DOCSLIB.ORG

Self-Organizing High-Assurance Privacy

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Self-Organizing High-Assurance Privacy UPTEC IT 19015 Examensarbete 15 hp Augusti 2019 Self-Organizing High-Assurance Privacy Joakim Ingnäs & Nicole Tutsch Institutionen för informationsteknologi Department of Information Technology Abstract Self-Organizing High-Assurance Privacy Joakim Ingnäs & Nicole Tutsch Teknisk- naturvetenskaplig fakultet UTH-enheten When using a network, devices might have to securely communicate with one another. Issues arise when the devices are unaware of others in the network, or Besöksadress: when the devices have to be manually updated with the information about the Ångströmlaboratoriet Lägerhyddsvägen 1 devices they wish to communicate with. This presents an issue with bootstrapping Hus 4, Plan 0 over networks. Therefore, the question of how to make these devices find the relevant peers becomes a pressing one. In addition, the devices have to securely Postadress: exchange keys. In this paper, a solution is presented using a rendezvous point that Box 536 751 21 Uppsala acts as a gateway between a key distribution server and the clients. The architecture of the system consists of one rendezvous point, one key distribution Telefon: server, and multiple clients. The clients have to go through the rendezvous point in 018 – 471 30 03 order to reach the key distribution server. Two different protocols, RSA and Telefax: password-authenticated key exchange, are studied in order to understand which 018 – 471 30 00 one of them is superior in key exchange security. The result of the study is that the RSA protocol is faster than the password-authenticated key exchange protocol Hemsida: when applied to this solution. However, password-authenticated key exchange is http://www.teknat.uu.se/student seen as safer, as it applies security measures that RSA lacks. In this project, the system manages to have the clients routed from the rendezvous point to the key distribution center, and the key distribution server manages to send out information to the clients about their peers. In addition, the rendezvous manages to shield the key distribution center from some denial-of-service attack on the hardware. However, this solution is highly theoretical, and requires further research to be regarded as completely functional. Handledare: Tobias Laross Ämnesgranskare: Joachim Parrow Examinator: Lars-Åke Nordén ISSN: 1401-5749, UPTEC IT 19015 Tryckt av: Reprocentralen ITC Populärvetenskaplig sammanfattning I dagens samhälle är en stor del av alla datorer uppkopplade i ett nätverk, t.ex. internet. Eftersom alla dessa datorer måste kommunicera med varandra krävs det att de kan hitta varandra, så kallat "bootstrapping". Kommunikationen måste även ske på ett säkert sätt, så att ingen obehörig kan avlyssna vad som skickas. Detta presenterar, bland annat, två problem som måste lösas: hur ska datorer hitta varandra, och hur ska de förhandla fram nycklar på ett säkert sätt? I detta examensarbete har två olika protokoll för utbyte av nycklar: PAKE, "Password Authenticated Key Exchange" (autentisering med hjälp av lösenord), samt RSA (två olika nycklar). Dessa två skiljer sig markant, då RSA har två olika nycklar (en publik och en privat), och PAKE har symmetriska nycklar. Den viktiga delen av detta examensarbete är inkluderingen av en KDC, "Key distribu- tion center" (nyckeldistributionscenter), och en RP, "rendezvous point" (mötesplats). KDC har använts tidigare, i t.ex. implementationer av Kerberos, men RP är inte lika vanligt. Examensarbetet undersöker även de två tidigare nämnda protokol för att ta reda på vilket som var säkrare. Användandet av en RP, tillsammans med en KDC, undersöks för att ta reda på om den kunde bidra till att det blev enklare för klienter att hitta varandra. Två stationära datorer med Linux Ubuntu användes som KDC och RP, medan klienterna var Raspberry Pis. Attackerna var i deflesta fall två Macbook Pros. Klienterna hade förprogrammerat adressen och portarna till RP:n, för att