...rejected] | A | TITLE OF PROPOSED PROJECT:Tajuk projek yang dicadangkan :ANALYSIS ON IPV6 ATTACK (SMURF6) | B | DETAILS OF STUDENT / MAKLUMAT PELAJAR | B(i) | Name of Student:Nama Pelajar: JAMALUDDIN BIN NAFIS Identity card no.:No. Kad Pengenalan : 910424-14-6277Student card no.:No. Kad Pelajar : B031310034 | B(ii) | CorrespondenceAddress :Alamat Surat Menyurat : 66G JLN MELUR 3 SERI MELUR KG MELAYU AMPANG 68000 SELANGOR DARUL EHSAN. | B(iii) | Program Pengajian:Study Program:BITS BITS BITM BITM BITI BITI BITC BITC BITD BITD | B(iv) | Home Telephone No.: No. Telefon Rumah: Handphone No.:No. Telefon Bimbit: 017-6160196 | B(v) | E-mail Address:Alamat e-mel: jamaluddin.nafis@ymail.com | C | PROJECT INFORMATION / MAKLUMAT PROJEK | C(i) | Project Area (Please tick): Bidang Projek (Sila tanda ( √ )): A. Intelligent Information Systems Sistem Informasi Pintar B. Software Technology Teknologi Perisian C. Database Technology Teknologi Pangkalan Data D. Computer System Technology Teknologi SistemKomputer E. Computer and Network Security Komputer dan Keselamatan Rangkaian...
Words: 1224 - Pages: 5
...Incident-Response Policy Rami Asad DeVry University SEC – 280-19780: Security Submitted to: Professor: Jack Sibrizzi Date: [ 2/12/2015 ] Incident-Response Policy This security incident response policy will explain the list of procedures that need to be taken after a malware attack that made the network operation shuts down for Gem Infosys. The policy plan will have multiple phases that include defining what comprises the security incident and the response phases. The response phases would include defining roles and responsibilities, assessment of the incident, and procedures explaining in detail what actions taken during the incident. Although the incident was caused by a malicious program that used up the bandwidth, causing the computers and the network to slow down and eventually shutdown, this security policy will explain the set of actions that the company needs to take as a response for any cyber attack. Purpose This security incident response policy is designed to minimize the damages from malicious software attacks, and it is designed to protect Gem Infosys’ network and resources from intruders. The incident response policy goal is to verify that the incident occurred, restore business continuity, reduce the incident impact, prevent future attacks, and improve security and incident response. Network Layout The overall network for Gem Infosys is designed to have a firewall, three file servers, two Web servers, one Windows 2008 Active Directory server for user...
Words: 837 - Pages: 4
...Lab 1 Assessment Worksheet Develop an Attack & Penetration Plan 1. List the 5 steps of the hacking process. * Reconnaissance * Scanning * Gaining Access * Maintaining Access * Covering Tracks 2. In order to exploit or attack the targeted systems, the first initial step I would do to collect as much information as possible about the targets prior to devising an attack and penetration test plan would be reconnaissance. I would use passive reconnaissance as this pertains to information gathering. 3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can be used to look up all the available host on a network through the DNS server. You can get IP address information of hosts on your targeted network. You can also get the information of the purpose of the hosts. Whois lookup is a protocol that can be used to interrogate the servers operated by regional internet registries which holds information about every IP/Domain registered on the internet. You can get information about your target such as; the name of the owner, address of the owner. IP ranges that a certain IP belongs to, contact information like emails and phone numbers, administrators names and server names. You can also just use your targets web site. Sometimes the targets website can reveal way too much information without realizing it, and just by looking at the information they have...
Words: 1233 - Pages: 5
... An Ontological Approach to Computer System Security ABSTRACT Computer system security relies on different aspects of a computer system such as security policies, security mechanisms, threat analysis, and countermeasures. This paper provides an ontological approach to capturing and utilizing the fundamental attributes of those key components to determine the effects of vulnerabilities on a system’s security. Our ontology for vulnerability management (OVM) has been populated with all vulnerabilities in NVD (see http://nvd.nist.gov/scap.cfm) with additional inference rules and knowledge discovery mechanisms so that it may provide a promising pathway to make security automation program (NIST Version 1.0, 2007) more effective and reliable. KEYWORDS analysis system security, common vulnerability exposures, ontology, vulnerability Ju An Wang, Michael M. Guo, and Jairo Camargo School of Computing and Software Engineering, Southern Polytechnic State University, Marietta, Georgia, USA J. A. Wang, M. Approach to Computer An Ontological M. Guo, and J. Camargo System Security 1. INTRODUCTION Secure computer systems ensure that confidentiality, integrity, and availability are guaranteed for users, data, and other computing assets. Moreover, security policies should be in place to specify what is secure and nonsecure, and security mechanisms must be implemented to prevent attacks, detect them, and recover a system from those attacks. During a computer system’s design process, developers...
