SlideShare uma empresa Scribd logo

Computer crimes

Transferir como PPT, PDF
Harshith Reddy
Harshith Reddy

this is done by harshith

Tecnologia
1 de 54
“The public streets and highways of the internet have become like neighborhoods where it is no longer safe to venture. Hackers, scammers, virus builders and other Web predators are looming in the shadows.” -- Paul Tinnirello CIO in an insurance financial industry “The Gated Community”, e-Week, 13 Oct 2003 1
Computer Crimes An information session for participants in the 57-201 Introduction to Forensic Science course Akshai Aggarwal School of Computer Science
Flow of the session  Historical perspective 4-14  Threats and Attacks  Threats 18-21  Types of Attacks 23-30  Technology of defence 32-50  Laws and group Efforts in Canada 51  A couple of general ideas, in conclusion Note: Terminology may be explained, as the need arises. 3
Historical Perspective: Terminology  1960s and 1970s: Hacker: a positive term A Hacker: An expert, knowledgeable about programming and operating systems  1970s onwards: Hacker: a term, which progressively became more negative. A Hacker: Someone using computers without authorization . . Hacker: Someone committing crimes by using computers 4
Types of Non-authorized Users  Hacker: people who access a computer resource, without authorization  Crackers: a hacker who uses his or her skills to commit unlawful acts, or to deliberately create mischief  Script Kiddies: a hacker who downloads the scripts and uses them to commit unlawful acts, or to deliberately create mischief, without fully understanding the scripts.  Vandals Reference:http://www.e2chameleon.btinternet.co.uk/hacking.htm 5
Terminology of Hacking  Eavesdropping or Snooping (also called passive wire-tapping)  Active wire-tapping or man-in-the middle attack  Dumpster Diving: colloquial for looking through all the easily available material before an actual intrusion into a system 6
The Global Net: A Virtual Intelligent Global System 2 Sept 1969 LEN KLEINROCK’S Lab at UC,LA 1971 15 Nodes 23 Hosts 1973 BOB METCALFE’S thesis on ETHERNET at Harvard 1974 TCP: CERF & BOB KAHN’S paper 1983 DoD Official Protocol. 1989 Hypertext & WWW at CERN by Berner Lee  Then came the BROWSER’S MOSAIC NCSA and the WWW 7
Security Technologies: A little history of an ancient art: The first printed book on cryptology Johannes Trithemius, an abbot in Spanheim : One of the founders of cryptology  The first printed book of cryptology: titled “Polygraphiae Libri Sex “ in German language in 1518 by Johannes Trithemius,published after the death of the writer. (The title means -Six Books of Polygraphy) 8
A little history (continued) Earlier in 1499 he had written a 3-book “Steganographia”, (meaning covered writing):  which was circulated privately  was published in 1606.  The first two books: about cryptology.  But the third book could not be understood, without understanding the encoding that he had used. 9
A little history (continued): A challenge for a cryptanalyst  In the third book, which was considered to be incomplete, Trithemius explained why he had made it hard to understand: “This I did that to men of learning and men deeply engaged in magic, it might, by the Grace of God, be in some degree intelligible, while on the other hand, to the thick skinned turnip-eaters it might for all time remain a hidden secret, and be to their dull intellects a sealed book forever.” 10
“Ban, what you don’t understand.”  The third book: banned in 1609, ostensibly because it explained how to employ spirits for sending secret messages.  The challenge - of deciphering the book: met by three persons in 500 years  1676:Wolfgang Heidel, the archbishop of Mainz, Germany, claimed to have deciphered the third book of Trithemius. But his discovery was stated in a secret code of his own. So nobody knew whether Heidel had understood the book. 11
A little history: Deciphering the third book of Trithemius  1996:Thomas Ernst, Prof of German at La Roche College, Pittsburgh published a 200-page German- language report in a small Dutch journal, Daphnis.  WIDELY KNOWN SOLUTION: spring 1998: Jim Reeds of AT & T labs solved the riddle of understanding the third book independently. He did not know of the earlier work of Ernst. Trithemius work: basically simple: Ernst took two weeks and Reeds took two days to understand it. Both Ernst and Reeds, separately, deciphered Heidel’s work and found that Heidel had been able to decipher Trithemius’ third book. 12
The first attack  The Internet Worm (Nov 1988)  Morris, a graduate student at CMU released a program on the internet:  utilized a security hole in the mail receipt software  automatically replicated itself locally and to remote machines  affected a wide class of machines and effectively shut down internet for 1-2 days.  Cost estimate to fix: $5 million 13
The first conviction  Mitnick and Shimomura (Christmas 1994)  Used SYN flooding and TCP Hijacking to connect to Shimomura’s home machine.  Stole copies of 1000’s of files including specialized computer security software; modified log files to remove signs of entry.  Shimomura found out about the entry and informed FBI. 14
“….there will be more security breaches”, says Schneier  As more of our infrastructure moves online,  as more things, that someone might want to access or steal, move online …….  As our networking systems become more complex …..  As our computers get more powerful and more useful….. 15
