Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Cyber Security

No description
by

Bhavin Jungi

on 7 February 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Cyber Security

Internet
The
Internet
such an open place, and a great way to communicate with the world and gather information.
The
Internet
also makes it easy to attack your computer and potentially invade your privacy.
The
Internet's open communications

protocols
make the security dangers possible.

Internet's open communications protocols
These protocols
break up
every piece of information and message into pieces called
packets
.
It deliver those packets to the proper destinations, and then
reassemble
the packets into their original form after they've been delivered so the receiving computer can view and use them.


TCP/IP
TCP
breaks down and reassembles the packets.

IP
is responsible for ensuring the packets are sent to the right destination

Packet Switched Network vs Circuit Switched Network
In a
packet-switched network
(as with an Internet , for example) , there is no single, unbroken connection between sender and receiver.
When information is sent, it is broken into small packets, sent over many routes at the same time, and then reassembled at the receiving end.
In a
circuit-switched network
, after a connection is made (as with a
telephone call
, for example), that part of the network is dedicated only to that single connection for a finite period of time.

Client Server Model
Client Server Model
The Web uses these protocols, and others, as a way to deliver web pages and other information to your PC.
The
client
is your web browser.
The
server
is a web server that delivers pages to you.
Question
Why do these protocols make the Internet such an unsafe place?
Because they were designed for
openness
and
simplicity
, so the packets that are sent back and forth over email and over the Web are open to inspection by anyone with a little bit of technical know-how
Uniform Resource Locator & IP address
The first part
http://
-details which internet protocol to use.
The second part
www
- sometimes tell what kind of internet resource is being contacted.
The third part
google.com
- can vary in length and identifies the web server to be contacted.
Internet servers
can't understand the letter
so URL needs to be translated into IP address.
An
IP address
is in the form of four numbers separated by dots like
192.168.1.10
.
A
DNS
server translates the URL into IP addresses.
Hackers
To connect your computer to the Internet is to be in danger because of spyware, viruses, Trojans and among the worst threats are hackers, who look for ways to break into people's PCs and do damage.
The Internet was designed to be
open
and this openness can be exploited by hackers, who can use it to break in to your PC.
The Internet was not designed with security in mind, so it's easy for people to spoof their real email addresses or locations.
Script kiddies
are people, not uncommonly adolescent boys can download freely available malicious software, and scripts to run that software to harm other people's computers for their own emotional issues .
Hackers classification
Black hats
-- highly skilled, malicious, destructive “crackers”.
Black hats could be any one and evolves themselves in criminal activities.
Black hats are highest paid persons and their operations are Targeting, Research and Information Gathering.
White hats
-- skills used for defensive security analyst.
White hats are generally owned by companies for security designing and specified coding.
Gray hats
-- offensively and defensively.
Gray hats will hack for different reasons based on situation.
Generally Gray hats hackers are admins.
How hackers invades personal computer ?
Hackers not only attack big websites and corporations, but also individual computers in homes or businesses.
One common program like
Back Orifice
will be used by hackers to gain access.
You can unwittingly get a copy of Back Orifice on your computer in many ways -- for example, you can open a file in an email message and it can be installed to your computer without you realizing it.
Hackers have automated tools that scan thousands of computers to see which ones have Back Orifice running on them and these tools sends out
port probes
.
The hackers can copy or delete all the files, data and software on your computer when he takes control of your computer.
Hackers can gain access to all your passwords, which would enable him to pose as you on websites.
Often Hackers use access to someone else's computer to launch attack against corporations or web pages and when the attack was traced, it would lead to yours instead of hacker.
Spyware
Spyware is an umbrella name for many types of malicious codes.
Spy on ones behavior.
May watch web pages one visit and report that information.
May allow people to record the information.
Install without knowledge or by tricking.
how spyware invades pc ?
Spyware invades PCs through :
Installing Free program installs spyware on PC.
Clicking on a pop-up ad downloads and installs spyware on PC.
Often runs even when the program that it rides upon is not running :
At the start up.
Watches web activities and tracks every web site.
Reports to the spyware website about the web activities done by us.
Spyware website creates profile of every individual.
Website delivers targeted ads to the individual.
How spyware morphs itself to escape detection ?
Polymorphic spywares
Change file-name and location and also size of files
Cool web search and about :
Blank home page hijacking
Install at multiple locations at the hard disk.
Anti-spyware if detects any such spyware; other spywares are still alive in the machine.
Spyware can inject itself in some other application.

