Internet

1
Internet Information Security
Presented by Zana, Tong Lilian
2
Internet Information Security

• Introduction
• Definition
• Statistics
• Security Breaches General Examples
• Description
• Challenges, Solutions
• Common Threats
• Tools for Information Security - Developers
• Conclusion

3
Need of Information Security !
Secret Information Stolen from Indian Army -The
Times Of India Jan 25, 2006
Hackers Attack eBay Account -Zee News Mar 25, 2005
Man Admits Hacking in New York Times -MSNBC Jan
8, 2004
NASA Sites Hacked -Computer World Apr 24, 2005
Information Hacked by a militant from DRDO. -The
Hindu May 25, 2006
CBI investigates hack at e-voting software -Aaj
Tak Nov 25, 2006
Space information hacked from ISRO -Hindustan
Times Dec 24, 2006
4
Present Scenario

• THE MODERN THIEF CAN STEAL MORE WITH A
• COMPUTER THAN A GUN.
• MORE DAMAGE COULD BE CARRIED OUT WITH A KEYBOARD
  THAN A BOMB.

5
Definition

• The protection of information systems against
  unauthorized access to or modification of
  nformation, whether in storage, processing or
  transit, and against the denial of service to
  authorized users or the provision of service to
  unauthorized users, including those measures
  necessary to detect, document, and counter such
  threats.

6
StatisticsIndiana University April 3-4, 2008

• 321 Security Breaches in 2006.
• 441 organizations reported a breach in 2007
  more than one per day.
• In the first two weeks of January 2008, 7
  breaches reported by higher education.

7
26 of the 321 Security Breaches in 2006 involved
Higher Education
Over 2,000,000 student records were exposed by
higher education in 2006

• 106 businesses
• 84 educational institutions
• 96 government agencies (state, federal, local)
• 35 medical institutions (hospitals)

8
Reasons Provided for School Breaches
Hackers
Armed Robber
lt1
gt 50
Stolen Hardware
Stolen Laptops
lt1
gt 20
Malicious Insider
Handling Errors
lt1
10
9
Reasons for Security Breaches In General Examples
Human Error
Hackers
Vendor Mismanagement
Unencrypted Remote Devices
Malicious Employees
Unencrypted Wireless Transmissions
Inadequate Data Disposal
Lost or Stolen Remote Devices
Overlooking New Hires
Inadequate Policies and Procedures
Procedural Errors
Inadequate Training or Awareness
10
Description of Internet Information Security

• Four widely accepted elements (aims,
  principles, qualities, characteristics,
  attributes ... et.) of information security are
• confidentiality
• integrity
• availability
• authentication

11
Information Security Challenges

• Managing security has become increasing complex
• Growing external and internal threats
• Internal threats increasingly common than
  external much easier too
• Good external security measures in place
• Attackers looking for other means of
  circumventing /bypassing guards and getting
  inside
• Social engineering becoming popular
• Methods - personal contact, installing backdoor,
  key loggers,spyware, phising via email attachments

12
Information Security Solutions

• Nothing is 100 secure!!!
• You can only mitigate the risks.
• Approach should be to apply defense-in-depth.
• The most effective way to apply security is in
  layers.
• Place security measures at different points in
  your network.
• Construct a series of obstacles of varying
  difficulty.
• Secure each component in your network (firewalls,
  routers, servers, desktops).
• If one measure fails the next will protect.
• The series of obstacles may finally make the
  attacker give up!

13
Common Security Threats Vulnerabilities

• Threat
• Any person, object, or event that, if
  realized, can potentially cause damage to the
  network or networked device
• Vulnerability
• A weakness in a host or network that can be
  exploited by a threat

14
Common Threats

• Unauthorized Intrusions
• Denial of Service (DoS) Attacks
• Viruses, Worms, Trojan Horses (Backdoors)
• Website Defacements
• Internal Attacks

15
Unauthorized Intrusions

• Intruders want to gain control of your computer
  and to use it to launch attacks on other computer
  systems.
• Having control of your computer gives them the
  ability to hide their true location as they
  launch attacks, often against high-profile
  computer systems such as government or financial
  systems.
• The damage created depends on the intruder's
  motives.
• Confidential information maybe compromised,
  altered or damaged.

