Cyber Security Modeling and Assessment of SCADA System Architectures
|
|
- Aleesha Bryant
- 8 years ago
- Views:
Transcription
1 Cyber Security Modeling and Assessment of SCADA System Architectures Mathias Ekstedt, Associate Professor Teodor Sommestad Hannes Holm Industrial Information and Control Systems KTH Royal Institute of Technology Cyber security managment is difficult! Is my control system secure enough? CISO(etc.) What can I do to improve it most effectively?
2 The Cyber Security Modeling Language (CySeMoL) functionality Success probabilities of attacks: P(SCADAServer.Access) = 0.14 P(SCADAService.InjectCode) = 0.14 P(SCADAServer.FindKnownService) = 0.04 P(SCADAServer.ConnectTo) = 0.23 Effect of changes: For P(SCADAServer.Access) Install IPS: 0.14=>0.11 Regular security audits: 0.14=>0.12 Defense/attack graphs The attack step makes other attack steps possible The countermeasure reduces the chance of success The attack step disables the countermeasure
3 A simple defense graph example RDP DB service Machine /OS Network F W The CySeMoL magic Success probabilities of attacks: P(SCADAServer.Access) = 0.14 P(SCADAService.InjectCode) = 0.14 P(SCADAServer.FindKnownService) = 0.04 P(SCADAServer.ConnectTo) = 0.23 Effect of changes: For P(SCADAServer.Access) Install IPS: 0.14=>0.11 Regular security audits: 0.14=>0.12
4 CySeMoL example in our modeling tool: Model Overview (network architecture) Model of SCADA LAN The usual system architecture stuff: - Networks - Physical components /hosts - Software services Perhaps not in your average system architecture model: - Access control points - Authetication mechanisms - Accounts - Users - Security training process
5 An attack example USB inserted on HMI OS Take over the PCU (communication with substation) Attack success 24%!!! (maximum)
6 The attack path extracted There is a chance that: The attacker gains remote access to the HMI through inserted USB stick (step 0 and 1) The HMI has an address on the SCADA network zone (step 2). The attacker connects to the Shared Message Block (SMB) service on the PCU Communication (step 3). Probe to determine what type of product (and version) it is (i.e. that it is SMB and Windows XP) (step 4). Identify a (publically known) vulnerability in the software (step 5). find a functioning high severity exploit (step 6). Run arbitrary code exploit on the PCU Communication OS and open a back door (step 7).! Mitigation: introduce patch managment! 5% No expliot available anymore. Attacker has to develop (or buy) his own.
7 Mitigation: network-layer deep packet inspection filter for PCU traffic! 17% SMB traffic is now monitored. Decreases chance to successfully run arbitrary code attack on service OS! How to calculate the attack success probabilities..? The simple example RDP DB service Machine /OS Network F W!"#$%&'%$"(%)&'*%$"#$%$"&'%#+#,*% '$(-%,#.%/(%01.(%/2%#%-)13(''&1.#4% -(.($)#51.%$('$()%6&$"%1.(%6((*% 13%-)(-#)#51.'7 811*%#$%-)(9&1:'% )('(#),";% <'*%'(,:)&$2%(=-()$';%
8 Connect to the service >"(%#+#,*()%,#.%1/$#&.%#,,(''%$1%#%"1'$% AB% AB% AB% AB% AB% AB% AB% AB% >"(%#+#,*()%,#.%1/$#&.%-"2'&,#4%#,,(''%$1%$"(%.($61)*% AB% AB% AB% AB% AB% AB% AB% AB% A($61)*%41?'%#)(%)(9&(6(0%1.%#%)(?:4#)%/#'&'% CDE% CDE% CDE% CDE% AB% AB% AB% AB% E(,:)&$2%#:0&$'%#)(%-()31)F(0%1.%$"(%.($61)*% 1.%#%)(?:4#)%/#'&'% CDE% CDE% AB% AB% CDE% CDE% AB% AB% F#.#?(F(.$%-)1,(''% CDE% AB% CDE% AB% CDE% AB% CDE% AB% 816%('5F#$(%GH%IJ% KL% MM% MN% MO% MN% MH% PK% PP% Q(0&:F%('5F#$(%GHRIJ% NN% NN% NS% NO% NH% NO% HK% HH% T&?"%('5F#$(%GUHIJ% OS% OS% OS% OS% OO% OS% SR% SH% Q(#.% NP% NN% NO% NO% NH% NO% HK% HN% In the defense graph HKI
