recent attack technologies
play

Recent Attack Technologies Neil Long OxCert Introduction Hope - PowerPoint PPT Presentation

Sep 28, 2022 •341 likes •535 views

Recent Attack Technologies Neil Long OxCert Introduction Hope for audience participation! At least two aspects Target payloads Attack origins Future? arenas Attack Payloads Buffer overflow Format strings

  1. Recent Attack Technologies Neil Long OxCert

  2. Introduction • Hope for audience participation! • At least two aspects – Target payloads – Attack origins • Future? arenas

  3. Attack Payloads • Buffer overflow • Format strings – Any experts in the audience? • Network DoS – volume vs. content

  4. Buffer Overflow • Kernel switches, defences • stack vs heap vs libc • Options off by default

  5. Format Strings • Relatively recent - major examples – Wu-ftpd - Linux – rpc.statd - Linux – telnetd - IRIX – Local uid to root exploits

  6. Built-in Defences? • Libc modifications – Are they enough? • POSIX compliance – LibC from major vendors?? • Source code re-writes – continuous release of new exploits

  7. Bugtraq Libc Sperl Screen Imp pam_smb and Sysklogd pam_ntdom Envcheck wu-ftpd new Traceroute klogd variants Cfengine Su Ncurses rpc.statd Php Apache improved mod_rewrite

  8. Attacks • Scanning granularity • Real-time IDS • Post-event IDS • Multi-source attacks – scan host – exploit host – intrusion host(s)

  9. Tools used • Root-kits • hidden ‘extras’ • rapid evolution • IRC still major factor

  10. Counteractive Tools • LSOF • TCT – mactime – lsi & icat • Netflows • Active IDS

  11. DDoS tools • Trinoo still popular - evolving • Stacheldraht • ‘TFN3K’ very worrying • Trinity (Entitee) • Handler-agent communication differences

  12. DDoS Payloads • UDP volume • TCP SYN flood • Smurf & Fraggle amplifiers • Stream • Fragments and others? • Higher bandwidth will make them more effective

  13. IP Spoofing • All vs. partial vs. none at all • Generator efficiency • benefits to them (and us)

  14. Locating the intruder • Traceback • Mobility becoming easier - locating more difficult – e.g. Use of non-contract cell phones • Wireless networks – promiscuous mode?

  15. New targets? • Voice-over-IP? • DNS revisited • WAP

  16. What is to come? • DDoS Net of nets? How long? • Pipes get fatter - – firewalls & IDS fall behind? – Cost prohibitive? • Disks keep getting bigger

  17. Finally • Story is not changing - – Demand for fatter pipes, bigger faster machines – But security is still an after-thought • Less logging by ISPs? • Growing awareness == more incidents – increased IRT load • Liability issues on the horizon?

Recommend

Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack

Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack

Outline Introduction to worms Potential damage that *could* be caused (theoretical) Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack Ben Wilde Mstream DoS attack 7 February, 2005

718 views • 14 slides
Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack surface Recent vulnerabilities Security response Defensive technologies Next steps Introduction Security nerd, recovering

790 views • 39 slides
Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz

Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz

Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz j00ru Jurczyk PacSec, Tokyo 2016 PS> whoami Project Zero @ Google Low-level security researcher with interest in all sorts of

1.62k views • 150 slides
Our Favorite XSS Filters/IDS and how to Attack Them Most recent version of slides can be

Our Favorite XSS Filters/IDS and how to Attack Them Most recent version of slides can be

Our Favorite XSS Filters/IDS and how to Attack Them Most recent version of slides can be obtained from blackhats website or http://p42.us/favxss/ About Us About Us Eduardo Vela (sirdarckcat) http://sirdarckcat.net/

1.2k views • 108 slides
Boring crypto Some recent TLS failures Daniel J. Bernstein Diginotar CA compromise. University

Boring crypto Some recent TLS failures Daniel J. Bernstein Diginotar CA compromise. University

Boring crypto Some recent TLS failures Daniel J. Bernstein Diginotar CA compromise. University of Illinois at Chicago & BEAST CBC attack. Technische Universiteit Eindhoven Trustwave HTTPS interception. CRIME compression attack. Lucky 13

1.3k views • 128 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

557 views • 18 slides
BotGraph: Large Scale Spamming Botnet Detection Web-account abuse attack recent spamming technic

BotGraph: Large Scale Spamming Botnet Detection Web-account abuse attack recent spamming technic

BotGraph: Large Scale Spamming Botnet Detection Web-account abuse attack recent spamming technic New different approche for sending spam Basing on reputation of email providers Difficult to detect signup detection monitoring users' activity

157 views • 15 slides
Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i . i o FARSIGHT SECURITY DISCUSSION POINTS Attack Trends A Historical View Attack Vectors in Recent Years Evolution of Mitigation

634 views • 29 slides
New Technologies and Providers of Last Resort: Recent Regulatory Issues in Electricity Markets

New Technologies and Providers of Last Resort: Recent Regulatory Issues in Electricity Markets

New Technologies and Providers of Last Resort: Recent Regulatory Issues in Electricity Markets David Brown Assistant Professor Department of Economics University of Alberta ACCC/AER Regulatory Conference Electricity Market Structure

499 views • 16 slides
Machine Learning and Artificial Intelligence in Recent Trends, Technologies, and Challenges