försäkra sig om att de skulle hitta den. Efter att klienterna hade autentiserat sig skickade RP:n ett meddelande till klienterna. Detta meddelande innehöll IP och port till KDC:n. Klienterna kunde då koppla upp sig till KDC:n. Säkerheten i detta system undersöktes med hjälp av att attackera RP:n med en DoS och en DDoS-attack. Även en man-in-the-middle-attack testades, men gav bristfälliga resultat på grund av problem med verktyget som användes. Även en brute force attack skulle ha blivit utförd, men var endast teoretisk. Som slutresultat visade det sig att klienterna enkelt kan hitta RP:n, samt vidarekoppla sig till KDC:n. Därifrån får de meddelande om vilka klienter som var uppkopplade. Detta betyder att de två problemen som nämndes i början är lösta, inom en testmiljö. Dessu- tom skyddar RP:n KDC:n från DoS och DDoS-attackerna som attackerar hårdvaran. Det är endast när själva nätverket går ner som kommunikationen mellan KDC och klienterna upphör. Systemet är däremot inte redo för användning utanför en testmiljö. Resultatet somfinns i detta examensarbete ska endast användas som ett underlag för vidare forskning. i Contents 1 Introduction 1 2 The Problem 2 3 Background 2 3.1 Secure Networks . .................... 3 3.2 Peer-to-Peer . .................... 3 3.3 VPN . .................... 3 3.3.1 Tunneling . ................... 4 3.3.2 Dynamic Multipoint VPN . ........... 5 3.3.3 Requirements of a decentralized bootstrapping of P2P systems . 5 3.3.4 Existing solutions - Peer-based . 6 3.3.5 Existing solutions - Mediator-based . 7 3.4 Token-based authentication . ............. 7 3.5 IPSec . .................... 8 3.6 Encrypted Key Exchange . ................ 9 3.6.1 Diffie-Hellman Key Exchange . 9 3.6.2 RSA . .................... 10 3.6.3 Password Authenticated Key Exchange . 13 3.6.4 Secure Packager and Encoder Key Exchange . 14 3.7 Lattice-Based Cryptography . 14 3.7.1 LAC.CPA . ................... 16 3.7.2 LAC.CCA . ................... 20 3.7.3 LAC.AKE . ................... 21 3.8 Security of self-organizing networks . 22 3.9 Attacks . .................... 24 3.9.1 Denial-of-Service and Distributed Denial-of-Service . 24 3.9.2 Eavesdropping . 25 3.9.3 Man in the Middle . 26 3.9.4 ARP spoofing and poisoning . 27 3.9.5 Brute force attack . 27 3.9.6 VPN hijacking . 28 3.9.7 Sniffing ................... 29 3.10 Tools . .................... 29 3.10.1 Ettercap . ................... 29 3.10.2 bettercap . 30 3.10.3 XerXeS . ................... 30 3.11 Key Distribution Center . 30 4 Related work 32 ii 4.1 Group Encrypted Transport VPN . 33 4.1.1 Group Domain of Interpretation . 35 4.2 Internet Key Exchange Protocol Version 2 (IKEv2) . 36 4.3 Kerberos . .................... 36 4.4 Decentralized Bootstrapping in Pervasive Application . 37 4.5 Bootstrapping in ad hoc networks . 37 5 Design 38 5.1 Requirements . .................... 38 5.1.1 Key system attributes . 39 5.2 Design . .................... 39 5.2.1 PAKE . .................... 41 5.2.2 RSA . .................... 42 5.2.3 Rendezvous point . 42 6 Method 42 6.1 Hardware . .................... 43 6.1.1 Laptops . .................... 43 6.1.2 Raspberry Pis 3B+ . 43 6.1.3 Desktops . .................... 43 6.2 Implementation aspects common between PAKE and RSA . 44 6.2.1 The client . ................... 44 6.2.2 The rendezvous point . 45 6.2.3 The key distribution server . 45 6.2.4 Application programming interface . 46 6.3 PAKE . .................... 47 6.3.1 Client . .................... 47 6.3.2 Rendezvous point . 47 6.3.3 KDC . .................... 48 6.4 RSA . .................... 48 6.4.1 Client . .................... 49 6.4.2 Rendesvouz point . 49 6.4.3 KDC . .................... 50 6.5 Setting up the server . ................... 50 6.6 Attacks . .................... 50 6.6.1 DoS and DDoS . 50 7 Results 51 7.1 General testing . .................... 51 7.1.1 Robustness . 51 7.1.2 Theoretical scalability . 51 7.1.3 Efficiency . 52 iii 7.1.4 Authentication server . 53 7.2 DoS and DDoS-attack . 53 8 Discussion 55 8.1 Issues . .................... 