Internet threats and defence mechanism

1. 1 INTERNET THREATS & DEFENCE MECHANISM INTERNET THREATS AND DEFENCE MECHANISM Mr. RAJASEKAR RAMALINGAM Faculty - Department of IT College of Applied Sciences – Sur Sultanate of Oman vrrsekar@yahoo.com

2. 2 Content 1. Internet Threats 1.1 Cyber-bullying 1.2 Cyberstalking 1.3 Phishing 1.4 Webspam 1.5 E-mail Spoofing 1.6 What Is Spam? 1.7 Denial-of-Service (DoS) Attack 1.8 Chain Letters – A Problem 1.9 Internet Enemies 2. Defense Mechanisms INTERNET THREATS AND DEFENCE MECHANISM

3. 3 1. INTERNET THREATS 1.1 CYBER-BULLYING Cyberbullying is defined as: actions that use information and communication technologies to support deliberate, repeated, and hostile behavior by an individual or group, that is intended to harm another or others. use of communication technologies for the intention of harming another person use of Internet service and mobile technologies such as web pages and discussion groups as well as instant messaging or SMS text messaging with the intention of harming another person. A cyberbully may or may not know their target. A cyberbully may be anonymous and may solicit involvement of other people online who do not know the target. This is known as a "digital pile- on. INTERNET THREATS AND DEFENCE MECHANISM

4. 4 1.2 CYBERSTALKING Use of Information and Communications Technology (Internet), by an individual or group of individuals, to harass another individual, group of individuals, or organization. What Cyberstalkers do …….?  False accusations  Attempts to gather information about the victim  Transmission of Threats  Encouraging others to harass the victim  False victimization  Attacks on data and equipment  Ordering goods and services  Identity Theft Cyberstalkers find their victims from …….? Search engines, online forums, blogs, bulletin and discussion boards, chat rooms, and more recently, through online communities such as MySpace, Facebook, Hi5 etc. INTERNET THREATS AND DEFENCE MECHANISM

5. 5 1.3 PHISHING Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity through an electronic communication, especially e-mails. Major Phishing Techniques: 1. Man-in-the-middle Attacks 2. URL Attacks 3. Cross-site Scripting Attacks 4. Observing Customer Data 5. Client-side Vulnerability Exploitation INTERNET THREATS AND DEFENCE MECHANISM

6. 6 PHISHERS’ MAJOR TECHNIQUES: 1. Man-in-the-Middle Attacks • A man-in-the-middle attack (MitM, MiM attack, MitMA) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. • One example of man-in-the-middle attacks is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. • The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances. INTERNET THREATS AND DEFENCE MECHANISM

7. 7 INTERNET THREATS AND DEFENCE MECHANISM

8. 8 2. URL Attacks  Bad Domain Names  Using URL obfuscation techniques, the attacker tricks the customer into connecting to their proxy server instead of the real server.  For example, the customer may follow a link to  http://www.my-bank.com instead of http://www.mybank.com INTERNET THREATS AND DEFENCE MECHANISM

9. 9 Phishers’ Major Techniques… 3. Cross-site Scripting Attacks  Cross-site scripting attacks make use of custom URL or code injection into a valid web-based application URL or imbedded data field.  These techniques are the result of poor web-application development processes. Typical formats for CSS injection into valid URL’s include: Full HTML substitution: http://mybank.com/ebanking?URL=http://evilsite.com/phishing/fakepage.htm Inline embedding of scripting content: http://mybank.com/ebanking?page=1&client=<SCRIPT>evilcode... Forcing the page to load external scripting code: http://mybank.com/ebanking?page=1&response=evilsite.com%21evilcode.js&go=2 INTERNET THREATS AND DEFENCE MECHANISM

11. 11 4) Observing Customer Data  Key-loggers and Screen-grabbers can be used to observe confidential customer data as it is entered into a web-based application.  This information is collected locally and typically retrieved through by attacker through the following different methods:  Continuous streaming of data (i.e. data is sent as soon as it is generated) using a custom data sender/receiver pair.  Backdoor collection by the attacker. The observation software allows the attacker to connect remotely to the customer’s machine and pull back the data as and when required. INTERNET THREATS AND DEFENCE MECHANISM

12. 12 Key-loggers •The purpose of key loggers is to observe and record all key presses by the customer. •In particular, when they enter their authentication information into the web-based application login pages. •With these credentials the Phisher can then use the account for their own purposes at a later date and time. •Key-loggers may be pre-compiled objects that will observe all key presses - Regardless of application or context. Screen Grabbing •Sophisticated Phishing attacks make use of code designed to take a screen shot of data that has been entered into a web-based application. •This functionality is used to overcome some of the more secure financial applications that have special features build-in to prevent against standard key-logging attacks. INTERNET THREATS AND DEFENCE MECHANISM

13. 13 5) Client-side Vulnerability Exploitation  The sophisticated browsers used to surf the web, any commercial piece of software, are often vulnerable to a myriad of attacks.  The more functionality built into the browser, the more likely their exists a vulnerability that could be exploited by an attacker.  Software vendors have made great strides in methods of rolling out software updates and patches, home users are notoriously poor in applying them.  This, combined with the ability to install add-ons (such as Flash, RealPlayer and other embedded applications) means that there are many opportunities for attack.  Similar to the threat posed by some of the nastier viruses and automated worms, these vulnerabilities can be exploited in a number of ways. INTERNET THREATS AND DEFENCE MECHANISM

