Upload File

1 how to 0wn the internet in your spare time authors: stuart staniford, vern paxson, nicholas weaver...

  • Home
  • Documents
  • 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:
16
1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter: Melvin Rodriguez for CAP 6133, Spring’08

Upload: philippa-bailey

Post on 12-Jan-2016

219 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

1

How to 0wn the Internet in

Your Spare Time

Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver

Publication: Usenix Security Symposium, 2002

Presenter: Melvin Rodriguez for CAP 6133, Spring’08

Page 2: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

2

How to 0wn the Internet in Your Spare Time

Thread Launch DDOS (Distributed Denial of

Service) Access Sensitive / Restrictive Information Corrupt information’s Integrity Level

Can Cause Significant Damage

Page 3: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

3

How to 0wn the Internet in Your Spare Time

Worms Programs that self replicate exploiting

systems flaws Propagate quickly Hard to detect (initially) Constantly Improving

Can Spread Fast

Page 4: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

4

How to 0wn the Internet in Your Spare Time

Propagation Techniques Used Hit-list scanning

Faster propagation Permutation scanning Distributed coordination of a worm

Internet scale hit-lists Targeting Internet enable devices

Topology Aware Uses victims information

Flash Worm Quick and Concentrated

The Name of the Game is : The Faster the Better

Page 5: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

5

Significant Worms Attacks Code Red I

MS IIS vulnerability Spread by launching threads of random IP

addresses Random generator used fixed seed IP address

Code Red I version 2 Same code as Code Red I Fixed random generator Added a direct DDoS

How to 0wn the Internet in Your Spare Time

Constantly Evolving: New Improved Versions

Page 6: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

6

Significant Worms Attacks Code Red II

Different code from previous Code Reds Use same vulnerability previously used Installed a root backdoor Infected local machines

How to 0wn the Internet in Your Spare Time

Use of Different Techniques

Page 7: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

7

Significant Worms Attacks Nimda

Five different techniques- Probe- Copy - Email- Append Web code - Use backdoors

How to 0wn the Internet in Your Spare Time

Combination of different techniques: Multi-vector Approach

Page 8: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

8

Significant Worms Attacks Nimda

Infection

How to 0wn the Internet in Your Spare Time

Page 9: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

9

Significant Worms Attacks Nimda

Very successful propagation rate Unknown signature Firewalls allow email flow

Complete functionality is still Unknown

How to 0wn the Internet in Your Spare Time

More Research is Needed

Page 10: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

10

How to 0wn the Internet in Your Spare Time

Other Advance Worm Characteristics / Features Updates and Controls

Direct Worm-to-Worm Communication Programmable Remote Updates Remote Control

Modification after Infection

Page 11: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

11

How to 0wn the Internet in Your Spare Time

Other Advance Worm Characteristics / Features Stealth contagion

Slow spread Non predetermined pattern Effectiveness depends on various factors

On targets specific traffic using common traffic patterns

Exploit peer-to-peer (P2P) systems flaws Size of targeted network Remote Usage

Slow propagation - Undetected Infection

Page 12: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

12

How to 0wn the Internet in Your Spare Time

High Level Cyber Center of Disease Control Concept Mission

Monitor progression Identify threats Foster research

Main Roles Identifying outbreaks Rapidly analyzing pathogens Fighting infections Anticipating new vectors Proactively devising detectors for new vectors Resisting future threats

Page 13: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

13

How to 0wn the Internet in Your Spare Time

Summary Worms are a threat affecting all levels of internet

security They are constantly evolving and improving Worms combine several techniques to avoid detection

and increase infections effectiveness Conclusion

More research is needed Need for a centralized organization to bind and

establish collaboration efforts at all Industry levels Worms can cause a significant level of damage /

disruption of Internet services and lost of revenue

Page 14: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

14

How to 0wn the Internet in Your Spare Time

Contributions Explained the Threat and How Dangerous Presented techniques used for infecting

systems Discussed known worms attacks Overview of techniques used Discussed main characteristics and features An high level overview of a centralized Cyber

Center of Disease Control mission and roles

Page 15: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

15

How to 0wn the Internet in Your Spare Time

Weaknesses Title is misleading

Points towards ‘how to’ approach No enough explanation on statistics

No proven hypothesis Material is not easy to follow

Better presentation of material Hypothesis without actual data to support

Use of possible scenarios without real data CCDC deployment idea not fully developed

