沉静的力量可信的保障 quiet strength trusted assurance · 2019-03-29 · the world-class...
TRANSCRIPT
1
沉静的力量 可信的保障Quiet Strength Trusted Assurance沉静的力量 可信的保障Quiet Strength Trusted Assurance
3
Agenda
Security Wetware (Basic Concept)Offensive Wetware (Attack Technology)Defensive Wetware (M2S Service)
4
IT system=software + hardware + wetwareWetware is a hacker slang, as known as liveware、meatware
Wetware means:
1)Human beings (programmers, operators, administrators) attached to a computer system, as opposed to the system’s hardware or software.
2)The human nervous system
Without software, hardware is useless;if computer hardware and software exist together, neither of them can do anything without an operator ;Therefore wetware is essential element
http://www.catb.org/~esr/jargon/html/index.html
http://dictionary.reference.com/search?q=wetware
http://encyclopedia.lockergnome.com/s/b/Wetware
Security Wetware(Basic Concept)
5
Security Wetware(Basic Concept)
Security System
Computing System
6
Security Wetware(Basic Concept)
7
People is always creating and using tools
Security Wetware(Basic Concept)
Wetware
Hardware
software
8
Global international communication,complex giant system
Who is the master?Wetware!
Security Wetware(Basic Concept)
9
In the year of 2001,we first brought up the concept “Security People”. People creates、people uses、people manages、people attacks. The core of network security must be PEOPLE.
Security Wetware(Basic Concept)
Wetware!
10
The world-class security expert Bruce Schneier said:“Security is not a product ,it’s a process” ( 2000)
“The attacker is a part of a security system, and the system must take that attacker into account to remain secure” _ Bruce Schneier: Beyond Fear(2004)
Security Wetware(Basic Concept)
11
The world famous hacker Mitnick described in his new book:“Security is not a technology problem,it’s a people and management problem”,“People is the worst weakness of security”(2003)
Security Wetware(Basic Concept)
12
Security Wetware(Basic Concept)
Mission
Environment System Architecture
RationaleStakeholder Architectural Description
Concern Viewpoint View
LibraryViewpoint Model
fulfills 1..*
influences
inhabits
has an
has 1..*
is important to 1..*
is addressed to 1..*
providesdescribed by 1
has 1..*Identifies1..
selects 1..* organized by1..*
participates in
conforms to
participates in1 ..*
aggregates 1..*consists of 1..*
used to cover1..*
identifies 1..*
has source0..1 establishes methods
for 1..*
•IEEE STD 1471-2000 framework shows
•People is a part of system
13
"We cannot solve problems by using the same kind of thinking we used when we created them."
The Essence of Survival:Some wise words to remember...
Security Wetware(Basic Concept)
“There are many things my father taught me here in this room. He taught me :
Hold your friends close, but your enemies closer.”
_Michael Corleone:The Godfather, Part II
14
Offensive wetware,the newest network attack technology
Security Wetware(Basic Concept)
Defensive wetware,effective network defending technology
15
Agenda
Security Wetware (Basic Concept)Offensive Wetware (Attack Technology)Defensive Wetware (M2S Service)
16
Hackers gradually become professional, shaped and younger.
Offensive Wetware (Attack Technology)
Being a hacker is easy,I can do it also!
17
Offensive Wetware (Attack Technology)
Attack knowledge into the open
18
Attack “Client-Side”If server security is good, attacks shift in focus to Client-Side and wetwareAttack IE/OUTLOOK/FOXMAIL/QQ/MSNReleased and unreleased overflow attack codes for QQ and MSN. By using these ,it’s easy to get privilege
– “Half-life 2”codes stolen: Hacker hacked Neville’s email
Offensive Wetware (Attack Technology)
19
Commercial, BugSave activities
More hackers find bugs without publication(keep them as products and sell them to buyers )Vulnerabilities and codes can be sold– Exploitable unpublicized
attack codes,priced 100 thousand~300 thousand.
Administrators and software companies even don’t know these vulnerabilities,and easy to be used
Offensive Wetware (Attack Technology)
$
20
Damages “visualization”“Zombie Net”,as known as Botnet
– Since October 2004,music websites in continuous 3 months,over 60 thousand servers,had been damaged with 7 million yuan RMB.
