15 20 years ago
play

15 20 years ago Internet starting to reach a wider audience most - PowerPoint PPT Presentation

Feb 05, 2024 •330 likes •588 views

10/19/2010 15 20 years ago Internet starting to reach a wider audience most people did not have emails Mitigating Cyber Attacks computer security an afterthought The typical hacker, often portrayed as teenager,

  1. 10/19/2010 15 — 20 years ago … • Internet starting to reach a wider audience – most people did not have emails Mitigating Cyber Attacks – computer security – an afterthought • The typical hacker, often portrayed as – teenager, Magnus Almgren – attack a ”chess game” Göteborg, 2010-10-19 – goal: some esoteric fame … • And today ? Postdoc, finansierad av MSB SVT Documentary oct-10, 2010: Att hacka en stormakt (http://goo.gl/1Zrd) 1

  2. 10/19/2010 Outline • Status today • Monitoring traffic • Research Activities – Reasoning with alerts from several sensors – Monitoring backbone traffic • European network: SysSec 2

  3. 10/19/2010 Health care Health care Transportation Transportation Financial Financial 3

  4. 10/19/2010 Health care Health care Transportation Transportation Financial Financial 4

  5. 10/19/2010 Malicious Code • Many users say: I would never download unsecure content! • But what type of content is safe? Targeted attacks Targeted attacks • • 48% of exploits target Adobe Acrobat / Adobe Reader • • Adobe begins a quarterly patch cycle • • Health Check statistics show that Adobe Reader is among the top unsecured applications 5

  6. 10/19/2010 http://home.mcafee.com/AdviceCenter/most-dangerous-celebrities Dangerous People (!!!) Cameron Diaz Searches Yield Ten Percent Cameron Diaz Searches Yield Ten Percent Chance of Landing on a Malicious Site Chance of Landing on a Malicious Site 6

  7. 10/19/2010 http://doi.ieeecomputersociety.org/10.1109/MC.2010.237 http://www.zdnetasia.com/malware-link-to-air-crash-inconclusive-62202513.htm 7

  8. 10/19/2010 8

  9. 10/19/2010 New Era 2010: Stuxnet • Advanced Malware – target specifically Programmable Logic Controllers: Siemens SIMATIC Step 7 software – Lots of rumors of goal and who creators • designed and released by a government – the U.S. or Israel ??? • Target : Bushehr nuclear power plant in Iran (60% of infected hosts in Iran) Symantec oct-2010: W32.Stuxnet Dossier (http://goo.gl/pP7S) 9

  10. 10/19/2010 Health care Transportation Stuxnet: Pandora’s box ? – Stuxnet is advanced and one of the first wild malware’s targeting PLCs. Financial • 6 — 8 people about 6 months to create. Status today Status today – PLCs exists in many industries Monitoring traffic: Intrusion Detection Systems Monitoring traffic: Intrusion Detection Systems • factory assembly lines, amusement rides, Research Activities Research Activities or lighting fixtures. now blueprint to create malware targeting PLCs now blueprint to create malware targeting PLCs • Compare this with the Loveletter virus (2000) – 2003/11 there existed 82 different variants of Loveletter. – It is claimed that more than 5,000 attacks are carried out every day. 10

  11. 10/19/2010 Health care Health care Transportation Transportation Financial Financial 11

  12. 10/19/2010 Health care Health care Normal behavior Normal behavior Transportation Transportation Number Number Financial Financial 12

  13. 10/19/2010 Health care Health care Normal behavior Transportation Transportation Number Financial Financial ???????? This is an ”Attack.” A A Ѧ B B ℬ β fl A B ʙ “A” “B” 13

  14. 10/19/2010 Health care Health care Normal behavior Normal behavior Transportation Transportation Number Number Financial Financial Status today Status today Monitoring traffic Monitoring traffic Research Activities: Research Activities: 1. Reasoning with alerts from several sensors 2. Monitoring backbone traffic ? No Attack Attack Attack 14

  15. 10/19/2010 Scenario multiple sensors (1) Scenario multiple sensors (2) webIDS webIDS r 0 1 A 2 A 2 encrypted request w 1 inv-A w 2 Snort Snort a 1 a 2 A 1 A 1 1 1 Snort webIDS • Normal phf access (no attack) • Normal phf access (no attack) valid? – P(inv-A | …) = 0.20 = don’t investigate – P(inv-A | …) = 0.20 = don’t investigate 15

  16. 10/19/2010 Scenario multiple sensors (3) Analysis of malicious backbone traffic webIDS • Looking for attacks on encrypted r 0 1 A 2 a backbone network – 10 Gbps (=fast!) w 1 inv-A w 2 Snort – Problems: a 1 a 2 A 1 1 1 • speed of network link Snort webIDS • amount of data • Normal phf access (no attack) • routing – P(inv-A | …) = 0.20 = don’t investigate • user privacy – anonymize data • Snort sensor defunct, this may be an attack! – P(inv-A | …) = 0.54 = investigate (key feature!) – P(w 1 | …) = 0.01 = sensor broken 16

