1

Attack Sophistication vs.

Required Intruder Knowledge
Required Intruder
Knowledge Back- Attack
Orifice
Sophistication
Auto.
Toolkits

Widespread
DDoS
Packet
spoofing

1997 2007
2
What are the Issues &
problems?
 Security was not a fundamental
design consideration
 The Internet is growing
exponentially
 User dependence is increasing;
 With increasing complexity, there
are billions of entry points

3
Who are the intruders?

• Criminals

• “Curious” Intruders

• Insiders

• Corporate Spies

4
 Motives

 Money
 Access to additional resources
 Competitive advantages
 Curiosity and Mischief
 Terrorism

5
BUT!!!! I do not have anything important on my machine;
who would want to crack my machine ??????

WHY THEY ATTACK?

WHAT THEY WANT?
WHAT WE SHOULD DO? 6
 WHY THEY ATTACK?
WHAT THEY WANT?

They want your Bandwidth

They want your CPU
They want your Disk Space
They want your Data
They want to Steal Information
They want to Destroy

7
 Possible Attacks:
DDoS (Distributed Denial of Service)
Sniffing
Port Scanning
Malicious code

8
9
 Denial of Service (DoS)
Attack
 Attacker prevent user from accessing
a service
 Floods network with information.
 Server unable to process your
request.

10
Example of DDoS attack:

Request with
spoofed IP of target

Intruder

Target
11
Example of DDoS attack:

Intruder Flood Target

with replies

12
Target
 Sniffing
• Examines traffic on same physical
network
• Intruder must have physical access
to network
• Used to gather usernames and
passwords

13
 Port Scanning
• Over 65535 ports available.
• Each port scanned sequentially.
Scan Reply Port
Status
SYN SYN+ACKOpen

SYN RST Close

FIN RST Close
FIN Ignored Open
14
 Malicious Code
• Includes Viruses
and Trojan Horses
• Difficult to control.

15
 Methods of Defence
• Encryption
• Software Controls
• Hardware Controls
• Policies
• Firewalls

16
 Encryption
 Science of writing in Secret Code
 Protects data from theft and
alteration.
 Unencrypted Data PlainText
 Encrypted Data CipherText

17
 Cryptographic Techniques

Secret Key Cryptography

Public Key Cryptography
Hash Functions

18
 Secret Key
Cryptography

19
 Public Key
Cryptography

20
Hash Function

21
 Sample Application of 3 Cryptography
Techniques for Secure Communication

Alice’s Public Key Digital

Crypto Signature
Private
Key

Alice’s Hash
Digital
Function
Message Envelope

Encrypte Sent to
Random Secret Key d Bob
Crypto Message
Session
Key
Encrypte
Bob’s Public Key d Session
Public Crypto Key
Key
22
 SOFTWARE CONTROLS

 Access limitations in database

 Anti-Virus Software

HARDWARE CONTROLS
 Use Smartcard for authentication

23
 POLICIES

 Frequent Change of Passwords

 Never Share Your Password
 Avoid Using Dictionary word as Password
 Network Monitoring

24
 Firewalls
 A firewall is a network access control
device.
 Performs a centralized security
management function.
 Denies all traffic except that which is
explicitly allowed.

25
 Why Use firewalls?
Prevent Compromises and
Vulnerabilities
Preventing DDoS Attack
Preventing Port Scanning
Preventing Malicious Code
Prevent Attack From Insiders

26
 As individuals and businesses increase
information sharing and communication via the
Internet, vulnerability to attack or
intrusion rises.

In the world of technological evolution,

everyone is a target of electronic crime
and needs to be concerned about

27
I would like to thank:
Mrs. Vandana Syal
&
All of you for your time and
patience.

28