Common attacks on banks through Internet Losses due to attacks: "The major banks don't want to divulge the amount of losses. But just to give one example, a major Australian bank has put several million dollars in reserve since August 2003 to cover damages due to Internet frauds.“– Dave Jevans, eWeek, Dec 2003 16
Causes of Security Problems on Internet  Internet Technology: was developed based on trust  Security features: added, as different types of attacks are mounted.  Users: bother about ease of use and not about security 17
Security Threats  RFC 1244 identifies three distinct types of security threats associated with network connectivity:  Unauthorized access  A break-in by an unauthorized person. Break-ins may be an embarrassment that undermine the confidence that others have in the organization. Moreover unauthorized access  one of the other threats:-- disclosure of information or --denial of service. 18
Classification of Security Threats Reference: RFC 1244  Disclosure of information  disclosure of valuable or sensitive information to people, who should not have access to the information.  Denial of service or Degradation of service  Any problem that makes it difficult or impossible for the system to continue to perform productive work. Do not connect to Internet:  a system with highly classified information, or,  if the risk of liability in case of disclosure is great. 19
Brent Chapman’s Three Categories of Security Threats Brent Chapman’s Classification:  Confidentiality  Of data  Of existence of data  Of resources, their operating systems, their configuration  Of resources used, in case the resources are taken on rent from a service provider 20
Information Security Threats Chapman’s Classification (contd.)  availability: A DoS attack may disrupt  availability of a service, or  availability of data  integrity  Of data  Of origin: Once someone has gained unauthorized access to a system, the integrity of the information on that system is in doubt. 21
Loss Breakdown Human error 55% Outsider attacks 2% Physical security problems 20% Viruses 4% Dishonest Disgruntled employees employees 10% 9% Reference: Jim Alves-Foss , Center for Secure and Dependable Systems, Univ of Idaho, http://www.cs.uidaho.edu/~jimaf/cs442/crime-talk.ppt 22
Types of Attacks  Attacks on computer systems using the computers  Web-site defacement or  Revealing the data to unauthorized persons/theft of sensitive information/ stealing information having Intellectual Property Rights like  stealing credit card numbers  bank frauds or  Damage to data through  Hacking or  Virus/Worms 23
Types of Attacks continued  Hoax Letters: Examples  Malicious code (viruses and trojan horses)  Urban myths  Scam letters to entrap the receiver  Internet gambling  Internet Pornography/ stalking  Link Flooding  Packet Intercepting, Password Sniffing 24
Types of Attacks  propagate false routing entries (“black holes” and “sink holes”, www.citibank.com, www.mybank.az)  domain name hijacking  Phishing attacks: use e-mails that often appear to come from a legitimate e-mail address and include links to spoofed Web addresses. The receiver responds to the link, which takes the receiver to a site, other than what the receiver thinks he is going to. (announced by MS on 16 Dec 2003, as a problem with Internet Explorer). 25
Anti-Phishing.org  A Web site www.antiphishing.org,, for reporting incidents, set up by a group of global banks and technology companies, led by Secure-messaging firm Tumbleweed Communications Corp  Fast Response required: The Web sites designed for collecting personal information in phishing attacks are often alive for a day only.  Example: Dec 2003:The e-mail appeared to come from the U.K. bank NatWest. Anti-Phishing.org tracked the IP address to a home computer in San Francisco. But a clear case of spoofing—the mail was relayed from a hijacked computer (called a zombie) 26
An Example: time-to-market for Internet Security products  16 December, 2003: Discovery of the problem of Phishing  5 January 2004: Announcement of development of a new Anti-phishing service by Netcraft, of Bath, England. Netcraft says that the service is mainly for banks and other financial organizations 27
Other Computer Crimes  Spoofing or Masquerading of a host or a service-provider (Distinguish it from Delegation)  Repudiation of origin or of creation of some file  Denial of receipt  Usurpation: unauthorized control  Data Diddling (To enter false data intentionally) 28
‘To be an effective Information Warrior, individuals need superior computer skills, as well as an in-depth understanding of information technology architectures,… protocols and processes.’ --- Michael Erbschloe author of “Information Warfare: How to Survive Cyber Attacks” 29
General Strategies for security  encrypting sensitive data  reduce size of target: disable unneeded services  limit access of attacker to target systems  hardening the OS and applications 30
“It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics.” ---Bruce Schneier in ‘Applied Cryptography’ 31
CRYPTOGRAPHY  Cryptography (from two words in Greek): means secret writing.  Cryptoanalysis: breaking of a cryptographic code  CRYPTOGRAPHY: process data into unintelligible form,  reversibly/irreversibly  without data loss  usually one-to-one in size /compression 32
Cryptography Services, provided by cryptographic tools:  Encoding information into a form which makes the information unintelligible to an unauthorized person  integrity checking: no tampering  authentication: not an impostor  Encryption or Enciphering Encryption Ciphertext Plaintext Algorithm Key 33
Encryption  Two types of Encryption Algorithms  Reversible  Irreversible  Two types of Keys  Symmetric  Assymetric 34
