7905 Module 1-1 Lecture Slide
7905 Module 1-1 Lecture Slide
Hui Tian
Griffith University
Jul. 2020
7905 FCS
7809 NS
Data Security
7808 CSM
Societal Component
Security Security
7906 DF
Organizational
Security
Cyber Software
Security
Security
Human Connection
Security Security
System
Security
Data privacy protection
7905 FCS
Threats, attacks, crypto
Data Security
Career planning security assessment, security engineering
Societal Component
Security Security
Security awareness.
Compliance, assessment
AAA protocols
• Who “bad guys” are and what methods they use?
- various cyber attacks and their impact on an organization’s
capacity to accomplish its stated mission
• What you can do to protect cyberspace?
Policy
Technology
People
• How to develop essential skills in Cyber Security?
• Understanding cybersecurity career options
- business leaders, thought leaders, analysts, security and
technology specialists
• Intro. To Cyber Security • Cryptography
• Cyber Security Attacks & OS Module 1 Module 2 • AAA protocols
attacks
1. Cyber 2. Counter-
Threats measures
Policy Technology
4. Policy and 3. Network
Governance Security
• Cyber Security Standards &
Assessment Module 4-5 Module 3 • Network security
architectures
• Social Engineering and Security
Awareness • Firewalls
• Risk Management & Governance • IDS, IPS
• Privacy & Online Rights People
1. Cyber Threats and Attacks
2. Cyber Attack Countermeasures
T2.1: Cryptography
– Foundations of cryptography
– DES, 3-DES
– Kerberos
– Public Key Cryptographic Methods
– SSL
– Diffie-Helman key exchange
T2.2: AAA Protocols
– important protocols and techniques
– RSA, secureID
– Access control
– Passwords and analysis
3. Network Security
4. Policy and Governance
T5.1: Risk Management and Governance
– Various types of security assessment
T4.1: Cyber Security Standards and
Assessment – Penetration testing
– Basic Security Engineering principles – Risk analysis
– NIST engineering principles for IT – ISO27001/2
security – Organization Security
T4.2: Social Engineering and Security T5.2: Privacy and Online Rights
Awareness – Privacy protection mobility security
– Case study and deception
– Human Aspect of Cyber Security – Data Compliance
(HACS) – GDPR, APP
– Legal and Ethical Issues – Mobility security
Week 1-5:
• 2*2 hours lecture per week
• 2*2 hours workshop
Assessment:
• 20% 4 Workshop activities for Seedlab, W1-3
• 10% Case study, Thursday, Week 3
• 30% 4 Workshop activities for Case Study, Week 4-5
• 40% Final Presentation, Week 6
• Every Tue. and Thur. in Week 1-6 via Collaborate Ultra
Lecture 9:00-10:45
Workshop 11:00-12:45
• No textbook
• Reference books:
– CISSP (All in one) exam guide, Shon Harris, Fernando Maymi, Eighth edition
– Computer Sec. Principles and Practice 2nd Ed., W. Stallings and L. Brown (CSPP)
– Cryptography and Network Security: Principles and Practice, 6th ed., William Stallings
(CNS)
– Computer Security, Wenliang Du, 2017
– From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso , Matthew
E. Amoroso
– TCP/IP Illustrated Volume 1 (2nd Edition), Kevin Fall and W. Richard Stevens
• Recommended:
– Related Conference/Journal papers/Reports
– Youtube/Ted “cybersecurity” videos
– CompTIA
– https://www.cybrary.it/
– CISSP (Certified Information Systems Security Professional) or other certificates
"
• Why study Cyber Security?
• Why does cyber crime exist?
• Basics in Cyber Security
– CIA model
– Risks, threats, vulnerabilities, exploits
• Career options
Are apps/softwares secure?
equipment?
car?
Are apps/softwares secure?
https://www.cvedetails.com/browse-by-date.php
Is my bank website secure?
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Oct. 2016-IoT Botnet
https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/
Equipment? Car?
https://www.youtube.com/watch?v=UbD51wG04bs
Election?
Identity?
International issue?
- How did the attackers get in? Why do they win?
- What did they do with the data they compromised?
- How should we protect our data, network,
systems? Shellshock (2014)
Heartbleed (2014)
1988
Ghost (2015)
2015
1971
I love you,2000 2018
Exploit Toolkits on Tor Marketplace
International Cyber Security Awareness Month
Australian Cyber Week 7-11 October 2019
US National cyber awareness week
https://er.educause.edu/blogs/2018/11/what-higher-ed-can-do-to-address-the-shortage-of-cybersecurity-
professionals?utm_source=Informz&utm_medium=Email&utm_campaign=ER#_zstk0Le1_zl1bPL5
2018 Australian Cyber Security Challenge
https://www.cyberchallenge.com.au/index.html
2018 USA
https://www.nationalccdc.org/
Dec. 2019
https://www.austcyber.com/news-events
• AMO Framework
Motivation
Behavior
Opportunity Ability
• AMO Framework Motivation
• Profit$$$$
• Political
• Fun and fame
• Bragging rights
Opportunity Ability
• Heavy dependence on IT
• Insecure software • Free tools readily available
• Trusting people • Google anything
• Irrational people • Tor markets
• Everything is interconnected
• Why can attackers win?
