Malicious Programs. CEN 448 Security and Internet Protocols Chapter 19 Malicious Software

Size: px
Start display at page:

Download "Malicious Programs. CEN 448 Security and Internet Protocols Chapter 19 Malicious Software"

Transcription

1 CEN 448 Security and Internet Protocols Chapter 19 Malicious Software Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University Malicious Programs Programs that exploit vulnerabilities Cause damage to computer systems Programs that need host program viruses, logic bombs, backdoors Self-contained programs worms, zombies Threats hat do not replicate logic bombs, back doors Threats that produce copies of themselves viruses, worms

2 Malicious Programs

3 Backdoors / Trapdoors Secret entry point to program Allows bypassing normal security procedure Mainly used by programmers for debugging Example: special password, event sequence Threat if used to get unauthorized access Difficult to counter Focus on program development security Logic Bombs Coded embedded into some legit program Set to explode when certain conditions met Examples presence of certain files particular day of the week, month, year particular user

4 Trojan Horses Apparently useful program Contain hidden harmful code Will take privilege of user running it Can be implanted in a compiler All compiled applications will be infected Example backdoor in login application delete files in the background Zombie Program secretly planted in net computer Using virus or Trojan When activated, computer perform attacks Difficult to trace back to its creator Planted into hundreds of computers Used in DoS attacks

5 Virus Structure program V := special marker for victims {goto main; ; subroutine infect-executable := {loop: file := get-random-executable-file; if (first-line-of-file = ) then goto loop else prepend V to file; } subroutine do-damage := {whatever damage is to be done} subroutine trigger-pulled :={return true if some condition holds} main: main-program := {infect-executable; if trigger-pulled then do-damage; goto next;} infect other programs, do damage next: transfer control to original program } Virus Compression Previous structure easy detected from size Compression is used to hide virus

6 Types of Viruses Parasitic attach to exe, infect & do damage when executed Memory-resident virus load to memory, infect every executed application Boot sector virus infect MBR, spread when system boots up Stealth virus designed to hide itself from antivirus Polymorphic virus mutates with every infection, hard to detect signature Metamorphic virus rewrites itself completely each time, change behavior Worms Program that replicates itself Perform unwanted/harmful actions Send copies across network , remote execution, remote login Recent worms Code Red: 360,000 servers in 14 hours Code Red II: targeted MS IIS, install backdoor Nimda: infect web servers, modify contents

7 Antivirus Approaches Main functions detection: determine virus infection occurred identification: identify specific virus removal: remove virus from infected programs First generation antivirus require virus signature to identify virus signature: structure, bit pattern, wildcards maintain length of programs, look for change Antivirus Approaches Second generation antivirus use heuristic rules, search for probable infection e.g. look for encryption loop, discover key integrity checking, use checksum, hash code Third generation antivirus memory resident identify virus by its actions, not signature Fourth generation antivirus package contain multiple AV techniques include access control, limit virus infection ability

8 Advanced Antivirus Techniques Generic Description (GD) technology enables detection of polymorphic viruses all executables run through GD scanner GD contains emulator (virtual computer) capture virus when it decrypted Digital immune system developed b IBM research, utilize GD emulator central server capture virus, analyze, remove pass info to other clients, systems Advanced Antivirus Techniques

9 Distributed Denial of Service Attacks Make system inaccessible by consuming resources with useless requests resource: internal (CPU, disk) or network (bandwidth) Prevent legit users from getting service DoS: launched by single user, host DDoS attacker recruit many Internet hosts coordinated attack against target sophisticated, difficult to trace back DDoS Examples SYN flood attack Flood target with many TCP SYN requests Target sends SYN/ACK, waiting for response SYN requests stored in target memory Eventually, memory filled, can t take more Legit users can t establish TCP connections

10 DDoS Examples Attack on network resources Multiple hosts send ICMP ECHO packets Spoof source IP address to victim target Nodes respond ICMP REPLY packets to spoofed address of target Target router get flooded with packets No bandwidth left for legitimate traffic

