1 / 624

Countermeasure

Countermeasure. Brute-force attack Countermeasures.

ericpbrown
Download Presentation

Countermeasure

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Countermeasure https://store.theartofservice.com/the-countermeasure-toolkit.html

  2. Brute-force attack Countermeasures • However database and directory administrators can take countermeasures against online attacks, for example by limiting the number of attempts that a password can be tried, by introducing time delays between successive attempts, increasing the answer's complexity (e.g https://store.theartofservice.com/the-countermeasure-toolkit.html

  3. Defragmentation Common countermeasures • A common strategy to optimize defragmentation and to reduce the impact of fragmentation is to partition the hard disk(s) in a way that separates partitions of the file system that experience many more reads than writes from the more volatile zones where files are created and deleted frequently https://store.theartofservice.com/the-countermeasure-toolkit.html

  4. Buffer overflow Protective countermeasures • Various techniques have been used to detect or prevent buffer overflows, with various tradeoffs. The most reliable way to avoid or prevent buffer overflows is to use automatic protection at the language level. This sort of protection, however, cannot be applied to legacy code, and often technical, business, or cultural constraints call for a vulnerable language. The following sections describe the choices and implementations available. https://store.theartofservice.com/the-countermeasure-toolkit.html

  5. Mobile security - Countermeasures • The security mechanisms in place to counter the threats described above are presented in this section https://store.theartofservice.com/the-countermeasure-toolkit.html

  6. Application security - Threats, Attacks, Vulnerabilities, and Countermeasures • According to the patterns & practices Improving Web Application Security book, the following terms are relevant to application security: https://store.theartofservice.com/the-countermeasure-toolkit.html

  7. Application security - Threats, Attacks, Vulnerabilities, and Countermeasures • Asset. A resource of value such as the data in a database or on the file system, or a system resource. https://store.theartofservice.com/the-countermeasure-toolkit.html

  8. Application security - Threats, Attacks, Vulnerabilities, and Countermeasures • Vulnerability. A weakness that makes a threat possible. https://store.theartofservice.com/the-countermeasure-toolkit.html

  9. Application security - Threats, Attacks, Vulnerabilities, and Countermeasures • Countermeasure. A safeguard that addresses a threat and mitigates risk. https://store.theartofservice.com/the-countermeasure-toolkit.html

  10. Keystroke logging - Countermeasures • The effectiveness of countermeasures varies, because keyloggers use a variety of techniques to capture data and the countermeasure needs to be effective against the particular data capture technique. For example, an on-screen keyboard will be effective against hardware keyloggers, transparency will defeat some—but not all—screenloggers and an anti-spyware application that can only disable hook-based keyloggers will be ineffective against kernel-based keyloggers. https://store.theartofservice.com/the-countermeasure-toolkit.html

  11. Keystroke logging - Countermeasures • Also, keylogger program authors may be able to update the code to adapt to countermeasures that may have proven to be effective against them. https://store.theartofservice.com/the-countermeasure-toolkit.html

  12. Botnet - Countermeasures • The geographic dispersal of botnets means that each recruit must be individually identified/corralled/repaired and limits the benefits of filtering https://store.theartofservice.com/the-countermeasure-toolkit.html

  13. Botnet - Countermeasures • The botnet server structure mentioned above has inherent vulnerabilities and problems. For example, finding one server with one botnet channel can often reveal the other servers, as well as their bots. A botnet server structure that lacks redundancy is vulnerable to at least the temporary disconnection of that server. However, recent IRC server software includes features to mask other connected servers and bots, eliminating that approach. https://store.theartofservice.com/the-countermeasure-toolkit.html

  14. Botnet - Countermeasures • Security companies such as Afferent Security Labs, Symantec, Trend Micro, FireEye, Umbra Data and Damballa have announced offerings to counter botnets https://store.theartofservice.com/the-countermeasure-toolkit.html

  15. Botnet - Countermeasures • Command and control is embedded into the botnet rather than relying on external servers, thus avoiding any single point of failure and evading many countermeasures https://store.theartofservice.com/the-countermeasure-toolkit.html

  16. Botnet - Countermeasures • Researchers at Sandia National Laboratories are analyzing botnets' behavior by simultaneously running one million Linux kernels—a similar scale to a botnet—as virtual machines on a 4,480-node high-performance computer cluster to emulate a very large network, allowing them to watch how botnets work and experiment with ways to stop them. https://store.theartofservice.com/the-countermeasure-toolkit.html

  17. Countermeasure (computer) • In Computer Security a countermeasure is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken. https://store.theartofservice.com/the-countermeasure-toolkit.html

