1 / 27

Welcome

Welcome. Cyber Defense Bootcamp for High School Teacher Cyber Defense Lab (ISAT/CS Room 140) Department of Computer Science James Madison University Summer, 2013. Introductions. Bryan Conner Livia Griffith Hossain Heydari Andrew Hutchson Evan Johnson Emil Salib Brett Tjaden

thompkins
Download Presentation

Welcome

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome • Cyber Defense Bootcamp for High School Teacher • Cyber Defense Lab (ISAT/CS Room 140) • Department of Computer Science • James Madison University • Summer, 2013

  2. Introductions • Bryan Conner • Livia Griffith • HossainHeydari • Andrew Hutchson • Evan Johnson • Emil Salib • Brett Tjaden • Xunhua (Steve) Wang

  3. Goals • Have fun! • Teach you about Cyber Defense so that you can: • Interest your students in Cyber Defense • Teach your students about Cyber Defense • Cyber Defense Clubs • CyberPatriot Program (http://www.uscyberpatriot.org/)

  4. Schedule • Meet Monday – Friday: • 9:00 – 10:15: Session #1 • 10:15 – 10:30: Break • 10:30 – 11:45: Session #2 • 11:45 – 1:00: Lunch • 1:00 – 2:15: Session #3 • 2:15 – 2:30: Break • 2:30 – 4:45: Session #4

  5. General Information • No food or drinks near our brand-new laptops • Restrooms: • Out the door and turn left • Right at main hallway • Right at next hallway • Restrooms are on the right • If you have a car on campus see us for a parking permit • Fill out a W-9 form if you want your money

  6. Questions • Always welcome!

  7. Cyber Defense • Prepare • Protect • Detect • Triage • Respond

  8. The Information Security Problem • Over the last couple of decades, our world has rapidly become very dependent on computers: • Store medical information • Guide aircrafts • Handle the majority of financial transactions • There are flaws in our computers’: • Operating systems • Applications • Protocols • Result: threats

  9. Exacerbating the Problem • The problem of how to design secure OSs, applications, and protocols is hard • Too few security professionals • Many users do not understand the magnitude of the threat • Many managers do not understand the magnitude of the threat

  10. Threats • A threat is a potential violation of system security • Examples (from Shirey): • Disclosure – unauthorized access to information • Deception – acceptance of false data • Disruption – interruption or prevention of correct operation • Usurpation – unauthorized control of some part of the system

  11. Attackers • Those who intentionally perform actions that cause security violations • Outsiders: • Competitors • Hackers • Organized crime • Terrorists • Foreign government, military, or law enforcement • Insiders • Customers, suppliers, vendors, or business partners • Disgruntled current (or former) employees • Contractors, temps, or consultants

  12. Types of Attackers • Third tier • “Script kiddies” with little knowledge or skill • Run attack scripts and other software written by more sophisticated attackers • Second tier • Moderately knowledgeable and skilled attackers • Discover vulnerabilities; create and disseminate exploit tools • First tier • Elite attackers • Discover vulnerabilities; create private tools

  13. Why You Should Not Be an Attacker • It is illegal: • United States Code, Title 18, Section 1030 (and others) • USA Patriot Act, Homeland Security Act, PROTECT Act • www.cybercrime.gov • Basically: • Unauthorized access or use of a computer or network system is illegal • Unintentional attacks are illegal too

  14. Understanding the Tools and Techniques of Attackers • Important for defenders • Can evaluate systems you defend as attackers will • Can implement countermeasures designed to thwart attackers • Better understand the implications of certain decisions

  15. The Pillars of Computer Security • The security “triad”: • Confidentiality • Integrity • Availability

  16. The Security Triad • Which is most important? • Confidentiality • Integrity • Availability

  17. Policy and Mechanism • A security policy is a statement of what is, and what is not, allowed • Examples? • A security mechanism is a method, tool, or procedure for enforcing a security policy • Examples?

  18. Goals of Security • Prevention – mechanism(s) that cause attacks to fail • Example? • Detection – mechanism(s) that determines that an attack is under way, or has occurred, and reports it • Example? • Recovery – mechanism(s) that stop attacks and assess and repair any damage caused • Example?

  19. Justifying Policy and Mechanism • The benefits of protection should be justified by the cost of designing, implementing, and using the mechanism • Cost-benefit analysis – the benefits of computer security is weighed against the cost • Risk analysis – the level of protection is a function of the probability of an attack occurring and the effect of the attack should it succeed • Laws and customs

  20. Getting Started • What to do first? • Get to know you systems • You cannot effectively defend what you don't understand • Attackers make it their job to understand systems better than the defenders and leverage their advantage in knowledge • “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle” - Sun Tzu

  21. Getting Started • What to do first? • Get to know you systems • You cannot effectively defend what you don't understand • Attackers make it their job to understand systems better than the defenders and leverage their advantage in knowledge • “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle” - Sun Tzu • “You Don't Know Me” - Elvis

  22. After You Know Your Systems • Think about threats and attackers • Think about what needs to be protected (security triad) • Think about what security policies and mechanisms you will employ • Think about your goals (prevention, detection, recovery) • Think about how what policies and mechanisms are justified

  23. After You Have Thought About Your Systems • Start to plan, implement, and test improvements to your systems' security posture • Respond to actions by attackers

  24. Getting started Defending Computer Systems • Get to know your systems • Assess the current security posture of your systems • Identify what needs to be protected • Think about how threats, attackers, the security triad, security policies/mechanisms, and security goals relate to your systems • Plan, implement, and test improvements to your systems' security posture

  25. Bootcamp Exercises • You will not just be listening, you will be doing • Virtual machines (VMs) – a simulated computer running on another computer • VMs are great for hands-on Cyber Defense exercises • You can create and use VMs with your students using free software: • VirtualBox (https://www.virtualbox.org/) • VMWare Player (http://www.vmware.com/products/player/)

  26. Accessing your VM for this Bootcamp • Turn on laptop • Click on “CyberDefender” account to log in • Double click on Firefox icon to open web browser • Enter this information in the vSphere • If you are not already on it, go to the following page: • https://10.0.0.250:9443/vsphere-client/

  27. Accessing your VM for this Bootcamp (cont) • Log in with the credentials you were given • Click on “Host and Clusters” • Expand the items on the left side until you see your “student” VM • Click on your student VM to highlight it • In the center window click on the “Summary” tab • Click on “Launch Console” • Power on the VM

More Related