9 More probabilities The professional penetration tester has access to the compiled (binary) code Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes The targeted software has been scrutinized before Yes Yes Yes Yes Yes Yes Yes Yes No No No No No No No No The professional penetration tester has access to the source code Yes Yes Yes Yes No No No No Yes Yes Yes Yes No No No No The software is written in a safe language (e.g. C#, Java) or a safe dialect (e.g. Cyclone) Yes Yes No No Yes Yes No No Yes Yes No No Yes Yes No No The software has been analyzed by static code analyzers and improved based on the result Yes No Yes No Yes No Yes No Yes No Yes No Yes No Yes No V#2'%.((0(0%&3%4:,*2GH%I%,"#.,(J%!" #" $" $" #" $" %" #" #" $" $" #" #" #" #" $" V#2'%.((0(0%%1.%#9()#?(%GHRI%,"#.,(J% #!"!"!" #" #%" #$" &" '" (" '"!"!" #'" )" ("!" V#2'%.((0(0%&3%:.4:,*2%GUH%I%,"#.,(J% )'" %(" %(" )" *++" %)" *++" %+)" %)" &" #)" *"!''" %)" #*" &" D=-(,$(0%.:F/()%13%0#2'%)(W:&)(0% %'" (" )"!"#!$" #$"#%&" '$" &" +" +"!" ##" &" )" '" The service has high severity vulnerabilities which the attacker has exploits for Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes There is a deep packet inspection firewall in-between the attacker s IP and the service s port No No No No No No No No Yes Yes Yes Yes Yes Yes Yes Yes The attacker can authenticate itself as a legitimate user Yes of the service Yes Yes Yes No No No No Yes Yes Yes Yes No No No No The operating system uses executable space protection Yes (e.g. DEP in Windows) Yes No No Yes Yes No No Yes Yes No No Yes Yes No No The operating system running the service uses address Yes space layout randomization (ASLR) No Yes No Yes No Yes No Yes No Yes No Yes No Yes No 816%('5F#$(%GH%IJ% ##" #'" #+" #)" '" '" '" +" )" )" +" #'" #" '" (" (" Q(0&:F%('5F#$(%GHRIJ% '+" ((" +$" )+" %#" %+"!$" '#"!("!*" %)" (&" #$" #+" %$" %(" T&?"%('5F#$(%GUHIJ% **" *&" *&" &'" '*" +(" (!" *(" )&" )&" (*" &'" +#" ($" (%" (&" Q(#.% '*" +&" +%" ()" %'" %)"!!" '!" '#" '#"!#" (+" #+" %$" %'"!%" In the defense graph KRRI MNI KRRI HKI KRRI
10 The full scenario 1.00*0.24*1.00*0.51*1.00=0.1224=12.24% chance of success KRRI MNI KRRI HKI KRRI What CySeMoL can do for you This is (roughly) what my future system alternatives look like Scenario 3 Scenario 2 Scenario 1 Probably, I can t say for sure, but it seems as if scenario 2 is the most secure alternative
11 Thank you for listening! CySeMoL scope
12 CySeMoL full version including attacks and countermeasures Data sources Parameters, relationships and dependency-structure: - Literature, e.g. standards or scientific articles. - Review and prioritization by external experts (~10). The probabilities: - Logical necessities, e.g.: if the firewalls allow you to connect to A from B and you have access to B, then you can connect to A. - Others scientific studies, e.g. time-to-compromise for authentication codes and patch level vs patching procedures. - Experts judgments, Own surveys to researchers and security professionals.
