1 / 18

Cybersecurity Project Presentation

Cybersecurity Project Presentation. February 26, 2014. Amogh Ravish Elma Pinto Elton D’Souza Pradeep Nagendra. Overview. To find valuable knowledge through research questions and data analysis in cyber-security To find patterns in Hacker Web database and forums

warner
Download Presentation

Cybersecurity Project Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cybersecurity Project Presentation February 26, 2014 Amogh RavishElma PintoElton D’SouzaPradeep Nagendra

  2. Overview • To find valuable knowledge through research questions and data analysis in cyber-security • To find patterns in Hacker Web database and forums • To identify vulnerabilities in network devices and establish trends from Shodan

  3. Question 1:Which groups are responsible for DDoSAttacks and SQL Injections? Which parts of the world commonly use these types of attacks? HACKER WEB • Topics are talked about in: • 5 different languages • 15 different forums • 50-60 authors

  4. HACKER WEB – DDoS Attacks and SQL Injection • Top authors talking about both topics: • virus_c • P4L-T3RRORIST • bl2k

  5. HACKER WEB – DDoS Attacks and SQL Injection • Languages widely used – English and Persian

  6. HACKER WEB – DDoS Attacks and SQL Injection • Increasing interest in DDoS attacks and SQL Injection over the last five years • Potential threats in 2014 and 2015

  7. HACKER WEB – DDoS Attacks and SQL Injection • “Anonymous” – an international hactivist group responsible for many DDoS and SQL Injection attacks is a very popular topic in hackweb • The group has been widely discussed in ‘vctool’ forum

  8. Question 2: Which are the top five organizations that are discussed about in hacker web forums and in what context? What are the sentiments of the authors while writing posts? HACKER WEB • Top 5 Organizations: • NASA • NSA • SSA • FBI • CIA • Most discussed keywords: • Cyber-attacks • Vulnerabilities • Hacks • Leaks

  9. HACKER WEB – ORGANIZATIONS • General sentiments of posts across forums – neutral or negative • Sentiments on specific organizations – mostly negative • NASA and NSA most discussed organizations

  10. SHODAN Question 1: Which are the top 10 organizations, domains, ports and countries in the past few years having Cisco devices with low security levels? Do the organizations repeat in the list? What is the inference? Top 10 organizations

  11. SHODAN - Organizations with vulnerable Cisco devices • Organizations with insufficient security on Cisco devices • University of Lagos - victim of ‘SQL Injection’ hack attack in June 2013

  12. SHODAN – Geographical distribution of exposed Cisco devices

  13. SHODAN Question 2: Which of the two servers - Apache and Microsoft-IIS is more susceptible to network attacks?

  14. SHODAN - Apache vs Microsoft-IIS The results suggest that both MS IIS and Apache servers are equally likely to be susceptible to attacks as both percentages were nearly equal in the sample data.

  15. SHODAN - Distribution of potentially susceptible Apache servers in the US

  16. SHODAN - Distribution of potentially susceptible Microsoft-IIS servers in the US

  17. SHODAN Question 3: Are there any servers that can potentially be used for an NTP reflection attack? Can an attacker find any information about the clients using the monlist command?

  18. SUMMARY • Hackers discuss about varied types of attacks prior to making them and also tutor newbies in the forums and convince them to get involved in the attack • Government bodies like FBI, NASA and SSA are the most discussed about especially in negative light in the hacker web forums • Organizations across the globe have plenty of exposed Cisco devices which are prone to being hacked • Apache and Microsoft-IIS Web servers are equally susceptible to attacks in the United States of America • Several private IP addresses which could potentially be targets of NTP Reflection Attacks using NTP on port 123

More Related