Reversible Encryption Reversible ENCRYPTION: cleartext ENCRYPTION DEVICE ciphertext encryption key Decryption key cleartext Decryption Device  can be used only when the same type of encryption software/equipment is available at both the ends 35
Decryption  Decryption or Deciphering Decryption Plaintext Algorithm Ciphertext Key 36
Cryptographic Hash Functions (H)  H : A transformation: One way m = variable size input h = hash value : a fixed size string, also known as message digest or fingerprint or compression function. m H(m) h 37
Message Digest (recapitulation) Variable Hashing Fixed Length Algorithm Length Messag Digest e 38
Secret Key/ Symmetric Cryptography  Simpler and faster (than ?) and, of course, secure  For Integrity check, a fixed-length checksum for the message may have to be used; CRC* not sufficient *Cyclic Redundancy Check 39
Symmetric Key Encryption Also called Private/Secret key Encryption Sender-end Message Encrypted by Message Pr- sender key Internet Message Pr-key Encrypted at receiver Message Receiver-end 40
public-key cryptography (continued) 41
Asymmetric Key Encryption  Also called Public key Encryption A B’s public Encrypted Message key Message Internet Message B’s private Encrypted key Message B 42
public-key cryptography (continued)  Data transmission: private key(d), public key (e) 43
public-key cryptography (continued) Applications and Advantages:  Storage: for safety: use public key of trusted person  Secret vs. Public Key system: secret key system: needs secret key for every pair of persons, that wish to communicate n users  n(n-1)/2 keys public key system: needs two keys for every person, who wants to communicate. n users  2n keys 44
Digital certificate for getting Public Key reliably  A digital certificate from a trusted party may contain:  The name of a person  His e-mail address  His public key The recipient of the encrypted certificate uses the public key of the Certification Authority to decode the certificate. Examples of CAs: www.verisign.com or www.thawte.com (Verisign’s liability limited to $100 only!) Standard for certificate: X.509 45
Digital signatures  Digital Signatures: A is to sign a Msg and send it to B A Ms Msg + Msg + Decode digest using Public key of A B g Encoded Encoded Digest Digest Digest Algorithm Digest Digest Encoding using Ms Digest Algorithm Private key of A g 46 Compare
Laws and Group Efforts in Canada  No separate cyberspace law in Canada  But the Canadian Criminal Code and the Canadian Human Rights Act apply in cyberspace.  The Internet Protection Portal, established by the Canadian Association of Internet Providers (CAIP): an on-line window to resources for a user to safeguard the Internet experience.  Media Awareness Network (MNet): supports media education in Canadian homes, schools and communities. 47
Birthday paradox  A result from probability theory: Consider an element that has an equal probability of assuming any one of the N values. The probability of a collision is more than 50% after choosing 1.2√N values. Function Random input One of k equally likely values The same output can be expected after 1.2k1/2 inputs. Thus in a group of 23, two or more persons are likely to share the same birthday. (Put k = 365) Birthday attacks are used to find collisions of Hash functions 48
Example of a Birthday Attack Assume  A 64 bit key  The first statement in a message is always the same. A hacker  listens to and stores all encrypted messages.  When the FIRST encrypted sentence turns out to be the same, he replaces the rest of the new message by the old message, that he has in his memory. By Birthday Paradox, this is likely to happen after 232 transactions. 49
Cryptography vs. Steganography  Cryptography : uses techniques like transpositions and substitution to make a message unintelligible  Steganography : hides the existence of the method. Cryptography provides privacy. Steganography provides secrecy. 50
Hiding a message in a picture  Described by Wyner in ‘Byte’  Kodak photo CD resolution of 2048x3072 pixels.  Each pixel: 24-bit RGB color information.  Modify the last bit (out of 8 bits) for each color.  Amount of data that can be hidden in a single picture: 2048 * 3072*3 = 2.359296 Mb = about 300,000B 10^6  If four bits of intensity for each of the three colors RGB are altered  1.5 text characters hidden in each pixel of the photo. A 640x480 pixel image  can store over 400,000 characters, equal to a whole book. 51
Steganography: Hiding Messages: Example of a Laser printer Another example: Laser printers can adjust spacing of lines and characters by less than 1/300th of an inch. To hide a 0, leave a standard space. To hide a 1, leave 1/300th of an inch more than usual. Varying the spacing over an entire document can hide a short binary message that is undetectable by the human eye. The hidden message will be carried by every photocopy of the document also. 52
To Intrusion Detection Analysts “Folks! You are the trackers of the 21st century. The signs are there, plain as day. It is up to you to find them and give the interpretation.” Stephen Northcutt et.al. 53
References: The Trithemius riddle :1. Thomas (Penn) Leary,” Cryptology in the 16th and 17th Centuries”, Cryptologia, July 1996, available at http://home.att.net/~tleary/cryptolo.htm 2. http://www.post- gazette.com/healthscience/19980629bspirit1.asp 3. Gina Kolata, ”A Mystery Unraveled, Twice”, The New York Times, April 14, 1998, pp. F1, F6, available at http://cryptome.unicast.org/cryptome022401/tri- crack.htm Hoax letters: http://hoaxbusters.ciac.org/ 54