57 8.1.1 General issues . 57 8.1.2 University-related issues . 57 8.1.3 LAC.AKE . ................... 58 8.1.4 Hardware . ................... 58 8.2 Answers to questions in section 2 . 59 8.3 Choice of protocols . ................... 61 8.4 Design . .................... 62 8.4.1 Requirements . 62 8.4.2 General design . 64 8.4.3 PAKE . .................... 65 8.4.4 RSA . .................... 66 8.4.5 Robustness . 67 8.4.6 Efficiency . 67 8.4.7 Scalability . ................... 68 8.4.8 Authentication server . 68 8.5 Method . .................... 69 8.5.1 Common method for PAKE and RSA . 69 8.5.2 PAKE . .................... 71 8.5.3 RSA . .................... 71 8.6 Attacks . .................... 71 8.6.1 MitM . .................... 72 8.6.2 DoS and DDoS . 73 8.6.3 Brute force . ................... 73 8.6.4 VPN hijacking . 74 8.7 Tools . .................... 74 8.8 Related work . .................... 75 8.8.1 GET VPN . ................... 75 8.8.2 IKEv2 . .................... 76 8.8.3 Kerberos . ................... 76 8.8.4 Decentralized bootstrapping in Pervasive Application . 77 8.8.5 Bootstrapping.
Load more

Recommended publications
  • “Hacktivists” Strike Back
    SECUrITY AGENCE FRANCE-PRESSE Supporters of Wikileaks founder Julian Assange “Hacktivists” Strike Back wear Guy Fawkes masks Cyber attacks on financial institutions serve as they demonstrate against his arrest in as a warning sign Amsterdam in December 2010. The “Hacktivist” in december 2010, the websites of international financial services gi- group “Anonymous” has ants Visa, Mastercard and PayPal were temporarily shut down, victims adopted the Guy Fawkes of a coordinated cyber attack dubbed Operation Payback by its per- image as its public face. petrators. “Hacktivists” who support wikileaks and its founder Julian assange attacked after the companies terminated service and disabled donations to the website. The economic impact of the attack remains unclear and the tar- geted companies denied suffering consequential losses. but the attackers, using the names “anon” and “anonymous,” demonstrated the ability of cyber attacks to infiltrate and damage businesses and government agencies. A modern form of protest Amazon, the online retailer that hosted Anonymous didn’t protest by chanting slogans Wikileaks on its servers, was the first to pull out. or waving signs — it struck against Wikileaks’ Visa, MasterCard and PayPal soon followed, perceived enemies in the spirit of the virtual essentially crippling Wikileaks’ ability to accept world they share. Wikileaks, whose raison d'être is donations that support publishing efforts. The exposing classified or confidential government cyber attacks started soon after. or corporate information, is under pressure When Anonymous staged its attack in the vir- from the United States and other governments tual world, it used a favorite weapon of the cyber after leaking more than 250,000 U.S.
    [Show full text]
  • Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men
    Zerohack Zer0Pwn YourAnonNews Yevgeniy Anikin Yes Men YamaTough Xtreme x-Leader xenu xen0nymous www.oem.com.mx www.nytimes.com/pages/world/asia/index.html www.informador.com.mx www.futuregov.asia www.cronica.com.mx www.asiapacificsecuritymagazine.com Worm Wolfy Withdrawal* WillyFoReal Wikileaks IRC 88.80.16.13/9999 IRC Channel WikiLeaks WiiSpellWhy whitekidney Wells Fargo weed WallRoad w0rmware Vulnerability Vladislav Khorokhorin Visa Inc. Virus Virgin Islands "Viewpointe Archive Services, LLC" Versability Verizon Venezuela Vegas Vatican City USB US Trust US Bankcorp Uruguay Uran0n unusedcrayon United Kingdom UnicormCr3w unfittoprint unelected.org UndisclosedAnon Ukraine UGNazi ua_musti_1905 U.S. Bankcorp TYLER Turkey trosec113 Trojan Horse Trojan Trivette TriCk Tribalzer0 Transnistria transaction Traitor traffic court Tradecraft Trade Secrets "Total System Services, Inc." Topiary Top Secret Tom Stracener TibitXimer Thumb Drive Thomson Reuters TheWikiBoat thepeoplescause the_infecti0n The Unknowns The UnderTaker The Syrian electronic army The Jokerhack Thailand ThaCosmo th3j35t3r testeux1 TEST Telecomix TehWongZ Teddy Bigglesworth TeaMp0isoN TeamHav0k Team Ghost Shell Team Digi7al tdl4 taxes TARP tango down Tampa Tammy Shapiro Taiwan Tabu T0x1c t0wN T.A.R.P. Syrian Electronic Army syndiv Symantec Corporation Switzerland Swingers Club SWIFT Sweden Swan SwaggSec Swagg Security "SunGard Data Systems, Inc." Stuxnet Stringer Streamroller Stole* Sterlok SteelAnne st0rm SQLi Spyware Spying Spydevilz Spy Camera Sposed Spook Spoofing Splendide