16
Denial of Service

• Interruption of service either because the system
  is destroyed or is temporarily unavailable
• e.g.
• Destroying a computer's hard disk
• Severing the physical infrastructure
• Using up all available system resource - CPU,
  memory,disk space
• Consuming network bandwidth to the server

17
Viruses Worms

• A virus requires a user to do something to
  continue the propagation harmful, may destroy
  data
• A worm can propagate by itself - self-propagating
  malicious code, consumes resources destructively,
  DoS Blaster, Slammer
• Highly prevalent/common on the Internet
• Common distribution e-mail, ftp, media sharing,
  hidden codes

18
Trojans (Backdoors)

• Trojans (Backdoors) - Executable codes installed
  that enable entry
• into the infected host without authorization
• Once installed the back door can be used by the
  attacker at their leisure
• Launching points for further security attacks
  (DDOS, SPAM)

19
Bots (Spyware)

• Modularized root-kits for specific functions.
• What Bots can do
• Create Launch pad for DDOS attacks
• Packet sniffing
• Key logging
• File Serving of illegal or malicious code
• Replicating

20
Website Defacements

• Intent To create political propaganda based
  attacks
• To make a political statement
• Launched primarily at Government Orgs, Media,
  Religious Groups
• By exploiting known vulnerabilities in websites
  or servers
• The attacker can plant codes or files to
  vandalize site

21
Internal Attacks

• Computer Security Institute/FBI and Ernst Young
  say nearly 50 of all network attacks come from
  the inside
• Often, from unhappy/disgruntled workers
• 76 of the IT executives surveyed by Net Versant
  said they were concerned about inside attacks
  from unhappy employees
• Losses associated with insider attacks can be
  more damaging

22
Other Common Attacks

• Connection (Session) hijacking
• IP source address spoofing
• Smurf attack
• Brute-force/Dictionary attacks (password
  guessing)
• Humans are often the weakest link social engg
• "Hi, this is Bob, what's the root password?"

23
Vulnerabilities

• Insecure protocols/services running on a host
• Exploitable security hole on a host without
  latest patches or workarounds
• Poorly protected hosts without firewalls, IDSs,
  etc.
• Use of weak or default passwords
• Insecure configuration of hosts
• Execution of malicious codes Trojan, Backdoors
• Use of pirated or downloaded software from a
  public site
• without verifying checksum (integrity) and
  authenticity (signature)
• Social engineering

24
Tools For Information Security

• Virus Protection Tools
• Intrusion detection System
• Cryptographic Tools
• Digital Signatures
• Digital Certificate

• Passwords
• Bio-Metrics
• Smart Cards
• Token devices
• Firewalls

25
Firewall

• Protects your internal network from the external
  world
• Enforces an access control policy between two
  networks
• Install firewalls also between office departments
• Disallow unauthorized traffic in/out of your
  network
• Define rules depending on required
  services/protocol
• Prevent DOS attacks using rate limits

26
Firewall
Only Secured Data Pass through it.
No Checking Of Data No Protection
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
27
Types Of Firewall

• Packet filtering firewalls
• Application layer firewalls
• Stateful inspection firewalls

28
Bio-Metrics
29
Bio-Metrics

• Face Recognition
• System

Multiscale Head Search
Feature Search
Face Masking And Contrasrt Norm
Wrap
Wrap
Detection And Alignment
30
Bio-Metrics

• Face Recognition
• System

Coder
Recognition System
ID
Eigen space Projection
Recognition And Coding
31
Basics of Cryptography
Plain Text
Secret Key
Cipher Text
Encryption
Decryption
Cipher Text
Secret Key
Plain Text
32
Digital Signature
Private Key
Public Key
Message Text
Message Text
Cipher Text
Signature
Signature
Decryption
Encryption
Public Key Of Sender
Private Key Of Sender
Receiver
Sender
33
Secure Socket Layer

• The SSL is the most common protocol used in
  Electronic Certificate.
• Its main capability is to encrypt messages.

34
Secure Electronic Transaction

• A more comprehensive protocol for credit
• card processing is SET.
• It is not used much due to its cost and
  complexity

Electronic Certificate

• Electronoc Certificate are issued by a trusted
  third
• party,called a certificate authority(CA).
• In order to verify that a specific public key
  belongs to a
• specific organization.
• A certificate may verify name,age,gender and
  other
• attributes of the individual to whom the
  public key belongs.
• Certificate are signed by CA and are valid until
  an
• expiration date

35
Hardware Software Requirement
36
Hardware Software Requirement Maintenance

• Hardware
• Router
• Firewall
• Nessus
• Hping2
• SPIKE Proxy
• Shadow Security Scanner
• Solar Winds Toolsets
• Firewalk
• Software
• Systems SW Operating systems
• Applications
• Firewall

37
Developers of Security Tools

• Main manufacturer of security tools is CISCO.
• CISCO
• DSniff
• Hping2
• Nessus
• GFI LAN guard
• Sam Spade
• ISS Internet Scanner
• Nikto
• SuperScan
• SPIKE Proxy
• Shadow Security Scanner
• Nmap

• Retina
• SAINT
• SARA Security
• Firewalk
• N-Stealth
• Achilles
• Brutus
• Fragroute

38
Conclusion

• Providing Security is a cheap process than
  hacking of important data.
• As such it ensures the safety and security of the
  information and IT assets that underwrite our way
  of life.
• Information Security will enhance the level of
  confidence among trading partners.
• Consumers will be able to trust the integrity and
  confidentiality of certified suppliers no matter
  where they might be located.

39
Thank You