ..........24 4. Mobile User Profiling ................ 254.1 Context Aware ...............264.2 Set of Raw Data ............... 284.3 Extract Attribute ... 304.4 Constraints . 312 3. Table of Contents 5. Intelligence .....32 5.1 Introduce .. 33 5.2 Intellectual Intelligence..34 5.3 Emotional Intelligence ..35 5.4 Qualified Intelligence .36 6. Related Works ........ 37 6.1 Web Profiling..38 6.2 Location Sensing.. 39 6.3 Energy Efficiency..40 6.4 Emotion Sensing .41 6.5 Privacy ..43 7. Approach ........... 44 7.1 Privacy Problem .................. 45 7.2 User Profiling ................. 46 7.3 Research Goal ................ 48 Appendix49 References59 3 4. 4 5. 0. Speaker Profile (2007. 11 ~ 2010. 12) nchovy team in INZEN Security Nchovy.com Foundation Member Krakenapps.org Committer IDS Neowatcher Maintainer Malware, Exploit Analysis Security Group Chief (2011. 02 ~ 2011. 12) Freelance at Future System , Itnade Conference 2008.02 PADOCON Spoofing &amp; Scanning Certification CCNP LPIC CISA5 6. 6 7. 1. Prologue 1.1 Are you Safe?7 8. 1. Prologue 1.2 Do You Know?8 9. 1. Prologue 1.2 Do You Know?9 10. 1. Prologue1.3 Cyber Attack10 11. 1. Prologue1.4 Threat11 12. 1. Prologue1.5 We Need This?12 13. 13 14. 2. Hackers2.1 History Hacking has been around for more than acentury. In the 1870s, several teenagerswere flung off the countrys brand newphone system by enraged authorities University facilities with huge mainframecomputers, like MITs artificial intelligencelab, become staging grounds for hackers.At first, "hacker" was a positive term for aperson with a mastery of computers whocould push programs beyond what theywere designed to do. John Draper makes a long-distance call forfree by blowing a precise tone into atelephone that tells the phone system toopen a line. Draper discovered the whistleas a give-away in a box of childrens cereal14 15. 2. Hackers 2.1 History Two members of Californias HomebrewComputer Club begin making "blueboxes," devices used to hack into thephone system. The members, who adopthandles "Berkeley Blue" (Steve Jobs) and"Oak Toebark" (Steve Wozniak), later goon to found Apple Computer. Morris, Son of former National SecurityAgency scientist Robert Morris, is knownas the creator of the Morris Worm, thefirst computer worm to be unleashed onthe Internet. As a result of this crime, hewas the first person prosecuted under the1986 Computer Fraud and Abuse Act. 15 16. 2. Hackers 2.1 History Kevin Mitnick secretly monitors the e-mail ofMCI and Digital Equipment security officials.He is arrested (again), N.C., after he is trackeddown via computer by Tsutomu Shimomuraat the San Diego Supercomputer Center. Tsutomu Shimomura is a senior fellow at theSan Diego Supercomputer Center, where heworks on problems in areas as diverse ascomputational physics and computer security.In February 1995 he helped several onlineservice and Internet companies track downcomputer outlaw Kevin Mitnick. 16 17. 2. Hackers2.2 Now 17 18. 2. Hackers2.2 Now 18 19. 2. Hackers2.3 Kind of 19 20. 2. Hackers2.4 Near Enemy 20 21. 21 22. 3. Information Security3.1 Definitions Protecting information and informationsystems from unauthorized access, use,disclosure, disruption, modification,perusal, inspection, recording ordestruction Computer security and informationassurance are frequently usedinterchangeably Confidentiality, Integrity, Availability Plus Accountability(Non-Repudiation) Process, Risk Management, BCP/DRP 22 23. 3. Information Security 3.2 Attributes Confidentiality used to prevent the disclosure ofinformation to unauthorized individuals orsystems Integrity means that data cannot be modified undetectably. This is not the same thing as referential integrity in databases Availability A requirement intended to assure that systems work promptly and service is not denied to authorized users Accountability(Non-Repudiation) The requirement that actions of an entitymay be traced uniquely to that entity.23 24. 3. Information Security 3.3 Risk Management Risk management is the identification,assessment, and prioritization of risks(defined in ISO 31000 as the effect ofuncertainty on objectives, whether positive ornegative) followed by coordinated andeconomical application of resources tominimize, monitor, and control the probabilityand/or impact of unfortunate events or tomaximize the realization of opportunities Composite Risk Index = Impact of Risk event xProbability of Occurrence24 25. 