  18. Countermeasure (computer) • The definition is as IETF RFC 2828 that is the same as CNSS Instruction No. 4009 dated 26 April 2010 by Committee on National Security Systems of United States of America https://store.theartofservice.com/the-countermeasure-toolkit.html

  19. Countermeasure (computer) • According to the Glossary by InfosecToday, the meaning of countermeasure is: https://store.theartofservice.com/the-countermeasure-toolkit.html

  20. Countermeasure (computer) • The deployment of a set of security services to protect against a security threat. https://store.theartofservice.com/the-countermeasure-toolkit.html

  21. Countermeasure (computer) • A synonym is security control. In telecommunications, communication countermeasures are defined as Security services as part of OSI Reference model by ITU-T X.800 Recommendation. X.800 and ISO ISO 7498-2 (Information processing systems – Open systems interconnection – Basic Reference Model – Part 2: Security architecture are technically aligned. https://store.theartofservice.com/the-countermeasure-toolkit.html

  22. Countermeasure (computer) • The following picture explain the relationships between these concepts and terms: https://store.theartofservice.com/the-countermeasure-toolkit.html

  23. Countermeasure (computer) • | i.e., A Threat Action | | measure | | Target of the Attack | https://store.theartofservice.com/the-countermeasure-toolkit.html

  24. Countermeasure (computer) • A resource (both physical or logical) can have one or more vulnerabilities that can be exploited by a threat agent in a threat action. The result can potentially compromises the Confidentiality, Integrity or Availability properties of resources (potentially different that the vulnerable one) of the organization and others involved parties (customers, suppliers). https://store.theartofservice.com/the-countermeasure-toolkit.html

  25. Countermeasure (computer) • The so called CIA triad is the basis of Information Security. https://store.theartofservice.com/the-countermeasure-toolkit.html

  26. Countermeasure (computer) • The attack can be active when it attempts to alter system resources or affect their operation: so it compromises Integrity or Availability. A "passive attack" attempts to learn or make use of information from the system but does not affect system resources: so it compromises Confidentiality. https://store.theartofservice.com/the-countermeasure-toolkit.html

  27. Countermeasure (computer) • A Threat is a potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm https://store.theartofservice.com/the-countermeasure-toolkit.html

  28. Countermeasure (computer) • A set of policies concerned with information security management, the information security management systems (ISMS), has been developed to manage, according to Risk management principles, the countermeasures in order to accomplish to a security strategy set up following rules and regulations applicable in a country. https://store.theartofservice.com/the-countermeasure-toolkit.html

  29. Net banking - Countermeasures • There exist several countermeasures which try to avoid attacks. Digital certificates are used against phishing and pharming, the use of class-3 card readers is a measure to avoid manipulation of transactions by the software in signature based online banking variants. To protect their systems against Trojan horses, users should use virus scanners and be careful with downloaded software or e-mail attachments. https://store.theartofservice.com/the-countermeasure-toolkit.html

  30. Net banking - Countermeasures • In 2001, the U.S. Federal Financial Institutions Examination Council issued guidance for multifactor authentication (MFA) and then required to be in place by the end of 2006.[http://www.ffiec.gov/ffiecinfobase/resources/info_sec/2006/occ-bul_2005-35.pdf OCC 2005-35] https://store.theartofservice.com/the-countermeasure-toolkit.html

  31. Social engineering (security) - Countermeasures • Organizations reduce their security risks by: https://store.theartofservice.com/the-countermeasure-toolkit.html

  32. Social engineering (security) - Countermeasures • * Establishing frameworks of trust on an employee/personnel level (i.e., specify and train personnel when/where/why/how sensitive information should be handled) https://store.theartofservice.com/the-countermeasure-toolkit.html

  33. Social engineering (security) - Countermeasures • * Identifying which information is sensitive and evaluating its exposure to social engineering and breakdowns in security systems (building, computer system, etc.) https://store.theartofservice.com/the-countermeasure-toolkit.html

  34. Social engineering (security) - Countermeasures • * Establishing security protocols, policies, and procedures for handling sensitive information. https://store.theartofservice.com/the-countermeasure-toolkit.html

  35. Social engineering (security) - Countermeasures • * Training employees in security protocols relevant to their position. (e.g., in situations such as tailgating, if a person's identity cannot be verified, then employees must be trained to politely refuse.) https://store.theartofservice.com/the-countermeasure-toolkit.html

  36. Social engineering (security) - Countermeasures • * Performing unannounced, periodic tests of the security framework. https://store.theartofservice.com/the-countermeasure-toolkit.html

  37. Social engineering (security) - Countermeasures • * Reviewing the above steps regularly: no solutions to information integrity are perfect.Mitnick, K., Simon, W. (2005). The Art Of Intrusion. Indianapolis, IN: Wiley Publishing. https://store.theartofservice.com/the-countermeasure-toolkit.html

