15 20 years ago
play

15 20 years ago Internet starting to reach a wider audience most - PowerPoint PPT Presentation

Feb 05, 2024 •330 likes •588 views

10/19/2010 15 20 years ago Internet starting to reach a wider audience most people did not have emails Mitigating Cyber Attacks computer security an afterthought The typical hacker, often portrayed as teenager,

  1. 10/19/2010 15 — 20 years ago … • Internet starting to reach a wider audience – most people did not have emails Mitigating Cyber Attacks – computer security – an afterthought • The typical hacker, often portrayed as – teenager, Magnus Almgren – attack a ”chess game” Göteborg, 2010-10-19 – goal: some esoteric fame … • And today ? Postdoc, finansierad av MSB SVT Documentary oct-10, 2010: Att hacka en stormakt (http://goo.gl/1Zrd) 1

  2. 10/19/2010 Outline • Status today • Monitoring traffic • Research Activities – Reasoning with alerts from several sensors – Monitoring backbone traffic • European network: SysSec 2

  3. 10/19/2010 Health care Health care Transportation Transportation Financial Financial 3

  4. 10/19/2010 Health care Health care Transportation Transportation Financial Financial 4

  5. 10/19/2010 Malicious Code • Many users say: I would never download unsecure content! • But what type of content is safe? Targeted attacks Targeted attacks • • 48% of exploits target Adobe Acrobat / Adobe Reader • • Adobe begins a quarterly patch cycle • • Health Check statistics show that Adobe Reader is among the top unsecured applications 5

  6. 10/19/2010 http://home.mcafee.com/AdviceCenter/most-dangerous-celebrities Dangerous People (!!!) Cameron Diaz Searches Yield Ten Percent Cameron Diaz Searches Yield Ten Percent Chance of Landing on a Malicious Site Chance of Landing on a Malicious Site 6

  7. 10/19/2010 http://doi.ieeecomputersociety.org/10.1109/MC.2010.237 http://www.zdnetasia.com/malware-link-to-air-crash-inconclusive-62202513.htm 7

  8. 10/19/2010 8

  9. 10/19/2010 New Era 2010: Stuxnet • Advanced Malware – target specifically Programmable Logic Controllers: Siemens SIMATIC Step 7 software – Lots of rumors of goal and who creators • designed and released by a government – the U.S. or Israel ??? • Target : Bushehr nuclear power plant in Iran (60% of infected hosts in Iran) Symantec oct-2010: W32.Stuxnet Dossier (http://goo.gl/pP7S) 9

  10. 10/19/2010 Health care Transportation Stuxnet: Pandora’s box ? – Stuxnet is advanced and one of the first wild malware’s targeting PLCs. Financial • 6 — 8 people about 6 months to create. Status today Status today – PLCs exists in many industries Monitoring traffic: Intrusion Detection Systems Monitoring traffic: Intrusion Detection Systems • factory assembly lines, amusement rides, Research Activities Research Activities or lighting fixtures. now blueprint to create malware targeting PLCs now blueprint to create malware targeting PLCs • Compare this with the Loveletter virus (2000) – 2003/11 there existed 82 different variants of Loveletter. – It is claimed that more than 5,000 attacks are carried out every day. 10

  11. 10/19/2010 Health care Health care Transportation Transportation Financial Financial 11

  12. 10/19/2010 Health care Health care Normal behavior Normal behavior Transportation Transportation Number Number Financial Financial 12

  13. 10/19/2010 Health care Health care Normal behavior Transportation Transportation Number Financial Financial ???????? This is an ”Attack.” A A Ѧ B B ℬ β fl A B ʙ “A” “B” 13

  14. 10/19/2010 Health care Health care Normal behavior Normal behavior Transportation Transportation Number Number Financial Financial Status today Status today Monitoring traffic Monitoring traffic Research Activities: Research Activities: 1. Reasoning with alerts from several sensors 2. Monitoring backbone traffic ? No Attack Attack Attack 14

  15. 10/19/2010 Scenario multiple sensors (1) Scenario multiple sensors (2) webIDS webIDS r 0 1 A 2 A 2 encrypted request w 1 inv-A w 2 Snort Snort a 1 a 2 A 1 A 1 1 1 Snort webIDS • Normal phf access (no attack) • Normal phf access (no attack) valid? – P(inv-A | …) = 0.20 = don’t investigate – P(inv-A | …) = 0.20 = don’t investigate 15

  16. 10/19/2010 Scenario multiple sensors (3) Analysis of malicious backbone traffic webIDS • Looking for attacks on encrypted r 0 1 A 2 a backbone network – 10 Gbps (=fast!) w 1 inv-A w 2 Snort – Problems: a 1 a 2 A 1 1 1 • speed of network link Snort webIDS • amount of data • Normal phf access (no attack) • routing – P(inv-A | …) = 0.20 = don’t investigate • user privacy – anonymize data • Snort sensor defunct, this may be an attack! – P(inv-A | …) = 0.54 = investigate (key feature!) – P(w 1 | …) = 0.01 = sensor broken 16