Silent Spyware vs. destructive program.
Hiding itself in the windows registry files.
Following the spyware money trail
Someone who wants to make money from spyware signs up for an affiliate program with a website or merchant.
The person gets a code that identifies him, so he can be paid for every link or click to the merchant.
Some merchants monitor those who sign up for affiliate programs, but many do not.
Those wanting to make money from spyware are not often spyware authors. They make deal with spyware author in which spyware will include links to persons’ affiliate program ID.
How antispyware works?
Searches signature of spyware.
Compares signatures with signature base.
Also checks suspicious behavior.
Then antispyware deletes spyware. :
May not be deleted completely.
Hence specific software is required to delete all spywares.
Includes real-time protection.
Hacking
Spyware
Spam
Spam
Unwanted email clogs all our inboxes, floods us with pornographic come-ons, and gets worse with each passing year.
Postini, an email security and management company, claims that 88% of all email sent is spam.
Some estimates hold that spam costs businesses an astonishing $20 billion a year in lost productivity, buying extra hardware and software, and troubleshooting costs.
Their emails are come-ons to click and get sent to a site, such as a get-rich-scheme or to buy phone pharmaceuticals.
A spammer buys or compiles massive lists of email addresses.
The spammer then either uses special software to send the spam or hires a hacker to use his fleet of hijacked PCs, called zombies or bots, to send the spam.
how spam works ?
Spam
is a term used to describe unsolicited email sent to you, often by commercial firms that attempt to sell you goods and services.
To send unsolicited bulk email, a spammer first needs to get a list of email addresses.
Email addresses can be harvested
from email directories on the websites that allow people to look up others emails addresses.
In the
message
might be a return address, website or a phone number where the receiver can get more information about the
goods and services being sold
.
Spammers often
hide their real email addresses
, they forge parts of a message header in the email address, such as the From, Sender and Reply fields, so it appears that email has come from someone other.
Nigerian 419 scam
Unwitting victims have been bilked out of millions of dollars.
A scammer goes to the internet cafe and sends spam letters from a free email service, such as hotmail.
This emails tell the intended victim that the sender of the email needs help transferring money from Nigeria to United States in amounts of millions of dollars.
The victim is told that he only needs to allow his bank account to be used to receive the money.
In return he will get a portion of the transferred money, often 30%-40%.
The scammers asks for information about the persons bank account and then transfer money out of the account.
In some instances, they tell the victim to complete the transfer, he needs to fly to Nigeria to meet with officials and have been kidnapped.
How anti spam software works
Some email software allows you to filter out messages from certain address can be termed as
spam filter
.
ISPs can block spammers from sending bulk mail to their subscribers.
The
router
has been told that when email comes from certain addresses, it should block mail from getting into network.
Spam filter ans ISPs routing table does
not always wor
k, however, because spammers often change their addresses.
A number of laws and schemes have been proposed to regulate or outlaw spam.
Every piece of spam would have to contain a specific piece of information in the message header, identifying it as unsolicited email.
You should also notify email directories that you'd like to be taken off their lists.
In this way, your email address won't be harvested by robots.
Website Privacy
Every time you visit a new website, that website
gathers information
about you.
The site may track every page you visit and the a
mount of time you spend
on each page.
It might examine your IP address and find out your
geographic location
and your place of work.
It may gather a lot more information and be able to put together a surprisingly sophisticated and
complete profile
of who you are and your personal interests.
It might customize which pages it shows to you, depending on your past surfing habits on the sites.
Cookies
are bits of data put on a hard disk when someone visits certain websites.
Cookies can contain many kinds of information, such as the last time a person visited the site, the person's favorite sites, and similar information.
Web server logs
are examined in detail.
Web bugs
can also trace people's paths through a website.
Web bugs can be included in email, and they can actually enable people to view some of your email.
Website Privacy
Internet
How websites track your activities
A
sniffer
is a computer that examines all the TCP/IP packets coming into and out of the website.
The sniffer must
identify
who is coming to the site by means of
cookies
,
Open Profiling Standard(OPS)
information stored on a person's web browser and
IP address
.
The sniffer examines the beginning and ending packets and track who is making the requests and where they are coming from or going to.
Information is sent from the sniffer to the database, where all the information is stored.
Many types of reports can be created out of the database, such as the average amount of time people spend on the site, sites they 're going to visit and other information.
