![Page 1: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/1.jpg)
DSC 101: Security
![Page 2: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/2.jpg)
Topics
1. Components of Security2. States of Information3. Threats4. Attacks5. Malware6. Vulnerabilities
![Page 3: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/3.jpg)
What is Security?
Security is the prevention of certain types of intentional actions from occurring in a system.– The actors who might attack a system are threats.
– Threats carry out attacks to compromise a system.
– Objects of attacks are assets.
![Page 4: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/4.jpg)
Components of Security
Integrity
Confidentiality Availability
![Page 5: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/5.jpg)
Confidentiality
Confidentiality is the avoidance of the unauthorized disclosure of information.
Examples where confidentiality is critical:– Personal information– Trade secrets– Military plans
![Page 6: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/6.jpg)
Security Controls for Confidentiality
Access Control: rules and policies that limit access to certain people and/or systems.
– File permissions (which users can access)– Firewall settings (which IP addresses can access)
Encryption: transforming information so that it can only be read using a secret key.
– AES– SSL
![Page 7: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/7.jpg)
Integrity
Integrity is the property that information has not be altered in an unauthorized way.
Examples where integrity is critical:– Operating system files– Software updates and downloads– Bank account records
![Page 8: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/8.jpg)
Security Controls for Integrity
• Backups: periodic archiving of data. • Checksums: the computation of a function
that maps the contents of a file to a numerical value.
• Data correcting codes: methods for storing data in such a way that small changes can be easily detected and automatically corrected.
![Page 9: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/9.jpg)
Availability
Availability is the property that information is accessible and modifiable in a timely fashion by those authorized to do so.
Examples where availability is critical:– E-commerce site– Authentication server for your network– Current stock quotes
![Page 10: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/10.jpg)
Security Controls for Availability
Physical protections: infrastructure meant to keep information available even in the event of physical challenges.
– Backup generators– Disaster recovery site
Computational redundancies: computers and storage devices that serve as fallbacks in the case of failures.
– Backup tapes– RAID
![Page 11: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/11.jpg)
States of Information
1. Storage: information in memory or disk that is not currently being accessed.
2. Processing: information currently being used by processor.
3. Transmission: information in transit between one node and another on a network.
Is your information protected in all three states?
![Page 12: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/12.jpg)
Threats, Attacks, and VulnerabilitiesThreats are people who are able to take advantage of security vulnerabilities to attack systems.
– Criminals, hacktivists, spies, disgruntled employees.
Attacks are tools, programs, and methods used by threats to obtain assets from systems in violation of the security policy.
– Stuxnet, Dark Comet, AirCrack, John the Ripper
Vulnerabilities are weaknesses in a system that allow a threat to obtain access to information assets in violation of a system’s security policy.
(2719662)Vulnerabilities in Gadgets Could Allow Remote Code Execution
![Page 13: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/13.jpg)
How are Digital Threats Different?
Automation– Salami Attack from Office Space.
Action at a Distance– Volodya Levin, from St. Petersburg, Russia, stole
over $10million from US Citibank. Arrested in London.
Technique Propagation– Criminals share attacks rapidly and globally.
![Page 14: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/14.jpg)
Who are the threats?
IBM X-Force 2012 Trend and Risk Report
![Page 15: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/15.jpg)
Threat Model
A threat model describes which threats exist to a system, their capabilities, history, intentions, and likely targets.
– Are you worried about broad or targeted threats?
– Are your threats able to develop their own tools or just use off the shelf tools?
– Do you keep enough data about historical incidents to know what your threats are?
![Page 16: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/16.jpg)
Threat Model Examples
Example 1: Disgruntled Insider– Targeted attack on organization– Knows systems and information assets already– Attacks more likely to focus on DoS than theft
Example 2: Outsider, broad attack– Broad attack, looking for any vulnerable system.– Looking for one particular type of asset, which
your organization may or may not have.
![Page 17: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/17.jpg)
Attacks and Exploits
An attack is an action taken by a threat to gain unauthorized access or to create unauthorized modification of assets.
– Spam– Phishing– Malware– Denial of Service
An exploit is a piece of software or a scripted set of actions that carry out an attack. Threats often turn attacks into exploits to automate compromising of systems.
![Page 18: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/18.jpg)
Spam
Spam is the use of electronic messaging systems to send unsolicited bulk messages, especially advertising, indiscriminately.
– Mostly e-mail, but also– Blog and webforum comment spam,– Wiki spam,– IM spam, etc.