  38. Social engineering (security) - Countermeasures • * Using a waste management service that has dumpsters with locks on them, with keys to them limited only to the waste management company and the cleaning staff https://store.theartofservice.com/the-countermeasure-toolkit.html

  39. LOIC - Countermeasures • Security experts quoted by the BBC indicated that well-written firewall (computing)|firewall rules can filter out most traffic from DDoS attacks by LOIC, thus preventing the attacks from being fully effective. Specifically, it has been claimed that filtering out all User Datagram Protocol|UDP and Internet Control Message Protocol|ICMP traffic helps to address LOIC attacks in an efficient way. https://store.theartofservice.com/the-countermeasure-toolkit.html

  40. LOIC - Countermeasures • However, the firewall rules need to be entered upstream, e.g. at the ISP of the site operator, where the backbone is converted to the server's broadband line. If the packets still have to travel through the server's limited line, then filtering the packets at the firewall level is not a valid deterrence, since the packets still have to travel to the firewall before the firewall can do anything to the packets, and the line between the server's ISP and the server's firewall will be clogged. https://store.theartofservice.com/the-countermeasure-toolkit.html

  41. LOIC - Countermeasures • LOIC attacks are easily identified in system logs, and the attack can be tracked down to the IP addresses used at the attack. https://store.theartofservice.com/the-countermeasure-toolkit.html

  42. SYN flood - Countermeasures • There are a number of well-known countermeasures listed in RFC 4987 including: https://store.theartofservice.com/the-countermeasure-toolkit.html

  43. Desertification - Countermeasures and prevention • Techniques exist for mitigating or reversing the effects of desertification, however there are numerous barriers to their implementation. One of these is that the costs of adopting sustainable agricultural practices sometimes exceed the benefits for individual farmers, even while they are socially and environmentally beneficial. Another issue is a lack of political will, and lack of funding to support land reclamation and anti-desertification programs. https://store.theartofservice.com/the-countermeasure-toolkit.html

  44. Desertification - Countermeasures and prevention • Desertification is recognized as a major threat to biodiversity. Some countries have developed Biodiversity Action Plans to counter its effects, particularly in relation to the protection of endangered flora and fauna.Techniques for Desert Reclamation by Andrew S. Goudie[http://www.gsafweb.org/TrusteeNews/desertdevelopmen.html Desert reclamation projects] https://store.theartofservice.com/the-countermeasure-toolkit.html

  45. Desertification - Countermeasures and prevention • Reforestation gets at one of the root causes of desertification and isn't just a treatment of the symptoms https://store.theartofservice.com/the-countermeasure-toolkit.html

  46. Desertification - Countermeasures and prevention • Techniques focus on two aspects: provisioning of water, and fixation and hyper-fertilizing soil. https://store.theartofservice.com/the-countermeasure-toolkit.html

  47. Desertification - Countermeasures and prevention • Fixating the soil is often done through the use of windbreak|shelter belts, woodlots and windbreaks. Windbreaks are made from trees and bushes and are used to reduce soil erosion and evapotranspiration. They were widely encouraged by development agencies from the middle of the 1980s in the Sahel area of Africa. https://store.theartofservice.com/the-countermeasure-toolkit.html

  48. Desertification - Countermeasures and prevention • Some soils (for example, clay), due to lack of water can become Consolidation (soil)|consolidated rather than porous (as in the case of sandy soils). Some techniques as zaï or tillage are then used to still allow the planting of crops.[http://ngm.nationalgeographic.com/2008/09/soil/mann-text.html Arid sandy soils becoming consolidated; zai-system] https://store.theartofservice.com/the-countermeasure-toolkit.html

  49. Desertification - Countermeasures and prevention • Another technique that is useful is contour trenching. This involves the digging of 150m long, 1m deep trenches in the soil. The trenches are made parallel to the height lines of the landscape, preventing the water of flowing within the trenches and causing erosion. Stone walls are placed around the trenches to prevent the trenches of closing up again. The method was invented by Peter Westerveld.[http://nagafoundation.org/ Westerveld's Naga Foundation] https://store.theartofservice.com/the-countermeasure-toolkit.html

  50. Desertification - Countermeasures and prevention • Enriching of the soil and restoration of its fertility is often done by plants. Of these, the legume|Leguminous plants which extract nitrogen from the air and fixes it in the soil, and food crops/trees as grains, barley, beans and Phoenix dactylifera|dates are the most important. Sand fences can also be used to control drifting of soil and sand erosion.[http://desertification.wordpress.com/3-interesting-plant-species/ List of plants to halt desertification; some of which may be soil-fixating] https://store.theartofservice.com/the-countermeasure-toolkit.html

More Related