    [Show full text]
  • Wikileaks – Following the Cybertrail
    4/9/11 WikiLeaks – Following the Cybertrail 2011 VT InfraGard WikiLeaks Synposium Dr. Peter Stephenson, CISSP, CISM, FICAF Director, NUCAC-DF and CISO Norwich University A Tail of Digital Forensics and Anti- Forensics The players PFC Bradley Manning Julian Assange Adrian Lamo Kevin Poulsen Glen Greenwald Chet Uber Mark Rasch Kim Zetter Tyler Watkins David Finkel John Cook Ellen Nakashima Numerous other writers and journalists 1 4/9/11 The Timeline in Brief* 2008: U.S. Army Counterintelligence Center prepares a classified report placing WikiLeaks on “the list of the enemies threatening the security of the United States.” That Report discussed ways to destroy WikiLeaks’ reputation and efficacy, and emphasized creating the impression that leaking to it is unsafe. October: Manning enters the Army as a private 2009: November 24: Per chat logs, Manning said he first started working with Wikileaks after release of 9/11 pager messages, which was first announced on November 24, 2009 November 19: Earliest possible day Manning downloaded “Collateral Murder” video & all charges except accessing the Rejkjavik 13 cables, per Charge Sheet (Spec. 2 & 4) November 1: Earliest date for which government subpoenas Wikileaks related twitter accounts October: Manning arrives in Iraq. http://firedoglake.com/bradley-manning-wikileaks-timeline/ 2010: January 21: Manning leaves for US February 11: Manning returns to Baghdad from US February: Manning gives Wikileaks the video of the 2007 Army helicoper attack on Iraqi insurgents, according to Adrian Lamo in the Washington Post February 18 Wilikeaks publishes Rejkjavik cable dated January 13, 2010. According to the Manning/Lamo chat transcripts, after the leak Manning tracked the Northern Europe Diplomatic Security Team tailing Assange in Sweden.
    [Show full text]
  • Hacktivism, Anonymous & a New Breed of Protest in a Networked World
    HACKTIVISM, ANONYMOUS & A NEW BREED OF PROTEST IN A NETWORKED WORLD Noah C.N. Hampson Introduction Early on the morning of November 30, 2010, WikiLeaks.org came under assault by a hacker known as ‚th3j35t3r‛ (The Jester).1 By launching what is known as a denial of service (DoS) attack with soft- ware of his own invention, The Jester overwhelmed WikiLeaks’ serv- ers with requests for information.2 WikiLeaks.org soon crashed, and remained down for over a day.3 Days before, WikiLeaks made interna- tional headlines by posting on its website roughly 250,000 classified documents stolen from the U.S. government.4 On his Twitter feed, The Jester claimed credit: ‚www.wikileaks.org — TANGO DOWN — for attempting to endanger the lives of our troops, ‘other assets’ & foreign relations #wikileaks #fail‛.5 To get its web site back online, WikiLeaks promptly switched hosting providers and began renting bandwidth from Amazon.com.6 DoS and other attacks against WikiLeaks continued, but were unsuc- cessful.7 Shortly thereafter, however, Amazon ousted WikiLeaks from 1 Sean-Paul Correll, ‘Tis the Season of DDoS – WikiLeaks Edition, PandaLabs Blog (Dec. 4, 2010), http://pandalabs.pandasecurity.com/tis-the-season-of-ddos-wikileaks-editio/. 2 See Neil J. Rubenkind, WikiLeaks Attack: Not the First by th3j35t3r, PC (Nov. 29, 2010), http://www.pcmag.com/article2/0,2817,2373559,00.asp 3 See Correll, supra note 1. 4 See Scott Shane & Andrew W. Lehren, Leaked Cables Offer Raw Look at U.S. Diplomacy, N.Y. Times, Nov. 29, 2010, at A1, available at http://www.nytimes.com/2010/11/29/world/29cables.html.