13 Data from experts Review of variables to include in the scenarios. + Probabilities on scenarios: - Finding unknown entry-points: 4 experienced penetration testers. - Finding unknown vulnerabilities: 18 vulnerability researchers. - Arbitrary code exploits: 22 penetration testers and security researchers. - Intrusion detection: 165 IDS researchers. - DoS: 50 researchers on DoS attacks. >"(%#+#,*()%,#.%1/$#&.%#,,(''%$1%#%"1'$%#4416(0%$")1:?"%$"(%@)(6#44% AB% AB% AB% AB% AB% AB% AB% AB% >"(%#+#,*()%,#.%1/$#&.%-"2'&,#4%#,,(''%$1%$"(%.($61)*% AB% AB% AB% AB% AB% AB% AB% AB% A($61)*%41?'%#)(%)(9&(6(0%1.%#%)(?:4#)%/#'&'% CDE% CDE% CDE% CDE% AB% AB% AB% AB% E(,:)&$2%#:0&$'%#)(%-()31)F(0%1.%$"(%.($61)*%1.%#%)(?:4#)%/#'&'% CDE% CDE% AB% AB% CDE% CDE% AB% AB% <0F&.&'$)#$1)'%"#9(%0(@.(0%#%31)F#4%,"#.?(%F#.#?(F(.$%-)1,(''% CDE% AB% CDE% AB% CDE% AB% CDE% AB% 816%('5F#$(%GH%IJ% KL% MM% MN% MO% MN% MH% PK% PP% Q(0&:F%('5F#$(%GHRIJ% HK% NN% NN% NS% NO% NH% NO% HH% T&?"%('5F#$(%GUHIJ% SR% OS% OS% OS% OS% OO% OS% SH% Q(#.% NP% NN% NO% NO% NH% NO% HK% HN% Cooke s classical method for weighting experts Find the true expert not the average of experts in general. (It is enough if one person knows the truth, if we can only identify that person ) Ask the expert a set of test questions you know the answer of. Have the experts specify quintiles (0.05, 0.50, 0.95) for the test questions. - there is a 5/50/95 % chance that the value is below X Reward them for being: - calibrated/correct - informative Weight their answers on the real questions based on test question performance >"(%#+#,*()%,#.%1/$#&.%#,,(''%$1%#%"1'$%#4416(0%$")1:?"%$"(%@)(6#44% AB% AB% AB% AB% AB% AB% AB% AB% >"(%#+#,*()%,#.%1/$#&.%-"2'&,#4%#,,(''%$1%$"(%.($61)*% AB% AB% AB% AB% AB% AB% AB% AB% A($61)*%41?'%#)(%)(9&(6(0%1.%#%)(?:4#)%/#'&'% CDE% CDE% CDE% CDE% AB% AB% AB% AB% E(,:)&$2%#:0&$'%#)(%-()31)F(0%1.%$"(%.($61)*%1.%#%)(?:4#)%/#'&'% CDE% CDE% AB% AB% CDE% CDE% AB% AB% <0F&.&'$)#$1)'%"#9(%0(@.(0%#%31)F#4%,"#.?(%F#.#?(F(.$%-)1,(''% CDE% AB% CDE% AB% CDE% AB% CDE% AB% 816%('5F#$(%GH%IJ% KL% MM% MN% MO% MN% MH% PK% PP% Q(0&:F%('5F#$(%GHRIJ% HK% NN% NN% NS% NO% NH% NO% HH% T&?"%('5F#$(%GUHIJ% SR% OS% OS% OS% OS% OO% OS% SH% Q(#.% NP% NN% NO% NO% NH% NO% HK% HN%
14 The concepts included a trade off Practically we can t, and don t want to, have everything in the model The data collection cost for users Data collection cost for us (the theory s complexity) Variables importance to security Variables tendency to vary in practice What CySeMoL can do for you This is (roughly) what my future system alternatives look like Scenario 3 Scenario 2 Scenario 1 Probably, I can t say for sure, but it seems as if scenario 2 is the most secure alternative
15 Questions? Limitations with CySeMoL It is incomplete, its scope excludes: - The losses an attack would lead to - Countermeasures that impact losses (e.g. backups) - Threat agents and their mindset (pen tester w. 1 week prep.) - Focus on availability and integrity (not confidentiality) - Little focus on social engineering attacks - Little focus on physical attacks and physical defenses It depends to quite a large degree on domain experts judgment No details much uncertainty - Model is incomplete and lacks depth - knowledge is simply missing A single architecture includes many potential attack paths - much analysis work to do for the decision maker Better tool support is needed
Cyber Security Assessment of Enterprise-Wide Architectures
Cyber Security Assessment of Enterprise-Wide Architectures Mathias Ekstedt, Associate Prof. Industrial Information and Control Systems KTH Royal Institute of Technology Agenda Problem framing Management/design
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationThe Cyber Security Modeling Language and Cyber Security research at department for Industrial Information and Control Systems
