recent attack technologies
play

Recent Attack Technologies Neil Long OxCert Introduction Hope - PowerPoint PPT Presentation

Sep 28, 2022 •341 likes •535 views

Recent Attack Technologies Neil Long OxCert Introduction Hope for audience participation! At least two aspects Target payloads Attack origins Future? arenas Attack Payloads Buffer overflow Format strings

  1. Recent Attack Technologies Neil Long OxCert

  2. Introduction • Hope for audience participation! • At least two aspects – Target payloads – Attack origins • Future? arenas

  3. Attack Payloads • Buffer overflow • Format strings – Any experts in the audience? • Network DoS – volume vs. content

  4. Buffer Overflow • Kernel switches, defences • stack vs heap vs libc • Options off by default

  5. Format Strings • Relatively recent - major examples – Wu-ftpd - Linux – rpc.statd - Linux – telnetd - IRIX – Local uid to root exploits

  6. Built-in Defences? • Libc modifications – Are they enough? • POSIX compliance – LibC from major vendors?? • Source code re-writes – continuous release of new exploits

  7. Bugtraq Libc Sperl Screen Imp pam_smb and Sysklogd pam_ntdom Envcheck wu-ftpd new Traceroute klogd variants Cfengine Su Ncurses rpc.statd Php Apache improved mod_rewrite

  8. Attacks • Scanning granularity • Real-time IDS • Post-event IDS • Multi-source attacks – scan host – exploit host – intrusion host(s)

  9. Tools used • Root-kits • hidden ‘extras’ • rapid evolution • IRC still major factor

  10. Counteractive Tools • LSOF • TCT – mactime – lsi & icat • Netflows • Active IDS

  11. DDoS tools • Trinoo still popular - evolving • Stacheldraht • ‘TFN3K’ very worrying • Trinity (Entitee) • Handler-agent communication differences

  12. DDoS Payloads • UDP volume • TCP SYN flood • Smurf & Fraggle amplifiers • Stream • Fragments and others? • Higher bandwidth will make them more effective

  13. IP Spoofing • All vs. partial vs. none at all • Generator efficiency • benefits to them (and us)

  14. Locating the intruder • Traceback • Mobility becoming easier - locating more difficult – e.g. Use of non-contract cell phones • Wireless networks – promiscuous mode?

  15. New targets? • Voice-over-IP? • DNS revisited • WAP

  16. What is to come? • DDoS Net of nets? How long? • Pipes get fatter - – firewalls & IDS fall behind? – Cost prohibitive? • Disks keep getting bigger

  17. Finally • Story is not changing - – Demand for fatter pipes, bigger faster machines – But security is still an after-thought • Less logging by ISPs? • Growing awareness == more incidents – increased IRT load • Liability issues on the horizon?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack

Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack

Outline Introduction to worms Potential damage that *could* be caused (theoretical) Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack Ben Wilde Mstream DoS attack 7 February, 2005

718 views • 14 slides
Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack surface Recent vulnerabilities Security response Defensive technologies Next steps Introduction Security nerd, recovering

790 views • 39 slides
Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz

Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz

Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz j00ru Jurczyk PacSec, Tokyo 2016 PS> whoami Project Zero @ Google Low-level security researcher with interest in all sorts of

1.62k views • 150 slides
Our Favorite XSS Filters/IDS and how to Attack Them Most recent version of slides can be

Our Favorite XSS Filters/IDS and how to Attack Them Most recent version of slides can be

Our Favorite XSS Filters/IDS and how to Attack Them Most recent version of slides can be obtained from blackhats website or http://p42.us/favxss/ About Us About Us Eduardo Vela (sirdarckcat) http://sirdarckcat.net/

1.2k views • 108 slides
Boring crypto Some recent TLS failures Daniel J. Bernstein Diginotar CA compromise. University

Boring crypto Some recent TLS failures Daniel J. Bernstein Diginotar CA compromise. University

Boring crypto Some recent TLS failures Daniel J. Bernstein Diginotar CA compromise. University of Illinois at Chicago & BEAST CBC attack. Technische Universiteit Eindhoven Trustwave HTTPS interception. CRIME compression attack. Lucky 13

1.3k views • 128 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
BotGraph: Large Scale Spamming Botnet Detection Web-account abuse attack recent spamming technic

BotGraph: Large Scale Spamming Botnet Detection Web-account abuse attack recent spamming technic

BotGraph: Large Scale Spamming Botnet Detection Web-account abuse attack recent spamming technic New different approche for sending spam Basing on reputation of email providers Difficult to detect signup detection monitoring users' activity

157 views • 15 slides
Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i . i o FARSIGHT SECURITY DISCUSSION POINTS Attack Trends A Historical View Attack Vectors in Recent Years Evolution of Mitigation

634 views • 29 slides
New Technologies and Providers of Last Resort: Recent Regulatory Issues in Electricity Markets

New Technologies and Providers of Last Resort: Recent Regulatory Issues in Electricity Markets

New Technologies and Providers of Last Resort: Recent Regulatory Issues in Electricity Markets David Brown Assistant Professor Department of Economics University of Alberta ACCC/AER Regulatory Conference Electricity Market Structure

499 views • 16 slides
Machine Learning and Artificial Intelligence in Recent Trends, Technologies, and Challenges

Machine Learning and Artificial Intelligence in Recent Trends, Technologies, and Challenges

