Professional Documents
Culture Documents
Ways of Stealing and Securing Scientific Data.: Defects and Good Solutions in Network Security Systems
Ways of Stealing and Securing Scientific Data.: Defects and Good Solutions in Network Security Systems
Primary author:
Mateusz Zaborski (Warsaw University of Technology)
Co-authors:
Krystian Roson (Warsaw University of Technology)
Adam Kozakiewicz (Warsaw University of Technology)
Plan
Hospital in Hollywood why protect data?
Ransomware
WiFi (un)security
Attacks
Open source sollution
Unsolved problems
Hospital in Hollywood
Ransomware
Inteligent malware
zero-day
Februar 2016
17000 $ ransom
Source: www.trendmicro.com
WiFi (un)security
802.11
WEP
WPA
WPA2
WiFi (un)security
802.11
WEP
WPA
WPA2
WPS
WiFi (un)security
WiFi (un)security
Kali linux 2.0
Alfa AWUS05NH
Tests
TP-LINK MR3420 v1.2
Tests
Many routers to hack under 10h (online attack)
Some routers to hack in few minutes (offline attack)
Only few routers are secure with default configuration
Secure connection
via Internet (VPN)
IPsec
Standard described by protocols
Many methods, modes
Many implementations
Included in IPv6
IP
header
data
IP
header
ESP
header
IP
header
secret data
ESP
trailer
ESP
auth
IP
header
ESP
header
xxxxxxxxxxxxxxxxxxxx
ESP
trailer
ESP
auth
data
xxxx
data
xxxx
data
xxxx
data
xxxx
data
data
xxxx
Relay attack
Increase speed
xxxxxx
Relay attack
Increase speed
xxxxxx
xxxxxx
xxxxxx
xxxxxx
Secure connection
via Internet (VPN)
Random numbers
Sequence
Key negotiation
Performance
Cipher
Packet fragmentation
MITM attack
Certificates
HMAC functions
Collisions
Backdoor
IPsec or SSL