11 DoS Examples Consume system memory Simple program/script copy itself Consume process ID address table Consume disk space Generate many s Generate many errors that must be logged Place files in network shared areas DDoS Levels Multiple layers of attack sources Direct DDoS attacks attacker, master zombies, slave zombies attacker coordinates, triggers master zombies master zombies trigger slave zombies Reflector DDoS attacks adds another layer: reflectors more difficulty added to trace and filter packets

12 DDoS Countermeasures Attack prevention: before attack enable victim to endure attack without denying service enforce policies on resource consumption provide backup resources modify internet protocols to reduce possibility of DDoS Attack detection (during attack) attempt to detect attack and respond immediately look for suspicious patterns, filter out offensive packets Attack trace back and identification (during, after) attempt to identify source to prevent future attack usually doesn t yield any results fast enough, if at all

13 Additional References What is botnet?, searchsecurity.techtarget.com/sdefinition/0,,sid1 4_gci ,00.html SYN Cookies, cr.yp.to/syncookies.html Router Expert: Smurf/fraggle attack defence using SACLs, searchnetworking.techtarget.com/tip/1,289483,si d7_gci856112,00.html

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats Malicious Software Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Outline Viruses and Related Threats Malicious Programs The Nature of Viruses Antivirus

More information

Chapter 21. Viruses and other Malicious Software

Chapter 21. Viruses and other Malicious Software Chapter 21 Viruses and other Malicious Software Malicious Software Malicious software can be divided into two categories: 1. Need a host program, referred to that cannot exist independently of some actual

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

Computer Security DD2395

Computer Security DD2395 Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare

More information

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software Cryptography and Network Security Chapter 21 Fifth Edition by William Stallings Chapter 21 Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature:

More information

Malicious Software. Malicious Software. Overview. Backdoor or Trapdoor. Raj Jain. Washington University in St. Louis

Malicious Software. Malicious Software. Overview. Backdoor or Trapdoor. Raj Jain. Washington University in St. Louis Malicious Software Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

9 Malicious Software

9 Malicious Software 9 Malicious Software Viruses and Other Malicious Content computer viruses have got a lot of publicity one of a family of malicious software effects usually obvious have figured in news reports, fiction,

More information

Malware. Björn Victor 1 Feb 2013. [Based on Stallings&Brown]

Malware. Björn Victor 1 Feb 2013. [Based on Stallings&Brown] Malware Björn Victor 1 Feb 2013 Ask Sofia if anything is unclear/too difficult with the lab. Coordinate meetings between you? BadStore: demo version New York Times, Wall Street Journal attacks from China,

More information

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 7 Malicious Software First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Malicious Software programs exploiting system

More information

Denial of Service Attacks

Denial of Service Attacks 2 Denial of Service Attacks : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 13 August 2013 its335y13s2l06, Steve/Courses/2013/s2/its335/lectures/malicious.tex,

More information

Malicious programs. Taxonomy of malicious programs. Trap doors

Malicious programs. Taxonomy of malicious programs. Trap doors Malicious programs Malicious software. Attacks and countermeasures,i Software threats to computer systems: malicious programs that exploit vulnerabilities in computer systems to launch attacks on security

More information

Malicious Software. IT 4823 Information Security Administration. Viruses. Malware Terminology. Virus Structure. Virus Structure

Malicious Software. IT 4823 Information Security Administration. Viruses. Malware Terminology. Virus Structure. Virus Structure Malicious Software IT 4823 Information Security Administration Malicious Software February 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

More information

Malicious Software. Raj Jain. Washington University in St. Louis

Malicious Software. Raj Jain. Washington University in St. Louis Malicious Software Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

Henric Johnson Blekinge Institute of Technology, Sweden Henric Johnson 1

Henric Johnson Blekinge Institute of Technology, Sweden  Henric Johnson 1 Intruders and Viruses Henric Johnson Blekinge Institute of Technology, Sweden http://www.its.bth.se/staff/hjo/ henric.johnson@bth.se h @bths Henric Johnson 1 Intruders Intrusion Techniques Outline Password

More information

Malware / Malicious Logic. fall 2015

Malware / Malicious Logic. fall 2015 Malware / Malicious Logic fall 2015 What malware? Hints: Melissa, Code Red, SQL Slammer, MyDoom, Conficker, Stuxnet, CryptoLocker, CryptoWall Find current or older malware attacks What was the effect?

