Chapter 3

Attack Types and

Protection Schemes
 Objectives
 Definition of terms
 Categories of Attack Types and Security threats
 Vulnerabilities of Information Systems
 Malicious Security Threats
 viruses,
 worms,
 Trojan horses
 Spyware …etc.
 Categories of Security controls (protection schemes)
 Social Engineering

2 Attack Types and Protection Schems 02/19/2021

 Defining: Vulnerability, Threat,
Attack and Countermeasures
Vulnerability: is a point where a system is
susceptible to an Attack.
Threat: is a possible Danger to a System. It could
be a person , a thing or an event that exploits a
Vulnerability.
Attack: is an actual security breach that has been
made (Violation of a security policy) by a Threat.
Countermeasures: Techniques applied to protect a
system from any threat or an attack

3 Attack Types and Protection Schems 02/19/2021

 Threats
A computer security threat is any person, act,
or object that poses a danger to computer
security
Computer world is full of threats!
Virus, worms, etc.
So is the real world!
Thieves, pick-pockets, burglars,
murderers, drunk drivers, …

4 Malicious Security Attacks 02/19/2021

 What we need to do
What is the right attitude?
 To do what you do in real life

What do you do in real life?

 You learn about the threats
 What are the threats
 How can these threats affect you
 What is the risk for you to be attacked by these threats
 How you can protect yourself from these risks
 How much does the protection cost
 What you can do to limit the damage in case you are attacked
 How you can recover in case you are attacked
 Then, you protect yourself in order to limit the risk but to
continue to live your life
You need to do exactly the same thing with computers!

5 Malicious Security Attacks 02/19/2021

 Security threats
The Management must be informed of the
different threats facing the organization

By examining each threat category,

management effectively protects information
through policy, education, training, and
technology controls

6 Malicious Security Attacks 02/19/2021

 Security threats cont’d…
The 2004 Computer Security Institute (CSI)/Federal
Bureau of Investigation (FBI) survey found:
79 percent of organizations reported
cyber security breaches within the last 12
months
54 percent of those organizations reported
financial losses totaling over $141 million
66 percent of computer users store passwords on
stickers !

7 Malicious Security Attacks 02/19/2021

 Threats to information
Systems

8 Malicious Security Attacks 02/19/2021

 Acts of Human Error….
Includes acts performed without malicious
intent
Causes include:
Inexperience
Improper training
Incorrect assumptions
Employees are among the greatest threats to an
organization’s data

9 Malicious Security Attacks 02/19/2021

 Acts of Human Error…
Employee mistakes can easily lead to:
Revelation of classified data
Entry of erroneous data
Accidental data deletion or
modification
Data storage in unprotected areas
Failure to protect information
Many of these threats can be prevented with
controls
10 Malicious Security Attacks 02/19/2021
 Acts of Human Error

11 Malicious Security Attacks 02/19/2021

 Deliberate Acts of Espionage
or Trespass
Access of protected information by
unauthorized individuals
Competitive intelligence (legal) vs. industrial
espionage (illegal)
Shoulder surfing occurs anywhere a person
accesses confidential information
Controls let trespassers know they are
encroaching on organization’s cyberspace
Hackers uses skill, guile, or fraud to bypass
controls protecting others’ information

12 Malicious Security Attacks 02/19/2021

 Shoulder surfing

13 Malicious Security Attacks 02/19/2021

 Deliberate Acts of Theft
Illegal taking of another’s physical,
electronic, or intellectual property
Physical theft is controlled relatively
easily
Electronic theft is more complex
problem; evidence of crime not readily
apparent

14 Malicious Security Attacks 02/19/2021

 Forces of Nature
Forces of nature are among the most dangerous
threats
Disrupt not only individual lives, but also
storage, transmission, and use of information
Organizations must implement controls to limit
damage and prepare contingency plans for
continued operations

15 Malicious Security Attacks 02/19/2021

 Vulnerabilities of Information Systems

Physical vulnerabilities (Eg. buildings)

Natural vulnerabilities (Eg. Earthquake)

Hardware and Software vulnerabilities (Eg. Failures)

Media vulnerabilities (Eg. Disks can be stolen)

Communication vulnerabilities (Eg. Wires can be tapped)

Human vulnerabilities (Eg. Insiders)

16 Malicious Security Attacks 02/19/2021

 Malicious Software

17 Malicious Security Attacks 02/19/2021

 Security Threats
Malware Attack:
A generic term for software that has
malicious purpose
Examples
Viruses
Trojan horses
Spy-wares
New ones: Spam/scam, identity theft, e-
payment frauds, web phishing….. etc.

