400 likes | 739 Views
Internet & Information Security. Presented by: Zana, Tong & Lilian. Internet & Information Security:. Introduction Definition Statistics Security Breaches – General Examples Description Challenges, Solutions Common Threats Tools for Information Security - Developers Conclusion.
E N D
Internet & Information Security Presented by: Zana, Tong & Lilian
Internet & Information Security: • Introduction • Definition • Statistics • Security Breaches – General Examples • Description • Challenges, Solutions • Common Threats • Tools for Information Security - Developers • Conclusion
Need of Information Security ! Secret Information Stolen from Indian Army -The Times Of India Jan 25, 2006 Hackers Attack eBay Account -Zee News Mar 25, 2005 Man Admits Hacking in New York Times -MSNBC Jan 8, 2004 NASA Sites Hacked -Computer World Apr 24, 2005 Information Hacked by a militant from DRDO. -The Hindu May 25, 2006 CBI investigates hack at e-voting software -Aaj Tak Nov 25, 2006 Space information hacked from ISRO -Hindustan Times Dec 24, 2006
Present Scenario • THE MODERN THIEF CAN STEAL MORE WITH A COMPUTER THAN A GUN. • MORE DAMAGE COULD BE CARRIED OUT WITH A KEYBOARD THAN A BOMB.
Definition • The protection of information systems against unauthorized access to or modification of nformation, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.
StatisticsIndiana University: April 3-4, 2008 • 321 Security Breaches in 2006. • 441 organizations reported a breach in 2007 – more than one per day. • In the first two weeks of January 2008, 7 breaches reported by higher education.
26% of the 321 Security Breaches in 2006 involved Higher Education Over 2,000,000 student records were exposed by higher education in 2006 • 106 businesses • 84 educational institutions • 96 government agencies (state, federal, local) • 35 medical institutions (hospitals)
Reasons Provided for School Breaches: Hackers Armed Robber <1% > 50% Stolen Hardware Stolen Laptops <1% > 20% Malicious Insider Handling Errors <1% ~10%
Reasons for Security Breaches In General Examples Human Error Hackers Vendor Mismanagement Unencrypted Remote Devices Lost or Stolen Remote Devices Inadequate Data Disposal Unencrypted Wireless Transmissions Malicious Employees Inadequate Training or Awareness Procedural Errors Inadequate Policies and Procedures Overlooking New Hires
Description of Internet & Information Security Four widely accepted elements (aims, principles, qualities, characteristics, attributes ... et.) of information security are: • confidentiality • integrity • availability • authentication
Information Security Challenges • Managing security has become increasing complex • Growing external and internal threats • Internal threats increasingly common than external – much easier too • Good external security measures in place • Attackers looking for other means of circumventing /bypassing guards and getting inside • Social engineering becoming popular • Methods - personal contact, installing backdoor, key loggers,spyware, phising via email attachments
Information Security Solutions • Nothing is 100% secure!!! • You can only mitigate the risks. • Approach should be to apply defense-in-depth. • The most effective way to apply security is in layers. • Place security measures at different points in your network. • Construct a series of obstacles of varying difficulty. • Secure each component in your network (firewalls, routers, servers, desktops). • If one measure fails the next will protect. • The series of obstacles may finally make the attacker give up!
Common Security Threats & Vulnerabilities • Threat: Any person, object, or event that, if realized, can potentially cause damage to the network or networked device • Vulnerability: A weakness in a host or network that can be exploited by a threat
Common Threats • Unauthorized Intrusions • Denial of Service (DoS) Attacks • Viruses, Worms, Trojan Horses (Backdoors) • Website Defacements • Internal Attacks
Unauthorized Intrusions Intruders want to gain control of your computer and to use it to launch attacks on other computer systems. Having control of your computer gives them the ability to hide their true location as they launch attacks, often against high-profile computer systems such as government or financial systems. The damage created depends on the intruder's motives. Confidential information maybe compromised, altered or damaged.