More information

Intruders and viruses. 8: Network Security 8-1

Intruders and viruses. 8: Network Security 8-1 Intruders and viruses 8: Network Security 8-1 Intrusion Detection Systems Firewalls allow traffic only to legitimate hosts and services Traffic to the legitimate hosts/services can have attacks CodeReds

More information

Introduction To Security and Privacy Einführung in die IT-Sicherheit I

Introduction To Security and Privacy Einführung in die IT-Sicherheit I Introduction To Security and Privacy Einführung in die IT-Sicherheit I Prof. Dr. rer. nat. Doğan Kesdoğan Institut für Wirtschaftsinformatik kesdogan@fb5.uni-siegen.de http://www.uni-siegen.de/fb5/itsec/

More information

SECURING APACHE : DOS & DDOS ATTACKS - I

SECURING APACHE : DOS & DDOS ATTACKS - I SECURING APACHE : DOS & DDOS ATTACKS - I In this part of the series, we focus on DoS/DDoS attacks, which have been among the major threats to Web servers since the beginning of the Web 2.0 era. Denial

More information

Review. Virus Countermeasures 10/5/16. CS 356 Systems Security Fall 2016

Review. Virus Countermeasures 10/5/16. CS 356 Systems Security Fall 2016 CS 356 Systems Security Fall 2016 http://www.cs.colostate.edu/~cs356 Dr. Indrajit Ray http://www.cs.colostate.edu/~indrajit Original slides by Lawrie Brown. Adapted for CS 356 by Indrajit Ray Review Chapter

More information

Seminar Computer Security

Seminar Computer Security Seminar Computer Security DoS/DDoS attacks and botnets Hannes Korte Overview Introduction What is a Denial of Service attack? The distributed version The attacker's motivation Basics Bots and botnets Example

More information

4/18/16. Trojan Horses. Outline. Malicious logic. CSCI 454/554 Computer and Network Security. Defenses against malicious logic

4/18/16. Trojan Horses. Outline. Malicious logic. CSCI 454/554 Computer and Network Security. Defenses against malicious logic Outline CSCI 454/554 Computer and Network Security Topic 8.5 Malicious Logic Malicious logic Trojan horses Computer viruses Worms Rabbits and bacteria Logic bombs Trapdoor DDoS Defenses against malicious

More information

CSCI 454/554 Computer and Network Security. Topic 8.5 Malicious Logic

CSCI 454/554 Computer and Network Security. Topic 8.5 Malicious Logic CSCI 454/554 Computer and Network Security Topic 8.5 Malicious Logic 1 Malicious logic Trojan horses Computer viruses Worms Rabbits and bacteria Logic bombs Trapdoor DDoS Outline Defenses against malicious

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define

More information

Network Incident Report

Network Incident Report To submit copies of this form via facsimile, please FAX to 202-406-9233. Network Incident Report United States Secret Service Financial Crimes Division Electronic Crimes Branch Telephone: 202-406-5850

More information

Denial of Service attacks: analysis and countermeasures. Marek Ostaszewski

Denial of Service attacks: analysis and countermeasures. Marek Ostaszewski Denial of Service attacks: analysis and countermeasures Marek Ostaszewski DoS - Introduction Denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended

More information

SY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

SY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped

More information

MALICIOUS SOFTWARE CHAPTER 21-1. 21.1 Types Of Malicious Software. Backdoor Logic Bomb Trojan Horses Mobile Code Multiple-Threat Malware. 21.