18 Malicious Security Attacks 02/19/2021

 Types of Threats/Attacks …
(Chuck Easttom)
Hacking Attack:
Any attempt to gain unauthorized access to
your system
Denial of Service (DoS) Attack
Blocking access from legitimate users
Physical Attack:
Stealing, breaking or damaging of
computing devices

19 Malicious Security Attacks 02/19/2021

 Malware Attack
Viruses
 “A small program that replicates and hides itself
inside other programs usually without your
knowledge.” by Symantec
 Similar to biological virus: Replicates and Spreads
Worms
 An independent program that reproduces by
copying itself from one computer to another
 It can do as much harm as a virus
 It often creates denial of service

20 Malicious Security Attacks 02/19/2021

 Malware Attacks…
Trojan horses
 (Ancient Greek tale of the city of Troy and the
wooden horse) - ??
 Secretly downloading a virus or some other type
of mal-ware on to your computers.
 Popular mechanism for disguising a virus or a
worm

21 Malicious Security Attacks 02/19/2021

 Malware Attack…
Spy-wares
 “A software that literally spies on what you do on your
computer.”
 Example: Simple Cookies and Key Loggers
Logic Bomb
 one of oldest types of malicious software
 code embedded in legitimate program (Trojan horse)
 activated when specified conditions met
 eg presence/absence of some file
 particular date/time
 particular user
 particular series of keystrokes
 when triggered typically damage system
 modify/delete files/disks

22 Malicious Security Attacks 02/19/2021

 Malware Attack…
Zombie
 Program which secretly takes over another networked
computer
 then uses it to indirectly launch attacks
 often used to launch distributed denial of service
(DDoS) attacks
 Exploits known flaws in network systems
Trap door/Backdoor
 Is a mechanism built into a system by its designer
 A trapdoor usually gives the designer away to sneak
back into the system
 Gives the original designer a secret route into the
system

23 Malicious Security Attacks 02/19/2021

 Other Wildlife- Read details!

Bacteria
Rabbits
Crabs
Creepers
Salamis

24 Malicious Security Attacks 02/19/2021

 How do viruses work?
Infection mechanisms
 First, the virus should search for and detect
objects to infect
 Installation into the infectable object
 Writing on the boot sector
 Add some code to executable programs
Add some code to initialization/auto-
executable programs
 Write a macro in a word file
…

25 Malicious Security Attacks 02/19/2021

 Infectable files
Executable files: .com, .exe, .bat, .ini etc
Macros
 With macro languages the line between pure data files and
executable files is blurring
 An infected file might be attached to an E-mail
 E-mail programs may use other programs (e.g., word) with
macros to display incoming mail
System sector viruses
 Infect control sectors on a disk
 DOS boot sectors
 Partition (MBR) sectors
 System sector viruses spread easily via floppy disk
infections

26 Malicious Security Attacks 02/19/2021

 Infectables cont’d….
Companion viruses
 Create a .com files for each .exe files
 DOS runs COM files before EXE files
 Relatively easy to find and eliminate

Cluster viruses
 Change the DOS directory info so that
directory entries point to the virus code
instead of the real program
 Even though every program on the disk may
be "infected“, there is only one copy of the
virus on the disk
27 Malicious Security Attacks 02/19/2021
 Viruses
Trigger mechanism
 Date
 Number of infections
 First use
Effects: It can be anything
A message
Deletingfiles
Formatting disk
Overloading processor/memory
Etc.