![Page 19: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/19.jpg)
Over 90% of e-mail is spam!
![Page 20: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/20.jpg)
Phishing E-mail
![Page 21: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/21.jpg)
Phishing Site
![Page 22: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/22.jpg)
Denial of Service
![Page 23: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/23.jpg)
MalwareMalware, short for malicious software, is software designed to gain access to confidential information, disrupt computer operations, and/or gain access to private computer systems. Malware can be classified by how it infects systems:
– Trojan Horses – Viruses – Worms
Or by what assets it targets:– Ransomware– Spyware and adware– Backdoors– Rootkits– Botnets
![Page 24: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/24.jpg)
How much malware is out there?
![Page 25: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/25.jpg)
Trojan Horses
![Page 26: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/26.jpg)
Trojan Horse Examples
![Page 27: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/27.jpg)
Viruses
A computer virus is a type of malware that, when executed, replicates by inserting copies of itself (possibly modified) into other files. This process is called infecting.
![Page 28: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/28.jpg)
Worms
A worm is a type of malware that spreads itself to other computers.
![Page 29: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/29.jpg)
Ransomware
![Page 30: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/30.jpg)
Spyware and Adware
![Page 31: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/31.jpg)
Backdoors
![Page 32: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/32.jpg)
Backdoor Example: Dark Comet
![Page 33: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/33.jpg)
Rootkits• Execution Redirection• File Hiding• Process Hiding• Network Hiding• Backdoor
User Program
Rootkit
Operating System
![Page 34: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/34.jpg)
Botnets
![Page 35: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/35.jpg)
Vulnerabilities
Vulnerabilities can be found in any software:– PC: Office, Adobe Reader, web browsers– Server: Databases, DNS, mail server software,
web servers, web applications, etc.– Mobile: Mobile phone OS, mobile applications– Embedded: printers, routers, switches, VoIP
phones, cars, medical devices, TVs, etc.– Third party software: Web browser plugins, Ad
affiliate network JavaScript include files, Mobile ad libraries
![Page 36: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/36.jpg)
Document Format Vulnerabilities
IBM X-Force 2012 Trend and Risk Report
![Page 37: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/37.jpg)
Web Browser Vulnerabilities
IBM X-Force 2012 Trend and Risk Report
![Page 38: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/38.jpg)
Embedded Vulnerabilities
![Page 39: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/39.jpg)
Patches
A patch is a piece of data or software designed to fix a security vulnerability or bug.
– Administrator may have to apply manually.– Some vendors specify certain days to patch,
such as “Patch Tuesday,” the 2nd Tuesday of the month when MS releases updates.
– Increasingly software auto updates itself with current patches.
![Page 40: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/40.jpg)
Vulnerability Timeline
![Page 41: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/41.jpg)
Vulnerability Markets
![Page 42: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/42.jpg)
Vulnerability Databases
![Page 43: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/43.jpg)
Key Points
1. Components: confidentiality, integrity, availability2. States of Info: storage, communication, processing3. Definitions: threat, attack, and vulnerability4. Attacks: spam, phishing, DoS, and malware5. Vulnerabilities affect all software
– Not just PC or mobile software– Lifecycle: 0day, exploit, then patch and signatures
![Page 44: DSC 101: Security. Topics 1.Components of Security 2.States of Information 3.Threats 4.Attacks 5.Malware 6.Vulnerabilities](https://reader030.vdocument.in/reader030/viewer/2022032707/56649e195503460f94b068ee/html5/thumbnails/44.jpg)
References1. Nate Anderson, Meet the men who spy on women through their webcams: The Remote
Administration Tool is the revolver of the Internet's Wild West. Ars Technica, http://arstechnica.com/tech-policy/2013/03/rat-breeders-meet-the-men-who-spy-on-women-through-their-webcams/, 2013.
2. Honeynet Project, Know Your Enemy, 2nd edition, Addison-Wesley, 2004. 3. IBM, X-Force 2012 Risk and Trends Report, 2013.4. Stuart McClure, Joel Scambray, and George Kurtz, Hacking Exposed, 5th edition, McGraw-
Hill, 2005. 5. Norton, Fake Antivirus,
http://www.nortonantiviruscenter.com/security-resource-center/fake-antivirus.html6. Ed Skoudis, Counter Hack Reloaded, Prentice Hall, 2006.7. Stuart Staniford, Vern Paxson, and Nicholas Weaver, "How to 0wn the Internet in Your
Spare Time," Proceedings of the 11th USENIX Security Symposium, 2002.