250 likes | 407 Views
Survivable Network Analysis. Oracle Financial System SNA step 3 Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song. Overview. Review Essential Components Attacker profiles Attack Patterns Intrusion Usage Scenarios Compromisable Components Diagram Next Steps.
E N D
Survivable Network Analysis Oracle Financial System SNA step 3 Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song 11/14 SNA Presentation 3
Overview • Review Essential Components • Attacker profiles • Attack Patterns • Intrusion Usage Scenarios • Compromisable Components Diagram • Next Steps 11/14 SNA Presentation 3
Essential Components Diagram Mistral (Development) Kerberos Domain Contriller HTTP CITRIX O. Listener Kerberos Secure Directory LPR (print) O. DB O. Forms … SMTP (e-mail) Acis.as. cmu.edu (Sun Sparc Cluster) FTP SSH SQL Net Oracle Connection Mgr. HTTPS CAMPUS NETWORK Chinook (Backup) SSH … SCP O. DB O. Listener O. Forms … HTTP SQL Net CITRIX FIBER Tandem LPR (print) SMTP (e-mail) FTP LPR (print) SMTP (e-mail) SSH SSH Cyert Computer Center 11/14 SNA Presentation 3 6555 Penn Ave
Potential Attacker Profiles • Curious Student Hacker • Student Employee • Disgruntled Full-Time Employee • Academic Spy 11/14 SNA Presentation 3
Attacker Profile #1 • Curious Student Hacker • Member of CMU campus community • Low to Medium level of expertise: • Possible CS, IDS, ECE or other technical background • Accesses system from internal campus LAN • Student attacks system in order to learn from experimentation with hacking tools & concepts • Student’s motivation is for disclosure or modification rather than deletion of data • Level: Target-of Opportunity Attack 11/14 SNA Presentation 3
Attacker Profile #2 • Student Employee • Objective is to steal financial funds • Student employed by department at some point • Has access to passwords & has experience using system interface • Accesses system when superiors are not around • Attack may occur in small increments over a long period of time • Level: Intermediate Attack 11/14 SNA Presentation 3
Attacker Profile #3 • Disgruntled Full-Time Employee • Objective is to wreak havoc upon the system via deletion or modification of data • Low to medium level of technical expertise • High level of experience with system • User has account and password with access to the system • User is trusted and therefore is able to cause damage to mission critical system elements • Level: Intermediate Attack 11/14 SNA Presentation 3
Attacker Profile #4 • Academic Spy • Objective is to steal sensitive information on grants from the University • Medium to High level of technical expertise • Accesses System internally or externally • Primary motivation is disclosure of sensitive information rather than modification or deletion • Level: Sophisticated attack 11/14 SNA Presentation 3
Attack Patterns • Trojan Horse • Application content pattern • Possible upload of malicious code • Feeder system • Excel files • Possible attackers • Disgruntled employees • Academic spies 11/14 SNA Presentation 3
Trojan Horse • Gather information • Identify external applications which integrate into system (Excel, etc) • Evaluate processing of uploaded files via feeder system or application server • Exploit • Attach Visual Basic macro to Excel file • Attach executable code to feeder file • Damage • Possible installation of back door code • Denial-of-serve by insertion of malformed input 11/14 SNA Presentation 3
Attack Patterns • Disclosure of sensitive information • User access attack pattern • Using incomplete or improperly assigned access rights to view information • Potential attackers • Students • Disgruntled employees • Academic spies 11/14 SNA Presentation 3
Disclosure of information • Gather information • Identify components with incomplete access control • Use social engineering to acquire passwords • Identify • Exploit • Normal system use with unauthorized access • Damage • Disclosure of information 11/14 SNA Presentation 3
Intrusion Usage Scenario • IUS1 (Data integrity and Spoofing Attack) • Unauthorized user(part-time worker/student ) • Illegitimately obtain password • View, modify confidential data and steal financial funds 11/14 SNA Presentation 3
Example of IUS1 11/14 SNA Presentation 3
Example of IUS1 11/14 SNA Presentation 3
Intrusion Usage Scenario • IUS2 (Data integrity and insider attack) • Authorized Employee (Disgruntled) • Legitimate access right • Modify data or issue illegal check 11/14 SNA Presentation 3
Example of IUS2 11/14 SNA Presentation 3
Example of IUS2 11/14 SNA Presentation 3
Intrusion Usage Scenario • IUS3 (Availability attack) • Student Hacker • Possible upload of malicious code • Feeder system • Excel files • Destroy or limit access to applications of OFS. 11/14 SNA Presentation 3
Intrusion Usage Scenario • IUS4 (Recovery attack) • Professional Hacker • Directly access database, bypassing the firewall • Corrupt major portions of the DB 11/14 SNA Presentation 3
Intrusion Usage Scenario • IUS5 (Spoofing Attack) • Unauthorized user(Academic Spy) • Spoofing legitimate user • View, modify confidential data and marketable information 11/14 SNA Presentation 3
Compromisable Components Diagram Mistral (Development) Kerberos Domain Contriller HTTP CITRIX O. Listener Kerberos Secure Directory LPR (print) O. DB O. Forms … SMTP (e-mail) Acis.as. cmu.edu (Sun Sparc Cluster) FTP SSH Oracle Connection Mgr. SQL Net HTTPS CAMPUS NETWORK Chinook (Backup) SSH … SCP O. DB O. Listener O. Forms … HTTP SQL Net CITRIX FIBER Tandem LPR (print) SMTP (e-mail) FTP LPR (print) SMTP (e-mail) SSH SSH Cyert Computer Center 11/14 SNA Presentation 3 6555 Penn Ave
Other Potential Issues • Password expiration • Availability: Cross department Worker information • Confidentiality: Remove User Access Right when employee leave 11/14 SNA Presentation 3
Ongoing Steps • Client & Users • 4th client meeting to verify compromisable components • More user meetings to verify IUS.b • Discuss application of SNA method. • Within Our Group • Site visit to 6555 Penn Ave. Backup facility • Describe existing and recommended strategies for resistance, recognition, and recovery • Present the survivability map for the architecture 11/14 SNA Presentation 3