Recomendados

CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYTalwant Singh
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESSEDUJIE DOMINIC IGHODALO
 
Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptxInformation-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptxanbersattar
 
Cyberwar: (R)evolution?
Cyberwar: (R)evolution?Cyberwar: (R)evolution?
Cyberwar: (R)evolution?zapp0
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z Cheng Olayvar
 
How_effective_are_policies_which_increas
How_effective_are_policies_which_increasHow_effective_are_policies_which_increas
How_effective_are_policies_which_increasIvan Rainovski
 

Recomendados

CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYTalwant Singh
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESSEDUJIE DOMINIC IGHODALO
 
Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptxInformation-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptxanbersattar
 
Cyberwar: (R)evolution?
Cyberwar: (R)evolution?Cyberwar: (R)evolution?
Cyberwar: (R)evolution?zapp0
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z Cheng Olayvar
 
How_effective_are_policies_which_increas
How_effective_are_policies_which_increasHow_effective_are_policies_which_increas
How_effective_are_policies_which_increasIvan Rainovski
 
Cyberwarfare
CyberwarfareCyberwarfare
CyberwarfareSpace Defense Newsletter
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
Presentation1
Presentation1Presentation1
Presentation1Rachel Lasotas
 
Cyber-what?
Cyber-what?Cyber-what?
Cyber-what?Enrique J Cordero
 
RSA 2010 Francis De Souza
RSA 2010 Francis De SouzaRSA 2010 Francis De Souza
RSA 2010 Francis De Souzaguest8a3b501b
 
114-116
114-116114-116
114-116IKERIONWU FREDRICK
 
Network security
Network securityNetwork security
Network securitynageshkanna13
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in CyberwarMehdi Poustchi Amin
 
Cybercrimes
CybercrimesCybercrimes
CybercrimesElanthendral Mariappan
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security ReviewSimon Moffatt
 
Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011hassanzadeh20
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareAditya K Sood
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Andrea Rossetti
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet CaseMag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet CaseNeelabh Rai
 
551 2006 3
551 2006 3551 2006 3
551 2006 3guestf1a032
 
Hamza
HamzaHamza
HamzaHamzaBaqee
 
Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxanbersattar
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Cengage Learning
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security HackingErdo Deshiant Garnaby
 
Computer Crimes - Identity Theft
Computer Crimes - Identity TheftComputer Crimes - Identity Theft
Computer Crimes - Identity TheftJlove Minguez
 
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Stanford GSB Corporate Governance Research Initiative
 

Mais conteúdo relacionado

Mais procurados

Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
RSA 2010 Francis De Souza
RSA 2010 Francis De SouzaRSA 2010 Francis De Souza
RSA 2010 Francis De Souzaguest8a3b501b
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security ReviewSimon Moffatt
 
Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011hassanzadeh20
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareAditya K Sood
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Andrea Rossetti
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet CaseMag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet CaseNeelabh Rai
 
Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxanbersattar
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Cengage Learning
 

Mais procurados (20)

Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
Presentation1
Presentation1Presentation1
Presentation1
 
Cyber-what?
Cyber-what?Cyber-what?
Cyber-what?
 