3. Information Security3.4 Process Security Governance The Software Engineering Institute at Carnegie Mellon University, in a publicationtitled "Governing for Enterprise Security (GES)", defines characteristics of effectivesecurity governance Incident Response Plans computer security incident management involves the monitoring and detection of security events on a computer or computer network, and the execution of proper responses to those events Change Management Change management is an IT service management discipline. The objective of changemanagement in this context is to ensure that standardized methods and proceduresare used for efficient and prompt handling of all changes to control IT infrastructure,in order to minimize the number and impact of any related incidents upon service 25 26. 3. Information Security3.5 BCP/DRP BCP may be a part of an organizationallearning effort that helps reduceoperational risk. BCP is working out how to continueoperations under adverse conditions thatinclude local events like building fires,theft, and vandalism, regional incidentslike earthquakes and floods, and nationalincidents like pandemic illnesses. Disaster recovery is the process, policiesand procedures related to preparing forrecovery or continuation of technologyinfrastructure critical to an organizationafter a natural or human-induced disaster 26 27. 27 28. 4. Social Engineering4.1 Survey28 29. 4. Social Engineering4.2 Fact29 30. 4. Social Engineering 4.3 Human Vulnerability30 31. 4. Social Engineering4.4 Based on Trust31 32. 4. Social Engineering4.5 Physical Security Basic Security Robbery / Access Control Protect Asset from External Threat Include People 32 33. 33 34. 5. Network Hacking5.1 DoS A denial-of-service attack (DoS attack) ordistributed denial-of-service attack (DDoS attack)is an attempt to make a computer or networkresource unavailable to its intended users Method Consumption of computational resources,such as bandwidth, disk space, or processortime. Disruption of configuration information,such as routing information. Disruption of state information, such asunsolicited resetting of TCP sessions. Disruption of physical network components. Obstructing the communication mediabetween the intended users and the victimso that they can no longer communicateadequately.34 35. 5. Network Hacking 5.2 ARP Spoofing ARP spoofing is a computer hacking techniquewhereby an attacker sends fake ("spoofed")Address Resolution Protocol (ARP) messagesonto a Local Area Network. Even ARP entries which have not yet expiredwill be overwritten when a new ARP replypacket is received. There is no method in theARP protocol by which a host can authenticatethe peer from which the packet originated. Thisbehavior is the vulnerability which allows ARPspoofing to occur. Defense Static ARP entries OS Security 35 36. 5. Network Hacking 5.3 XSS Cross-site scripting (XSS) is a type of computer insecurity vulnerability typically found inWeb applications (such as web browsers through breaches of browser security) thatenables attackers to inject client-side script into Web pages viewed by other users. XSS vulnerabilities have been reported and exploited since the 1990s. Prominent sitesaffected in the past include the social-networking sites Twitter, Facebook, MySpace,and Orkut.36 37. 37 38. 6. Malware6.1 Types of Malware 38 39. 6. Malware6.2 Original Sin 39 40. 6. Malware 6.3 Definition Short for Malicious Software Software designed to disrupt computeroperation, gather sensitive information,or gain unauthorized access to computersystems Computer viruses, worms, trojan horses,spyware, adware, most rootkits, andother malicious programs Is not the same as defective software 40 41. 6. Malware6.4 Infection Called Virus, Worm Many early infectious programs. They weregenerally intended to be harmless or merelyannoying, rather than to cause serious damageto computer systems Before Internet access became widespread,viruses spread on personal computers byinfecting the executable boot sectors of floppydisks Virus is used for a program has infected someexecutable software and, when run, causesthe virus to spread to other executables. A worm is a program that actively transmitsitself over a network to infect other computers.41 42. 6. Malware 6.5 Concealment Called Trojan Horses, Rootkit, Backdoor When a malicious program is disguised assomething normal or desirable, users may betempted to install it without realizing it. This isthe technique of the Trojan horse or trojan. A rootkit was a set of tools installed by a humanattacker on a Unix system, allowing the attackerto gain administrator (root) access A backdoor is a method of bypassing normalauthentication procedure42 43. 43 44. 7. Encryption7.1 Origins44 45. 7. Encryption7.1 Origins A watermark is a recognizable image orpattern in paper that appears as variousshades of lightness/darkness when viewed bytransmitted light (or when viewed byreflected light, atop a dark background),caused by thickness or density variations inthe paper Cryptology From Greek , "hidden,secret" graphein, "writing", or -, -logia,"study", respectively Steganography is the art and science ofwriting hidden messages in such a way thatno one, apart from the sender and intendedrecipient, suspects the existence of themessage, a form of security through obscurity45 46. 