The Cyber Security Modeling Language and Cyber Security research at department for Industrial Information and Control Systems Mathias Ekstedt, Associate Prof. KTH Royal Institute of Technology, Stockholm
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationGoals. Understanding security testing
Getting The Most Value From Your Next Network Penetration Test Jerald Dawkins, Ph.D. True Digital Security p. o. b o x 3 5 6 2 3 t u l s a, O K 7 4 1 5 3 p. 8 6 6. 4 3 0. 2 5 9 5 f. 8 7 7. 7 2 0. 4 0 3
More informationSecuring Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.
Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationComplete Web Application Security. Phase1-Building Web Application Security into Your Development Process
Complete Web Application Security Phase1-Building Web Application Security into Your Development Process Table of Contents Introduction 3 Thinking of security as a process 4 The Development Life Cycle
More informationSemantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0
Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual Document Version 1.0 Table of Contents 1 SWAF... 4 1.1 SWAF Features... 4 2 Operations and User Manual... 7 2.1 SWAF Administrator
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationThe self-defending network a resilient network. By Steen Pedersen Ementor, Denmark
The self-defending network a resilient network By Steen Pedersen Ementor, Denmark The self-defending network - a resilient network What is required of our internal networks? Available, robust, fast and
More informationNew possibilities in latest OfficeScan and OfficeScan plug-in architecture
New possibilities in latest OfficeScan and OfficeScan plug-in architecture Märt Erik AS Stallion Agenda New in OfficeScan 10.5 OfficeScan plug-ins» More Active Directory support» New automated client grouping
More informationRecommended Practice Case Study: Cross-Site Scripting. February 2007
Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber
More informationMany network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.
RimApp RoadBLOCK goes beyond simple filtering! Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. However, traditional
More informationStephen Coty Director, Threat Research
Emerging threats facing Cloud Computing Stephen Coty Director, Threat Research Cloud Environments 101 Cloud Adoption is Gaining Momentum Cloud market revenue will increase at a 36% annual rate Analyst
More informationRedhawk Network Security, LLC 62958 Layton Ave., Suite One, Bend, OR 97701 sales@redhawksecurity.com 866-605- 6328 www.redhawksecurity.
Planning Guide for Penetration Testing John Pelley, CISSP, ISSAP, MBCI Long seen as a Payment Card Industry (PCI) best practice, penetration testing has become a requirement for PCI 3.1 effective July
More informationSEMANTIC SECURITY ANALYSIS OF SCADA NETWORKS TO DETECT MALICIOUS CONTROL COMMANDS IN POWER GRID
SEMANTIC SECURITY ANALYSIS OF SCADA NETWORKS TO DETECT MALICIOUS CONTROL COMMANDS IN POWER GRID ZBIGNIEW KALBARCZYK EMAIL: KALBARCZ@ILLINOIS.EDU UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN JANUARY 2014
More information13 Ways Through A Firewall
Industrial Control Systems Joint Working Group 2012 Fall Meeting 13 Ways Through A Firewall Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright
More informationITEC441- IS Security. Chapter 15 Performing a Penetration Test
1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationInformation Security Attack Tree Modeling for Enhancing Student Learning
Information Security Attack Tree Modeling for Enhancing Student Learning Jidé B. Odubiyi, Computer Science Department Bowie State University, Bowie, MD and Casey W. O Brien, Network Technology Department
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More informationCYBER SECURITY. Is your Industrial Control System prepared?
CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect Operation & Optimization Software Activity Schneider-Electric Challenges What challenges are there
More informationiscsi Security (Insecure SCSI) Presenter: Himanshu Dwivedi
iscsi Security (Insecure SCSI) Presenter: Himanshu Dwivedi Agenda Introduction iscsi Attacks Enumeration Authorization Authentication iscsi Defenses Information Security Partners (isec) isec Partners Independent
More informationSecurity Testing in Critical Systems
Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base
More informationModels for Cyber Security Analysis
Enterprise Architecture t Models for Cyber Security Analysis Teodor Sommestad Royal Institute of Technology KTH Stockholm, Sweden 1 Consequences of Cyber Security Incidents (?) CIA senior analyst Tom Donahue:
More informationMetasploit The Elixir of Network Security
Metasploit The Elixir of Network Security Harish Chowdhary Software Quality Engineer, Aricent Technologies Shubham Mittal Penetration Testing Engineer, Iviz Security And Your Situation Would Be Main Goal
More informationMonitoring for network security and management. Cyber Solutions Inc.
Monitoring for network security and management Cyber Solutions Inc. Why monitoring? Health check of networked node Usage and load evaluation for optimizing the configuration Illegal access detection for
More informationInformation Security Assessment and Testing Services RFQ # 28873 Questions and Answers September 8, 2014
QUESTIONS ANSWERS Q1 How many locations and can all locations be tested from a A1 5 locations and not all tests can be performed from a central location? central location. Q2 Connection type between location
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationAgenda. Understanding of Firewall s definition and Categorization. Understanding of Firewall s Deployment Architectures
Firewall Agenda Unit 1 Understanding of Firewall s definition and Categorization Unit 2 Understanding of Firewall s Deployment Architectures Unit 3 Three Representative Firewall Deployment Examples in
More informationNetwork Segmentation
Network Segmentation The clues to switch a PCI DSS compliance s nightmare into an easy path Although best security practices should be implemented in all systems of an organization, whether critical or
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationRoger W. Kuhn, Jr. Advisory Director Education Fellow Cyber Security Forum Initiative
Roger W. Kuhn, Jr. Advisory Director Education Fellow Cyber Security Forum Initiative November 2014 Disclaimer Current SCADA Vulnerability Factors Industrial Control Systems 101 Proposed Countermeasures
More information13 Ways Through A Firewall What you don t know will hurt you
Scientech 2013 Symposium: Managing Fleet Assets and Performance 13 Ways Through A Firewall What you don t know will hurt you Andrew Ginter VP Industrial Security Waterfall Security Solutions andrew. ginter
More informationNetwork & Agent Based Intrusion Detection Systems
Network & Agent Based Intrusion Detection Systems Hakan Albag TU Munich, Dep. of Computer Science Exchange Student Istanbul Tech. Uni., Dep. Of Comp. Engineering Abstract. The following document is focused
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More information10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011
10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection September 2011 10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 2 It s
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationA Review on Zero Day Attack Safety Using Different Scenarios
Available online www.ejaet.com European Journal of Advances in Engineering and Technology, 2015, 2(1): 30-34 Review Article ISSN: 2394-658X A Review on Zero Day Attack Safety Using Different Scenarios
More informationSecurely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
More informationNetwork Security. Outlines: Introduction to Network Security Dfii Defining Security Zones DMZ. July 2010. Network Security 08
Network Security (Principles i & Practices) Outlines: Introduction to Network Security Dfii Defining Security Zones DMZ By: Arash Habibi Lashkari July 2010 1 Introduction to Network Security Model of Network