RSA 2010 Francis De Souza
RSA 2010 Francis De SouzaRSA 2010 Francis De Souza
RSA 2010 Francis De Souza
 
114-116
114-116114-116
114-116
 
Network security
Network securityNetwork security
Network security
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Cybercrimes
CybercrimesCybercrimes
Cybercrimes
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security Review
 
Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks Malware
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet CaseMag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
 
551 2006 3
551 2006 3551 2006 3
551 2006 3
 
Hamza
HamzaHamza
Hamza
 
Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptx
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
 

Destaque

Computer Crimes - Identity Theft
Computer Crimes - Identity TheftComputer Crimes - Identity Theft
Computer Crimes - Identity TheftJlove Minguez
 
The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...Brian Solis
 
Open Source Creativity
Open Source CreativityOpen Source Creativity
Open Source CreativitySara Cannon
 
Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)maditabalnco
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsBarry Feldman
 
The Outcome Economy
The Outcome EconomyThe Outcome Economy
The Outcome EconomyHelge Tennø
 

Destaque (7)

Computer Crimes - Identity Theft
Computer Crimes - Identity TheftComputer Crimes - Identity Theft
Computer Crimes - Identity Theft
 
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
 
The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...
 
Open Source Creativity
Open Source CreativityOpen Source Creativity
Open Source Creativity
 
Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post Formats
 
The Outcome Economy
The Outcome EconomyThe Outcome Economy
The Outcome Economy
 

Semelhante a Computer crimes

Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hackingmsolis0710
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer CrimesMar Soriano
 
C|EH Introduction
C|EH IntroductionC|EH Introduction
C|EH Introductionsunnysmith
 
Introduction to Computer Security.ppt
Introduction to Computer Security.pptIntroduction to Computer Security.ppt
Introduction to Computer Security.pptKojaSb
 
Computer security power point prsentation.ppt
Computer security power point prsentation.pptComputer security power point prsentation.ppt
Computer security power point prsentation.pptpihadar269
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newDr. Arun Verma
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrimeravikanthh
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Umang Patel
 

Semelhante a Computer crimes (20)

Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hacking
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer Crimes
 
Report on Hacking
Report on HackingReport on Hacking
Report on Hacking
 
C|EH Introduction
C|EH IntroductionC|EH Introduction
C|EH Introduction
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Introduction to Computer Security.ppt
Introduction to Computer Security.pptIntroduction to Computer Security.ppt
Introduction to Computer Security.ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
hel1 (1).ppt
hel1 (1).ppthel1 (1).ppt
hel1 (1).ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
Computer security power point prsentation.ppt
Computer security power point prsentation.pptComputer security power point prsentation.ppt
Computer security power point prsentation.ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
hel1.ppt
hel1.ppthel1.ppt
hel1.ppt
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes new
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrime
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimes
 

Último

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Último (20)