Words: 6084 - Pages: 25
...Journal of Computer Science and Information Security, Vol. 10, No. 3, March 2012 An Efficient Automatic Attendance System Using Fingerprint Reconstruction Technique Josphineleela.R Dr.M.Ramakrishnan Research scholar Department of Computer Science and Engineering Sathyabamauniversity Chennai,India ilanleela@yahoo.com Professor/HOD-IT Velammal Engineering College Chennai,India ramkrishod@gmail.com Abstract— Biometric time and attendance system is one of the most successful applications of biometric technology. One of the main advantage of a biometric time and attendance system is it avoids "buddy-punching". Buddy punching was a major loophole which will be exploiting in the traditional time attendance systems. Fingerprint recognition is an established field today, but still identifying individual from a set of enrolled fingerprints is a time taking process. Most fingerprint-based biometric systems store the minutiae template of a user in the database. It has been traditionally assumed that the minutiae template of a user does not reveal any information about the original fingerprint. This belief has now been shown to be false; several algorithms have been proposed that can reconstruct fingerprint images from minutiae templates. In this paper, a novel fingerprint reconstruction algorithm is proposed to reconstruct the phase image, which is then converted into the grayscale image. The proposed reconstruction algorithm reconstructs the phase image...
Words: 3558 - Pages: 15
...THOMAS FORD IT255 MR. CARTER LIST PHASES OF A COMPUTER ATTACK Phase 1 - Reconnaissance Reconnaissance is probably the longest phase, sometimes lasting weeks or months. The black hat uses a variety of sources to learn as much as possible about the target business and how it operates, including * Internet searches * Social engineering * Dumpster diving * Domain name management/search services * Non-intrusive network scanning Phase 2 - Scanning Once the attacker has enough information to understand how the business works and what information of value might be available, he or she begins the process of scanning perimeter and internal network devices looking for weaknesses, including * Open ports * Open services * Vulnerable applications, including operating systems * Weak protection of data in transit * Make and model of each piece of LAN/WAN equipment Phase 3 - Gaining Access Gaining access to resources is the whole point of a modern-day attack. The usual goal is to either extract information of value to the attacker or use the network as a launch site for attacks against other targets. In either situation, the attacker must gain some level of access to one or more network devices. In addition to the defensive steps described above, security managers should make every effort to ensure end-user devices and servers are not easily accessible by unauthenticated users. This includes denying local administrator access to business users and closely monitoring...
Words: 485 - Pages: 2
...sophistication of the attacks have increased exponentially. Attacks that once required attackers to have an advanced degree in computing now can be done with easily downloaded and freely available tools that the average junior-high student can figure out how to use. Every company and almost every person connects to the Internet, making essentially the whole world vulnerable to attack. The biggest danger today may be the changes in attacker’s motivation. Instead of looking for a challenge, or to steal millions, today’s attackers can be much more organized and motivated. Organized crime tries to steal billions by extorting companies by threatening a denial of service (DoS) attack on the companies’ public web servers. Or they steal identity and credit card information for sometimes hundreds of thousands of people with one sophisticated attack. Attacks might come from nation-states or terrorists. Not only might they attack military and government networks, but they might try to disrupt infrastructure services for utilities and transportation and cripple economies. Security is clearly a big issue, and one that requires serious attention. To appreciate a bit more about the dangers inside the Enterprise network, it helps to understand a bit more about the kinds of attacks that might occur: Denial of service (DoS) attacks: An attack whose purpose is to break things. DoS attacks called destroyers try to harm the hosts, erasing data and software. DoS attacks called crashers cause harm...
Words: 1273 - Pages: 6
...of the organization • Loss or compromise of data • Interruption of business processes • Damage to customer confidence • Damage to investor confidence • Legal Consequences -- In many states/countries, legal consequences are associated with the failure to secure the system—for example, Sarbanes Oxley, HIPAA, GLBA, California SB 1386. • Security breaches can have far-reaching effects. When there is a perceived or real security weakness, the organization must take immediate action to ensure that the weakness is removed and the damage is limited. • Many organizations now have customer-facing services—for example, websites. Customers may be the first people to notice the result of an attack. Therefore, it is essential that the customer-facing side of the business be as secure as possible. SECURITY RISK MANAGEMENT DISCIPLINE (SRMD) PROCESSES In this topic, we will discuss security risk management discipline (SRMD). Specifically, we will discuss: The three processes of SRMD - • Assessment • Development and implementation • Operation Assessment involves • Asset assessment and valuation. • Identifying security risks with STRIDE. • Analyzing and prioritizing security risks with DREAD. • Tracking, planning, and scheduling security risk–related activities. Development and implementation involves • Developing security remediation. ...