    [Show full text]
  • Issue 19 | August 12, 2013 and RADIO ONE
    Issue 19 | August 12, 2013 AND RADIO ONE NATIONWIDE TOUR 2013 SAMMYS 65 Crawford Street, Dunedin FRIDAY 23rd AUGUST TICKETS AVAILABLE FROM COSMIC CORNER STORES AND ONLINE FROM WWW.EVENTFINDER.CO.NZ Support from SUMMER THIEVES and DAVE BOOGIE Hosted by MAX DAD E 2 | Issue 19 | Critic The IN ASSOCIATION WITH NEW ZEALAND SYMPHONY ORCHESTRA UNBEATABLE STUDENT presents – DEALS WORLDWIDE MAGNIFICENT PARIS LONDON BALI MOZART ONE WAY ONE WAY RETURN FROM$889 FROM$979 FROM $999 MOZART The Abduction from the Seraglio: Overture ALL AGES ALL AGES ALL AGES MOZART Sinfonia Concertante MOZART Symphony No.40 BANGKOK LOS ANGELES EUROPE The ultimate RETURN RETURN RETURN FROM $1069 FROM$1349 FROM$1849 Mozart STUDENT/UNDER 26 STUDENT/UNDER 26 STUDENT/UNDER 26 experience ROUND THE WORLD FROM $2099 Wed 21 Aug STUDENT/UNDER 26 andrew 6.30pm GraMs – duNEdIN CONduCTOR Town Hall Vesa-Matti UP TO 10% OFF CONTIKI Leppänen – Scan to listen PLUS EUROPE WINTER TOURS VIOLIN JULia JOYCe – COME AND SEE THE TEAM AT STA TRAVEL TODAY! VIOLA 207a George Street (inside Starbucks) For ticket details go to P: 03 474 0146 E: [email protected] nzso.co.nz Terms and conditions apply, ask in -store for details. 18 to 35? Get cheap tickets at nzso.co.nz/pya Critic | Issue 19 | 3 EDITOR Sam McChesney DePUTY EDITOR Zane Pocock SUB EDITOR Sarah MacIndoe TeCHNICAL EDITOR 20 Sam Clark FEATURE DesIGNER 29 | Big Brothers-At-Arms Daniel Blackball We live in an age of surveillance, in which our lives are policed by social norms and groupthink.
    [Show full text]
  • (Ddos) Attacks
    Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites Ethan Zuckerman, Hal Roberts, Ryan McGrady, Jillian York, John Palfrey† The Berkman Center for Internet & Society at Harvard University December 2010 † Ethan Zuckerman is a senior researcher at the Berkman Center for Internet & Society. Hal Roberts is a fellow at the Berkman Center. Ryan McGrady is a PhD student at North Carolina State University. Jillian York is a staff member at the Berkman Center. John Palfrey is a faculty co-director of the Berkman Center. 1 Table of Contents 1. Executive Summary 3 2. Introduction 6 3. Background 8 3.1. Core vs. Edge 9 3.2. A Brief History of DDoS 11 3.3. Current State of the Art 13 3.4. How DDoS Works 15 3.5. Mitigating DDoS 21 3.6. Additional Attacks 23 4. Research 25 4.1. Media Review 25 4.2. Survey 33 4.3. Interviews 38 4.4. Working Meeting 42 5. Recommendations 48 6. Glossary 58 2 1. Executive Summary Our research begins with the idea that Distributed Denial of Service (DDoS) is an increasingly common Internet phenomenon and is capable of silencing Internet speech, usually for a brief interval but occasionally for longer. We explore the specific phenomenon of DDoS attacks on independent media and human rights organizations, seeking to understand the nature and frequency of these attacks, their efficacy, and the responses available to sites under attack. Our report offers advice to independent media and human rights sites likely to be targeted by DDoS but comes to the uncomfortable conclusion that there is no easy solution to these attacks for many of these sites, particularly for attacks that exhaust network bandwidth.
