The Digital Crime Scene: A Software Perspective - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

The Digital Crime Scene: A Software Perspective

Description:

Security is imposed by software on the internet ... OCTAVE. Threat Trees. Secure By Design (cont.) Microsoft Threat Based Security Process ... – PowerPoint PPT presentation

Number of Views:29
Avg rating:3.0/5.0
Slides: 17
Provided by: mtba
Category:

less

Transcript and Presenter's Notes

Title: The Digital Crime Scene: A Software Perspective


1
The Digital Crime Scene A Software Perspective
  • Written By David Aucsmith
  • Presented By Maria Baron

2
Introduction
  • Nature of the internet is particularly suited for
    crime
  • Anonymity And Mobility
  • Security is imposed by software on the internet
  • Who will win the war between entrepreneurial
    cyber criminals and software developers?

3
Attacks And Attackers
  • Asynchronous attacks
  • Hackers
  • Significant but localized damage
  • Trojan Horses
  • Attackers build back doors into programs
  • Mass Distribution Attacks
  • Bots or Zombies
  • Making Money on the internet
  • Utilize a wide network of compromised computers

4
Vulnerabilities
  • Three things must be true for attack to be
    successful
  • Software has an inherent vulnerability
  • Software was not configured properly
  • Users were fooled into taking some action
  • Reasons for vulnerabilities
  • Security not a design goal
  • Emerging threats not considered when software was
    developed
  • Legacy software systems still in place

5
Vulnerabilities (cont.)
  • Poor Coding Practice
  • Security as a requirement
  • Designing for todays threats
  • Living with Legacy
  • Complexity and tools

6
Secure By Design
  • Creating secure software must start with a formal
    design process that verifies the security
    properties of the software at each stage of
    construction
  • Designers and developers must be trained to
    create secure software

7
Secure By Design (cont.)
  • Threat Based Design Process
  • Analysis of potential threats at each stage of
    the design is required
  • Examples
  • OCTAVE
  • Threat Trees

8
Secure By Design (cont.)
  • Microsoft Threat Based Security Process
  • Brainstorm known threats
  • Rank Threats by decreasing risk
  • Choose techniques to mitigate threats
  • Choose the appropriate technologies from the
    identified techniques
  • Use STRIDE to focus on how the input of each
    module may be manipulated to compromise the
    security model
  • Spoofing identity
  • Tampering with data
  • Repudiation
  • Information disclosure
  • Denial of service

9
Secure By Design (cont.)
  • All User input must be validated, but is this
    really possible?
  • Tools
  • Code analysis tools
  • Process source code and look for some insecure
    construct
  • Can only find known bad things
  • Compiler protection
  • Helps to thwart buffer overflow exploits

10
Secure By Default
  • Users and system administrators must knowingly
    make decisions to change the system in a way that
    might reduce security
  • Reduce Attack Surface Area
  • Reduces possible avenues of attack
  • Turning Services Off
  • Least Privilege

11
Secure In Deployment
  • Training and configuration
  • Updating Code
  • Defense-In-Depth
  • Multiple, different security technologies are
    used simultaneously each protecting a different
    interface
  • Intrusion detection system
  • Anti-Virus protection
  • Behavior blocking protection
  • Vulnerability assessment
  • Configuration managers

12
Secure In Deployment (cont.)
  • Network Segmentation
  • Cascade failure or domino effect
  • How systems are connected
  • Segment the connectivity of systems and establish
    flow controls at the intersection of segments

13
Looking Ahead
  • Deterrence
  • Cyber criminals are rarely identified
  • Provide incentives to police to pursue cyber
    criminals
  • Mutual legal assistance
  • Police forces must have the technical expertise
    required
  • Sentencing needs to reflect the severity of the
    crime

14
Looking Ahead (cont.)
  • Legal Requirements
  • Certification
  • Certification of the security of software
  • How do you certify against constantly evolving
    threats and new environments?
  • Liability
  • There is no definitive measure of the security of
    a system
  • Disclosure
  • Favors attackers over defenders

15
Looking Ahead (cont.)
  • Long Term Technical Solutions
  • Strong Identity
  • Smart cards and PINs (for example) to remove
    anonymity from financial transactions
  • Hardware Mediated Security
  • Include security features in hardware to protect
    those features from being changed over the
    internet

16
Questions OrComments?
Write a Comment
User Comments (0)
About PowerShow.com