Information Systems Security: An Overview

Information Systems Security: An
Overview
Sotirios Kontogiannis1 and Apostolos Syropoulos2
1Western Macedonia
University of Applied Sciences
Grevena, Greece
skontog@ee.duth.gr
2Independent scholar
Xanthi, Greece
asyropoulos@yahoo.com
January 13, 2016
Xanthi

Introduction System Protection Malware Cyber-security Finale
Presentation Overview
1 Introduction
2 System Protection
3 Malware
4 Cyber-security
5 Finale

What is IS Security?

Information system security is the software and hardware
mechanisms that prevent access to certain system resources:

Access Control and restrictions per user per role;

System policy and restrictions; and

System policy and restrictions; and
Access Control and restriction per network/machine per role.

What IS security does include?

Prevention of

Prevention of
System level security (e.g., OS attacks, application overflow,
etc.);

Prevention of
etc.);
Network level security (e.g., network data evesdroping,
machine impersonization, etc.);

Prevention of
etc.);
Physical attacks (e.g., boot computer with OS DVD);

Prevention of
etc.);
IS attacks via modified hardware [e.g., Mifare attacks (RFID
systems), etc.] and

Prevention of
etc.);
IS attacks via modified hardware [e.g., Mifare attacks (RFID
systems), etc.] and
IS malfunction via Hardware I/O attacks (e.g., USB device
plugged into a system).

What does System Security protects?

The system hardware, which must be protected physically.
Maxim: Protect thy console before thy self!

The system’s OS and software resources. Also, users’ files
and per user OS restrictions.

The system’s OS and software resources. Also, users’ files
and per user OS restrictions.
The system’s local services (e.g., shared service resources).

What does Network Security protects?

System services available to end users via the Internet or
Local network.

Local network.
The data that traverses through the network.

Local network.
The data that traverses through the network.
The machine network information and the levels of per
machine (pc) access on network resources (provided from
other machines).

Hackers…

Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.

Hackers…
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.

Hackers…
systems.
Vladimir Levin: Citybank hacker (1994).

Hackers…
systems.
Michael Calce: Yahoo hack (2000).

Hackers…
systems.
David Smith: Melisa e-mail clone virus (2000).

Hackers…
systems.
Adrian Lamo: The homeless hacker of Microsoft, New York
Times and Yahoo! (2000).

Hackers…
systems.
Jonathan James: US department of defence hacker-spy.

Hackers…
systems.
Gary Mckinnon: US Air Force, US Navy, and NASA systems
hacker.

Hackers…
systems.
Gary Mckinnon: US Air Force, US Navy, and NASA systems
hacker.
Kevin Mitnick: switching system (PBX) phreacker (one who
gains illegal access to the telephone system).

Vocabulary PART I

Vocabulary PART I
noob Someone who knows little and has no will to learn any
more.

Vocabulary PART I
more.
script kiddie Someone who relies on premade exploit
programs and files (”scripts”) to conduct his hacking, and
refuses to bother to learn how they work.

Vocabulary PART I
more.
lamer A person who knows little and uses nukes to do his
work

Vocabulary PART I
more.
work
cracker Someone who uses software cracking to modify a
program.

Vocabulary PART I
more.
work
cracker Someone who uses software cracking to modify a
program.
Warez Copyrighted works distributed without fees or
royalties, and may be traded, in general violation of
copyright law.

Vocabulary Part II

Vocabulary Part II
warez d00dz Are part of the darkest internet subculture.
They usually copy the warez from their own software,
breaking copy protection if need be.

Vocabulary Part II
Guru An authority on computers and computing.

Vocabulary Part II
Poser One who tries to fit in but with exaggeration; pretends
to be someone whose not.

Vocabulary Part II
Poser One who tries to fit in but with exaggeration; pretends
to be someone whose not.
Leecher In the context of to peer to peer file sharing
protocols, or networks (e.g., Bittorrent), someone who
consumes bandwidth by downloading, yet has no will to
upload or give back to a community.

Hackers…
The population pyramid of potential
Information System attackers
AVERAGE NONSKILLED USER
NOOB
KIDDIE SCRIPTER
LAMER
CRACKER
PHREAKS/WAREZ D00DZ
HACKER
GURU
>25,000
>50,000
<8,000
<3,000
<500
<150
POSER/WANNABEE
LEECHER
Population/10,000,000

Hacker Manners

Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).

Hacker Manners
They use Jargon
The use nicknames from irc channesl (#hack or #linux).

Hacker Manners
They use Jargon
Always two there are a master and an apprentice (Yoda
syntax!).

Hacker Manners
They use Jargon
syntax!).
Exchange knowledge with knowledge or zero date exploits
with remote access.

Hacker Manners
They use Jargon
syntax!).
with remote access.
Follow strategy and protection measures (e.g., connect from
owned IP)

Hacker Manners
They use Jargon
syntax!).
with remote access.
owned IP)
They do not portscan or sniff or expose themselves to
danger. They have lamers for this.

Hacker Manners
They use Jargon
syntax!).
with remote access.
owned IP)
They never delete systems, only deface and install rootkits or
backdoors.

Hacker Manners
They use Jargon
syntax!).
with remote access.
owned IP)
They never delete systems, only deface and install rootkits or
backdoors.
Maintain low profile and utilize social engineering
techniques.

Malware or more …ware!

Computer Virus A binary patch set to a system’s executable
file “accidentally” by an administrator role.

Worm Something similar to a virus by design and is
considered to be a sub-class of a virus. Also, a worm has the
capability to travel without any human “intervention.”

Spyware Software that aims to gather information about a
person or force a person visit specific web, view ads using
popup windows sites or metasearch engines.