Open items for further discussion

Page 16: 1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

16

How to 0wn the Internet in Your Spare Time

How to Improve Updating the title Expand on CDC concept

Present how it would operate Organization and cooperation with other

Agencies NSA, USCERT, Military, Commercial, etc

Additional analysis and description of Worms Rearrange the material sequence Re-group topics Depict International deployment / cooperation


docs.fcc.gov  · Web viewBurgess states that, as a condition of NBC extending its investment in Paxson, Paxson agree to certain critical changes in their agreements such as changes

CS 161: Computer Security Prof. Vern Paxson - ICIR · 2017-04-21 · Malware: Viruses CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield,

“How to 0wn the Internet in Your Spare Time”

David Paxson Pioneered Overpopulation Messaging Founder ... · David Paxson Pioneered Overpopulation Messaging by Dave Gardner, Executive Director You’re Invited to the Solve World

CS 161: Computer Security Prof. Vern Paxson - ICIR · 2013-04-16 · CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce

Detecting Forged RSTs Weaver, Sommer, Paxson Detecting Forged TCP Reset Packets Nicholas Weaver Robin Sommer Vern Paxson

Diana L. Paxson - BnFDiana L. Paxson : œuvres (8 ressources dans data.bnf.fr) Œuvres textuelles (8) La prêtresse d'Avalon (2008) Les ancêtres d'Avalon (2008) Les ancêtres d'Avalon

How to 0wn the Internet in your spare time & A worst case worm

1 Very Fast containment of Scanning Worms By: Artur Zak Modified by: David Allen Nicholas Weaver Stuart Staniford Vern Paxson ICSI Nevis Netowrks ICSI

Malware, con’t original slides provided by Prof. Vern Paxson University of California, Berkeley

For more information contact Catlyn Paxson at marykay ... · Swag Bag, Complimentary Chair Massage and Surprise Drawings. For more information contact Catlyn Paxson at [email protected]

MARION ZIMMER BRADLEY DIANA L. PAXSON | Das ......MARION ZIMMER BRADLEY DIANA L. PAXSON Das Schwert von Avalon Roman Aus dem Amerikanischen von Hanne Hammer BBradley,DasSchwertvonAvalon.indd

GrIDS -- A Graph Based Intrusion Detection System For Large Networks Paper by S. Staniford-Chen et. al

CS 161 - Computer Security Profs. Vern Paxson & David Wagnercs161/sp10/slides/4.12.viruses.pdf · Malware: Viruses CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs:

2011 Raw Milk Cheese Today Paxson

Vern Paxson & Christian Kreibich UC Berkeley Team Nov. 20, 2009

Vern Paxson Mobin Javed, LUMS Shoaib Asif Qazi Shaarif ... · Shoaib Asif Qazi, LUMS Mobin Javed, LUMS Vern Paxson, ICSI and UC Berkeley Folio 5 recto from the Aberdeen Bestiary

How to 0wn the Internet In Your Spare Time Authors Stuart Staniford, Vern Paxson, Nicholas Weaver Published Proceedings of the 11th USENIX Security Symposium

Life on the Highest Plane - biblesnet.com Paxson Life on the Highest Plane Volume... · Life on the Highest Plane by Ruth Paxson In Three Volumes Volume 1: The Person and Work of

IT Security @ Cornell · CS5434_15_Oct_2015-2.pptx Author: Stuart Staniford Created Date: 11/10/2015 12:53:47 PM

Ruth Paxson Rios de Aguas Vivas

Anne Case and Christina Paxson

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

Paxson News Mar 2013 final

Paxson Panther Press - mcpsmt.org€¦ · Paxson Panther Press Every Child, Every Day—Student Achievement for All June 2016 In this issue: Principal’s Corner 1 The PCA (PTA) thanks

Lit Space Monitoring for Botnets Stuart Staniford Chief Scientist 1/21/2008

Malware original slides provided by Prof. Vern Paxson University of California, Berkeley

CS 161 - Computer Security Profs. Vern Paxson & David Wagner

Working Towards Energy Sustainability - Paxson Science...Working Towards Energy Sustainability AICE Environmental Management/ AP Environmental Science–Ms. Paxson 3 Biofuels •Processed,

Yin Zhang, Nick Duffield, Vern Paxson, Scott Shenker · Yin Zhang, Nick Duffield, Vern Paxson, Scott Shenker Abstract—Many Internet protocols and operational pro-cedures use measurements

Paxson Elementary Building Profile 2013-2014

Vern Paxson - University of California, Berkeley

Paxson Barker, PhD, MS, RN

Detecting attacks Based on material by Prof. Vern Paxson, UC Berkeley

Quantitative Analysis: Statistical Testing using SPSS Geof Staniford Room 731 Email: [email protected] Telephone: 0151 231 2642