7. Encryption 7.2 Water Marking In philately, the watermark is a key featureof a stamp, and often constitutes thedifference between a common and a rarestamp A watermark is very useful in theexamination of paper because it can beused for dating, identifying sizes, milltrademarks and locations, and the qualityof a paper. Encoding an identifying code into digitizedmusic, video, picture, or other file is knownas a digital watermark.46 47. 7. Encryption 7.3 Cryptography It is about constructing and analyzing protocolsthat overcome the influence of adversaries andwhich are related to various aspects ininformation security such as data confidentiality,data integrity, and authentication. Symmetric-Key Cryptography DES,AES Public-Key Cryptography RSA(Ronald Rivest, Adi Shamir, Len Adleman) CryptanalysisBruce Schneier 47 48. 7. Encryption 7.4 Steganography The first recorded uses of steganography can betraced back to 440 BC when Herodotus mentionstwo examples of steganography in his Histories. Steganography includes the concealment ofinformation within computer files. In digitalsteganography, electronic communications mayinclude steganographic coding inside of atransport layer, such as a document file, imagefile, program or protocol Steganography is used by some modern printers,including HP and Xerox brand color laser printers.Tiny yellow dots are added to each page. Thedots are barely visible and contain encodedprinter serial numbers, as well as date and timestamps48 49. 49 50. 8. Privacy8.1 Issues 50 51. 8. Privacy 8.1 Latin : Privatus Separated from the Rest Want Anonymous Keyboard Warrior Debate Sensitive Topic Social Fatigue Security Problem(Like Social ID) Do Not Want Watch Your Behavior Know Your Feeling Know Where You Are/Live 51 52. 52 53. 9. Related Works9.1 Kraken It means Legendary sea monsters ofgiant proportions said to dwell off thecoasts of Norway and Iceland. OSGi Based Network Security Platform Pcap Packet Analysis53 54. 9. Related Works9.2 Network Scanning 54 55. 9. Related Works9.3 Metasploit The Metasploit Project is an open-source,computer security project which providesinformation about security vulnerabilitiesand aids in penetration testing and IDSsignature development. Its most well-knownsub-project is the Metasploit Framework, atool for developing and executing exploitcode against a remote target machine Created by H.D Moore in 2003 Penetration Testing Tool 55 56. 9. Related Works 9.4 Backtrack BackTrack is a distribution based on the UbuntuGNU/Linux distribution aimed at digital forensicsand penetration testing use It is named after backtracking Merged WHAX and Auditor Security Collection Penetration Testing Tool56 57. 9. Related Works9.5 Anti Virus is software used to detect andremove computer viruses, as wellas many other types of harmfulsoftware, collectively referred to asmalware. Identification methods Signature-based detection Suspicious behaviormonitoring Heuristics57 58. 58 59. 10. ConclusionAcknowledge 59 60. 10. ConclusionAnxious 60 61. 10. ConclusionFact 61 62. 10. ConclusioniOS is Not Secure 62 63. 10. ConclusionProcess 63 64. 10. ConclusionPassword 64 65. 10. ConclusionDid you See? 65 66. 10. ConclusionDeal With Devil 66 67. 10. ConclusionToo Much Anxious? 67 68. 10. ConclusionIs This Right? 68 69. 10. ConclusionDont be pirate 69 70. 10. ConclusionDefend Yourself 70 71. 10. Conclusion You cant defend. You cant prevent. The only thing you can do is detect and respond. Bruce Schneier 71 72. 72 73. AppendixIssues 73 74. AppendixIssues 74 75. AppendixProblem 75 76. AppendixRisk Management 76 77. Appendix Social Engineering Book 77 78. Appendix Information Security Directions78 79. Appendix Social Engineering Example79 80. AppendixVB100 Anti-Virus Test 80 81. AppendixApples Security Issue 81 82. AppendixInfection/Attack 82 83. AppendixX-large Password 83 84. AppendixGoogles Technique 84 85. Appendix Example of Steganography 85 86. 86 87. References Papers Hacking : The Art of Exploitation The Art of Deception Social Engineering Authorized translation of the English of Information Security : Principles andPractice(WILEY) Hacking : The Next Generation(OREILLY) Practical : Cryptography(WILEY) Rootkits : subverting the windows kernel (Addison-Wesley) Malware Forensic(SYGRESS) Professional Penetration Testing(SYGRESS) Botnet Detection(Springer) Malware Detection(Springer) 87 88. ReferencesKeyword Information Security Virus Bulletin Malware Trojan Worm Botnet Steganography DES,3DES,AES,RSA DoS, DDoS Hacker Cyber Attack Lulz Sec, Anonymous(Hacker Group), Anti-Sec RSA 88 89. 89 </p>