Trojans A type of malware that is often disguised as
legitimate software. Users are typically tricked by some form
of social engineering into loading and executing Trojans on
their systems.

Trojans A type of malware that is often disguised as
legitimate software. Users are typically tricked by some form
of social engineering into loading and executing Trojans on
their systems.
Exploit A small program (source code) that uses a system’s
vulnerability in order to gain unauthorized access to IS
resources

Types of Exploits

Types of Exploits
Local exploits Applicable when the program requires local
system user access.

Types of Exploits
system user access.
Remote exploits Applicable when the program requires only
service connection or service user access.

Types of Exploits
system user access.
Remote exploits Applicable when the program requires only
service connection or service user access.
Zero date When the code is published in the Internet is less
that 3 months time.

Types of Trojans

Types of Trojans
Root kit A collection of programs that enable
administrator-level access to a computer or computer
network.

Types of Trojans
network.
Backdoor A method, often secret, of bypassing normal
authentication in a product, computer system, cryptosystem
or algorithm etc.

Types of Trojans
network.
or algorithm etc.
Fake Antivirus It masquerades as legitimate software, but is
actually a malicious program that extorts money from you to
“fix” your computer.

Types of Trojans
network.
or algorithm etc.
Spy Trojans Usaually a standalone program that allows a
hacker to monitor user’s activities on an infected computer.
Typically, they capture screen, keyboard, I/O operations.

Types of Trojans
network.
or algorithm etc.
Trojans to hide Trojans Malicious software that hides itself,
so its activity doesn’t appear in the list of processes.

Types of Trojans
network.
or algorithm etc.
Trojans to hide Trojans Malicious software that hides itself,
so its activity doesn’t appear in the list of processes.
OS kernel module Trojans A kind of Trojan horse which
combines with kernel Rootkit technologies.

Network Security Malware

Port scanners (which posts are open?) and TCP
Fingerprinters (Detecting remote OS and its version).

Magic Packet Activated Backdoor The backdoor opens a
port, executes a signle command, initiates a session or
perform some other action when it received a single magic
packet.

packet.
IP Address Spoofing A hijacking technique in which a
cracker masquerades as a trusted host to conceal his identity
(e.g., sending e-mail from…NASA!).

packet.
Synchronize Packet Flood A cracker sends many connection
requests in a rapid pace without responding. This activity
leaves the first packet in the buffer so that other legitimate
connection requests cannot be completed

packet.
Synchronize Packet Flood A cracker sends many connection
requests in a rapid pace without responding. This activity
leaves the first packet in the buffer so that other legitimate
connection requests cannot be completed
Sniffer A network sniffers monitors data flowing over
computer network links.

Network Security Malware II

Man-in-the-middle Attacks type of cyberattack where a
malicious actor inserts him/herself into a conversation
between two parties, impersonates both parties and gains
access to information that the two parties were trying to send
to each other.

to each other.
Remote xploits Exploits done remotely by a cracker across
the Internet or by a user’s having privileges on the system.
Example: Fred Durst’s home computer was remotely
attacked and someone made a copy of a 2003 three-minute
private video in Durst’s possession.

to each other.
Remote xploits Exploits done remotely by a cracker across
the Internet or by a user’s having privileges on the system.
Example: Fred Durst’s home computer was remotely
attacked and someone made a copy of a 2003 three-minute
private video in Durst’s possession.
Denial of Service (DoS) An attacker attempts to prevent
legitimate users from accessing information or services. By
targeting your computer and its network connection, or the
computers and network of the sites you are trying to use, an
attacker may be able to prevent you from accessing websites
or other services that rely on the affected computer.

What is Cryptography?

Cryptography is the art and science of keeping information
secure from unintended audiences.

It is achieved by making information unintelligible.

Here is how it works:
plaintext
encryption
ciphertext
decryption
plaintext
Example: Caesar’s cipher is a type of substitution cipher in
which each letter in the plaintext is “shifted” a certain
number of places down the alphabet. For instance the word
“Lillija” is ecrypted as “Uruursj” if we shift 9 places.

Here is how it works:
plaintext
encryption
ciphertext
decryption
plaintext
Example: Caesar’s cipher is a type of substitution cipher in
which each letter in the plaintext is “shifted” a certain
number of places down the alphabet. For instance the word
“Lillija” is ecrypted as “Uruursj” if we shift 9 places.
Post-quantum cryptography.

System Security Countermeasures

Keep The Operating System up to date.

Depending on your OS install antivirus software.

Gather Information about zero day threats:

http://www.symantec.com/security_response/

http://www.esecurityplanet.com/

http://www.securityfocus.com/

Periodically use vulnerability scanner software:

Periodically use vulnerability scanner software:
http://sectools.org/tag/vuln-scanners/

Network Security Countermeasures

Use custom configured firewall that filters traffic.

Use port sensitive sniffers (port sentry) to detect scanners.

Check thoroughly network services configuration.

Check thoroughly network services configuration. Update
services and check shared service resources permissions

Check thoroughly network services configuration. Update
services and check shared service resources permissions
Use Network Intrusion Detection System to catch threats
targeting your vulnerable systems.

Finale!

Finale!
We presented

Finale!
We presented
general information about IS;

Finale!
We presented
what system protection means;

Finale!
We presented
the various forms of malware;

Finale!
We presented
advice on cyber-security.

Finale!
We presented
advice on cyber-security.
Thank you very much for your attension!

Information Systems Security: An Overview

More Related Content

What's hot (20)

Viewers also liked (20)

Similar to Information Systems Security: An Overview (20)

More from Apostolos Syropoulos (20)

Recently uploaded (20)

Information Systems Security: An Overview