Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Taxonomy for CyberSecurity

No description
by

Navneet Rao

on 23 September 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Taxonomy for CyberSecurity

Taxonomy for CyberSecurity
Cyber Security Issues
Data Integrity Verification
Cryptography
Authentication & Authorization
Auto Analysis of Legitimate Usage Patterns
Intrusion Detection
& Risk Mitigation

Malware
Malware
Viruses
Worms
Trojans
Spyware
Scareware
Blended Threats
Bugs
Rootkits
Denial of Service
ACM SIGCOMM Computer Communications Review April 2004, Mirkovic J, Reiher P.
ACM SIGCOMM Computer Communications Review April 2004, Mirkovic J, Reiher P.

User
Authentication
Token-based Authentication
Biometric Authentication
Message Authentication
Authorization
Anil K. Jain, Ruud Bolle, Sharath Pankanti; Springer; 2002. http://link.springer.com/book/10.1007/b117227/page/1
Biometrics: Personal Identification in Networked Society

Knowledge-based Authentication
The Knowledge-Based Authentication Attacks
Farnaz Towhidi, Azizah Abdul Manaf, Salwani Mohd Daud, Arash Habibi Lashkari; Proceedings Security &Managment; 2011. http://world-comp.org/p2011/SAM8123.pdf
Methods for
Knowledge-Based
Authentication
NIST presentation KBA seminar; David Jablon; 2004 http://csrc.nist.gov/archive/kba/Presentations/Day%202/Jablon-Methods%20for%20KBA.pdf
Need trusted path, to transmit knowledge or encrypt:
SSL
Zero-knowledge passwords (share small secret, use prior knowledge of either side)
Known attacks on RFID systems, possible countermeasures and
upcoming standardisation activities. Klaus Finkenzeller, 2009.
http://rfid-handbook.de/downloads/Finkenzeller_Systech-Bremen-2009_v1.0.pdf
MAC and HMAC
Digital Signatures
Digital Signatures; Ravneet Kaur , Amandeep Kaur; Proceedings ICCS 2012; http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6391693
Basically use public-key encryption to verify sender
Hash Functions and Message Authentication Codes (MAC) Professor Marius Zimand, Towson University
http://triton.towson.edu/~mzimand/cryptostuff/N7-Hash.pdf
Picture from: http://en.wikipedia.org/wiki/File:MAC.svg
Privilege escalation
Authorization
Models
Sahar Massachi; Olin University;
https://sites.google.com/site/cacsolin/role-based-access-control
Role Based
Access Control
Permission-based
Access Control
Mike Andrews, Foundstone (McAfee); 2009;
http://www.mcafee.com/us/resources/audio/transcripts/websec101-authorization-slides.pdf
vertical privilege escalation
horizontal privilege escalation
http://homepage.cs.uiowa.edu/~jones/security/notes/18.shtml
Acess Control Lists and Capability Lists; Douglas Jones; University of Iowa
Starting with simple object/user permission matrices

Default permissions

Inheritance of permissions

Later: Groups (somewhat comparable to roles)
Public-Key
Cryptography
Ciphers
Hash Functions
MD-5
SHA-3
Stream Ciphers
Block Ciphers
RIPEMD-160
CSE 107 Introduction to Modern Cryptography ;
Chapter 3: Block Ciphers; Mihir Bellare;
http://cseweb.ucsd.edu/~mihir/cse107/w-bc.pdf
Understanding Cryptography;
Chapter 2: Stream Ciphers; C. Paar, J. Pelzl; 2010
http://www.springer.com/cda/content/document/cda_downloaddocument/9783642041006-c1.pdf
Diffie-Hellman
key exchange
Brute force and
dictionary attacks
Keylogging
Man in the Middle
Physical Access
to Computer
Social Engineering
Passwords
Normal Password
PIN
Password Picture
...
Private Information
Birth date
SSN
Mother's maiden name
Name of first pet
Favorite X
etc.
Fingerprint
Iris
Voice print
Hand
Geometry
RFID
(non-RFID) Smart Cards
A survey on biometric fingerprints: The cardless payment system;
Dileep Kumar, Yeonseung Ryu, Dongseop Kwon; Proceedings ISBAST 2012;
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4547633
Adoption of Iris-Based Authentication;
S. Mohammadi, A. Kaldi; Proceedings IEEM; 2008.
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4738138
Voice Authentication Using Short Phrases:
Examining Accuracy, Security and Privacy Issues;
R.C. Johnson, Terrance E. Boult, Walter J. Scheirer; Proceedings BTAS; 2013;
http://www.wjscheirer.com/papers/wjs_btas2013_voice.pdf
A Survey of Biometric Technology Based on Hand Shape;
Nicolae Duta; Pattern Recognition 11(42); Nov 2009; p. 2797–2806. http://www.sciencedirect.com/science/article/pii/S0031320309000752
Government Smart Card Handbook;
Bill Holcombe (General Services Administration); 2004;
http://www.smartcardalliance.org/resources/pdf/smartcardhandbook.pdf
Fast dictionary attacks on passwords using time-space tradeoff;
Arvind Narayanan, Vitaly Shmatikov; Proceedings CCS; 2005
http://dl.acm.org/citation.cfm?id=1102168
Active Man in the Middle Attacks;
Roi Saltzman, Adi Sharabani; IBM Rationale Applications Security Group white paper; 2009
http://www.security-science.com/pdf/active-man-in-the-middle.pdf
A Robust Technique of Anti Key-Logging using Key-Logging Mechanism;
Muzammil M. Baig, W. Mahmood; Proceedings DEST; 2007; http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4233724&tag=1
No tech hacking: A guide to social engineering, dumpster diving, and shoulder surfing'
J Long; 2011;
http://www.hackersforcharity.org/files/NTH_SAMPLE.pdf (only first 60 pages)
Discovering passwords in the memory;
Abhishek Kumar; Paladion white paper; 2003
http://leetupload.com/database/Misc/Papers/Web%20Papers/discovering_passwords_in_memory.pdf
The Cryptographic Hash Function Crisis;
Bart Preneel; Onassis Foundation Science Lecture Series
Network and Information Security; 2010;
http://forth.gr/onassis/lectures/2010-06-28/presentations/The_cryptographic_hash_function_crisis_and_the_SHA_3_competition.pdf
Fast Collision Attack on MD5;
Xie, T., Liu, F., & Feng, D; IACR Cryptology ePrint Archive; 2013
Not considered secure anymore!
(Also known as Keccak)
Keccak;
Guido Bertoni, Joan Daemen, Michaël Peeters, Gilles Van Assche; Proceedings Advances in Cryptology – EUROCRYPT; 2013; http://link.springer.com/chapter/10.1007/978-3-642-38348-9_19

