1 / 16

How to 0wn the Internet in Your Spare Time

An in-depth exploration of worm attacks in cyberspace, their propagation techniques, impact on internet security, and the need for a central cyber defense organization. Suggestions for improvement and future research areas.

sparksj
Download Presentation

How to 0wn the Internet in Your Spare Time

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to 0wn the Internet in Your Spare Time Authors:Stuart Staniford, Vern Paxson, Nicholas Weaver Publication:Usenix Security Symposium,2002 Presenter:Melvin Rodriguez for CAP 6133, Spring’08

  2. How to 0wn the Internet in Your Spare Time • Thread • Launch DDOS (Distributed Denial of Service) • Access Sensitive / Restrictive Information • Corrupt information’s Integrity Level Can Cause Significant Damage

  3. How to 0wn the Internet in Your Spare Time • Worms • Programs that self replicate exploiting systems flaws • Propagate quickly • Hard to detect (initially) • Constantly Improving Can Spread Fast

  4. How to 0wn the Internet in Your Spare Time • Propagation Techniques Used • Hit-list scanning • Faster propagation • Permutation scanning • Distributed coordination of a worm • Internet scale hit-lists • Targeting Internet enable devices • Topology Aware • Uses victims information • Flash Worm • Quick and Concentrated The Name of the Game is : The Faster the Better

  5. How to 0wn the Internet in Your Spare Time • Significant Worms Attacks • Code Red I • MS IIS vulnerability • Spread by launching threads of random IP addresses • Random generator used fixed seed IP address • Code Red I version 2 • Same code as Code Red I • Fixed random generator • Added a direct DDoS Constantly Evolving: New Improved Versions

  6. How to 0wn the Internet in Your Spare Time • Significant Worms Attacks • Code Red II • Different code from previous Code Reds • Use same vulnerability previously used • Installed a root backdoor • Infected local machines Use of Different Techniques

  7. How to 0wn the Internet in Your Spare Time • Significant Worms Attacks • Nimda • Five different techniques • Probe • Copy • Email • Append Web code • Use backdoors Combination of different techniques: Multi-vector Approach

  8. How to 0wn the Internet in Your Spare Time • Significant Worms Attacks • Nimda Infection

  9. How to 0wn the Internet in Your Spare Time • Significant Worms Attacks • Nimda • Very successful propagation rate • Unknown signature • Firewalls allow email flow • Complete functionality is still Unknown More Research is Needed

  10. How to 0wn the Internet in Your Spare Time • Other Advance Worm Characteristics / Features • Updates and Controls • Direct Worm-to-Worm Communication • Programmable Remote Updates • Remote Control Modification after Infection

  11. How to 0wn the Internet in Your Spare Time • Other Advance Worm Characteristics / Features • Stealth contagion • Slow spread • Non predetermined pattern • Effectiveness depends on various factors • On targets specific traffic using common traffic patterns • Exploit peer-to-peer (P2P) systems flaws • Size of targeted network • Remote Usage Slow propagation - Undetected Infection

  12. How to 0wn the Internet in Your Spare Time • High Level Cyber Center of Disease Control Concept • Mission • Monitor progression • Identify threats • Foster research • Main Roles • Identifying outbreaks • Rapidly analyzing pathogens • Fighting infections • Anticipating new vectors • Proactively devising detectors for new vectors • Resisting future threats

  13. How to 0wn the Internet in Your Spare Time • Summary • Worms are a threat affecting all levels of internet security • They are constantly evolving and improving • Worms combine several techniques to avoid detection and increase infections effectiveness • Conclusion • More research is needed • Need for a centralized organization to bind and establish collaboration efforts at all Industry levels • Worms can cause a significant level of damage / disruption of Internet services and lost of revenue

  14. How to 0wn the Internet in Your Spare Time • Contributions • Explained the Threat and How Dangerous • Presented techniques used for infecting systems • Discussed known worms attacks • Overview of techniques used • Discussed main characteristics and features • An high level overview of a centralized Cyber Center of Disease Control mission and roles

  15. How to 0wn the Internet in Your Spare Time • Weaknesses • Title is misleading • Points towards ‘how to’ approach • No enough explanation on statistics • No proven hypothesis • Material is not easy to follow • Better presentation of material • Hypothesis without actual data to support • Use of possible scenarios without real data • CCDC deployment idea not fully developed • Open items for further discussion

  16. How to 0wn the Internet in Your Spare Time • How to Improve • Updating the title • Expand on CDC concept • Present how it would operate • Organization and cooperation with other Agencies • NSA, USCERT, Military, Commercial, etc • Additional analysis and description of Worms • Rearrange the material sequence • Re-group topics • Depict International deployment / cooperation

More Related