28 Malicious Security Attacks 02/19/2021

 Who Writes Virus?
Adolescents
Ethically normal and of
average/above average intelligence.
Tended to understand the difference
between what is right and wrong
Typically do not accept any
responsibility for problems caused

29 Malicious Security Attacks 02/19/2021

 Who writes virus…
The College Students
Ethically normal
Despite expressing that what is illegal is
“wrong”, they are not typically concerned
about the results of their actions related to
their virus writing
The Adult (smallest category)
Ethically abnormal

30 Malicious Security Attacks 02/19/2021

 Anti-Virus
There are
 Generic solutions
 Ex. Integrity checking
 Virus specific solution
 Ex. Looking for known viruses
 Example “anti dulla” of INSA

Three categories
 Scanners
 Activity monitors
 Change detection

31 Malicious Security Attacks 02/19/2021

 Anti virus
Functions of anti-viruses
Identification of known viruses
Detection of suspected viruses
Blocking of possible viruses
Disinfection of infected objects
Deletion and overwriting of infected
objects

32 Malicious Security Attacks 02/19/2021

 Hackers/Intrusion Attack:
Hacking: is any attempt to intrude or gain
unauthorized access to your system.
It can be via some operating system flaw or
other means.
It may or may not be for malicious purposes.
Cracking: is hacking conducted for malicious
purposes.

33 Malicious Security Attacks 02/19/2021

 Denial of Service (DoS) Attack:
DoS Attack: is blocking access of
legitimate users to a service.

Distributed DoS Attack: is accomplished

by tricking routers into attacking a target
or using Zombie hosts to simultaneously
attack a given target with large number of
packets.

34 Malicious Security Attacks 02/19/2021

 Simple
Simpleillustration
illustrationof
ofDDoS
DDoSattack
attack(from
(fromEasttom)
Easttom)

C:\>Ping <address of X> -l 65000 –w 0 -t

Web Server X

Ping
Ping

Ping

Legitimate User Ping

 Communication threats
Masquerade: occurs when someone(an
imposter) pretends to be an authorized user
Playback(a replay):occurs when someone
records a legitimate message (perhaps fund
transfer) and resend it latter.
A repudiation: occurs when someone denies
that s/he has sent or received a message.
Denial of Service: Occurs when someone or
something dominates systems resources
 Encrypted Communications
Two types of Encryption approaches for
protection on Data in Transit
End-to End Encryption(Off-line Encryption)
 A message is encrypted when it is transmitted and is
decrypted when it is received
Link Encryption(Online encryption)
 A message is Encrypted when it is transmitted and
then decrypted and encrypted again each time it
passes through a network node.

37 Malicious Security Attacks 02/19/2021

 Social Engineering
Social Engineering is a kind of attacks that
uses the weakest link. (one of the security
principles – secure the weakest link)
It takes advantage of our human
characteristics to exploit us, tricking us to
break normal security procedures
Social Engineering succeeds because people
are people- want to, be advantageous/get
something the shortest way.(egoistic)

38 Attack Types and Protection Schems 02/19/2021

 Social Engineering
 Social-engineering schemes use 'spoofed'e-mails to lead
consumers to counterfeit websites designed to trick recipients
into divulging financial data such as credit card numbers,
account usernames, passwords and social security numbers by
Hijacking brand names of banks, e-retailers and credit card
companies.
 Phishing is an attempt to criminally and fraudulently acquire
sensitive information, such as usernames, passwords and
credit card details, by masquerading as a trustworthy entity in
an electronic communication. eBay, PayPal and online
banks are common targets.
 Phishers often convince recipients to respond.
 Pharming is crimeware misdirects users to fraudulent sites or
proxy servers (bogus website), typically through DNS
hijacking or poisoning.
39 Attack Types and Protection Schems 02/19/2021
 Social Engineering Cont’d…
Three types of phishing
SpearPhishing?
Vishing ?
Smishing?
Phishing and pharming cannot be protected
by anti-virus or anti-spyware programs rather
need to have specialized programs like anti-
phishing and anti-pharming ( see
www.antiphishing.org)

40 Attack Types and Protection Schems 02/19/2021

 Protection Schemes
Computer security controls
 Authentication (Password, cards, biometrics)
 Encryption
 Auditing
 Administrative procedures
 Standards
 Certifications
 Physical security
 Laws
 Backups

41 Attack Types and Protection Schems 02/19/2021