Attack Tree Of Computer Security

Attack Tree Of Computer Security This report is introduces about the possible attack for company and it represent by the attack tree diagram. In the company have six computer and internal server. Each computer is using Microsoft window 7. They are using the DVD to store the backup and the router is default setting. Each employee has the email address. Firstly, I will attack the workstation, try to obtain the password illegally and attack the security such as install virus, Trojan, worm and DOS attack. After that, I will attack the dvd to get the dvd and do some malicious action. Obtain the DVD can through the employee, such as bribe or threaten. Malicious action will install the threats into the DVD and spread to other computer when they are using the backup. Then, we will attack the router which is change the WEP or filter the mac address to cause the computer cannot connect to the network. We also can using threats through the router to install into the system, e.g plashing, pharming, DNS cache poisoning and spoof ing. However, I will attack the server using the internal threats and external threats, such as ask a person to disguise a customer to get the information from company, or ask the temporarily customer to be a spy to do some malicious action. Moreover, attack the email using the security threats like phishing, email spam, virus and spam. Then, obtain the email password from the target. Finally, attack the window 7 using hacking tools to destroy the host file from the system and using physical attack to the system and obtain the important data or change the data to make a big lose for the company. All of these attacks will discuss in this report. Introduction and scope Attack tree helps one to understand security issue better, from the stand point of an attacker. Attack trees are a graphical and mathematical construct used to identify most of the attack that will cause the greatest risk to the defender, determine effective strategies decrease the risk in a acceptable level for the defender, describe the potential attack between the adversary and the defender, provide a communication mechanism for security analysts, capture what is known and believed about the system and its adversaries, and store the information in a diagram that can be understood for the subsequently defenders. Although it is very hard to identify the entire possible factor that leads to intuition, it is based on the experiences and the ability to extrapolate how the experiences apply on the new situation.  For example, the effectiveness of internet security, network security, banking system security, installation and personnel security may all be modelled using attack trees. Th e ideal of attack tree is that an equipment, software, process could have vulnerabilities that when successful, they could compromise the entire system. Scope There are six computers and one internal server and each computer encompasses Microsoft Window 7 and Microsoft Office 2007. Each workstation has been patched with all updates of March 25, 2010. They are using ADSL 2+ connection. The server and workstation backup is store in a DVD. All the employees have email addresses and there share the document through a D-Link DNS-323 NAS. The router is utilising default settings and consists of a D-Link DSL G604t. Each workstation is utilising Microsoft Windows Malicious Software Removal Tool. Assumptions -The room houses the server is not locked or well protected with access key. -The router is not updated with the latest patches and set the default setting. -The workstations are not created with user login account. -No legal antivirus software is installed. Attack tree for compromising availability Spyware Trojan Virus Worm DOS attack Security attack Attack workstation Description: Due do the workstation do not have any legal antivirus software, so the security of the workstation is weak. We can use different threats to attack the workstation. We will install spyware to the workstation through email, when the employee clicks on the email. Spyware will collect some information from there without their knowledge. It is hard to detect, unless the user install the anti spyware software. We also use the same way to install the Trojan, virus and worm into the workstation. Trojan will format the hard drive when the user runs it. Virus will spread from one device to another, when they are connecting to another computer or device. Most of the virus will destroy the data or cause the computer keep reboot. Worm will use up the computer resources and possibly shutting down the system. Install the DOS (Denial of service) attack to prevent the user to access information or service, such as access email, website, etc. Attack workstation Steal Get password from employee Bribe Threaten Find written password Obtain login password illegally Use widely known password Learn password Guess password Description: The other way to attack the workstation is obtain the administrator login password illegally. First of all, we can try to guess the password or use the widely known password, because most of the users usually use the password to easy memories. After that, we also can learn the password such as find the written password from the user. We also can get the password from the employee. There are many ways to get from them. Firstly, we can threaten the employee, like find out some secret from the employees. However, we can bribe the employees to give them some advantages, such as money or something they like. Finally, we can steal from the employee, like install remote password stealer computer and receive the password through email. Blackmail Bribe Employee Copy Steal Exchange DVD Obtain DVD Attack backup Description: The backup of company is store in a DVD, so there are many possible ways to obtain the DVD. Firstly, we can use another DVD to exchange with the DVD backup, so they cannot find out any problem before they use the DVD. After that, we also can steal the DVD or copy the DVD. Finally, we can bribe the employee or blackmail the employee to let him get the DVD. Attack backup Malicious action Spyware Virus Trojan Destroy DVD Description: Another way to attack the backup is do malicious action. We can destroy DVD, like burn or break it. We also can put the threats through email or employee to the workstation, so after they backup the threats also in the DVD. When they use the backup DVD, the Trojan will install in the system, and format the hard drive of the system. Virus will spread into the system to destroy the data or make the system error. Spyware will install into the system and collects some information from the system, so we can know what is the user doing in the system. Filter the mac address Set the WEP Get in the router Attack router Change router login password Block the website Description: Because of the router is using the default setting, so they do not change the login password. So we can get in the router using the default password. After that, we can change the login password and set a WEP to ignore the employee using the wireless. However, we can filter the mac address to disable employees computer to connect internet. Furthermore, we also can block some URL about the company, so the employee cannot access the website. Phlashing Pharming DNS cache poisoning Spoofing Attack router Security attack Description: There is some security attack to the router. We can use the spoofing attack to masquerades as another program to falsifying data and gaining some advantages. Furthermore, DNS cache poisoning will corrupts the DNS table and cache, so the domain name will assign with a malicious IP address. When the employee use the malicious IP address, the computer will infected by worm, viruses or spyware. Moreover, we also can use pharming to attack the router. Pharming is redirecting the website traffic to a bogus website. When the employee get in the website, pharming will conducted to change the hosts file or exploitation the vulnerability in DNS server software. Finally, phlashing will exploit vulnerability in network based firmware update, it will permanently disable the hardware by loading corrupted BIOS onto the hardware. Attack server Trojan Worm Virus Check for the security protection Install remote access Disguise Eavesdrop Security attack Espionage Temporarily employee Customer Internal threats Description: There are two internal threats to attack the server. Due to the room of server is do not lock properly, so the temporarily employee can easily get in the room. Temporarily employee maybe is espionage to get the