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

Computer crimes

  • 1. “The public streets and highways of the internet have become like neighborhoods where it is no longer safe to venture. Hackers, scammers, virus builders and other Web predators are looming in the shadows.” -- Paul Tinnirello CIO in an insurance financial industry “The Gated Community”, e-Week, 13 Oct 2003 1
  • 2. Computer Crimes An information session for participants in the 57-201 Introduction to Forensic Science course Akshai Aggarwal School of Computer Science
  • 3. Flow of the session  Historical perspective 4-14  Threats and Attacks  Threats 18-21  Types of Attacks 23-30  Technology of defence 32-50  Laws and group Efforts in Canada 51  A couple of general ideas, in conclusion Note: Terminology may be explained, as the need arises. 3
  • 4. Historical Perspective: Terminology  1960s and 1970s: Hacker: a positive term A Hacker: An expert, knowledgeable about programming and operating systems  1970s onwards: Hacker: a term, which progressively became more negative. A Hacker: Someone using computers without authorization . . Hacker: Someone committing crimes by using computers 4
  • 5. Types of Non-authorized Users  Hacker: people who access a computer resource, without authorization  Crackers: a hacker who uses his or her skills to commit unlawful acts, or to deliberately create mischief  Script Kiddies: a hacker who downloads the scripts and uses them to commit unlawful acts, or to deliberately create mischief, without fully understanding the scripts.  Vandals Reference:http://www.e2chameleon.btinternet.co.uk/hacking.htm 5
  • 6. Terminology of Hacking  Eavesdropping or Snooping (also called passive wire-tapping)  Active wire-tapping or man-in-the middle attack  Dumpster Diving: colloquial for looking through all the easily available material before an actual intrusion into a system 6
  • 7. The Global Net: A Virtual Intelligent Global System 2 Sept 1969 LEN KLEINROCK’S Lab at UC,LA 1971 15 Nodes 23 Hosts 1973 BOB METCALFE’S thesis on ETHERNET at Harvard 1974 TCP: CERF & BOB KAHN’S paper 1983 DoD Official Protocol. 1989 Hypertext & WWW at CERN by Berner Lee  Then came the BROWSER’S MOSAIC NCSA and the WWW 7
  • 8. Security Technologies: A little history of an ancient art: The first printed book on cryptology Johannes Trithemius, an abbot in Spanheim : One of the founders of cryptology  The first printed book of cryptology: titled “Polygraphiae Libri Sex “ in German language in 1518 by Johannes Trithemius,published after the death of the writer. (The title means -Six Books of Polygraphy) 8
  • 9. A little history (continued) Earlier in 1499 he had written a 3-book “Steganographia”, (meaning covered writing):  which was circulated privately  was published in 1606.  The first two books: about cryptology.  But the third book could not be understood, without understanding the encoding that he had used. 9
  • 10. A little history (continued): A challenge for a cryptanalyst  In the third book, which was considered to be incomplete, Trithemius explained why he had made it hard to understand: “This I did that to men of learning and men deeply engaged in magic, it might, by the Grace of God, be in some degree intelligible, while on the other hand, to the thick skinned turnip-eaters it might for all time remain a hidden secret, and be to their dull intellects a sealed book forever.” 10
  • 11. “Ban, what you don’t understand.”  The third book: banned in 1609, ostensibly because it explained how to employ spirits for sending secret messages.  The challenge - of deciphering the book: met by three persons in 500 years  1676:Wolfgang Heidel, the archbishop of Mainz, Germany, claimed to have deciphered the third book of Trithemius. But his discovery was stated in a secret code of his own. So nobody knew whether Heidel had understood the book. 11
  • 12. A little history: Deciphering the third book of Trithemius  1996:Thomas Ernst, Prof of German at La Roche College, Pittsburgh published a 200-page German- language report in a small Dutch journal, Daphnis.  WIDELY KNOWN SOLUTION: spring 1998: Jim Reeds of AT & T labs solved the riddle of understanding the third book independently. He did not know of the earlier work of Ernst. Trithemius work: basically simple: Ernst took two weeks and Reeds took two days to understand it. Both Ernst and Reeds, separately, deciphered Heidel’s work and found that Heidel had been able to decipher Trithemius’ third book. 12
  • 13. The first attack  The Internet Worm (Nov 1988)  Morris, a graduate student at CMU released a program on the internet:  utilized a security hole in the mail receipt software  automatically replicated itself locally and to remote machines  affected a wide class of machines and effectively shut down internet for 1-2 days.  Cost estimate to fix: $5 million 13
  • 14. The first conviction  Mitnick and Shimomura (Christmas 1994)  Used SYN flooding and TCP Hijacking to connect to Shimomura’s home machine.  Stole copies of 1000’s of files including specialized computer security software; modified log files to remove signs of entry.  Shimomura found out about the entry and informed FBI. 14
  • 15. “….there will be more security breaches”, says Schneier  As more of our infrastructure moves online,  as more things, that someone might want to access or steal, move online …….  As our networking systems become more complex …..  As our computers get more powerful and more useful….. 15
  • 16. Common attacks on banks through Internet Losses due to attacks: "The major banks don't want to divulge the amount of losses. But just to give one example, a major Australian bank has put several million dollars in reserve since August 2003 to cover damages due to Internet frauds.“– Dave Jevans, eWeek, Dec 2003 16