Machine Learning and Artificial Intelligence in Recent Trends, Technologies, and Challenges

Machine Learning and Artificial Intelligence in Recent Trends, Technologies, and Challenges sebastianraschka.com Sebastian Raschka, Ph.D. @rasbt Assist. Prof. Dep. of Statistics 1 information Article Machine Learning in Python: Main

1.04k views • 65 slides
BBC Technologies: Our LATAM Experience Who are BBC Technologies? BBC Technologies Where we are

BBC Technologies: Our LATAM Experience Who are BBC Technologies? BBC Technologies Where we are

BBC Technologies: Our LATAM Experience Who are BBC Technologies? BBC Technologies Where we are today Technology World leaders in Advance Processing Technologies for small fruits and vegetables. R&D Strong focus on research

383 views • 17 slides
Chapter 10 Buffer Overflow Buffer Overflow Common attack mechanism first wide use by

Chapter 10 Buffer Overflow Buffer Overflow Common attack mechanism first wide use by

Chapter 10 Buffer Overflow Buffer Overflow Common attack mechanism first wide use by the Morris Worm in 1988 Prevention techniques known NX bit, stack canaries, ASLR Still of major concern Recent examples:

354 views • 21 slides
Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun &

Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun &

15th USENIX Security Symposium | July 31st August 4th 2006 | Vancouver, B.C. - Canada Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun & profit Ivn Arce Core Security Technologies Humboldt

767 views • 41 slides
Recent Performance Analysis with Memphis Collin McCurdy Future Technologies Group Motivation

Recent Performance Analysis with Memphis Collin McCurdy Future Technologies Group Motivation

Recent Performance Analysis with Memphis Collin McCurdy Future Technologies Group Motivation Current projections call for each chip in an Exascale system to contain 100s to 1000s of processing cores Already (~10 cores/chip) memory

884 views • 22 slides
Turbine Generator Torsional Vibration Monitoring using the TDMS System Recent Applications

Turbine Generator Torsional Vibration Monitoring using the TDMS System Recent Applications

SUPROCK TECHNOLOGIES Turbine Generator Torsional Vibration Monitoring using the TDMS System Recent Applications Chris Suprock, PhD - Suprock Technologies Kevin Myers, P.E. - MPR Associates Outline Introduction Background tutorial /

600 views • 26 slides
Attack and Improvement of a Secure S-box Calculation Based on the Fourier Transform ebastien Coron

Attack and Improvement of a Secure S-box Calculation Based on the Fourier Transform ebastien Coron

8 + Attack and Improvement of a Secure S-box Calculation Based on the Fourier Transform ebastien Coron 1 , Christophe Giraud 2 , Emmanuel Prouff 2 , and Jean-S Matthieu Rivain 1 , 2 1 University of Luxembourg 2 Oberthur Technologies August 11,

718 views • 55 slides
ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on Deep Neural Networks Yandong Li* 1 Lijun Li* 1 Liqiang Wang 1 Tong Zhang 2 Boqing Gong 3 *Equal Contribution 1 University of Central Florida 2 Hong

440 views • 11 slides
Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know. Current biological diagnostics are very effective at identifying agents, but theyre slow. We already have an infrastruc- ture in place to

233 views • 8 slides
RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking Y.

RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking Y.

RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking Y. Ji, S. Lee, E. Downing, et.al. CCS17 Presented by: Mohammad A. Noureddine CS563 Fall 2018 No Shortage of Recent Breaches! 1 Investigating

804 views • 28 slides
Open Media Technologies Recent developments in Norway and around the world Audun Vaaler,

Open Media Technologies Recent developments in Norway and around the world Audun Vaaler,

Open Media Technologies Recent developments in Norway and around the world Audun Vaaler, stfold University College Otto Wittner, UNINETT torsdag 18. mars 2010 1994 torsdag 18. mars 2010 Open standard (EU) Adopted and maintained by

716 views • 34 slides
ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack & GOT Overwrite Attack Dr. Si Chen (schen@wcupa.edu) Review Page 2 ret2libc Attack Page 3 libc C standard library Provides

662 views • 36 slides
Attack Frameworks and Tools Pranav Jagdish Betreuer: Nadine Herold Seminar Innovative Internet

Attack Frameworks and Tools Pranav Jagdish Betreuer: Nadine Herold Seminar Innovative Internet

Network Architectures and Services, Georg Carle Faculty of Informatics Technische Universitt Mnchen, Germany Attack Frameworks and Tools Pranav Jagdish Betreuer: Nadine Herold Seminar Innovative Internet Technologies and Mobile

584 views • 30 slides
E3 E3T Energy Efficiency Emerging Technologies E3T ComTAG BPA E3T Commercial Buildings

E3 E3T Energy Efficiency Emerging Technologies E3T ComTAG BPA E3T Commercial Buildings

E3 E3T Energy Efficiency Emerging Technologies E3T ComTAG BPA E3T Commercial Buildings Emerging Technology Technical Advisory Group February 27, 2014 Meeting 1 Commercial Sector Emerging Technologies The subject of many recent

545 views • 25 slides
.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A Summary of a 3 weeks long experience 2016-03-07 Dec 2015 DDoS Attack on .TR 2 Before DDoS q Infrequent Small scale DoS and DDos Attacks Few

606 views • 14 slides

More recommend