information from the server. They will install remote access to control the server, such as delete the data or destroy the server. They also will attack the security and install virus, worm and Trojan to exploit the server and cause the server crash. Attacker also will disguise be a customer, so they can go to the company easily. They can be eavesdrop in the company, and they can check for the security protection of the company, find out the vulnerability, so they can easily get into the company when nobody inside. Attack server Internal threats Across to the computer room power Across to the power switch Turn off security protection Rename server Turn the power off Steal data Employee Description: Another internal threat is employee. We can bribe the employee, because employees already work in the company for a long time, so we can ask them to steal important data or some secret data of the company. However, we also can ask them to turn off the power of the server room, so some document have not save will missing. Employees can across the power switch or across to the computer room power to turn off the power. Then, turn off the security protection in the server, so we can easily to hack into the server. Finally, rename the server and cause all computer cannot connect to the server. Obtain password from target Threats Trojan Viruses Email spam Phishing Security attack Attack email Description: Email will attack by the threats and obtain the password illegally from the target. We can threaten or blackmail the target to get the email password, so we can send email for others and provide wrong information to them. There are four types of threats send to the email and bluff the employee to click it, so the threats will install into the system. First, phishing will send by the email and come out well known website, then the employee go to the website and key in the username and password, their information will obtain by attacker. Moreover, the email spam will send the message to numerous recipients by email, and it is unsolicited. However, viruses are dangerous because they often deliver extremely destructive payloads, destroying data, and bringing down entire mail systems. Finally, use email installs Trojan to obtain confidential information or gain control of the server. Attack Microsoft Window 7 Change the document Destroy host file Spyware Malware Hacking tools Turn off power supply Disguise Cleaner Destroy computer Description: Microsoft window 7 is the widely operating system in the world, so there are many hacking tools to hack into the system. Attacker can pretend be a cleaner, and using the tools to hack into the system, after that install the malware to destroy the host file or change the important document, effects the company process. Then, install the spyware to spy the user work in the system and obtain the login password. Furthermore, we also can destroy the computer such as use water or burn it. Finally, turn off the power supply and cause the system lost the data before the user save it. Attack Microsoft Window 7 Physical attack Security attack Teardrop Remote access trojan Worm Virus Crash Win 7 Description: Microsoft window 7 also can attack physically. Because of the window 7 is widely use, so attacker are found many security vulnerability. Teardrop attack is a form of denial of service (DOS) attack, it will exploit the system when the internet protocol requires that a packet too big for the next router to handle has to split into fragments. In the teardrop attack, attackers IP puts an odd and confusing offset value in the second fragment or in a fragment thereafter. If the operating system under the teardrop attacks, the system will crash. Another is security attack, we can ask the employee or using the email to install virus, worm and spread all of these threats to the entire computer in the company on the network, and make the system down. Another threat is using remote access Trojan to control the system. This type of Trojan creates a backdoor into the system. We can use the client to control the server, this can allow to almost completing control over the victims system. Attack Microsoft Office 2007 Confidential loss Threats of document Integrity loss Altered data Corrupt data Sell data Broadcast data Description The method of attack the Microsoft Office 2007 is threats the document. Firstly, we can get the document from employee or using the Trojan or virus through email send to the system to obtain the document. Then, it will cause the integrity loss and confidential loss. In the integrity loss, we will altered the data and corrupt the data. In the confidential loss, we will broadcast the data or sell the data to another company, so the secret of the company will know by everyone. These two type of method will cause big loss for the company. Conclusion As you can seem that from the diagram, there are many attack come from many different ways such as internal threats, external threats. Internal threats are cause by the employee, customer and the worker in the company. External threats are cause by the attacker using different method to hack into the system to do malicious action. But comparatively, the attacking from internal is easier, because the employee is know more about the company and can get the data easily, but that is dangerous, if the company found that, they will get catch. In the other hand, the attacking from external is difficult but safe, because they do not know where is the data and also need to avoid the security protection, but if the company found that, they is hard to track the attacker. All of the diagram above is some of the possible attack, there are still have many possible attack. Indeed, with the technological advancements, it is likely that the computer threats will emerge in endlessly, so the possible a ttack will come out more and more in the future. Glossary Virus- A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting i.e., inserting a copy of itself into and becoming part of another program. A virus cannot run by itself; it requires that its host program be run to make the virus active. Trojan- A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program. Worm- A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively. Spyware- Spyware is a type of malware that can be installed on computers and collects little bits of information at a time about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the users personal computer. Spam-Electronic junk mail or junk newsgroup postings. Spoofing-Attempt by an unauthorized entity to gain access to a system by posing as an authorized user. Pharming-This is a more sophisticated form of MITM attack. A users session is redirected to a masquerading website. This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading websites IP. Almost all users use a URL like www.worldbank.com instead of the real IP (192.86.99.140) of the website. Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website. At the pseudo website, transactions can be mimicked and information like login credentials can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website. Phishing-The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. Typically the e-mail and the web site looks like they are part of a bank the user is doing business with. Denial of service-The prevention of authorized access to a system resource or the delaying of system operations and functions. Malware-A generic term for a number of different types of malicious code. DNS cache poisoning-DNS poisoning is also called DNS cache poisoning, and refers to the corruption of DNS tables and caches so that a domain name points to a malicious IP address. Once the user is re-directed to the malicious IP address his/her computer can be infected with worms, viruses, spy ware etc. Phlashing- Phlashing is a permanent denial of service (DoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable. Teardrop-Teardrop is a program that sends IP fragments to a machine connected to the Internet or a network. Teardrop exploits an overlapping IP fragment bug present in Windows 95, Windows NT and Windows 3.1 machines. The bug causes the TCP/IP fragmentation re-assembly code to improperly handle overlapping IP fragments. This attack has not been shown to cause any significant damage to systems, and a simple reboot is the preferred remedy. It should be noted, though, that while this attack is considered to be non-destructive, it could cause problems if there is unsaved data in open applications at the time that the machine is attacked. The primary problem with this is a loss of data.