  17. 10/19/2010 Measurement Setup (simplified) Measurement Setup (simplified) Backbone network Backbone network Router Router Router Measure Measure the rest of the world the rest of the world 17

  18. 10/19/2010 Measurement Setup (simplified) Measurement Setup (simplified) Backbone network Backbone network Router Router Router Router Measure Measure the rest of the world the rest of the world 18

  19. 10/19/2010 Measurement Setup (simplified) Statistics • 23,600 inside hosts initiating communication with Backbone network 18,780,894 on the outside. Router Router Measure • 24,587,096 outside hosts trying to reach (scan) 970,149 inside hosts. the rest of the world 19

  20. 10/19/2010 Analysis of backbone data Analysis of backbone data 20

  21. 10/19/2010 Analysis of backbone data Analysis of backbone data 21

  22. 10/19/2010 Timing Behavior of Malicious Hosts Timing Behavior of Malicious Hosts 22

  23. 10/19/2010 Timing Behavior of Malicious Hosts Timing Behavior of Malicious Hosts Simple refresh: once every 43min (once every 30 min) Exponential backoff: 111s, 222s, 333s, 666s, 1332s, 2664s 23

  24. 10/19/2010 Identifying SPAM from data traffic A European Network of Excellence in Managing Threats and Vulnerabilities in the Future Internet Legitimate email (Ham) Unsolicited email (Spam) • a Network of Excellence (2010-2014) • To work towards solutions and collaborate Node in- and out-degree distribution Node in- and out-degree distribution Node in- and out-degree distribution Node in- and out-degree distribution 0 0 0 0 10 10 10 10 In-degree In-degree In-degree In-degree – At a European level Out-degree Out-degree Out-degree Out-degree -1 -1 10 10 -1 -1 10 10  Poli. di Milano (IT)  IPP (Bulgaria)  UEKAE (Turkey) -2 -2 10 10 Vrije Uniivesriteit (NL) TU Vienna (Austria) FORTH – ICS (Greece) -2 -2    10 10 -3 -3  Institute Eurecom (FR)  Chalmers U (Sweden) 10 10 Frequency Frequency Frequency Frequency -3 -3 10 10 – and with international colleagues around the world -4 -4 10 10 -4 -4 10 10 -5 -5 10 10 -5 -5 10 10 -6 -6 10 10 -6 -6 -7 -7 10 10 10 10 0 0 1 1 2 2 3 3 4 4 5 5 0 0 1 1 2 2 3 3 4 4 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 Degree Degree Degree Degree http://www.syssec-project.eu/ 24

  25. 10/19/2010 Links • SVT Documentary oct-2010: – Att hacka en stormakt (http://goo.gl/1Zrd) • Symantec oct-2010: – W32.Stuxnet Dossier (http://goo.gl/pP7S) • Uppdrag granskning oct-2010: – Kapade nätverk (http://svt.se/granskning) – SysSec: http://www.syssec-project.eu/ 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t years Figure 2. Precipitation anomalies during 11 years of the dust bowl (1930-1940) Station Set-up Montana Mesonet January 2018 4 36 ranchers

533 views • 36 slides
CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.04k views • 72 slides
CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

915 views • 67 slides
CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.25k views • 88 slides
Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

8/20/08 Technology Trends Computer System Architecture Capacity Speed (latency) Logic: 2x in 3 years 2x in 3 years DRAM: 4x in 3 years 2x in 10 years Memory Part I Disk: 4x in 3 years 2x in 10 years DRAM Chalermek

290 views • 5 slides
Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10 years Tom Taber 10 years Gary Keeth 15 years Betty Murray 15 years Bob Walker 15 years Jackie James 25 years Carol Matthews 25 years Program

396 views • 22 slides
Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Now You Got a Search Engine MICES 14. June 2017 Peter Rieger Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12 years search Dropped 3 courses of study Freelancer for 12 years CEO for 8 years

487 views • 20 slides
2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years when possible when bored when forced - 3 teams @ - 17 codebases - 43K LOC Jul 13 Jan 14 Jul 14 Jan 15 Why Functional Programming?