  • 17. Causes of Security Problems on Internet  Internet Technology: was developed based on trust  Security features: added, as different types of attacks are mounted.  Users: bother about ease of use and not about security 17
  • 18. Security Threats  RFC 1244 identifies three distinct types of security threats associated with network connectivity:  Unauthorized access  A break-in by an unauthorized person. Break-ins may be an embarrassment that undermine the confidence that others have in the organization. Moreover unauthorized access  one of the other threats:-- disclosure of information or --denial of service. 18
  • 19. Classification of Security Threats Reference: RFC 1244  Disclosure of information  disclosure of valuable or sensitive information to people, who should not have access to the information.  Denial of service or Degradation of service  Any problem that makes it difficult or impossible for the system to continue to perform productive work. Do not connect to Internet:  a system with highly classified information, or,  if the risk of liability in case of disclosure is great. 19
  • 20. Brent Chapman’s Three Categories of Security Threats Brent Chapman’s Classification:  Confidentiality  Of data  Of existence of data  Of resources, their operating systems, their configuration  Of resources used, in case the resources are taken on rent from a service provider 20
  • 21. Information Security Threats Chapman’s Classification (contd.)  availability: A DoS attack may disrupt  availability of a service, or  availability of data  integrity  Of data  Of origin: Once someone has gained unauthorized access to a system, the integrity of the information on that system is in doubt. 21
  • 22. Loss Breakdown Human error 55% Outsider attacks 2% Physical security problems 20% Viruses 4% Dishonest Disgruntled employees employees 10% 9% Reference: Jim Alves-Foss , Center for Secure and Dependable Systems, Univ of Idaho, http://www.cs.uidaho.edu/~jimaf/cs442/crime-talk.ppt 22
  • 23. Types of Attacks  Attacks on computer systems using the computers  Web-site defacement or  Revealing the data to unauthorized persons/theft of sensitive information/ stealing information having Intellectual Property Rights like  stealing credit card numbers  bank frauds or  Damage to data through  Hacking or  Virus/Worms 23
  • 24. Types of Attacks continued  Hoax Letters: Examples  Malicious code (viruses and trojan horses)  Urban myths  Scam letters to entrap the receiver  Internet gambling  Internet Pornography/ stalking  Link Flooding  Packet Intercepting, Password Sniffing 24
  • 25. Types of Attacks  propagate false routing entries (“black holes” and “sink holes”, www.citibank.com, www.mybank.az)  domain name hijacking  Phishing attacks: use e-mails that often appear to come from a legitimate e-mail address and include links to spoofed Web addresses. The receiver responds to the link, which takes the receiver to a site, other than what the receiver thinks he is going to. (announced by MS on 16 Dec 2003, as a problem with Internet Explorer). 25
  • 26. Anti-Phishing.org  A Web site www.antiphishing.org,, for reporting incidents, set up by a group of global banks and technology companies, led by Secure-messaging firm Tumbleweed Communications Corp  Fast Response required: The Web sites designed for collecting personal information in phishing attacks are often alive for a day only.  Example: Dec 2003:The e-mail appeared to come from the U.K. bank NatWest. Anti-Phishing.org tracked the IP address to a home computer in San Francisco. But a clear case of spoofing—the mail was relayed from a hijacked computer (called a zombie) 26
  • 27. An Example: time-to-market for Internet Security products  16 December, 2003: Discovery of the problem of Phishing  5 January 2004: Announcement of development of a new Anti-phishing service by Netcraft, of Bath, England. Netcraft says that the service is mainly for banks and other financial organizations 27
  • 28. Other Computer Crimes  Spoofing or Masquerading of a host or a service-provider (Distinguish it from Delegation)  Repudiation of origin or of creation of some file  Denial of receipt  Usurpation: unauthorized control  Data Diddling (To enter false data intentionally) 28
  • 29. ‘To be an effective Information Warrior, individuals need superior computer skills, as well as an in-depth understanding of information technology architectures,… protocols and processes.’ --- Michael Erbschloe author of “Information Warfare: How to Survive Cyber Attacks” 29
  • 30. General Strategies for security  encrypting sensitive data  reduce size of target: disable unneeded services  limit access of attacker to target systems  hardening the OS and applications 30
  • 31. “It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics.” ---Bruce Schneier in ‘Applied Cryptography’ 31
  • 32. CRYPTOGRAPHY  Cryptography (from two words in Greek): means secret writing.  Cryptoanalysis: breaking of a cryptographic code  CRYPTOGRAPHY: process data into unintelligible form,  reversibly/irreversibly  without data loss  usually one-to-one in size /compression 32
  • 33. Cryptography Services, provided by cryptographic tools:  Encoding information into a form which makes the information unintelligible to an unauthorized person  integrity checking: no tampering  authentication: not an impostor  Encryption or Enciphering Encryption Ciphertext Plaintext Algorithm Key 33
  • 34. Encryption  Two types of Encryption Algorithms  Reversible  Irreversible  Two types of Keys  Symmetric  Assymetric 34
  • 35. Reversible Encryption Reversible ENCRYPTION: cleartext ENCRYPTION DEVICE ciphertext encryption key Decryption key cleartext Decryption Device  can be used only when the same type of encryption software/equipment is available at both the ends 35