  17. 10/19/2010 Measurement Setup (simplified) Measurement Setup (simplified) Backbone network Backbone network Router Router Router Measure Measure the rest of the world the rest of the world 17

  18. 10/19/2010 Measurement Setup (simplified) Measurement Setup (simplified) Backbone network Backbone network Router Router Router Router Measure Measure the rest of the world the rest of the world 18

  19. 10/19/2010 Measurement Setup (simplified) Statistics • 23,600 inside hosts initiating communication with Backbone network 18,780,894 on the outside. Router Router Measure • 24,587,096 outside hosts trying to reach (scan) 970,149 inside hosts. the rest of the world 19

  20. 10/19/2010 Analysis of backbone data Analysis of backbone data 20

  21. 10/19/2010 Analysis of backbone data Analysis of backbone data 21

  22. 10/19/2010 Timing Behavior of Malicious Hosts Timing Behavior of Malicious Hosts 22

  23. 10/19/2010 Timing Behavior of Malicious Hosts Timing Behavior of Malicious Hosts Simple refresh: once every 43min (once every 30 min) Exponential backoff: 111s, 222s, 333s, 666s, 1332s, 2664s 23

  24. 10/19/2010 Identifying SPAM from data traffic A European Network of Excellence in Managing Threats and Vulnerabilities in the Future Internet Legitimate email (Ham) Unsolicited email (Spam) • a Network of Excellence (2010-2014) • To work towards solutions and collaborate Node in- and out-degree distribution Node in- and out-degree distribution Node in- and out-degree distribution Node in- and out-degree distribution 0 0 0 0 10 10 10 10 In-degree In-degree In-degree In-degree – At a European level Out-degree Out-degree Out-degree Out-degree -1 -1 10 10 -1 -1 10 10  Poli. di Milano (IT)  IPP (Bulgaria)  UEKAE (Turkey) -2 -2 10 10 Vrije Uniivesriteit (NL) TU Vienna (Austria) FORTH – ICS (Greece) -2 -2    10 10 -3 -3  Institute Eurecom (FR)  Chalmers U (Sweden) 10 10 Frequency Frequency Frequency Frequency -3 -3 10 10 – and with international colleagues around the world -4 -4 10 10 -4 -4 10 10 -5 -5 10 10 -5 -5 10 10 -6 -6 10 10 -6 -6 -7 -7 10 10 10 10 0 0 1 1 2 2 3 3 4 4 5 5 0 0 1 1 2 2 3 3 4 4 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 Degree Degree Degree Degree http://www.syssec-project.eu/ 24

  25. 10/19/2010 Links • SVT Documentary oct-2010: – Att hacka en stormakt (http://goo.gl/1Zrd) • Symantec oct-2010: – W32.Stuxnet Dossier (http://goo.gl/pP7S) • Uppdrag granskning oct-2010: – Kapade nätverk (http://svt.se/granskning) – SysSec: http://www.syssec-project.eu/ 25

Recommend

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t years Figure 2. Precipitation anomalies during 11 years of the dust bowl (1930-1940) Station Set-up Montana Mesonet January 2018 4 36 ranchers

533 views • 36 slides
CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.04k views • 72 slides
CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

915 views • 67 slides
CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.25k views • 88 slides
Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

8/20/08 Technology Trends Computer System Architecture Capacity Speed (latency) Logic: 2x in 3 years 2x in 3 years DRAM: 4x in 3 years 2x in 10 years Memory Part I Disk: 4x in 3 years 2x in 10 years DRAM Chalermek

290 views • 5 slides
Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10 years Tom Taber 10 years Gary Keeth 15 years Betty Murray 15 years Bob Walker 15 years Jackie James 25 years Carol Matthews 25 years Program

396 views • 22 slides
Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Now You Got a Search Engine MICES 14. June 2017 Peter Rieger Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12 years search Dropped 3 courses of study Freelancer for 12 years CEO for 8 years

487 views • 20 slides
2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years when possible when bored when forced - 3 teams @ - 17 codebases - 43K LOC Jul 13 Jan 14 Jul 14 Jan 15 Why Functional Programming?

