Introduction of Introduction of Internet securityInternet security

Sui WangSui WangIS300IS300

BackgroundBackground By the time that we connect our computer to the network, especially connects on By the time that we connect our computer to the network, especially connects on

internet, people may enjoy receiving and sending Email, chats with friends on-lininternet, people may enjoy receiving and sending Email, chats with friends on-line, Through browser to finding good deals over internet, and downloading music, e, Through browser to finding good deals over internet, and downloading music, movies and so on the services.movies and so on the services.

However, while this time, the computer is also exposing in the computer virus as However, while this time, the computer is also exposing in the computer virus as well as in the Trojan Horse computer program treat.well as in the Trojan Horse computer program treat.

Also, when you send or receive Email, you also possibly carry out the virus that hiAlso, when you send or receive Email, you also possibly carry out the virus that hide in the E-mail's attachment.de in the E-mail's attachment.

There are some famous example:There are some famous example: VBS_HAPTIME, W97M_Melissa, VBS_Loveletter, VBS_Fireburn, W97M_ResumVBS_HAPTIME, W97M_Melissa, VBS_Loveletter, VBS_Fireburn, W97M_Resum

e ,VBS_Newlove e ,VBS_Newlove

The importance of The importance of internet securityinternet security

The importance of internet securityThe importance of internet security Information WarfareInformation Warfare

Attackers try to attack an organization or the website of Attackers try to attack an organization or the website of government unit crustily and make it paralyzed. The damages it government unit crustily and make it paralyzed. The damages it creates will be inferior to the traditional war.creates will be inferior to the traditional war.

RecoveryRecoveryDetectsDetects

AttacAttackk

TimeTime

DefenseDefense

*http://dsns.csie.nctu.edu.tw/course/netsec/2004fall/slides/10-network%20security.pdf*http://dsns.csie.nctu.edu.tw/course/netsec/2004fall/slides/10-network%20security.pdf

Source of online attackSource of online attack Local machine  attackLocal machine  attack

Get the administrator user account Get the administrator user account Increase administrator rightIncrease administrator right Embedding Trojan horseEmbedding Trojan horse

Remote attackRemote attack Attack the weakness of remote systemAttack the weakness of remote system

Dos, Buffer OverflowDos, Buffer Overflow Intercept attackIntercept attack

Sniff, Session hijacking.Sniff, Session hijacking.

Types of attack methodsTypes of attack methods

Hacker Hacker

Use the weakness of system to get the administrator right in order to access Use the weakness of system to get the administrator right in order to access the actions. the actions.

It is type of anthropogenic sourceIt is type of anthropogenic source

When used properly, this term refers to an elite breed of "good guys" who are When used properly, this term refers to an elite breed of "good guys" who are talented computer programmers. They enjoy solving challenging problems or talented computer programmers. They enjoy solving challenging problems or exploring the capabilities of computers. Like a carpenter wielding an axe to exploring the capabilities of computers. Like a carpenter wielding an axe to make furniture, the hacker does good things with his skills. True hackers make furniture, the hacker does good things with his skills. True hackers subscribe to a code of ethics and look down upon the illegal and immoral subscribe to a code of ethics and look down upon the illegal and immoral activity of crackers (defined above). When the press uses "hackers" to describe activity of crackers (defined above). When the press uses "hackers" to describe virus authors or computer criminals who commit theft or vandalism, it is not virus authors or computer criminals who commit theft or vandalism, it is not only incorrect but also insulting to true hackers. only incorrect but also insulting to true hackers.

Types of attack methodsTypes of attack methods

WormWorm

A worm is a programme that is designed to replicate and spread throughout A worm is a programme that is designed to replicate and spread throughout a computer system. a computer system.

It will usually hide within files (for example, Word documents), and distribute It will usually hide within files (for example, Word documents), and distribute those files through any available network connections.those files through any available network connections.

Worms are often used to drain computer resources such as memory and netWorms are often used to drain computer resources such as memory and network access, simply by replicating on a large scale. In addition worms sometiwork access, simply by replicating on a large scale. In addition worms sometimes delete data and spread rapidly via e-mail.mes delete data and spread rapidly via e-mail.

Types of attack methodsTypes of attack methods

VirusVirus Viruses are designed to spread from machine to machine and across netwViruses are designed to spread from machine to machine and across netw

orks. To achieve this, a virus will usually copy itself to other programmes oorks. To achieve this, a virus will usually copy itself to other programmes on a computer, before executing any intended tasksn a computer, before executing any intended tasksThere are two key aspects of a virus:There are two key aspects of a virus:

* They are self executing* They are self executing* They are self-replicating. * They are self-replicating.

Backdoor and Trojan Backdoor and Trojan HorseHorse

Backdoor (Trojan Horse)Backdoor (Trojan Horse) It is an attack method by which malicious or harmful code is contained It is an attack method by which malicious or harmful code is contained

inside apparently harmless files. Once opened, the malicious code can inside apparently harmless files. Once opened, the malicious code can collect unauthorized information that can be exploited for various collect unauthorized information that can be exploited for various purposes, or permit computers to be used surreptitiously for other purposes, or permit computers to be used surreptitiously for other malicious activity.malicious activity.

.  .  Those on the receiving end of a Trojan Horse are usually tricked into Those on the receiving end of a Trojan Horse are usually tricked into

opening them because they appear to be receiving legitimate software opening them because they appear to be receiving legitimate software or files from a legitimate source.  or files from a legitimate source. 

When a Trojan is activated on your computer, the results can vary. When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a your system. Trojans are also known to create a backdoorbackdoor on your on your computer that gives malicious users access to your system, possibly computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. allowing confidential or personal information to be compromised. Unlike viruses and worms, Unlike viruses and worms,

Trojans do not reproduce by infecting other files nor do they self-Trojans do not reproduce by infecting other files nor do they self-replicate replicate

Defense and Detect of network attack

Intrusion Detection System (IDS) Host-based IDS Network-based IDS

Detect weakness mechanism Weakness of remote detection

Remote scanner Weakness of Local machine detection

Check file integrity

Packet filter mechanism Fire wall TCP wrapper

Record History of system detection

Recovery

Backup Periodic duplication of all data

Improvement Install redeem program Make sure to have correctly setting Tighten security Make sure your software is up today

Work citedWork cited http://www.irchelp.org/irchelp/security/trojan.html#apphttp://www.irchelp.org/irchelp/security/trojan.html#app http://infotrip.ncl.edu.tw/law/security.html#1http://infotrip.ncl.edu.tw/law/security.html#1 http://dsns.csie.nctu.edu.tw/course/intro-security/2005/book/Chap10.pdfhttp://dsns.csie.nctu.edu.tw/course/intro-security/2005/book/Chap10.pdf http://www.computertoday.com.hk/computing.php?gsel=8&cid=92http://www.computertoday.com.hk/computing.php?gsel=8&cid=92 Kaufman Charlie, Perlman Radia, Speciner Mike. Network Security: Private CommNetwork Security: Private Comm

unication in a Public World Second Edition.unication in a Public World Second Edition. A division of Pearson Education. Inc. 2A division of Pearson Education. Inc. 2002.002.