Machine Learning and Artificial Intelligence in Recent Trends, Technologies, and Challenges sebastianraschka.com Sebastian Raschka, Ph.D. @rasbt Assist. Prof. Dep. of Statistics 1 information Article Machine Learning in Python: Main

1.04k views • 65 slides
BBC Technologies: Our LATAM Experience Who are BBC Technologies? BBC Technologies Where we are

BBC Technologies: Our LATAM Experience Who are BBC Technologies? BBC Technologies Where we are

BBC Technologies: Our LATAM Experience Who are BBC Technologies? BBC Technologies Where we are today Technology World leaders in Advance Processing Technologies for small fruits and vegetables. R&D Strong focus on research

383 views • 17 slides
Chapter 10 Buffer Overflow Buffer Overflow Common attack mechanism first wide use by

Chapter 10 Buffer Overflow Buffer Overflow Common attack mechanism first wide use by

Chapter 10 Buffer Overflow Buffer Overflow Common attack mechanism first wide use by the Morris Worm in 1988 Prevention techniques known NX bit, stack canaries, ASLR Still of major concern Recent examples:

354 views • 21 slides
Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun &

Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun &

15th USENIX Security Symposium | July 31st August 4th 2006 | Vancouver, B.C. - Canada Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun & profit Ivn Arce Core Security Technologies Humboldt

767 views • 41 slides
Recent Performance Analysis with Memphis Collin McCurdy Future Technologies Group Motivation

Recent Performance Analysis with Memphis Collin McCurdy Future Technologies Group Motivation

Recent Performance Analysis with Memphis Collin McCurdy Future Technologies Group Motivation Current projections call for each chip in an Exascale system to contain 100s to 1000s of processing cores Already (~10 cores/chip) memory

884 views • 22 slides
Turbine Generator Torsional Vibration Monitoring using the TDMS System Recent Applications

Turbine Generator Torsional Vibration Monitoring using the TDMS System Recent Applications

SUPROCK TECHNOLOGIES Turbine Generator Torsional Vibration Monitoring using the TDMS System Recent Applications Chris Suprock, PhD - Suprock Technologies Kevin Myers, P.E. - MPR Associates Outline Introduction Background tutorial /

600 views • 26 slides
Attack and Improvement of a Secure S-box Calculation Based on the Fourier Transform ebastien Coron

Attack and Improvement of a Secure S-box Calculation Based on the Fourier Transform ebastien Coron

8 + Attack and Improvement of a Secure S-box Calculation Based on the Fourier Transform ebastien Coron 1 , Christophe Giraud 2 , Emmanuel Prouff 2 , and Jean-S Matthieu Rivain 1 , 2 1 University of Luxembourg 2 Oberthur Technologies August 11,

718 views • 55 slides
Denial of Service Last Class Fault tolerance Concurrency Naming This Class

Denial of Service Last Class Fault tolerance Concurrency Naming This Class

Denial of Service Last Class Fault tolerance Concurrency Naming This Class Networking How DDoS works UDP Data Client Server Response TCP DDoS Distributed denial-of-service attack Attacker targets a victim from a

436 views • 28 slides
SDN-based defense against known IPv6 link-layer attacks Bachelors thesis final talk Andres

SDN-based defense against known IPv6 link-layer attacks Bachelors thesis final talk Andres

Fakultt fr Informatik Technische Universitt Mnchen SDN-based defense against known IPv6 link-layer attacks Bachelors thesis final talk Andres Rauschecker Advisor: Lukas Schwaighofer Supervisor: Prof. Dr.-Ing. Georg Carle Chair of

402 views • 26 slides
Denial-of-Service (DoS) & Web Attacks CS 161: Computer Security Prof. Vern Paxson TAs:

Denial-of-Service (DoS) & Web Attacks CS 161: Computer Security Prof. Vern Paxson TAs:

Denial-of-Service (DoS) & Web Attacks CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 17, 2011 Goals For Today Continue our

902 views • 52 slides
CM40212 HTTP/SMTP Primer Terminal access The examples are best run from a unix (linux) machine:

CM40212 HTTP/SMTP Primer Terminal access The examples are best run from a unix (linux) machine:

CM40212 HTTP/SMTP Primer Terminal access The examples are best run from a unix (linux) machine: From the windows desktop open Putty Connect to lcpu.bath.ac.uk Log in with your BUCS username and password. Simple HTTP 1.0 get We

779 views • 5 slides
Star-formation in the (Early) Universe a.k.a. My Decade-long Quest to Learn about SMGs Attila

Star-formation in the (Early) Universe a.k.a. My Decade-long Quest to Learn about SMGs Attila

Star-formation in the (Early) Universe a.k.a. My Decade-long Quest to Learn about SMGs Attila Kovcs University of Minnesota Groningen, 28 Feb 2011 Appetizer Submillimeter Galaxies Mezze Innovations Entree Interperting SMG Surveys

732 views • 54 slides
Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

1/24/2012 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Network Security Lecture 5 Eike Ritter Network

281 views • 7 slides
Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of Computer Security Chapter 3: 2 Agenda Security strategies Prevention detection reaction Security objectives Confidentiality

1.08k views • 42 slides
Characterising Psychology : Respect, Competence, Responsibility and Integrity Elizabeth A

Characterising Psychology : Respect, Competence, Responsibility and Integrity Elizabeth A

Characterising Psychology : Respect, Competence, Responsibility and Integrity Elizabeth A Campbell April 2007 Glasgow A sermon Ethical approach Values and Statutory Regulation Psychological Professions Council Competencies

749 views • 21 slides

More recommend