SECURITY Flashcards
Security Properties
Authenticity- something happened in ur assumption
Integrity- no data changed since authentic event
Confidentiality- only known to some parties
Privacy-protection of personal info
Availability- up and running- with high quality
Different ways how systems can be attacked in
Attacks on industrial control systems
- physical damage and injuries
- affectrs critical infrastructure
- control systems are more and more connected
E.g→ Stuxnet- attack on nuclear facilities in Iran- disabled- Denial of service attack
software- centrifuges - attacked the speed of rotation- destroyed it
Computer Worm
software that was created for a good cause initially.
send updates to UNIX operating system in a particular network
- instead was misused as an update for malicious code.
- replicate and send other computers.
- unlike a virus, does not need to attach to an existing program, rather relies on weakness of target computer
- E.g oil pipe attack in Turkey 2008, blocking valves and added crude oil.
- alerts were tampered
- E.g- attacking a bank on large scale
How to find targets to attack?
thousands of devices found on internet
many attackers dont go for large-scale breaches.
Attacking the normal user?
-Phishing
Malware
Viruses, Worms and trojans
Virus-
small piece of code written can copy itself
can corrupt files
append, impend, or embed itself. to another program
runs and spreads
Worm-
similar to virus, but it is a standalone program.
uses weakness in system to execute the worm
can spead via networking
Trojan:
-malware hidden in a seeminlgy legitimate piece of software(word.exe)
Do only careless people get malware?
probably, but malware can also spread without user interaction.
e.g→via content(flash) in advertisement on normal new websites
anti-malware programs,ant-virus, anti-pot keeps needing to be updated
- creates a fake website with a login attemp
- motivate person to access a website
-Ransomware
and solution
- installs a malicious software that encrypts all data
- ask for money(bitcoin) to get data back
- professional
Ransomware- solution?
- dont panic
- some infections are easy to clean
- need to re-install system and restore from backup(backup systems)
Bot-
- botnet
- multiple compromised computers are compromised o, controlled by a hacker.
- camera,keysrokes,access information
- remote control ,run Distributed Denial of Service attack(easy to detect, hard to prevent)
DDOS attacks in detail
Distributed Denial of Service(DDoS)
DDoS attack from a service(router, web server, etc)
- networked systems unavailable
- flooding with useless traffic
- multiple hierachies of attack- sophisticated.
- defense technologies struggling to cope.
Two types of DDos Attacks
a)Distributed SYN Flood Attack
TCP attack- three way handshare
final ACK message is not sent
- Buffering opens up where RAM is exhausted.
a) Distributed ICMP attack
to a targeted router through a ping attack- ping message to particular IP Address.
many router dont allow pings.
a lot of requests than necessary and target router gets exchuasted.
fake IP addresses due to packets
connection is never established.
Flood TYpes
a) Direct DDoS attack- master zombies, slave zombies, attack
b) Reflector DDoS attack- more serious nature
multiple attackers, severe in detection.
risk management techniques?
Risk management- right security controls in place
- risk assessment;
- keep updating your operating system;
- certification, accreditation , and security assessments;
- system services and acquisition(VPN, sandbox);
- security planning;
- configuration management;
- system and communication protection
- personal security;awareness and training
- physical and environmental protection
- media protection
- contingency(backup) plans
- system and information integrity
- incident response team
- identification and authentication
- access control and accountability and audit
What kind of weaknesses can be exploited?
buffer overflow?
Buffer overflow- cant go beyond that. programmer does not check limits of array bound . input is not properly sanitized.
-solution- randomize adressing
Command Injection-
goal of attacker is to execute an arbitrary command add in OS.
cookies, online forms
Cross-site Scripting(XSS)
- when web apps to post some help, attacker will insert client-side script to a web page.
- e.g support website for programmer(inject code inside here)
- wont infect server, but programmer when goes in the website sees code and computer is in now controlled by hacker.
Prevention-
Anti-virus software
SQL Injection- code is injected as SQL command and tampers database.
prevented easily by checking and sanitizing commands.
Other Attacks
-Attacks via DMA(direct memory access)
can potentially be used to read arbitrary parts of memory.
dont let anyone attach devices to your computers.
Physical (hard-disk access)
prevention- disk encryption, self-encryption disks
Privacy and how to solve
Privacy issues
If product is free, you are the product..
companies build large user profile can be leaked
Privacy Enhancing technologies
- Users- TOR(The Onion Routing) - proxy servers- can be set up as relays- multiple layers of traffic. data is in center,encryption layer-by-layer.
- anonymity of online presence too
The Onion Router
- develop by US Navy
- human right activities.
- privacy
- criminals
How TOR works
How Tor Browser Works→
Step 1- Alice(Client) will first get Tor nodes from directory server(Dave).
Step 2- Once Alice gets it, can create a random pathway to destination server(Bob).
TOR the onion router-
multiple layers of encryption
E.g of TOR
hide data transmitting
Deep Web vs Dark Web
Dark Web- client and server are hidden(both sides use TOR)
- information on weaknesses
- criminal activites
- lots of things dont want to seee or know about
Deep Web-content only accessible with KNOWN ADDRESS
- cloud storage
- private videos
- data bases
- other data
invisible web - not indexed by search engines. hidden web