Software privacy
Software privacy
Software privacy works in conjunction with
Internet usage
to
control
or
limit
the amount of
information
made available
to third-parties
.
Software privacy is protecting a user's Internet privacy from the World Wide Web.
There are software products that will mask or
hide a user's IP address
from the outside world in order to
protect
the user from
identity theft
.
Software privacy provides protection by
hiding or deleting the users Internet traces
that are left on their PC after they have been surfing the Internet.
There is software that will
hide and encrypt a user's traces
so that others using their PC will not know where they have been surfing.
Ethical Hacking
Ethical Hacking
Process of hacking target system to evaluate system security and report back to owner about the vulnerabilities found.
It is legal.
Permission is obtained from target.
Part of an overall security program.
Attacks are done in non destructive manner.
Ethical Hacker
Independent computer security professionals breaking into the computer systems.
Completely trustworthy.
Have strong programming and computer networking skills.
Learn about system and try to find its weakness and vulnerabilities to report back to owner.
Ethical Hacking Process
Preparation
Foot printing
Enumeration and fingerprinting
Identification of vulnerabilities
Attack-exploit the vulnerabilities.
Preparation
Identification of target –company website, mail server, intranet.
Signing of contract
Agreement on protection against any legal issue.
Contracts to clearly specify limits and dangers of the test.
Total time for testing.
Key people made aware of testing.
Foot Printing
Collecting required information about target:
DNS server.
IP ranges
Administrative contacts
Problem reveled by administrator
Enumeration and Finger Printing
Operating system enumeration.
Identification of services/open port.
Methods
Port/service scans – TCP connect , TCP syn , TCP fin.
Identification of Vulnerabilities
Insecure configuration
Weak passwords
Methods : default passwords , social engineering , listening to traffic.
Insecure programming
Methods : SQL injection , listening to traffic.
Weak access control
Methods : using the application logic , SQL injection.
Attack - Exploit the vulnerabilities
Network infrastructure attacks:
Connecting to network through modem.
Flooding the network to cause DOS.
Operating system attacks:
Attacking authenticating system.
Exploiting protocol implementation.
Exploiting insecure configuration.
Securing Inter connecting system
Securing Interconnecting System
Planning the interconnection.
Establishing the interconnection.
Maintaining the interconnection.
Disconnecting the interconnection
Planning the interconnection
The participating space agencies perform preliminary activities.
Examine all relevant technical, security, and administrative issues.
Form an agreement governing the management, operation, and use of the interconnection.
Establishing and Maintaining the interconnection
The space agencies develop and execute a plan.
It
establish
the interconnection including implementing, configuring, and testing appropriate security controls.
The space agencies actively
maintain
the interconnection after it is established to ensure that it operates properly and securely.
Disconnecting the interconnection
One or all of the interconnected space agencies may choose to terminate the interconnection.
The termination should be conducted in a planned manner to avoid disrupting the other agency’s systems.
In response to an emergency, however, one or all space agencies may decide to terminate the interconnection immediately.
Encryption and Decryption Methods
Basic Terminology
Plaintext
: original message to be encrypted
Ciphertext
: the encrypted message
Enciphering or encryption
: the process of converting plaintext into ciphertext
Encryption algorithm
: performs encryption
Two inputs: a
plaintext
and a
secret key
Deciphering or decryption
: recovering plaintext from ciphertext
Decryption algorithm
: performs decryption
Two inputs:
ciphertext
and
secret key
Secret key
: same key used for encryption and decryption
Also referred to as a
symmetric key
Symmetric Cipher Model
Caesar Cipher
Earliest known substitution cipher
Invented by Julius Caesar
Each letter is replaced by the letter three positions further down the alphabet.
Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Example: ohio state -> RKLR VWDWH
Playfair Cipher
Use a 5 x 5 matrix.
Fill in letters of the key (w/o duplicates).
Fill the rest of matrix with other letters.
E.g., key = MONARCHY.
Plaintext is encrypted two letters at a time.
If a pair is a repeated letter, insert filler like 'X’.
If both letters fall in the same row, replace each with the letter to its right (circularly).
If both letters fall in the same column, replace each with the the letter below it (circularly).
Otherwise, each letter is replaced by the letter in the same row but in the column of the other letter of the pair.
Encrypting and Decrypting
Vigenere Cipher
Simplest polyalphabetic substitution cipher
Consider the set of all Caesar ciphers: { Ca, Cb, Cc, ..., Cz }
Key: e.g. Encrypt each letter using Cs, Ce, Cc, Cu, Cr, Ci, Ct, Cy in turn.
Repeat from start after Cy.
Decryption simply works in reverse.
Example of Vigenère Cipher
Keyword: deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Cyber Security
Prof. Sharada Valiveti
Full transcript