The Role of Deception in Writing Essay examples -- Character Analysis

The effect of portraying characters in writing can make an impressionable mark on a readers mind. These descriptions can lead a reader to infer the type of character they are reading about or how they feel about a particular character. Sometimes as we read, things that appear to be certain may be ambivalent. Chaucer’s descriptions of his characters throughout â€Å"The General Prologue† are written in such a way where the characters seem to be doing things for the welfare of others or seem to have traits that are excessively praised. However, they really may embody insincerity, selfishness and greed. In â€Å"The General Prologue† from The Canterbury Tales by Geoffrey Chaucer, the Parson and the Pardoner, both members involved in the church, are described contrarily in order to provide two completely different effects for the reader. The Parson is shown to be pure and altruistic while the Pardoner who appears to be of good nature, is really not. The Parson’s character is described differently than any other character. There is nothing throughout the poem that suggests the Parson has anything but good intentions. â€Å"There was, and poor, the Parson to a town, / Yet he was rich in holy thought and work† (Lines 489-491). The description Chaucer provides about the Parson is that although he is very poor, the Parson is continuously devout to his religion: â€Å"rich in holy thought and work.† The Parson also does not live the luxurious life; instead he lives a life of simplicity. [â€Å"†¦both from church offerings and his property [were how he lived]†] (Lines 13-14). Overall, the Parson is a poor priest who lives off of what he has. He is never doubtful about his life as Chaucer says, â€Å"No scrupulosity had spiced his feelings† (Line 536). In life, some m... ...tal, and pig bones. These are supposed to represent Mary’s veil, the cross, and the holy bones of saints. However, these are all tangible things. He tricks the reader in thinking that he is doing good and he tricks the people of that time to give money to the church in such a discrete way that if it were to be read quickly, his trickery would not be noticed. Both the descriptions of the Parson and the Pardoner give the reader different thoughts about each of them. Chaucer does not simply tell the reader who they are and how they live, but the reader must decode the clues given by tone and other literary devices. Sometimes things aren’t always as they seem. By reading literature and trying to find the clues to what the author is trying to say, one will always encounter new types of characters, people and ideas that will become engrained in one’s minds forever.

