1 / 15

How You Can Protect Yourself from Cyber-Attacks

How You Can Protect Yourself from Cyber-Attacks. Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA 92697 USA harris@ics.uci.edu. About the Class. Schedule: Mondays, 10:00 - 10:50 in DBH 1420 Website: Look at http://www.ics.uci.edu/~harris

kimo
Télécharger la présentation

How You Can Protect Yourself from Cyber-Attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA 92697 USA harris@ics.uci.edu

  2. About the Class • Schedule: Mondays, 10:00 - 10:50 in DBH 1420 • Website: Look at http://www.ics.uci.edu/~harris • Readings: The Symantec Guide to Home Internet Security, Andrew Conry-Murray and Vincent Weafer, Addison- Wesley, 2006 • Topics: Computer security risks (i.e. phishing, spam, malware, etc) and how to protect against them (i.e. firewalls, anti-virus, patching software, etc.) • This course is meant to be practical, not too technical. • I can give pointers to more technical information.

  3. Social Engineering • Exploiting vulnerabilities in the user, not the network or device • Traditional scams using the computer (and/or the phone) as a vehicle • People trust official looking emails and websites • Not primarily technical attacks • Often used to gain information for larger attacks

  4. Social Engineering Examples • Examples: • “Dear Honorable Sir, I need to transfer $10,000,000,000 to your account” • Required to pay a “small” transfer fee • “You need to update your Paypal account …” • Directed to send personal information • Call computer support and masquerade as a technician • “Where is that TFTP server located again?”

  5. Spoofing • Making a fake version of something in order to trick a user • Often used as part of a social engineering scam • Example: • You get an email saying something is wrong with your ebay account. • It provides a link to a website www.ebayaccounts.com • The website is fake but can look completely real • Can be done with email addresses and calling trees

  6. Preventing Social Engineering • Don’t trust anyone or any information that you can’t verify • Don’t give critical info to unverified websites/phone numbers 2. Don’t accept anything (i.e. programs) from unverified sources • This may be inconvenient • If Citibank calls, you should call them back at a known Number 2. Can’t purchase online from unknown vendors 3. Be careful about freeware/shareware

  7. “Technical” Threats • Exploiting vulnerabilities in the computational device or in the network • Require some technical ability • Understand network protocols and components • Write code (at least execute scripts) • Deeply understand networked applications • May be directed at your machine • You can defend against these • May impact you but be directed against other machines • You can’t really stop these

  8. Typical Technical Threats • Denial of Service - A service provided by the device is caused to fail • Cellphone cannot receive calls, desktop reboots • Quality of Service - Quality is degraded, not destroyed • Noise added to a phone call, anti-lock brakes slow • Data Theft - Important data is taken from the device • Passwords, name, usage patterns, location • Botnet Zombie - Complete ownership of the device to use in the future for other attacks.

  9. Threats Against Other Machines • Your machine’s operations are impacted by an attack on another machine • Usually part of the network infrastructure • Examples: • Your Domain Name Server (DNS) is attacked so you can no longer resolve domain names • Your university’s computers are attacked and your personal data is stolen • You can’t do much about these attacks, except complain/sue

  10. Threats Against Your Machine • Most such threats require executing malicious code on • your machine • Malware - General term for “Malicious code” • Common types of malware: • Spyware - Record information inside your device • Browsing habits, keystrokes, etc. • Also change behavior (web page redirects …) • Adware - Record information and display ads catered to you

  11. How Does Malware Work? • Need to know this in order to defend against it • Gets into the memory of your computer • Tricks your computer into executing it • Hides itself • Spreads itself to other machines

  12. Getting Into Your Computer • User-driven - User allows the malware in • Read your email • Click on an attachment • Click on a website link • File transfer (ftp) • Background traffic - Many programs communicate on the network in the background • IM, skype, automatic updates, etc.

  13. Executing on Your Machine How can foreign programs run on my computer? • User Gives Permission • “Do you want to enable this macro?” • Bad default settings, (ex. Automatically enable all macros) • These vulnerabilities can be fixed fairly easily • Software Vulnerability • A networked application has a coding flaw which allows unauthorized code execution

  14. Rootkits • A rootkit is a program that uses stealth • - Sneaks onto your machine without you knowing • - Hides itself on your machine so that is can’t be removed • Rootkits change components of the operating system to hide their • presence • Example of stealth • - A rootkit may attach itself to a good executable • - Detected by examining properties of the executable (i.e. size) • - Checking properties is a call to an OS program • - Rootkit may change the “check properties” program to print the • original size • Most malware is fundamentally a specialized rootkit

  15. Malware Propagation/Spread • Trojan Horse - Malware which is part of another program which the user believes is safe • Spread occurs when the user installs the “safe” program • Social engineering may be involved • Virus - Malware which is part of a larger program or file • Ex. Macro in an .xls spreadsheet • Self-replicates by inserting itself into new programs/files • Worm - Malware which is not attached to another program/file • Self-replicates over the network

More Related