1.95k views • 160 slides
ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years as Executive Director Mom to rescues Roxie & Charlie Vegetarian home chef Lover of naps, folk art and happy hours Show

132 views • 11 slides
Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan Upton -10 years Michelle Bosschart -16 years Debbie Kundrat - 20 years Georgine Premo - 20 years Marian Vanden Bosch - 20 years Meeting Agenda 1)

112 views • 10 slides
Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in CAD&Numeric C++ simulations PHILIPPE BOULANGER 3 years in 19,5 years in embedded Python programming 11,5 years in finance

879 views • 51 slides
www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in manufacturing 2. 6 years of experience in Agile Transformation 3. Clients worked - HP Product Division, Symantec, SKF, Healthways and Philips 4. Currently

643 views • 21 slides
Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park - 11 years Elizabeth Holman - 15 years Marian Vanden Bosch - 20 years Lillian Balliet - 39 years Meeting Agenda 1) Jane Fernald & Judy Webster,

303 views • 12 slides
Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond www.hounslowhighways.org Hounslow PFI Update July 2017 INTRODUCTION What is included in the PFI? Core Investment Period Progress

456 views • 22 slides
BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U I L Entrepreneur (20 years) eric@voskuil.org Investor/Advisor (12 years) https://github.com/evoskuil Microsoft Architect (3 years)

479 views • 17 slides
Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z A B E T H O L Y M P I C P A R K QUEEN ELIZABETH OLYMPIC PARK LEYTON Clapton Park Forest Gate Homerton Maryland HA HACK HA

424 views • 15 slides
A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years

A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years

A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years The Indiana Masonic Home was established to care for widows and orphaned children of Masons in 1915. Through the years, the community grew and demand

402 views • 25 slides
Page 1 Example: Branch Stall Impact Example: Calculating CPI bottom up Run benchmark and collect

Page 1 Example: Branch Stall Impact Example: Calculating CPI bottom up Run benchmark and collect

Review, #1 CS252 Technology is changing rapidly: Graduate Computer Architecture Capacity Speed Lecture 2 Logic 2x in 3 years 2x in 3 years DRAM 4x in 3 years 2x in 10 years Review of Instruction Sets, Pipelines, and Disk 4x

496 views • 13 slides
WELCOME CLASS OF 2024 8 TH GRADE OPEN HOUSE MINIMUM GRADUATION REQUIREMENTS Four years of

WELCOME CLASS OF 2024 8 TH GRADE OPEN HOUSE MINIMUM GRADUATION REQUIREMENTS Four years of

WELCOME CLASS OF 2024 8 TH GRADE OPEN HOUSE MINIMUM GRADUATION REQUIREMENTS Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of

869 views • 66 slides
Jacobs Life: In Egypt 17 Years In Assyria (Laban) 20 Years In Canaan 110 Years Life

Jacobs Life: In Egypt 17 Years In Assyria (Laban) 20 Years In Canaan 110 Years Life

And Jacob lived in the land of Egypt seventeen years. So the length of Jacobs life was one hundred and forty-seven years. Gen 47:28 Jacobs Life: In Egypt 17 Years In Assyria (Laban) 20 Years In Canaan 110 Years Life of

350 views • 34 slides
Training in the UK All trainees now have 5-6 years undergraduate; 2 years postgraduate prior

Training in the UK All trainees now have 5-6 years undergraduate; 2 years postgraduate prior

3/7/2015 Training in the UK All trainees now have 5-6 years undergraduate; 2 years postgraduate prior to full registration Surgical training then 6-8 years (+/- 1-3 years Training and practice of breast MD/PhD research) surgery:

275 views • 6 slides
F ROM THE C ARTEL TO A F IRST -T IME U SER The Challenges of Drug Prosecution in an Opioid

F ROM THE C ARTEL TO A F IRST -T IME U SER The Challenges of Drug Prosecution in an Opioid

F ROM THE C ARTEL TO A F IRST -T IME U SER The Challenges of Drug Prosecution in an Opioid Epidemic INDIANA CRIMINAL CODE - 2014 LEVEL MINIMUM ADVISORY MAXIMUM Murder 45 years 55 years 65 years Level 1 20 years 30 years 40 years

841 views • 55 slides
Data Clustering: Data Clustering: 50 Years Beyond K means 50 Years Beyond K means 50 Years

Data Clustering: Data Clustering: 50 Years Beyond K means 50 Years Beyond K means 50 Years

Data Clustering: Data Clustering: 50 Years Beyond K means 50 Years Beyond K means 50 Years Beyond K-means 50 Years Beyond K-means Anil K. Jain Department of Computer Science Michigan State University King-Sun Fu King-Sun Fu King-Sun

1.03k views • 39 slides
The Hundred Years War Target Describe the causes of the 100 years war, the advantages and

The Hundred Years War Target Describe the causes of the 100 years war, the advantages and

The Hundred Years War Target Describe the causes of the 100 years war, the advantages and disadvantages, and the 3 phases of the war. Long Term Causes English wanted to regain lost lands from the French Economic rivalry (Flanders

617 views • 16 slides

More recommend