    [Show full text]
  • The Jester Free
    FREE THE JESTER PDF James Patterson,Andrew Gross | 544 pages | 01 Mar 2004 | Headline Publishing Group | 9780755300204 | English | London, United Kingdom The Jester Race - Wikipedia As The Jester celebrates its 30th birthday, we have six shows to get you ready for those pivotal years of your life Get some streaming picks. Set four years after the Portuguese revolution and the simultaneous loss of the Portuguese empire in Africa, the story concerns a director who sells guns to finance his play. The idea of combining the action with performance of a play is good, but the way it is done is The Jester than a little confusing. Perhaps you need to be Portuguese to understand this one. Looking for some great streaming picks? Check out some of the IMDb editors' favorites movies and shows to round out The Jester Watchlist. Visit our What to Watch page. Sign In. Keep track of everything you watch; tell your friends. Full Cast and Crew. Release Dates. Official Sites. Company Credits. Technical The Jester. Plot Summary. Plot Keywords. Parents Guide. External Sites. User Reviews. User Ratings. External Reviews. Metacritic Reviews. Photo Gallery. Trailers and Videos. Crazy Credits. Alternate Versions. Rate This. Added to Watchlist. Portugal: watchlist. Share this Rating Title: The Jester 6. Use the The Jester below. You must be a registered user to use the IMDb rating plugin. Photos Add Image Add an image Do you have any images for this title? Edit Cast Cast overview, first billed only: Fernando Heitor Cousin Raul Solnado Undercover Agent Rui Lopes Undercover Agent Bernardo Figueiredo Sailor Pedro Martins Edit Storyline Set four years after the Portuguese revolution and the simultaneous loss of the Portuguese empire in Africa, the story concerns a director who sells guns to finance his play.
    [Show full text]
  • Digital Democracy and the Impact of Technology on Governance and Politics: New Globalized Practices
    Digital Democracy and the Impact of Technology on Governance and Politics: New Globalized Practices Christina Akrivopoulou Democritus University of Thrace, Greece Nicolaos Garipidis Aristotle University of Thessaloniki, Greece Managing Director: Lindsay Johnston Editorial Director: Joel Gamon Book Production Manager: Jennifer Yoder Publishing Systems Analyst: Adrienne Freeland Development Editor: Monica Speca Assistant Acquisitions Editor: Kayla Wolfe Typesetter: Christina Henning Cover Design: Jason Mull Published in the United States of America by Information Science Reference (an imprint of IGI Global) 701 E. Chocolate Avenue Hershey PA 17033 Tel: 717-533-8845 Fax: 717-533-8661 E-mail: [email protected] Web site: http://www.igi-global.com Copyright © 2013 by IGI Global. All rights reserved. No part of this publication may be reproduced, stored or distributed in any form or by any means, electronic or mechanical, including photocopying, without written permission from the publisher. Product or company names used in this set are for identification purposes only. Inclusion of the names of the products or companies does not indicate a claim of ownership by IGI Global of the trademark or registered trademark. Library of Congress Cataloging-in-Publication Data Digital democracy and the impact of technology on governance and politics: new globalized practices / Christina Akrivo- poulou and Nicolaos Garipidis, editors. p. cm. Includes bibliographical references and index. Summary: “This book brings together a detailed examination of the new ideas on electronic citizenship, electronic democracy, e-governance, and digital legitimacy, combining theory with the study of law and public policy”-- Provided by publisher. ISBN 978-1-4666-3637-8 -- ISBN 978-1-4666-3638-5 (ebook) -- ISBN 978-1-4666-3639-2 (print & perpetual access) 1.