More informationNetwork Security Demonstration - Snort based IDS Integration -
Network Security Demonstration - Snort based IDS Integration - Hyuk Lim (hlim@gist.ac.kr) with TJ Ha, CW Jeong, J Narantuya, JW Kim Wireless Communications and Networking Lab School of Information and
More informationIT Security and OT Security. Understanding the Challenges
IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control
More informationEstimates of success rates of Denial-of-Service attacks
Estimates of success rates of Denial-of-Service attacks Teodor Sommestad, Hannes Holm, Mathias Ekstedt Industrial information & control systems Royal Institute of Technology (KTH) Stockholm, Sweden {teodors,
More informationA Manual for the Cyber Security Modeling Language (simplified version)
A Manual for the Cyber Security Modeling Language (simplified version) Hannes Holm, Mathias Ekstedt, Teodor Sommestad, Matus Korman Department of Industrial Information and Control Systems, Royal Institute
More informationThe Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures
The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures Teodor Sommestad, Mathias Ekstedt, and Hannes Holm Abstract The Cyber Security Modeling Language
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationSygate Secure Enterprise and Alcatel
Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationZero day attacks anatomy & countermeasures. By Cade Zvavanjanja Cybersecurity Strategist
Zero day attacks anatomy & countermeasures By Cade Zvavanjanja Cybersecurity Strategist Question? How do you secure against something Your security system can t capture, your experts don t know, your vendors
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationPI Server Security Best Practice Guide Bryan Owen Cyber Security Manager OSIsoft
PI Server Security Best Practice Guide Bryan Owen Cyber Security Manager OSIsoft Agenda Security Development Lifecycle Initiative Using PI to Protect Critical Infrastructure Hardening Advice for the PI
More informationFirewalls for small business
By James Thomas DTEC 6823 Summer 2004 What is a firewall? Firewalls for small business A firewall is either hardware, software or a combination of both that is used to prevent, block or should I say try
More informationTraffic Monitoring : Experience
Traffic Monitoring : Experience Objectives Lebah Net To understand who and/or what the threats are To understand attacker operation Originating Host Motives (purpose of access) Tools and Techniques Who
More informationDNP Serial SCADA to SCADA Over IP: Standards, Regulations Security and Best Practices
DNP SCADA to SCADA Over : Standards, Regulations Security and Best Practices Earl Emerson, Director Systems Engineering RAD Data Communications 2014 Utilities Telecom Council of Canada Motivations for
More informationHackers are here. Where are you?
1 2 What is EC-Council Certified Security Analyst Licensed Penetration Tester Program You are an ethical hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep.
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system
More informationCybersecurity considerations for electrical distribution systems
White Paper WP152002EN Supersedes January 2014 electrical distribution systems Authors Max Wandera, Brent Jonasson, Jacques Benoit, James Formea, Tim Thompson, Zwicks Tang, Dennis Grinberg, Andrew Sowada,
More informationFirewall Tips & Tricks. Paul Asadoorian Network Security Engineer Brown University November 20, 2002
Firewall Tips & Tricks Paul Asadoorian Network Security Engineer Brown University November 20, 2002 Holy Firewall Batman! Your Network Evil Hackers Firewall Defense in Depth Firewalls mitigate risk Blocking
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationSCADA Security Measures
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA SCADA Security Measures
More information8/27/2015. Brad Schuette IT Manager City of Punta Gorda bschuette@pgorda.us (941) 575-3354. Don t Wait Another Day
Brad Schuette IT Manager City of Punta Gorda bschuette@pgorda.us (941) 575-3354 2015 FRWA Annual Conference Don t Wait Another Day 1 SCADA Subsystems Management Physical Connectivity Configuration Mgmt.
