Framework - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Framework

Description:

Impersonation. Message Alteration. Penetration. Attacks. Social Engineering. Opening Attachments ... Impersonation and Authentication. Client PC. Bob. Server ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 18
Provided by: rp987
Category:

less

Transcript and Presenter's Notes

Title: Framework


1
Computer Crime and Security Survey
2
Computer Crime and Security Survey
3
Computer Crime and Security Survey
4
Computer Crime and Security Survey
5
Other Empirical Attack Data
  • SecurityFocus
  • Attack Frequency
  • 129 million network scanning probes (13,000 per
    firm)
  • 29 million website attacks (3,000 per firm)
  • 6 million denial-of-service attacks (600 per firm)

6
Other Empirical Attack Data
  • SecurityFocus
  • Attack Targets
  • 31 million Windows-specific attacks
  • 22 million UNIX/LINUX attacks
  • 7 million Cisco IOS attacks
  • All operating systems are attacked!

7
Attack Trends
  • Growing Incident Frequency
  • Incidents reported to the Computer Emergency
    Response Team/Coordination Center
  • 1997 2,134
  • 1998 3,474 (75 growth from previous year)
  • 1999 9,859 (164 growth)
  • 2000 21,756 (121 growth)
  • 2001 52,658 (142 growth)
  • Tomorrow?

8
Framework for Attacks
Attacks
Social Engineering -- Opening Attachments Password
Theft Information Theft
Physical Access Attacks -- Wiretapping Server
Hacking Vandalism
Dialog Attacks -- Eavesdropping Impersonation Mess
age Alteration
Penetration Attacks
Malware -- Viruses Worms
Denial of Service
Scanning (Probing)
Break-in
9
Social Engineering Attacks and Defenses
  • Social Engineering
  • Tricking an employee into giving out information
    or taking an action that reduces security or
    harms a system
  • Opening an e-mail attachment that may contain a
    virus
  • Asking for a password claiming to be someone with
    rights to know it
  • Asking for a file to be sent to you

10
Social Engineering Attacks and Defenses
  • Social Engineering Defenses
  • Training
  • Enforcement through sanctions (punishment)

11
Eavesdropping on a Dialog
Dialog
Hello
Client PC Bob
Server Alice
Hello
Attacker (Eve) intercepts and reads messages
12
Impersonation and Authentication
Im Bob
Prove it! (Authenticate Yourself)
Attacker (Eve)
Server Alice
13
Message Alteration
Dialog
Balance 1,000,000
Balance 1
Server Alice
Balance 1
Balance 1,000,000
Attacker (Eve) intercepts and alters messages
14
Scanning (Probing) Attacks
Reply from172.16.99.1
Probe Packets to 172.16.99.1, 172.16.99.2, etc.
Host 172.16.99.1
Internet
Attacker
No Host 172.16.99.2
Results 172.16.99.1 is reachable 172.16.99.2 is
not reachable
No Reply
Corporate Network
15
Single-Message Break-In Attack
1. Single Break-In Packet
2. Server Taken Over By Single Message
Attacker
16
Denial-of-Service (DoS) Flooding Attack
Message Flood
Server Overloaded By Message Flood
Attacker
17
Network Penetration Attacks and Firewalls
Attack Packet
Internet Firewall
Hardened Client PC
Internet
Attacker
Internal Corporate Network
Log File
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Framework" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!