Distance Education (Team1)
Download
Report
Transcript Distance Education (Team1)
Distance Education Team 1
Adrian Sia
Xavier Appé
Anoop Georges
Salvador Gonzales
SNA Step 3
Augustine Ani
Zijian Cao
Joe Ondercin
November 14, 2001
Overview
Project Progress
Essential Services & Assets
Client Security Concerns
Relevant Attacker Profile, Level of Attack, and
Probability of Attack
Attack Scenarios
Compromisable Components
Next Step
Project Progress
One meeting every two weeks at 1PM on Saturday
09/15/01 1st project meeting – step 1 discussion (completed)
09/20/01 client interview with Mel Rosso (completed)
09/22/01 2nd project meeting – step 1 presentation dry run (completed)
09/25/01 client interview with Michael Carriger (completed)
09/26/01 Step 1 presentation (completed)
10/13/01 3rd project meeting – step 2 discussion (completed)
10/27/01 4th project meeting – step 2 presentation dry run (completed)
10/31/01 Step 2 presentation (completed)
11/10/01 5th project meeting – step 3 presentation dry run (completed)
11/14/01 Step 3 presentation
11/24/01 6th project meeting – step 4 and final report discussion
12/1/01 7th project meeting – step 4 presentation dry run
12/5/01 Step 4 presentation
12/12/01 Project report submittal
Note: additional client interview(s) may be conducted when deemed necessary.
Essential Services & Assets
CMU Network
Admin Server
Internet
E-Mail
Server
Oracle
Hub
Admin App
Essential Assets
Admin Staff
Apache Web
Server
Essential Services
•Course Web Site Access
MySql
Instructor
IMeet Chat
Server
•Email
•Chat
Product Server
Tech Staff
CS Network
Potential Attackers
Recreational Hackers
Script Kiddies
Vandals
DE Students
Disgruntled Employee
Current
Former
Intellectual Property Spy
Transit Seeker
Attacker Attributes
Resources
Time
Tools
Risk
Access
Objectives
Attacker Profile
Recreational Hackers
Varied skills, knowledge levels, support
No particular time constraints
Distributed Tool, toolkit, script
Not averse, may not understand risk
External/Internet access
Status, thrills and challenges
Level: Target-of-Opportunity
Probability: High
Attacker Profile
DE Students
Varied skills, knowledge of process
Immediate needs
Distributed tool, toolkit, script
Risk averse
Internal access via Internet
Spy on other students’ homework,modify records
and browse unregistered courses
Level: Target-of-opportunity
Probability: Low/Medium
Attacker Profile
Disgruntled Employee
Knowledge of process, depends on personal skills
Very patient and wait for chance
Physical attack, toolkit, self-created program
Risk averse
Internal/external, LAN, dialup, or Internet
Personal gain, get even, embarrass organization
Level: Intermediate
Probability: High
Attacker Profile
Intellectual Property Spy
Medium to expert skills, knowledge and
experience
Current desire to access the information
Customized tool, tap
Very risk averse
External, Internet
Measurable gains
Level: Sophisticated
Probability: Low
Attacker Profile
Transit Seekers
Medium to expert skills, knowledge and
experience
Patience depends on mission
User commands, customized tool, autonomous
tool, social engineering
Risk averse
External, Internet
Gain access to other CMU network
Level: intermediate/Sophisticated
Probability: Low
Client Security Concerns
Web page access to student info
Grades online through blackboard
Work submission online
Student assignments
Billing information
Attack Scenarios
IUS1 – Denial of Service
Component Based Attack
Possible Attackers
Recreational Hacker
Disgruntled employee
Instigating Network Traffic and Connection
Request
Distributed denial of service
SYN flood
Ping of death
Compromise the Availability of the System
Tracing IUS1
CMU Network
Admin Server
Internet
E-Mail
Server
Oracle
Hub
Admin App
Essential Assets
HACKER
Admin Staff
Apache Web
Server
MySql
Instructor
IMeet Chat
Server
Product Server
Tech Staff
CS Network
IUS2 – Unauthorized Access
User Access Based Attack
Possible Attackers
DE student
Disgruntled employee
Using Incomplete or Improperly Assigned
Access Rights to View or Modify Information
Privilege escalation
Password sniffing
Brute force
Compromise the Privacy and/or Integrity of
Information
Tracing IUS2
CMU Network
Admin Server
Disgruntled Emp
Internet
E-Mail
Server
Oracle
Hub
Admin App
Essential Assets
Student
Admin Staff
Apache Web
Server
MySql
Instructor
IMeet Chat
Server
Product Server
Tech Staff
CS Network
IUS3 – Data Corruption
User Access/Application Content Based Attack
Possible Attackers
Disgruntled employee
Recreational Hacker
Logic Bombs and Data Corruption
Privilege escalation
Attachment to email
Virus or scripting
Compromise Data Integrity and Availability
Tracing IUS3
CMU Network
Admin Server
hacker
Internet
E-Mail
Server
Oracle
Hub
Admin App
Essential Assets
Former Staff
Admin Staff
Apache Web
Server
MySql
Instructor
IMeet Chat
Server
Product Server
Tech Staff
CS Network
IUS4 – Backdoor/Trojan Attack
User Access/Application Content Based Attack
Possible Attackers
Disgruntled employee
Recreational hacker
Intellectual property spy
Transit seeker
Possible Upload of Malicious Code
Attachment to email
Virus or scripting
Salami
Buffer overflow
Compromise Privacy, Integrity and Availability
Tracing IUS4
CMU Network
Admin Server
hacker
Internet
E-Mail
Server
Oracle
Hub
Admin App
Essential Assets
Former Staff
IP Spy/Transit
Admin Staff
Apache Web
Server
MySql
Instructor
IMeet Chat
Server
Product Server
Tech Staff
CS Network
Next Step
Identify Softspots
Brief Existing Strategies for 3 R’s
Present Survivability Map
Recommendations
Questions?