  • 36. Decryption  Decryption or Deciphering Decryption Plaintext Algorithm Ciphertext Key 36
  • 37. Cryptographic Hash Functions (H)  H : A transformation: One way m = variable size input h = hash value : a fixed size string, also known as message digest or fingerprint or compression function. m H(m) h 37
  • 38. Message Digest (recapitulation) Variable Hashing Fixed Length Algorithm Length Messag Digest e 38
  • 39. Secret Key/ Symmetric Cryptography  Simpler and faster (than ?) and, of course, secure  For Integrity check, a fixed-length checksum for the message may have to be used; CRC* not sufficient *Cyclic Redundancy Check 39
  • 40. Symmetric Key Encryption Also called Private/Secret key Encryption Sender-end Message Encrypted by Message Pr- sender key Internet Message Pr-key Encrypted at receiver Message Receiver-end 40
  • 42. Asymmetric Key Encryption  Also called Public key Encryption A B’s public Encrypted Message key Message Internet Message B’s private Encrypted key Message B 42
  • 43. public-key cryptography (continued)  Data transmission: private key(d), public key (e) 43
  • 44. public-key cryptography (continued) Applications and Advantages:  Storage: for safety: use public key of trusted person  Secret vs. Public Key system: secret key system: needs secret key for every pair of persons, that wish to communicate n users  n(n-1)/2 keys public key system: needs two keys for every person, who wants to communicate. n users  2n keys 44
  • 45. Digital certificate for getting Public Key reliably  A digital certificate from a trusted party may contain:  The name of a person  His e-mail address  His public key The recipient of the encrypted certificate uses the public key of the Certification Authority to decode the certificate. Examples of CAs: www.verisign.com or www.thawte.com (Verisign’s liability limited to $100 only!) Standard for certificate: X.509 45
  • 46. Digital signatures  Digital Signatures: A is to sign a Msg and send it to B A Ms Msg + Msg + Decode digest using Public key of A B g Encoded Encoded Digest Digest Digest Algorithm Digest Digest Encoding using Ms Digest Algorithm Private key of A g 46 Compare
  • 47. Laws and Group Efforts in Canada  No separate cyberspace law in Canada  But the Canadian Criminal Code and the Canadian Human Rights Act apply in cyberspace.  The Internet Protection Portal, established by the Canadian Association of Internet Providers (CAIP): an on-line window to resources for a user to safeguard the Internet experience.  Media Awareness Network (MNet): supports media education in Canadian homes, schools and communities. 47
  • 48. Birthday paradox  A result from probability theory: Consider an element that has an equal probability of assuming any one of the N values. The probability of a collision is more than 50% after choosing 1.2√N values. Function Random input One of k equally likely values The same output can be expected after 1.2k1/2 inputs. Thus in a group of 23, two or more persons are likely to share the same birthday. (Put k = 365) Birthday attacks are used to find collisions of Hash functions 48
  • 49. Example of a Birthday Attack Assume  A 64 bit key  The first statement in a message is always the same. A hacker  listens to and stores all encrypted messages.  When the FIRST encrypted sentence turns out to be the same, he replaces the rest of the new message by the old message, that he has in his memory. By Birthday Paradox, this is likely to happen after 232 transactions. 49
  • 50. Cryptography vs. Steganography  Cryptography : uses techniques like transpositions and substitution to make a message unintelligible  Steganography : hides the existence of the method. Cryptography provides privacy. Steganography provides secrecy. 50
  • 51. Hiding a message in a picture  Described by Wyner in ‘Byte’  Kodak photo CD resolution of 2048x3072 pixels.  Each pixel: 24-bit RGB color information.  Modify the last bit (out of 8 bits) for each color.  Amount of data that can be hidden in a single picture: 2048 * 3072*3 = 2.359296 Mb = about 300,000B 10^6  If four bits of intensity for each of the three colors RGB are altered  1.5 text characters hidden in each pixel of the photo. A 640x480 pixel image  can store over 400,000 characters, equal to a whole book. 51
  • 52. Steganography: Hiding Messages: Example of a Laser printer Another example: Laser printers can adjust spacing of lines and characters by less than 1/300th of an inch. To hide a 0, leave a standard space. To hide a 1, leave 1/300th of an inch more than usual. Varying the spacing over an entire document can hide a short binary message that is undetectable by the human eye. The hidden message will be carried by every photocopy of the document also. 52
  • 53. To Intrusion Detection Analysts “Folks! You are the trackers of the 21st century. The signs are there, plain as day. It is up to you to find them and give the interpretation.” Stephen Northcutt et.al. 53
  • 54. References: The Trithemius riddle :1. Thomas (Penn) Leary,” Cryptology in the 16th and 17th Centuries”, Cryptologia, July 1996, available at http://home.att.net/~tleary/cryptolo.htm 2. http://www.post- gazette.com/healthscience/19980629bspirit1.asp 3. Gina Kolata, ”A Mystery Unraveled, Twice”, The New York Times, April 14, 1998, pp. F1, F6, available at http://cryptome.unicast.org/cryptome022401/tri- crack.htm Hoax letters: http://hoaxbusters.ciac.org/ 54

Notas do Editor

  1. configuration changes (SNMP)
  2. P
  3. Do not confuse with the Hash function used for accessing hash tables ( a data structure used in many algorithms).
  4. To say that it should be secure is like saying that a roof should not leak.