1 / 19

Introduction to Cybercrime and Security

DIYTP 2009. Introduction to Cybercrime and Security. What is Cybercrime?. Using the Internet to commit a crime. Identity Theft Hacking Viruses Facilitation of traditional criminal activity Stalking Stealing information Child Pornography. Cybercrime Components. Computers Cell Phones

silvain
Télécharger la présentation

Introduction to Cybercrime and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DIYTP 2009 Introduction to Cybercrime and Security

  2. What is Cybercrime? • Using the Internet to commit a crime. • Identity Theft • Hacking • Viruses • Facilitation of traditional criminal activity • Stalking • Stealing information • Child Pornography

  3. Cybercrime Components • Computers • Cell Phones • PDA’s • Game Consoles

  4. High-Profile Cybercrime-related Cases • TJ Maxx data breach • 45 million credit and debit card numbers stolen • Kwame Kilpatrick • Cell phone text messages • BTK Serial Killer • Kevin Mitnick

  5. Computer Security • Confidentiality • Only those authorized to view information • Integrity • Information is correct and hasn’t been altered by unauthorized users or software • Availability • Data is accessible to authorized users

  6. Computer Security Figure 1.0 – CIA Triangle

  7. Computer Security - Threats • Malware • Software that has a malicious purpose • Viruses • Trojan horse • Spyware

  8. Computer Security - Threats • Intrusions • Any attempt to gain unauthorized access to a system • Cracking • Hacking • Social Engineering • War-driving

  9. Computer Security - Threats • Denial-of-Service (DOS) • Prevention of legitimate access to systems • Also Distributed-Denial-of-Service (DDoS) • Different types: • Ping-of-Death • Teardrop • Smurf • SYN

  10. Computer Security - Threats Figure 1.1 – DoS and DDoS Models

  11. Computer Security - Terminology • People • Hackers • White Hat – Good guys. Report hacks/vulnerabilities to appropriate people. • Black Hat – Only interested in personal goals, regardless of impact. • Gray Hat – Somewhere in between.

  12. Computer Security - Terminology • Script Kiddies • Someone that calls themselves a ‘hacker’ but really isn’t • Ethical Hacker • Someone hired to hack a system to find vulnerabilities and report on them. • Also called a ‘sneaker’

  13. Computer Security - Terminology • Security Devices • Firewall • Barrier between network and the outside world. • Proxy server • Sits between users and server. Two main functions are to improve performance and filter requests. • Intrusion Detection Systems (IDS) • Monitors network traffic for suspicious activity.

  14. Computer Security - Terminology • Activities • Phreaking • Breaking into telephone systems (used in conjunction with war-dialing) • Authentication • Determines whether credentials are authorized to access a resource • Auditing • Reviewing logs, records, or procedures for compliance with standards

  15. Computer Security - Careers • Information Security Analyst US National Average Salary Figure 1.2 – Median salary courtesy cbsalary.com

  16. Computer Security - Certifications • Entry-level • Security+ http://www.comptia.org/certifications/listed/security.aspx • CIW Security Analyst www.ciwcertified.com • Intermediate • MSCE Security http://www.microsoft.com/learning/en/us/certification/mcse.aspx#tab3 • Professional • CISSP www.isc2.org • SANS www.sans.org

  17. Computer Security - Education • Community-college • Washtenaw Community College • Computer Systems Security http://www4.wccnet.edu/academicinfo/creditofferings/programs/degree.php?code=APCSS • Computer Forensics http://www4.wccnet.edu/academicinfo/creditofferings/programs/degree.php?code=APDRAD

  18. Computer Security - Education • 4-Year College • Eastern Michigan University • Information Assurance • Applied • Network • Cryptography • Management • http://www.emich.edu/ia/undergraduate.html

More Related