14. 14 1.4 WEBSPAM Webspam is the term for webpages that are designed by webmasters to trick search engines and draw users to their websites. Why do Spammers Create Spam Pages ?  To make money  To change search engine rankings  To do harm to users’ computers with sneaky downloads How do Spammers Create Spam Pages ?  Hidden text and hidden links  Keyword stuffing  Sneaky redirects  Cloaking with JavaScript redirects and 100% frame INTERNET THREATS AND DEFENCE MECHANISM

15. 15 1.5 E-MAIL SPOOFING  E-mail spoofing is a term used to describe fraudulent e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.  E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message.  The term spam refers to unsolicited, often unwanted, email messages.  Spam does not necessarily contain viruses, valid messages from legitimate sources could fall into this category. 1.6 WHAT IS SPAM? INTERNET THREATS AND DEFENCE MECHANISM

17. 17 1.7 DENIAL-OF-SERVICE (DOS) ATTACK A denial-of-service attack (DoS attack) or distributed denial-of- service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. How to block a "denial of service" attack? By setting up a filter, or "sniffer," on a network before a stream of information reaches a site's Web servers. INTERNET THREATS AND DEFENCE MECHANISM

18. 18 1.8 CHAIN LETTERS – A PROBLEM  Mask viruses or other malicious activity.  Although they seem harmless, may have negative impact if you forward them:  Consume bandwidth/space within the recipient's inbox.  Force people to waste time sifting through the messages & possibly taking time to verify the information.  You are spreading hype and, often, unnecessary fear and paranoia. Some types of chain letters 1) Hoaxes: • Attempt to trick or defraud users. • Instructing users to delete an important file by claiming it is a virus. • It could also be a scam that convinces users to send money or personal information. 2) Urban legends: • Designed to be redistributed and usually warn users of a threat or claim to be notifying them of important or urgent information. • Promise users monetary rewards for forwarding the message. INTERNET THREATS AND DEFENCE MECHANISM

19. 19 HoaxMail INTERNET THREATS AND DEFENCE MECHANISM

20. 20 1.9 INTERNET ENEMIES 1) COMPUTER VIRUS • A virus is a self-replicating and self-executable malicious software. • It spreads being attached to other files. 2) WORMS • Computer worms are similar to viruses (they are also self-replicating). • While viruses are attached to another software, worms can function separately. • Worms can delete files on your computer, send files via e-mails, even to spread across the Internet. 3) TROJAN HORSE (TROJAN) • A program that appears desirable but actually contains something harmful; "the contents of a trojan can be a virus or a worm“. INTERNET THREATS AND DEFENCE MECHANISM

21. 21 Internet Enemies….. 4) ROOTKIT • This is a special kind of software. • Once installed, totally hidden on your computer. • One of its most dangerous activity is that it leaves a 'backdoor' on the target system, and can gain control over it without the needed privileges. • It can also hide keyloggers which can send data about what you type in on your computer. 5) SPYWARE • They collect personal data from your computer & send it to a company. • Who analyses it to gain precious information for their business. INTERNET THREATS AND DEFENCE MECHANISM

22. 22 2. DEFENSE MECHANISMS 1) FIREWALL: A firewall helps protect your computer by preventing unauthorized users from gaining access to it through a network or the Internet. What type of firewall is best? • Hardware: Router • Software: ISA Server 2) USE ANTI-VIRUS SOFTWARE: • Anti-virus software is designed to protect you and your computer against known viruses. • But with new viruses emerging daily, anti-virus programs need to be updated regularly. INTERNET THREATS AND DEFENCE MECHANISM

23. 23 3) ATTACKER E-MAIL VICTIM [SHORTEST & EASIEST ROUTE]  Don't give your email address out arbitrarily.  Don't follow links in spam messages.  Do not open email from unknown sources.  Consider opening an additional email account.  Use caution when opening/downloading attachments.  Password………?  Don't spam other people.  Benefits of BCC (Blind Carbon Copy). INTERNET THREATS AND DEFENCE MECHANISM

24. 24 4) SECURE YOUR WEB BROWSER INTERNET THREATS AND DEFENCE MECHANISM

25. 25 5) DIGITAL SIGNATURE: • A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file, etc.) is authentic. 6) AUTHENTICATION: • Authentication is the process of verifying that information is coming from a trusted source. Methods: Passwords, Checksum, CRC etc. 7) ENCRYPTION: • Encryption is the process of taking all the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. INTERNET THREATS AND DEFENCE MECHANISM

26. 26 8) DIGITAL CERTIFICATE: • A digital certificate is essentially a bit of information that says the Web server is trusted by an independent source known as a Certificate Authority. • The Certificate Authority acts as the middleman that both computers trust. 9) CERTIFICATE AUTHORITY (CA): • A certificate authority or certification authority (CA) is an entity that issues digital certificates for use by other parties. • It is an example of a trusted third party. • Some CAs include : VeriSign, Inc., Mountain View, California Comodo Group, Inc. Washington, USA WebTrust Toronto, Canada INTERNET THREATS AND DEFENCE MECHANISM

Internet threats and defence mechanism

Internet threats and defence mechanism

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente(20)

Similar a Internet threats and defence mechanism

Similar a Internet threats and defence mechanism(20)

Más de CAS

Más de CAS(20)

Último

Último(20)

Internet threats and defence mechanism

Notas del editor