Words: 6837 - Pages: 28
...Unit 9 Assignment 1: List phases of a computer Attack Reconnaissance and Probing The primary attach would be pretending to be friendly to a user by simply starting with a story or a joke to a co-worker, to get some type of information, then a search through different means (google, social sites, etc.) Method of access 1. The primary target is to use some type of phishing, spear or pharming type of trick to get information (use a birthday, anniversary, etc.). I could pose as an outside contractor that just happen to have lost its private key accidentally and need to access the system through one of the company computers connected to the network. 2. Using social engineering by offering to send the postcard by email (attachment) containing the invitations to the manager’s birthday party and the need to confirm their attendance by replaying back through their email addresses. Opening the attachment by the users would place some type of spyware to get habits and web activities. 3. Eventually I could land with some valuable information that would affect the individual’s privacy and confidentiality. Then I could have gain access to the system. Next phase of attack: • Use hping/2 to test the firewall, hping offers an IP spoofing scan while monitoring a target’s response to seduce discovery information such as distinguishing between different firewall policies and active services. • I would use Nessus Security Scanner with a tool providing a Scripting Language (NASL)...
Words: 430 - Pages: 2
...Integrative Network Design NTC 362 Integrative Network Design This project will consist of five different phases totaling a timeline of six months. The first month will be the planning phase. This phase will have a deadline no longer than 30 days. After the first 30 days, the second phase will take into effect, which is the installation phase. This phase will also have a timeline of no more than 30 days. The Third Phase will be the longest phase of a timeline of 60 days. The third phase will be the testing phase. The testing phase is important because this is the troubleshooting phase. Troubleshooting is important to ensuring the new system is running up to optimal standards. The fourth phase will have a deadline of 30 days. The fourth phase is the Training Phase, and our trainers only need a month to convert the needed employees to the new system. The Fifth and Final Stage is our Final Evaluation/Lessons Learned Stage. At this point, the system is at full running operation, and for the last month the system will be ready for a full evaluation. Riordan Manufacturing is a fast growing business, and has grown into a large fortune 1000 company. As they grew into this large company they have been encountering problems with lost or misplaced material. As of now Riordan’s material is manually tracked by paper and pen by employees then entered into a database by an inventory clerk at the end of the day. This is causing them to misplace customer packages resulting in unhappy...
Words: 2910 - Pages: 12
...List Phases of Computer Attack The reconnaissance and probing phase is when an attacker collects information to figure out how to attack. This is like a blue print to find out what vulnerabilities exist within a network. They may search the internet to use DNS and ICMP tools within the TCP/IP protocol suite, Standard and customized SNMP tools, Port scanners and mappers, and security probes. The ICMP (Internet Control Management Protocol) ping commands are available on most computer operating systems. It enables attackers to verify that target systems are reachable. They can use the ping command with a number of extension flags to test direct reachability between hosts. The SMTP tools and port scanners are other methods of finding holes within a network. Once an attacker reaches a target network, they may want to explore and see which systems and services are accessible. The attacker may want to use several port-scanning applications. NMap is one of the popular applications to use in this case. They allow an attacker to discover and identify hosts by performing ping sweeps, probe for open TCP and UDP service ports, and identify operating systems and applications running. Once an attacker probes a network for possible vulnerabilities, they must access the target systems. The goal is to establish the initial connection to a target host, and then gain administrative rights to the system. A method of gaining access is to capture or crack passwords. The attacker can...