MALICIOUS SOFTWARE CHAPTER 21-1. 21.1 Types Of Malicious Software. Backdoor Logic Bomb Trojan Horses Mobile Code Multiple-Threat Malware. 21. CHAPTER MALICIOUS SOFTWARE 21.1 Types Of Malicious Software 21.2 Viruses Backdoor Logic Bomb Trojan Horses Mobile Code Multiple-Threat Malware The Nature of Viruses Viruses Classification Virus Kits Macro

More information

Malicious Software CSCI 454/554. Malicious Software

Malicious Software CSCI 454/554. Malicious Software Malicious Software CSCI 454/554 Malicious Software 1 Trapdoors w secret entry point into a program w allows those who know access bypassing usual security procedures w have been commonly used by developers

More information

Part III System Security. COSC 490 Network Security Annie Lu 1

Part III System Security. COSC 490 Network Security Annie Lu 1 Part III System Security 1 OUTLINE Malicious Software (Chapter 10) Virus Worm DDOS Password Management (Chapter 11) 2 Viruses and Other Malicious Content computer viruses have got a lot of publicity one

More information

Secure Software Programming and Vulnerability Analysis

Secure Software Programming and Vulnerability Analysis Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview

More information

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 4 Network Vulnerabilities and Attacks

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 4 Network Vulnerabilities and Attacks Security+ Guide to Network Security Fundamentals, Third Edition Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks

More information

Abstract. Introduction. Section I. What is Denial of Service Attack?

Abstract. Introduction. Section I. What is Denial of Service Attack? Abstract In this report, I am describing the main types of DoS attacks and their effect on computer and network environment. This report will form the basis of my forthcoming report which will discuss

More information

CS 356 Lecture 16 Denial of Service. Spring 2013

CS 356 Lecture 16 Denial of Service. Spring 2013 CS 356 Lecture 16 Denial of Service Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter

More information

Targeted Break-in, DoS, & Malware attacks (II)

Targeted Break-in, DoS, & Malware attacks (II) Targeted Break-in, DoS, & Malware attacks (II) (February 22, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss DoS attacks Discuss Malware attacks 2 Denial of Service Attacks 1 TCP opening and

More information

HAVE YOU EVER BEEN HACKED?

HAVE YOU EVER BEEN HACKED? HAVE YOU EVER BEEN HACKED? 90% of companies have been hacked 70% of attacks go undetected 60% of all small/med size businesses go out of business within 6 months of a data security breach 32% of computers

More information

Malware: Malicious Software. Malware

Malware: Malicious Software. Malware : Malicious Software Insider Attacks An insider attack is a security hole in a software system created by one of its programmers. Insider Attacks An insider attack is a security hole in a software system

More information

Analysis on Some Defences against SYN-Flood Based Denial-of-Service Attacks

Analysis on Some Defences against SYN-Flood Based Denial-of-Service Attacks Analysis on Some Defences against SYN-Flood Based Denial-of-Service Attacks Sau Fan LEE (ID: 3484135) Computer Science Department, University of Auckland Email: slee283@ec.auckland.ac.nz Abstract A denial-of-service

More information

CS 356 Lecture 9 Malicious Code. Spring 2013

CS 356 Lecture 9 Malicious Code. Spring 2013 CS 356 Lecture 9 Malicious Code Spring 2013 Review Chapter 1: Basic Concepts and Terminology Integrity, Confidentiality, Availability, Authentication, and Accountability Types of threats: active vs. passive,

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

DDoS. Distributed Denial of Service. Spring Term Mattias Holm, Christian Nilsson, Supervisor: Yan Wang

DDoS. Distributed Denial of Service. Spring Term Mattias Holm, Christian Nilsson, Supervisor: Yan Wang Halmstad University School of IDE Network Security 7, 5 p Networkdesign and Computer Management DDoS Distributed Denial of Service Spring Term 2008 Mattias Holm, 861117-2712 Christian Nilsson, 820309-3532

More information

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet

More information

Firewalls and Intrusion Detection

Firewalls and Intrusion Detection Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall

More information

Denial of Service Attacks, What They are and How to Combat Them

Denial of Service Attacks, What They are and How to Combat Them Denial of Service Attacks, What They are and How to Combat Them John P. Pironti, CISSP Genuity, Inc. Principal Enterprise Solutions Architect Principal Security Consultant Version 1.0 November 12, 2001

More information

Classical Network Security Attacks

Classical Network Security Attacks Classical Network Security Attacks Dr. Natarajan Meghanathan Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Port Scanning Port scan: is a program that when

More information

Computer Networks & Computer Security

Computer Networks & Computer Security Computer Networks & Computer Security Software Engineering 4C03 Project Report Hackers: Detection and Prevention Prof.: Dr. Kartik Krishnan Due Date: March 29 th, 2004 Modified: April 7 th, 2004 Std Name:

More information

SECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning

SECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning SECURITY TERMS: Advisory - A formal notice to the public on the nature of security vulnerability. When security researchers discover vulnerabilities in software, they usually notify the affected vendor

More information

E-BUSINESS THREATS AND SOLUTIONS

E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were

More information

CSE 3482 Introduction to Computer Security. Denial of Service (DoS) Attacks

CSE 3482 Introduction to Computer Security. Denial of Service (DoS) Attacks CSE 3482 Introduction to Computer Security Denial of Service (DoS) Attacks Instructor: N. Vlajic, Winter 2015 Learning Objectives Upon completion of this material, you should be able to: Explain the basic

More information

Denial of Service (DoS)

Denial of Service (DoS) Intrusion Detection, Denial of Service (DoS) Prepared By:Murad M. Ali Supervised By: Dr. Lo'ai Tawalbeh New York Institute of Technology (NYIT), Amman s campus-2006 Denial of Service (DoS) What is DoS

More information

Computer Security: Attacks and Threats. Human Factors and Malicious Software

Computer Security: Attacks and Threats. Human Factors and Malicious Software Computer Security: Attacks and Threats Human Factors and Malicious Software What we know Attacks can be Intentional\Unintentional Insider\Outsider Passive\Active Attacks exploits vulnerabilities, and tries

More information

Denial of Service Attacks

Denial of Service Attacks (DoS) What Can be DoSed? First Internet DoS Attack The TCP State Diagram SYN Flooding Anti-Spoofing Better Data Structures Attacking Compact Data Structures Generic Solution SYN Cookies It s Not Perfect

More information

CSC Introduction to Computers and Their Applications

CSC Introduction to Computers and Their Applications CSC 170 - Introduction to Computers and Their Applications Lecture 9 Digital Security Encryption Encryption transforms a message or data file in such a way that its contents are hidden from unauthorized

More information

Malicious Code. Different Malicious Code. Media Publicity. Boot Virus. Virus. Malicious Code an Increasing Problem

Malicious Code. Different Malicious Code. Media Publicity. Boot Virus. Virus. Malicious Code an Increasing Problem Malicious Code an Increasing Problem Malicious Code mcrowds: Anonymity for the mobile Internet 2 DAV C19 Applied Security Media Publicity Different Malicious Code Malicious code ( Virus ) Virus Worms Malicious

More information

Security Engineering Part III Network Security. Intruders, Malware, Firewalls, and IDSs

Security Engineering Part III Network Security. Intruders, Malware, Firewalls, and IDSs Security Engineering Part III Network Security Intruders, Malware, Firewalls, and IDSs Juan E. Tapiador jestevez@inf.uc3m.es Department of Computer Science, UC3M Security Engineering 4th year BSc in Computer

More information

Chapter 14 Computer Threats

Chapter 14 Computer Threats Contents: Chapter 14 Computer Threats 1 Introduction(Viruses,Bombs,Worms) 2 Categories of Viruses 3 Types of Viruses 4 Characteristics of Viruses 5 Computer Security i. Antivirus Software ii. Password,

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

MALWARE "malicious software. virus, worms, Trojan horses

MALWARE malicious software. virus, worms, Trojan horses MALWARE MALWARE Malware is short for "malicious software. Malware is any kind of unwanted software that is installed without your adequate consent Example: virus, worms, and Trojan horses that are often

More information

Acquia Cloud Edge Protect Powered by CloudFlare

Acquia Cloud Edge Protect Powered by CloudFlare Acquia Cloud Edge Protect Powered by CloudFlare Denial-of-service (DoS) Attacks Are on the Rise and Have Evolved into Complex and Overwhelming Security Challenges TECHNICAL GUIDE TABLE OF CONTENTS Introduction....