- Asymmetric threat
- Insecure software/systems
- Human remains vulnerable
• How do they get in?
- Various attacks and threats Problem Exists Between Chair and Keyboard
• How to protect our data, network, systems? 90% of security incidents are caused by PEBCAK
How to protect our data, network, systems?
#
Core Goals of Security
Confidentiality
Integrity
Availability
Authenticity
Non-repudiation
#
Confidentiality
• Relates to data/information security Common Confidentiality Classifications
Mitigating unauthorized access to • Private sector:
sensitive network assets Public
• Accomplish through various levels of Internal
Encryption Confidential
Authentication • Government agencies:
Access controls Unclassified
Restricted
Secret
Top secret
#
Integrity
• Relates to data/information security
To protect data/info. agains against unauthorized or accidental change
• Encompasses data/info:
Consistency
Accuracy
Validity
• Accomplished through:
Security programs which manage and detect change
Permission to control access to assets
Auditing and accounting processes to record changes
#
Availability
• Relates to data/information security
• Generally unfettered accessibility of resources to users, systems and applications
• Two common threats to availability
• Accidental
Natural disasters
Equipment failure
Unplanned outages
• Deliberate
DoS attacks
Network worms
#
Authenticity
• Authenticate who sent/creates the data
• Accomplished through:
Message Authenticate Code
Time stamp
Authentication Protocols
Non-Repudiation
• Assure that the author/sender cannot deny an action
• Accomplished through:
Digital Signature
#
Risks, Threats, Vulnerabilities, and Exploits
Risk:
• The probability that a particular threat
using a specific exploit will take advantage
of a specific vulnerability
Threats, Vulnerabilities, and Exploits
• Often confused
• Distinction is important Questions:
– Documentation
– Organizational security policies • Lack of user awareness and training
• A hacker may hack the user by social engineering
• Trick the user to open file attachments that includes
malware
#
Threats overview
“A potential violation of security”
- ISO 7498-2
Asset identification
Threats
• Asset inventory
• Threat analysis
• Negative impact analysis against an asset
• Assets and threats must be prioritized
Threats classification
Known threats
• Unique virus signature https://www.fireeye.com/cyber-map/threat-map.html
• Firewall misconfiguration
Unknown threats
• 0-day
• Weakness in OS unknow to vendor
APT
• Backdoors
• Use a compromised system for a long period of time
#
Vulnerabilities Exploits
• Hardware • Takes advantage of a vulnerability by
– Out of date firmware malicious users
– Lack of physical security controls • 0-day exploit: unknown to
manufacturer, known but not patched
– Unused open ports left running
• Telnet, SSH, HTTP
• Software
– Updates not applied
– Misconfiguration
– Default settings
– Design errors
• Policy flaws
• Human errors
#
Risk = Likelihood x Impact of Threats Exploiting Vulnerabilities
= Vulnerabilities x Threats x Impact of Threats Exploiting Vulnerabilities
&
'
VERY Broad knowledge
&
'
Important traits
&
https://www.cyberseek.org/pathway.html
$
&
'
https://www.payscale.com/research/AU/Job=Information_Security_Specialist/Salary
$
&
'
https://www.payscale.com/research/AU/Job=Chief_Information_Security_Officer/Salary
$
&
'
https://en.wikipedia.org/wiki/Certified_Ethical_Hacker
Security Certifications
Architect Manager Advanced
OSCE
SABSA Offsec
GSLC CISSP
SABSA C|CSA CREST CRT
GIAC (ISC)2
EC-Council CREST
CASP OSCP
CompTIA C|EH
Less Technical
Offsec
More Technical
EC-Council
CISM
ISACA Pentester
SSCP GPEN
(ISC)2 GIAC
Analyst
CISA
ISACA
CSIA+ GSEC
CompTIA GIAC
Auditor
Beginner
$
&
'
Popular Certifications:
(ISC)2: CISSP – Certified Information System Security Professional
CompTIA: CASP – CompTIA Advanced Security Practitioner
ISACA:
• CISA - Certified Information Systems Auditor
• CISM - Certified Information Security Manager
SANS/GIAC Certification
Offensive Security:
• OSCP – Offensive Security Certified Professional
• OSCE – Offensive Security Certified Expert https://www.youtube.com/watch?v=Acqb1cdoVoM
Plus:
• Cryptography Certifications (and a good CV) will only
• Programming and algorithms get you as far as the interview….
• Networking and Routing(CCNA)
$
&
'
Career advice
https://www.bls.gov/careeroutlook/2018/interview/cybersecurity-consultant.htm?view_full
$
&
'
Realize……
Module 1 – Topic 1.1