SECURITY Flashcards

1
Q

Security Properties

A

Authenticity- something happened in ur assumption

Integrity- no data changed since authentic event

Confidentiality- only known to some parties

Privacy-protection of personal info

Availability- up and running- with high quality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Different ways how systems can be attacked in

Attacks on industrial control systems

A
  • physical damage and injuries
  • affectrs critical infrastructure
  • control systems are more and more connected

E.g→ Stuxnet- attack on nuclear facilities in Iran- disabled- Denial of service attack

software- centrifuges - attacked the speed of rotation- destroyed it

Computer Worm

software that was created for a good cause initially.

send updates to UNIX operating system in a particular network

  • instead was misused as an update for malicious code.
  • replicate and send other computers.
  • unlike a virus, does not need to attach to an existing program, rather relies on weakness of target computer
  • E.g oil pipe attack in Turkey 2008, blocking valves and added crude oil.
  • alerts were tampered
  • E.g- attacking a bank on large scale

How to find targets to attack?

thousands of devices found on internet

many attackers dont go for large-scale breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Attacking the normal user?

-Phishing

Malware

Viruses, Worms and trojans

Virus-

small piece of code written can copy itself

can corrupt files

append, impend, or embed itself. to another program

runs and spreads

Worm-

similar to virus, but it is a standalone program.

uses weakness in system to execute the worm

can spead via networking

Trojan:

-malware hidden in a seeminlgy legitimate piece of software(word.exe)

Do only careless people get malware?

probably, but malware can also spread without user interaction.

e.g→via content(flash) in advertisement on normal new websites

anti-malware programs,ant-virus, anti-pot keeps needing to be updated

A
  • creates a fake website with a login attemp

- motivate person to access a website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

-Ransomware

and solution

A
  • installs a malicious software that encrypts all data
  • ask for money(bitcoin) to get data back
  • professional

Ransomware- solution?

  • dont panic
  • some infections are easy to clean
  • need to re-install system and restore from backup(backup systems)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Bot-

A
  • botnet
  • multiple compromised computers are compromised o, controlled by a hacker.
  • camera,keysrokes,access information
  • remote control ,run Distributed Denial of Service attack(easy to detect, hard to prevent)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

DDOS attacks in detail

A

Distributed Denial of Service(DDoS)

DDoS attack from a service(router, web server, etc)

  • networked systems unavailable
  • flooding with useless traffic
  • multiple hierachies of attack- sophisticated.
  • defense technologies struggling to cope.

Two types of DDos Attacks

a)Distributed SYN Flood Attack

TCP attack- three way handshare

final ACK message is not sent

  • Buffering opens up where RAM is exhausted.
    a) Distributed ICMP attack

to a targeted router through a ping attack- ping message to particular IP Address.

many router dont allow pings.

a lot of requests than necessary and target router gets exchuasted.

fake IP addresses due to packets

connection is never established.

Flood TYpes

a) Direct DDoS attack- master zombies, slave zombies, attack
b) Reflector DDoS attack- more serious nature

multiple attackers, severe in detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

risk management techniques?

A

Risk management- right security controls in place

  • risk assessment;
  • keep updating your operating system;
  • certification, accreditation , and security assessments;
  • system services and acquisition(VPN, sandbox);
  • security planning;
  • configuration management;
  • system and communication protection
  • personal security;awareness and training
  • physical and environmental protection
  • media protection
  • contingency(backup) plans
  • system and information integrity
  • incident response team
  • identification and authentication
  • access control and accountability and audit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What kind of weaknesses can be exploited?

buffer overflow?

A

Buffer overflow- cant go beyond that. programmer does not check limits of array bound . input is not properly sanitized.

-solution- randomize adressing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Command Injection-

A

goal of attacker is to execute an arbitrary command add in OS.

cookies, online forms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Cross-site Scripting(XSS)

A
  • when web apps to post some help, attacker will insert client-side script to a web page.
  • e.g support website for programmer(inject code inside here)
  • wont infect server, but programmer when goes in the website sees code and computer is in now controlled by hacker.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Prevention-

A

Anti-virus software

SQL Injection- code is injected as SQL command and tampers database.

prevented easily by checking and sanitizing commands.

Other Attacks

-Attacks via DMA(direct memory access)

can potentially be used to read arbitrary parts of memory.

dont let anyone attach devices to your computers.

Physical (hard-disk access)

prevention- disk encryption, self-encryption disks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Privacy and how to solve

A

Privacy issues

If product is free, you are the product..

companies build large user profile can be leaked

Privacy Enhancing technologies

  • Users- TOR(The Onion Routing) - proxy servers- can be set up as relays- multiple layers of traffic. data is in center,encryption layer-by-layer.
  • anonymity of online presence too

The Onion Router

  • develop by US Navy
  • human right activities.
  • privacy
  • criminals
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How TOR works

A

How Tor Browser Works→

Step 1- Alice(Client) will first get Tor nodes from directory server(Dave).

Step 2- Once Alice gets it, can create a random pathway to destination server(Bob).

TOR the onion router-

multiple layers of encryption

E.g of TOR

hide data transmitting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Deep Web vs Dark Web

A

Dark Web- client and server are hidden(both sides use TOR)

  • information on weaknesses
  • criminal activites
  • lots of things dont want to seee or know about

Deep Web-content only accessible with KNOWN ADDRESS

  • cloud storage
  • private videos
  • data bases
  • other data

invisible web - not indexed by search engines. hidden web

How well did you know this?
1
Not at all
2
3
4
5
Perfectly