The Cause and Effect of Alcoholism

Alcoholism is a cause that haves numerous effects on people in the United States today. It’s defined as a condition that resulted in the continued consumptions of alcoholic’s beverages, despite health problems and negative social consequences. The symptoms of alcoholism vary from person to person, but the most common symptoms seen are changes in emotional state, behavior, or personality. Alcoholics may become angry and argumentative, and withdrawn or depressed. They may also feel more anxious, sad, tense, and confused. Alcoholism is a treatable disease and many treatment programs and approaches are available to support alcoholics who have decided to get help, but no medical cure is available. Regardless of how someone is diagnosed as alcohol dependent or how they came to realize they have a serious drinking problem, the first step to treatment is a sincere desire to get help. Alcoholics who are pressured into treatment by social pressure or forced to quit by circumstances rarely succeed in the long run. Next, I will like to discuss the causes, effects and consequences of Alcoholics. There are several possible causes of alcoholism and risk factors for the disease. Alcoholic liver disease usually occurs after years of excessive drinking. The longer you use alcohol and the more alcohol consumed, the greater the likelihood of developing liver disease. Acute alcoholic hepatitis can result from binge drinking. It may be life-threatening if severe. People who drink excessively can become malnourished because of the empty calories from alcohol, reduced appetite, and poor absorption of nutrients in the intestines. Malnutrition contributes to liver disease. These are many causes that come from drinking a constant amount of Alcohol. The effects that alcohol has on the human body range from short to long term symptoms. As a person consumes alcoholic drinks the stomach immediately absorbs the alcohol and it enters into the bloodstream. Depending on the features such as the age, weight, sex, and body size of an individual the alcohol will affect people in many different ways. Some of the lighter effects of the intake of alcohol comprise lightheadedness, while other effects with an increased amount of alcohol consumed include queasiness, vomiting, slurred speech and vision, and an increased amount of dizziness. There are many consequences of drinking that can lead to an addiction commonly known as alcoholism. Permanent long term effects of consumption can lead to severe damage to essential organs as the liver and brain. If a sustained period of no consumption happens, many effects such as anxiety, delusion, and shuddering may occur. Drinking alcohol during pregnancy may lead to birth defects in infants commonly known as fetal alcohol syndrome. Retardation and permanent physical deformities are common in many cases, and investigative studies have shown that offspring of alcoholic parents are at a great deal higher possibility of becoming alcoholics themselves. In conclusion, there are several causes, effects, and consequences of Alcoholism that I have mentioned. Many people that use alcohol do not understand how harmful it is to their body. After reading my essay I hope you have a better understanding of why drinking to much alcohol is bad for you.

Analysis Of King Midas And The Golden Touch - 1042 Words

Data When giving the pre-assessment I read aloud the words as I was going over the directions for the assessment. My students made comments that they had never seen most of these words before, which makes sense because these words are very specific and are more likely to be seen in social studies content. The five words selected are from the story King Midas and the Golden Touch, which the students will be reading next week, as part of a short story unit. The words were â€Å"adorn, cleanse, lifeless, precious and realm.† When grading the assessment, I felt a bit confused about how I was supposed to grade it and I looked up how to grade it again. The students marked 1 â€Å"I don’t remember ever seeing or hearing this word† 75 percent of the time. The two words students tried to guess the definition were â€Å"precious† and â€Å"lifeless†. The two students that attempted definitions got about 50 percent on the definitions they attempted. This pre- assessment showed some of the strengths and weakness of the students. The strengths of my students include being able to self-monitor and have an awareness of their own background knowledge. The weaknesses of my students included growth mindset, because they were not willing to try to guess the meaning of the words. Students also struggle with sentence structure and grammar. The data still shows that my students lack little to no background knowledge of these words as they verbally indicated to me. Most students checked â€Å"I don’t rememberShow MoreRelatedClose Critical Analysis of Mrs Midas Essay1314 Words   |  6 PagesCritical Analysis of Mrs Midas In Mrs Midas, Carol Ann Duffy takes the well-known story of King Midas from Ancient Greek mythology and places it in a modern context from the wife’s perspective. Originally, the story is about King Midas and the power he possesses that turns everything he touches into gold, which leads him to ultimately realise that wealth alone can’t make him happy - even unlimited gold. The moral of the King Midas story is that you can’t buy happiness, and also to be careful whatRead MoreMalaysia Airlines-Strategic Management14526 Words   |  59 Pagesreport, we touch on background of the company, internal and external analysis, generate strategies, choose strategies and recommend strategies for the company. In internal analysis part, we are looking for strengths and weaknesses of the company but in external analysis part, we are looking for threats and opportunities of the company. For external analysis part, we spread to 2 parts which are general environment and industry or task environment. Then based on internal and external analysis, we generate