More informationOverview. Firewall Security. Perimeter Security Devices. Routers
Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationCOMPUTER SECURITY. J. Magalhães Cruz Computer Security Protection of Local Systems (short) 1 25
COMPUTER SECURITY 9. Protection of local systems (2) Goal (2) Actions to take (3) Protection by Prevention in Local Networks (LAN Protection) (4) Definitions (5) Firewall devices (corta fogos): traffic
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationComputer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1
Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton
More informationFundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals
Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
More informationBest Practices for Securing IP Telephony
Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram
More informationADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT
ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationSecure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions
Secure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions Gigi Joseph, Computer Division,BARC. Gigi@barc.gov.in Intranet Security Components Network Admission Control (NAC)
More informationSecurity Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013
Security Architecture: From Start to Sustainment Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013 Security Architecture Topics Introduction Reverse Engineering the Threat Operational
More informationHow To Perform An External Security Vulnerability Assessment Of An External Computer System
External Vulnerability Assessment -Executive Summary- Prepared for: ABC ORGANIZATION On March 9, 2008 Prepared by: AOS Security Solutions 1 of 5 Table of Contents Executive Summary... 3 Immediate Focus
More informationIDS or IPS? Pocket E-Guide
Pocket E-Guide IDS or IPS? Differences and benefits of intrusion detection and prevention systems Deciding between intrusion detection systems (IDS) and intrusion prevention systems (IPS) is a particularly
More informationThreat Modelling for Web Application Deployment. Ivan Ristic ivanr@webkreator.com (Thinking Stone)
Threat Modelling for Web Application Deployment Ivan Ristic ivanr@webkreator.com (Thinking Stone) Talk Overview 1. Introducing Threat Modelling 2. Real-world Example 3. Questions Who Am I? Developer /
More informationFirewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08
Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 What is a firewall? Firewalls are programs that were designed to protect computers from unwanted attacks and intrusions. Wikipedia
More informationWhat would you like to protect?
Network Security What would you like to protect? Your data The information stored in your computer Your resources The computers themselves Your reputation You risk to be blamed for intrusions or cyber
More informationCyber Security Seminar KTH 2011-04-14
Cyber Security Seminar KTH 2011-04-14 Defending the Smart Grid erik.z.johansson@se.abb.com Appropriate Footer Information Here Table of content Business Drivers Compliance APT; Stuxnet and Night Dragon
More informationSimplifying Security & Compliance Innovating IT Managed Services. Data Security Threat Landscape and IT General Controls
Simplifying Security & Compliance Innovating IT Managed Services Data Security Threat Landscape and IT General Controls Audit Standards and IT General Controls General IT controls discussed in AUC Section
More informationDecrease your HMI/SCADA risk
Decrease your HMI/SCADA risk Key steps to minimize unplanned downtime and protect your organization. Are you running your plant operations with serious risk? Most industrial applications lack recommended
More informationPCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com
PCI Compliance - A Realistic Approach Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com What What is PCI A global forum launched in September 2006 for ongoing enhancement
More informationΕΠΛ 674: Εργαστήριο 5 Firewalls
ΕΠΛ 674: Εργαστήριο 5 Firewalls Παύλος Αντωνίου Εαρινό Εξάμηνο 2011 Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More information1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?
Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More informationPayment Card Industry (PCI) Penetration Testing Standard
Payment Card Industry (PCI) Penetration Testing Standard Issued Date: 14 May 2015 Effective Date: 14 May 2015 Purpose This standard outlines penetration-testing requirements for the university's Payment
More informationPOMPDs Make Better Hackers: Accounting for Uncertainty in Penetration Testing. By: Chris Abbott
POMPDs Make Better Hackers: Accounting for Uncertainty in Penetration Testing By: Chris Abbott Introduction What is penetration testing? Methodology for assessing network security, by generating and executing
More informationClosing Wireless Loopholes for PCI Compliance and Security
Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop
More informationSecurity perimeter white paper. Configuring a security perimeter around JEP(S) with IIS SMTP
Security perimeter white paper Configuring a security perimeter around JEP(S) with IIS SMTP Document control Document name: JEP(S) Security perimeter Author: Proxmea, Proxmea Last update: March 23, 2008
More informationDatabase Security Guideline. Version 2.0 February 1, 2009 Database Security Consortium Security Guideline WG
Database Security Guideline Version 2.0 February 1, 2009 Database Security Consortium Security Guideline WG Table of Contents Chapter 1 Introduction... 4 1.1 Objective... 4 1.2 Prerequisites of this Guideline...
More informationThe Risks that Pen Tests don t Find. OWASP 13 April 2012. The OWASP Foundation http://www.owasp.org
The Risks that Pen Tests don t Find 13 April 2012 Gary Gaskell Infosec Services gaskell@infosecservices.com 0438 603 307 Copyright The Foundation Permission is granted to copy, distribute and/or modify
More informationHow To Protect A Network From Attack From A Hacker (Hbss)
Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment
More information