Words: 279 - Pages: 2
...THREAT MODELING AND ITS USAGE IN MITIGATING SECURITY THREATS IN AN APPLICATION Thesis Submitted in partial fulfillment of the requirements for the degree of MASTER OF TECHNOLOGY in COMPUTER SCIENCE & ENGINEERING - INFORMATION SECURITY by EBENEZER JANGAM (07IS02F) DEPARTMENT OF COMPUTER ENGINEERING NATIONAL INSTITUTE OF TECHNOLOGY KARNATAKA SURATHKAL, MANGALORE-575025 JULY, 2009 Dedicated To My Family, Brothers & Suraksha Group Members DECLARATION I hereby declare that the Report of the P.G Project Work entitled "THREAT MODELING AND ITS USAGE IN MITIGATING SECURITY THREATS IN AN APPLICATION" which is being submitted to the National Institute of Technology Karnataka, Surathkal, in partial fulfillment of the requirements for the award of the Degree of Master of Technology in Computer Science & Engineering - Information Security in the Department of Computer Engineering, is a bonafide report of the work carried out by me. The material contained in this report has not been submitted to any University or Institution for the award of any degree. ……………………………………………………………………………….. (Register Number, Name & Signature of the Student) Department of Computer Engineering Place: NITK, SURATHKAL Date: ............................ CERTIFICATE This is to certify that the P.G Project Work Report entitled " THREAT MODELING AND ITS USAGE IN MITIGATING SECURITY THREATS IN AN APPLICATION" submitted by Ebenezer Jangam (Register Number:07IS02F)...
Words: 18945 - Pages: 76
...OPSEC in Warfare and Terrorism “The enemy aggressively "reads" our open source and continues to exploit such information for use against our forces. Some soldiers continue to post sensitive information to internet websites and blogs, e.g., photos depicting weapon system vulnerabilities and tactics, techniques, and procedures. Such OPSEC violations needlessly place lives at risk and degrade the effectiveness of our operations.” Peter Schoomaker (1). Operations Security (OPSEC), while a relatively recent term, is an operations enabler that has been practiced in varying degrees throughout history. This document will explore the history of OPSEC as it’s known today, discuss the process and its role in disrupting the capabilities of adversarial forces using multiple collection and planning models and examine the rapidly advancing technical capabilities of threat vectors. OPSEC as a concept was developed during the Vietnam War under the command of Admiral Ulyssess Sharp. The mission of the newly-established “Purple Dragon” team was to determine how the enemy was able to gather information on military operations (2). The team was able to understand the need to alter tactics and procedures to reduce an adversary's ability to make educated predictions based on the knowledge of routines (3). Post-war OPSEC was formally established as a national program when President Ronald Regan signed the National Security Decision Directive Number...
Words: 5936 - Pages: 24
...and evolution of security best practices and process improvements, serves as a source of expertise for the organization as a whole, and performs a review (the Final Security Review or FSR) before software is released. What are the activities that occur within each phase? Training Phase- Core Security Training Requirements Phase- Establish security requirements, create Quality Gates/Bug Bars, perform Privacy Risk assesments. Design Phase-Establish Design Requirements, perform Attack Surface Analysis/Reduction, use Threat Modeling Implementation Phase- Use approved tools, Deprecate unsafe functions perform static analysis Verification Phase- Perform Dynamic Analysis, Perform Fuzz Testing, Conduct Attack Surface Review Release Phase- Create an incident Response Plan, Conduct Final Security Review, Certify release and archive Response Phase- Execute Incident Response Plan Phase Activities Roles Tools Requirements - Establish Security Requirements -Create Quality Gates/Bug Bars -Perform Security and Privacy Risk Assessments -Project Managers -Security Analysts -Microsoft SDL Process Template for Visual Studio Team System - MSF-Agile + SDL Process Template Design -Establish Design Requirements -Perform Attack Surface Analysis/Reduction -Use Threat Modeling -Project Managers -Tester -Software Developers -Security Analysts -QA -Microsoft Threat Modeling Tool 2014 Implementation -Use Approved Tools -Deprecate Unsafe Functions -Perform Static Analysis -Software Developers ...
Words: 2006 - Pages: 9
...An Overview of Computer Viruses in a Research Environment Matt Bishop Department of Mathematics and Computer Science Dartmouth College Hanover, NH 03755 ABSTRACT The threat of attack by computer viruses is in reality a very small part of a much more general threat, specifically attacks aimed at subverting computer security. This paper examines computer viruses as malicious logic in a research and development environment, relates them to various models of security and integrity, and examines current research techniques aimed at controlling the threats viruses in particular, and malicious logic in general, pose to computer systems. Finally, a brief examination of the vulnerabilities of research and development systems that malicious logic and computer viruses may exploit is undertaken. 1. Introduction A computer virus is a sequence of instructions that copies itself into other programs in such a way that executing the program also executes that sequence of instructions. Rarely has something seemingly so esoteric captured the imagination of so many people; magazines from Business Week to the New England Journal of Medicine [39][48][60][72][135], books [20][22][31][40][50][67][83][90][108][124], and newspaper articles [85][91][92][94][114][128] have discussed viruses, applying the name to various types of malicious programs. As a result, the term “computer virus” is often misunderstood. Worse, many who do understand it do not understand protection in computer systems, for example...
Words: 12539 - Pages: 51