Denial of Service • Interruption of service either because the system is destroyed or is temporarily unavailable • e.g. • Destroying a computer's hard disk • Severing the physical infrastructure • Using up all available system resource - CPU, memory,disk space • Consuming network bandwidth to the server
Viruses & Worms • A virus requires a user to do something to continue the propagation – harmful, may destroy data • A worm can propagate by itself - self-propagating malicious code, consumes resources destructively, DoS– Blaster, Slammer • Highly prevalent/common on the Internet • Common distribution: e-mail, ftp, media sharing, hidden codes
Trojans (Backdoors) • Trojans (Backdoors) - Executable codes installed that enable entry into the infected host without authorization • Once installed the back door can be used by the attacker at their leisure • Launching points for further security attacks (DDOS, SPAM)
Bots (Spyware) • Modularized root-kits for specific functions. • What Bots can do: • Create Launch pad for DDOS attacks • Packet sniffing • Key logging • File Serving of illegal or malicious code • Replicating
Website Defacements • Intent: To create political propaganda based attacks • To make a political statement • Launched primarily at Government Orgs, Media, Religious Groups • By exploiting known vulnerabilities in websites or servers • The attacker can plant codes or files to vandalize site
Internal Attacks • Computer Security Institute/FBI and Ernst & Young say nearly 50% of all network attacks come from the inside • Often, from unhappy/disgruntled workers • 76% of the IT executives surveyed by Net Versant said they were concerned about inside attacks from unhappy employees • Losses associated with insider attacks can be more damaging
Other Common Attacks • Connection (Session) hijacking • IP source address spoofing • Smurf attack • Brute-force/Dictionary attacks (password guessing) • Humans are often the weakest link = social engg "Hi, this is Bob, what's the root password?"
Vulnerabilities • Insecure protocols/services running on a host • Exploitable security hole on a host without latest patches or workarounds • Poorly protected hosts without firewalls, IDSs, etc. • Use of weak or default passwords • Insecure configuration of hosts • Execution of malicious codes – Trojan, Backdoors • Use of pirated or downloaded software from a public site without verifying checksum (integrity) and authenticity (signature) • Social engineering
Tools For Information Security • Passwords • Bio-Metrics • Smart Cards • Token devices • Firewalls • Virus Protection Tools • Intrusion detection System • Cryptographic Tools • Digital Signatures • Digital Certificate
Firewall • Protects your internal network from the external world • Enforces an access control policy between two networks • Install firewalls also between office departments • Disallow unauthorized traffic in/out of your network • Define rules depending on required services/protocol • Prevent DOS attacks using rate limits
Firewall Only Secured Data Pass through it. No Checking Of Data No Protection Data Data Data Data Data Data Data Data Data Data Data Data Data Data
Types Of Firewall Packet filtering firewalls Application layer firewalls Stateful inspection firewalls
Bio-Metrics Face Recognition System Multiscale Head Search Feature Search Face Masking And Contrasrt Norm Wrap Wrap Detection And Alignment
Bio-Metrics • Face Recognition System Coder Recognition System ID Eigen space Projection Recognition And Coding
Basics of Cryptography Plain Text Secret Key Cipher Text Encryption Decryption Cipher Text Secret Key Plain Text
Digital Signature Private Key Public Key Message Text Message Text Cipher Text Signature Decryption Signature Encryption Public Key Of Sender Private Key Of Sender Receiver Sender
Secure Socket Layer • The SSL is the most common protocol used in ‘Electronic Certificate’. • Its main capability is to encrypt messages.
Secure Electronic Transaction • A more comprehensive protocol for credit • card processing is SET. • It is not used much due to its cost and complexity ElectronicCertificate Electronoc Certificate are issued by a trusted third party,called a certificate authority(CA). In order to verify that a specific public key belongs to a specific organization. A certificate may verify name,age,gender and other attributes of the individual to whom the public key belongs. Certificate are signed by CA and are valid until an expiration date
Hardware & Software Requirement & Maintenance Hardware: • Router • Firewall • Nessus • Hping2 • SPIKE Proxy • Shadow Security Scanner • Solar Winds Toolsets • Firewalk Software : • Systems SW : Operating systems • Applications • Firewall
Developers of Security Tools Main manufacturer of security tools is ‘CISCO’. • CISCO • DSniff • Hping2 • Nessus • GFI LAN guard • Sam Spade • ISS Internet Scanner • Nikto • SuperScan • SPIKE Proxy • Shadow Security Scanner • Nmap Retina SAINT SARA Security Firewalk N-Stealth Achilles Brutus Fragroute
Conclusion • Providing Security is a cheap process than hacking of important data. • As such it ensures the safety and security of the information and IT assets that underwrite our way of life. • Information Security will enhance the level of confidence among trading partners. • Consumers will be able to trust the integrity and confidentiality of certified suppliers no matter where they might be located.