Offensive Wetware (Attack Technology)
21
GO Deep into “Kernel”
Offensive Wetware (Attack Technology)
22
Database Attacks (converse engineering)
Offensive Wetware (Attack Technology)
23
Offensive Wetware (Attack Technology)
CMA and Bots(groupware network)
Co-ordinated MalwareAttack (CMA)
24
Offensive Wetware (Attack Technology)
Application Attacks
25
Offensive Wetware (Attack Technology)
Injections(further)
26
Offensive Wetware (Attack Technology)
MS and Phishing
27
Offensive Wetware (Attack Technology)
4th generation Rootkits
28
Offensive Wetware (Attack Technology)
Router and switch attacks
29
Offensive Wetware (Attack Technology)
Attacks difficult to deal with
Difficult to detectDifficult to analyzeSpread rapidly Tools are confidentialLimited Response tools
30
Agenda
Security Wetware (Basic Concept)Offensive Wetware (Attack Technology)Defensive Wetware (M2S Service)
31
New generation security trend=people oriented real-time security processSecurity as a service becomes mainstreamWetware becomes the key point
Defensive Wetware(M2S Service)
The developing process of Security Management
Phase I
Physical SecurityFocus on physical protection including computer center and data confidentialityFaults: Slow response, short of protection methods on electronic information
Phase II
Security Products
Focus on vulnerability and intrusion, implement firewalls anti-virus and IDS productsFaults: Only protect known security threats, not real-time
Phase III Real-time Security ProcessFull protection, real-time detection and expert response system
32
Defensive Wetware(M2S Service)
Defensive wetware faces more challenges • Information Security Management• Internal audit、Internal control• Sox/Cobit• ITIL/FISMA• COSO/Base II• SAS 70
Corporate Governance Corporate Governance
Business & Security Management OrganizationBusiness & Security Management Organization
Security SolutionsSecurity Solutions
PrivacyPrivacy IdentityIdentityManagementManagement
ApplicationApplicationIntegrityIntegrity
InfrastructureInfrastructureSecuritySecurity
BusinessBusinessContinuityContinuity
Business Business ProcessesProcesses
Security Security Management Management
ProcessesProcesses
IT IT Management Management
ProcessesProcesses
Compliance and MonitoringCompliance and Monitoring
Business Aligned Security Policies, Standards and StrategiesBusiness Aligned Security Policies, Standards and Strategies
Architecture and StandardsArchitecture and Standards
Corporate Governance Corporate Governance
Business & Security Management OrganizationBusiness & Security Management Organization
Security SolutionsSecurity Solutions
PrivacyPrivacy IdentityIdentityManagementManagement
ApplicationApplicationIntegrityIntegrity
InfrastructureInfrastructureSecuritySecurity
BusinessBusinessContinuityContinuity
Security SolutionsSecurity Solutions
PrivacyPrivacy IdentityIdentityManagementManagement
ApplicationApplicationIntegrityIntegrity
InfrastructureInfrastructureSecuritySecurity
BusinessBusinessContinuityContinuity
Business Business ProcessesProcesses
Security Security Management Management
ProcessesProcesses
IT IT Management Management
ProcessesProcesses
Business Business ProcessesProcessesBusiness Business ProcessesProcesses
Security Security Management Management
ProcessesProcesses
Security Security Management Management
ProcessesProcesses
IT IT Management Management
ProcessesProcesses
IT IT Management Management
ProcessesProcesses
Compliance and MonitoringCompliance and Monitoring
Business Aligned Security Policies, Standards and StrategiesBusiness Aligned Security Policies, Standards and StrategiesBusiness Aligned Security Policies, Standards and StrategiesBusiness Aligned Security Policies, Standards and Strategies
Architecture and StandardsArchitecture and StandardsArchitecture and StandardsArchitecture and Standards
33
Defensive Wetware(M2S Service)
Venustech brings up a brand-new security service M2S based on wetware
全心(People)
全程(Process)
全能(Technology)
People
TechnologyProcess
MMS(Managed Monitoring Service) M2,Sfocuses on Venustech professional monitoring technology and serviceMSS(Managed Security Service) M,2Sincarnates the joint of Venustech and international general trusteeship security serviceManagement To Security M to SClarifies the conception” Achieve security through management ” advocated by Venustech
34
Defensive Wetware(M2S Service)
M2S original motivitiesClient is the coreAims at problem solution
35
Defensive Wetware(M2S Service)
Expert Consulting
36
Expert Consulting
Defensive Wetware(M2S Service)
37
Defensive Wetware(M2S Service)
Managed Monitoring
38
Defensive Wetware(M2S Service)
紧急响应小组数据处理分析
中心
安全专家
防火墙其它安全相关系统、设备等
主机系统认证系统
数据收集合预处理系统
计算机安全事故紧急处理过程
监控中心
客户网络
Managed Monitoring
39
Defensive Wetware(M2S Service)
Integration Optimization
40
Defensive Wetware(M2S Service)
Implementation Exception
Network Optimization and System Harden Solution
Risk Evading Solution Based on Venustech Criterion and System Feature
Submit Implementation Solution Application
Client Affirm
System Harden Synchronized Record
Field Training
Second Assessment Affirm
Final Report
Activate Risk Evading Solution/Recovery
Continue
Modify Solution
Abort
Implementation
New Harden Solution
Everything OK
Security Harden Process
Integration Optimization
41
Defensive Wetware(M2S Service)
Knowledge Education
42
Defensive Wetware(M2S Service)
Knowledge Education
43
Defensive Wetware(M2S Service)
Alerts and Responses
44
Defensive Wetware(M2S Service)
Alerts and Responses
– OS Recovery
– Service Application Recovery
– Trace Intrusion– Entrap Intrusion
•Intrusion Analysis •Disaster Recovery •Intrusion Trace and Entrap•Consultation Optimization
QQ::Emergency ResponsesEmergency Responses————Only Fire FightingOnly Fire Fighting??
– Info Tamper– Vicious
Resource Consumption
– Virus Burst
– System Harden
– Perimeter Optimization
– Code security analysis
– System security evaluation
– Security Policy Consultation
45
Defensive Wetware(M2S Service)
Alerts and Responses
46
Defensive Wetware(M2S Service)
Alerts and Responses
Knowledge Education Integration Optimization
Managed Monitoring
Expert Consulting
M2S Service
47
Security Wetware (Basic Concept)Offensive Wetware (Attack Technology)Defensive Wetware (M2S Service)
Agenda
48沉静的力量;可信的保障沉静的力量;可信的保障Quiet Strength;Trusted Assurance