Differential Attacks on Reduced RIPEMD-160;
Florian Mendel, Tomislav Nad, Stefan Scherz, Martin Schläffer; Proceedings Information Security Conference; 2012; http://link.springer.com/chapter/10.1007/978-3-642-33383-5_2

Diffie-Helman key exchange;
Will Garner; UCSD; http://math.ucsd.edu/~wgarner/research/pdf/diffie-hellman_key_exchange.pdf
Picture from: http://en.wikipedia.org/wiki/File:Diffie-Hellman_Key_Exchange.svg
RSA
Handbook of Information and Communication Security; Chapter 2
Public-Key Cryptography; Jonathan Katz; 2010
http://mfile.narotama.ac.id/files/Information%20System/Handbook%20of%20Information%20and%20Communication%20Security/Chapter%202%20%20Public-Key%20Cryptography.pdf
A method for obtaining digital signatures and public-key cryptosystems;
R. L. Rivest, A. Shamir, and L. Adleman; Communications of the ACM 2 vol. 21; 1978; http://dl.acm.org/citation.cfm?id=359342
Hash-based Integrity
Verification
HTEE: An HMAC Based Tamper Evident Encryption;
Bradley Baker and C. Edward Chow; Proceedings SECRYPT; 2010; http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5741647

(Methods from message authentication apply)
Tamper-evident
Logging
Efficient data structures for tamper-evident logging;
Scott A. Crosby, Dan S. Wallach; Proceedings USENIX Security Symposium; 2009; http://tamperevident.cs.rice.edu/Logging.html
Intrusion Detection
New Paper: http://www.cs.jhu.edu/~fabian/courses/CS600.424/course_papers/McHugh.pdf
http://msdn.microsoft.com/en-us/library/ff648641.aspx
Botnets http://dl.acm.org/citation.cfm?id=1177080.1177086
Insider Threat Mitigation
http://dl.acm.org/citation.cfm?id=1866886.1866888
A Taxonomy for Operational Cyber Security Risk
www.cert.org/archive/pdf/10tn028.pdf‎
Insider Attack Detection
http://link.springer.com/chapter/10.1007/978-0-387-77322-3_5
Old paper: http://www.sciencedirect.com/science/article/pii/0167404893900295
Survey of recent worms
http://dl.acm.org/citation.cfm?id=948189
Survey of malware detection techniques
http://www.serc.net/system/files/SERC-TR-286.pdf
Taxonomy of program security flaws

http://dl.acm.org/citation.cfm?id=185412
Limiting the Damage Potential
of Discretionary Trojan Horses

http://www.cs.washington.edu/research/projects/poirot3/Oakland/sp/PAPERS/00044423.PDF
Insider Threat Prevention
Insider Threat Detection and Prevention
http://dl.acm.org/citation.cfm?id=1966913.1966916
Behavioral detection of malware
http://link.springer.com/article/10.1007/s11416-008-0086-0
Viruses and Blended Threats
http://re.mipt.ru/infsec/2003/handout/ExploitsVulnerabilitiesBufferOverflowViruses.pdf
A Taxonomy of network and computer security attacks

http://www.sciencedirect.com/science/article/pii/S0167404804001804
Blended threats
http://www.tandfonline.com/doi/pdf/10.1201/1086/43327.12.3.20030701/43626.7
Scareware Detection
http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6027523
Taxonomy of cyber attacks
http://dl.acm.org/citation.cfm?id=2048558.2048569
Book on rootkits
http://books.google.com/books?hl=en&lr=&id=XKsl5SZyfS4C
Detecting kernel level rootkits
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=1377219
Spyware
http://dl.acm.org/citation.cfm?id=1076242
Full transcript