More information

CloudFlare advanced DDoS protection

CloudFlare advanced DDoS protection CloudFlare advanced DDoS protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com

More information

Denial Of Service. Types of attacks

Denial Of Service. Types of attacks Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service

More information

Cryptography and Network Security Chapter 21. Fifth Edition by William Stallings

Cryptography and Network Security Chapter 21. Fifth Edition by William Stallings Cryptography and Network Security Chapter 21 Fifth Edition by William Stallings 1 Viruses and Other Malicious Content computer viruses have got a lot of publicity one of a family of malicious software

More information

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) : Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh Written Exam in Network Security ANSWERS May 28, 2009. Allowed aid: Writing material. Name (in block letters)

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

Security Toolsets for ISP Defense

Security Toolsets for ISP Defense Security Toolsets for ISP Defense Backbone Practices Authored by Timothy A Battles (AT&T IP Network Security) What s our goal? To provide protection against anomalous traffic for our network and it s customers.

More information

Outline. Malicious software. Trojan (horse) (Computer) viruses. Worms. Malware and the network

Outline. Malicious software. Trojan (horse) (Computer) viruses. Worms. Malware and the network Outline CSci 5271 Introduction to Computer Security Day 21: Malware and Denial of Service Stephen McCamant University of Minnesota, Computer Science & Engineering Malware and the network Announcements

More information

Denial-of-Service (DoS)

Denial-of-Service (DoS) Denial-of-Service (DoS) CS 161: Computer Security Prof. David Wagner March 5, 2013 Attacks on Availability Denial-of-Service (DoS): preventing legitimate users from using a computing service We do though

More information

Intrusion Detection. One of the publicized threats to security is the intruder, generally referred to as a hacker or cracker.

Intrusion Detection. One of the publicized threats to security is the intruder, generally referred to as a hacker or cracker. Intrusion Detection One of the publicized threats to security is the intruder, generally referred to as a hacker or cracker. 1 An analysis of intrusion attacks revealed that there were two levels of hackers.

More information

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

More information

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13 COURSE TITLE : INFORMATION SECURITY COURSE CODE : 5136 COURSE CATEGORY : ELECTIVE PERIODS/WEEK : 4 PERIODS/SEMESTER : 52 CREDITS : 4 TIME SCHEDULE MODULE TOPICS PERIODS 1 Introduction to Computer Security

More information

Description: Objective: Attending students will learn:

Description: Objective: Attending students will learn: Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

More information

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24 Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key

More information

Firewalls, Tunnels, and Network Intrusion Detection

Firewalls, Tunnels, and Network Intrusion Detection Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

More information

Announcements. No question session this week

Announcements. No question session this week Announcements No question session this week Stretch break DoS attacks In Feb. 2000, Yahoo s router kept crashing - Engineers had problems with it before, but this was worse - Turned out they were being

More information

ANTIVIRUS BEST PRACTICES

ANTIVIRUS BEST PRACTICES ANTIVIRUS BEST PRACTICES Antivirus Best Practices 1. Introduction This guideline covers the basics on Antivirus Software and its best practices. It will help to have an overall understanding of the subject

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 13: Wireless security, Password management, Viruses Ion Petre Department of IT, Åbo Akademi University 1 Overview

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

Lecture 13 Malicious Code

Lecture 13 Malicious Code Lecture 13 Malicious Code Thierry Sans 15-349: Introduction to Computer and Network Security What is a malicious code? You may have heard about these words Malware Virus Logic Bomb Rabbits Worm Trojan

More information

TLP WHITE. Denial of service attacks: what you need to know

TLP WHITE. Denial of service attacks: what you need to know Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...

More information

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest DDoS Attacks: The Latest Threat to Availability Dr. Bill Highleyman Managing Editor Availability Digest The Anatomy of a DDoS Attack Sombers Associates, Inc. 2013 2 What is a Distributed Denial of Service

More information

Hackers: Detection and Prevention

Hackers: Detection and Prevention Computer Networks & Computer Security SE 4C03 Project Report Hackers: Detection and Prevention Due Date: March 29 th, 2005 Modified: March 28 th, 2005 Student Name: Arnold Sebastian Professor: Dr. Kartik

More information

1 Introduction. Agenda Item: 7.23. Work Item:

1 Introduction. Agenda Item: 7.23. Work Item: 3GPP TSG SA WG3 Security S3#34 S3-040583 6-9 Jul 2004 updated S3-040566 Acapulco, Mexico Title: Selective Disabling of UE Capabilities; updated S3-040566 based on the comments on SA3 mailing list Source:

More information

CMS Operational Policy for Firewall Administration

CMS Operational Policy for Firewall Administration Chief Information Officer Office of Information Services Centers for Medicare & Medicaid Services CMS Operational Policy for Firewall Administration July 16, 2008 Document Number: CMS-CIO-POL-INF11-01

More information

DDoS Protection Technology White Paper

DDoS Protection Technology White Paper DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003 Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while

More information

Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview

Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview DDoS and IP Traceback Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu Louisiana State University DDoS and IP Traceback - 1 Overview Distributed Denial of Service

More information

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies White Paper Comparison of Firewall, Intrusion Prevention and Antivirus Technologies How each protects the network Juan Pablo Pereira Technical Marketing Manager Juniper Networks, Inc. 1194 North Mathilda

More information

Survey on DDoS Attack in Cloud Environment

Survey on DDoS Attack in Cloud Environment Available online at www.ijiere.com International Journal of Innovative and Emerging Research in Engineering e-issn: 2394-3343 p-issn: 2394-5494 Survey on DDoS in Cloud Environment Kirtesh Agrawal and Nikita

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

What are Viruses, Trojans, Worms & Spyware:

What are Viruses, Trojans, Worms & Spyware: What are Viruses, Trojans, Worms & Spyware: There are many different types of computer viruses circulating in the cyber world, including regular Computer Viruses, Worms, Trojans, and Spyware. Each is different

More information

Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS)

Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS) Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS) Signature based IDS systems use these fingerprints to verify that an attack is taking place. The problem with this method

More information

Network Security Demonstration - Snort based IDS Integration -

Network Security Demonstration - Snort based IDS Integration - Network Security Demonstration - Snort based IDS Integration - Hyuk Lim (hlim@gist.ac.kr) with TJ Ha, CW Jeong, J Narantuya, JW Kim Wireless Communications and Networking Lab School of Information and

More information

Security: Attack and Defense

Security: Attack and Defense Security: Attack and Defense Aaron Hertz Carnegie Mellon University Outline! Breaking into hosts! DOS Attacks! Firewalls and other tools 15-441 Computer Networks Spring 2003 Breaking Into Hosts! Guessing

More information

Analysis of Computer Network Attacks

Analysis of Computer Network Attacks Analysis of Computer Network Attacks Nenad Stojanovski 1, Marjan Gusev 2 1 Bul. AVNOJ 88-1/6, 1000 Skopje, Macedonia Nenad.stojanovski@gmail.com 2 Faculty of Natural Sciences and Mathematics, Ss. Cyril

More information

Network Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. April 23, 2015

Network Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. April 23, 2015 Network Security Dr. Ihsan Ullah Department of Computer Science & IT University of Balochistan, Quetta Pakistan April 23, 2015 1 / 24 Secure networks Before the advent of modern telecommunication network,

More information

1 Introduction. Agenda Item: 7.23. Work Item:

1 Introduction. Agenda Item: 7.23. Work Item: 3GPP TSG SA WG3 Security S3#34 S3-040682 6-9 Jul 2004 updated S3-040632 Acapulco, Mexico Title: Selective Disabling of UE Capabilities; updated S3-040583 based on the comments in SA3#34 meeting Source:

More information

COP 4610: Introduction to Operating Systems (Spring 2015) Chapter 15: Security. Zhi Wang Florida State University

COP 4610: Introduction to Operating Systems (Spring 2015) Chapter 15: Security. Zhi Wang Florida State University COP 4610: Introduction to Operating Systems (Spring 2015) Chapter 15: Security Zhi Wang Florida State University Content Security problems malware, network threats Security mechanisms cryptography user

More information

The Security Environment Threats. Chapter 9. Security. Accidental Data Loss. Intruders. Security goals and threats. Common Causes 1.

The Security Environment Threats. Chapter 9. Security. Accidental Data Loss. Intruders. Security goals and threats. Common Causes 1. Chapter 9 The Security Environment Threats Security 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from outside the system

More information

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 10

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 10 Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 10 System Vulnerabilities and Denial of Service Attacks Acknowledgments This course

More information