1.95k views • 160 slides
ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years as Executive Director Mom to rescues Roxie & Charlie Vegetarian home chef Lover of naps, folk art and happy hours Show

132 views • 11 slides
Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan Upton -10 years Michelle Bosschart -16 years Debbie Kundrat - 20 years Georgine Premo - 20 years Marian Vanden Bosch - 20 years Meeting Agenda 1)

112 views • 10 slides
Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in CAD&Numeric C++ simulations PHILIPPE BOULANGER 3 years in 19,5 years in embedded Python programming 11,5 years in finance

879 views • 51 slides
www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in manufacturing 2. 6 years of experience in Agile Transformation 3. Clients worked - HP Product Division, Symantec, SKF, Healthways and Philips 4. Currently

643 views • 21 slides
Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park - 11 years Elizabeth Holman - 15 years Marian Vanden Bosch - 20 years Lillian Balliet - 39 years Meeting Agenda 1) Jane Fernald & Judy Webster,

303 views • 12 slides
Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond www.hounslowhighways.org Hounslow PFI Update July 2017 INTRODUCTION What is included in the PFI? Core Investment Period Progress

456 views • 22 slides
BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U I L Entrepreneur (20 years) eric@voskuil.org Investor/Advisor (12 years) https://github.com/evoskuil Microsoft Architect (3 years)

479 views • 17 slides
Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z A B E T H O L Y M P I C P A R K QUEEN ELIZABETH OLYMPIC PARK LEYTON Clapton Park Forest Gate Homerton Maryland HA HACK HA

424 views • 15 slides
IPv6 Intrusion Detection Research Project Carsten Rossenhvel, EANTC AG Sven Schindler,

IPv6 Intrusion Detection Research Project Carsten Rossenhvel, EANTC AG Sven Schindler,

IPv6 Intrusion Detection Research Project Carsten Rossenhvel, EANTC AG Sven Schindler, Universitt Potsdam Co-Financed By: Project Goals Independently assess the true, current risks of IPv6 attacks Develop intrusion detection tools for

447 views • 17 slides
SDN / NFV panel @ SBRC Sbastien Tandel sta@hpe.com slideshare.net/standel May 2017

SDN / NFV panel @ SBRC Sbastien Tandel sta@hpe.com slideshare.net/standel May 2017

SDN / NFV panel @ SBRC Sbastien Tandel sta@hpe.com slideshare.net/standel May 2017 Sbastien Tandel Working within HPE Aruba CTO as a Principal Architect Technologist with sound business knowledge Software engineer with sound

492 views • 21 slides
EternalBlue: Exploit Analysis and Beyond WHO AM I? Emma McCall Cyber Security Analyst @ Riot

EternalBlue: Exploit Analysis and Beyond WHO AM I? Emma McCall Cyber Security Analyst @ Riot

EternalBlue: Exploit Analysis and Beyond WHO AM I? Emma McCall Cyber Security Analyst @ Riot Games @RiotNymia on Twitter JUST A LITTLE HISTORY Black Market Intelligence Auc1on Approx. August 2016 No bites April 14 th 2017 Group

462 views • 35 slides
On-line Learning Architectures March 2017 Tarek M. Taha Electrical and Computer Engineering

On-line Learning Architectures March 2017 Tarek M. Taha Electrical and Computer Engineering

On-line Learning Architectures March 2017 Tarek M. Taha Electrical and Computer Engineering Department University of Dayton 1 Tarek Taha Device SPICE Model Boise State Univ of Michigan HP Labs Actual Device 1 60 0 1 Current (mA)

528 views • 14 slides
Find Joy in the Journey Guarding Yourself Against 5 Joy Robbers Be joyful always; pray

Find Joy in the Journey Guarding Yourself Against 5 Joy Robbers Be joyful always; pray

Find Joy in the Journey Guarding Yourself Against 5 Joy Robbers Be joyful always; pray continually; give thanks in all circumstances, for this is Gods will for you in Christ Jesus. I Thessalonians 5:16-18 For the kingdom of God is

332 views • 19 slides
Evaluation of Intrusion Detection Systems in Clouds Thibaut Probst , E. Alata, M. Ka aniche, V.

Evaluation of Intrusion Detection Systems in Clouds Thibaut Probst , E. Alata, M. Ka aniche, V.

Problem statement Methodology Testbed and Experimental Results Conclusion Evaluation of Intrusion Detection Systems in Clouds Thibaut Probst , E. Alata, M. Ka aniche, V. Nicomette LAAS-CNRS - Dependable Computing and Fault Tolerance (TSF)

719 views • 22 slides
Team Cymru Cymru Team Network Forensics Ryan Connolly, ryan@cymru.com

Team Cymru Cymru Team Network Forensics Ryan Connolly, ryan@cymru.com

Team Cymru Cymru Team Network Forensics Ryan Connolly, ryan@cymru.com <http://www.cymru.com> Network Forensics what does it mean? network forensics is the analysis of network events in order to discover the source of problem

997 views • 43 slides
CC - Elisa Azzali CC - Tim Morgan CC - Quinn Dombrowski Public domain - Theodore C. Marceau CC

CC - Elisa Azzali CC - Tim Morgan CC - Quinn Dombrowski Public domain - Theodore C. Marceau CC

THE cloud data feed CC - Elisa Azzali CC - Tim Morgan CC - Quinn Dombrowski Public domain - Theodore C. Marceau CC - Erik Christensen Damn-fast and effective malware info sharing with MISP by Christophe Vandeplas http://misp-project.org

692 views • 47 slides

More recommend