    [Show full text]
  • Download Hacker's Almanac
    A FIELD GUIDE to Understanding the Tactics, Techniques and Attack Vectors Used by Cybercriminals TABLE OF CONTENTS INTRODUCTION: THE EVOLVING THREAT LANDSCAPE ................................................................................... 1 1.0 CYBERTHREATS 1.1 BOTNETS ....................................................................................................................... 2 1.2 CONSUMER TOOLS........................................................................................................ 5 1.3 DEFACEMENTS .............................................................................................................. 8 1.4 EXPLOIT KITS ................................................................................................................ 11 1.5 RANSOMWARE .............................................................................................................. 13 1.6 TROJANS ....................................................................................................................... 15 2.0 THREAT ACTORS 2.1 ADVANCED PERSISTENT THREAT (APT) ...................................................................... 18 2.2 DENIAL-OF-SERVICE (DOS) GROUPS ............................................................................ 21 2.3 HACKTIVISTS ................................................................................................................ 23 2.4 INSIDERS ....................................................................................................................... 26 2.5
    [Show full text]
  • Systémový Model Protidžihádistického Vigilantismu
    MASARYKOVA UNIVERZITA Fakulta sociálních studií Katedra politologie Mgr. Jakub Drmola Kybernetická bezpečnost: systémový model protidžihádistického vigilantismu Disertační práce Školitel: prof. JUDr. PhDr. Miroslav Mareš, Ph.D. Brno 2017 Čestné prohlášení Čestně prohlašuji, že jsem disertační práci s názvem Kybernetická bezpečnost: systémový model protidžihádistického vigilantismu vypracoval samostatně a uvedl veškerou použitou literaturu a prameny. V Brně dne 20. 9. 2017 Jakub Drmola 1 Poděkování Za odborné vedení a pomoc v průběhu celého mého studia si v prvé řadě zaslouží velké poděkování Miroslav Mareš. Za podněty, spolupráci, kritiku, trpělivost a plamenné akademické rozepře na půdě naší fakulty i mimo ni bych chtěl poděkovat především Petře Vejvodové, Janu Hanzelkovi a Vendule Divišové. Vděk si zaslouží také všichni bývalí i současní kolegové z našeho oboru, kteří mě motivovali, rozvíjeli a společně tvořili a stále tvoří plodné prostředí. Pronikání do konceptuálních a metodologických tajů dynamických systémů, jejich modelů a simulací by nepochybně bylo o poznání pomalejší a méně příjemné, kdyby mne při něm neprovázeli Tomáš Hubík, Niels van Rosmalen, Jonas Matheus, Tim Clancy a mnoho dalších mentorů a kolegů z UiB, EMSD a SDS. I jim všem patří můj dík. V neposlední řadě musím poděkovat své rodině a přátelům za neutuchající podporu během studia i mimo něj a za tolik potřebná rozptýlení, bez nichž by průchod doktorským studiem nebyl možný. 2 Anotace Tato disertační práce se zabývá povahou a vlivem protidžihádistického vigilantismu v kyberprostoru na džihádismem motivovaný terorismus, a to zejména z hlediska počtu útoků a množství jejich obětí. K tomuto účelu je sestaven hybridní stochastický model, který stojí na metodách Systémové dynamiky a principech mocninných zákonů.
    [Show full text]
  • Targets and Combatants 2
    © Yurii Andreichyn/Shutterstock. © Yurii CHAPTER Targets and Combatants 2 HE HISTORY YOU LEARN IN SCHOOL is fi lled with stories of military victories and losses. When the word war is mentioned, people immediately conjure Tup images of armies marching off to fi ght. Over thousands of years of documented human warfare, people have become used to identifying a variety of traditionally accepted military targets. These include military bases, vehicles, groups of soldiers, and infrastructure that supports military operations. Many of the same targets exist in cyberwarfare. An enemy can attack strategically important military units, facilities, infrastructure, vehicles, and, more recently, the control systems for drones. The variety of targets and combatants who may participate in cyberwarfare is broad. Further, many of the countries considered to have signifi cant cyberwarfare capabilities typically do not make public their doctrines for cyberwarfare. This chapter discusses both operational concepts for the U.S. Department of Defense (DoD) and concepts that expand the ideas of cyberwar beyond those currently accepted as part of U.S. information operations doctrine. Thus, it explores the wider potential boundaries of a constantly changing form of warfare. As you read this chapter, keep in mind that U.S. cyberspace operations doctrine defi nes three cyberspace missions: offensive cyberspace operations (OCO), defensive cyberspace operations (DCO), and DODIN operations, which are DoD operational actions to secure, confi gure, operate, and maintain the DoD’s systems and capabilities. The United States also defi nes Information Operation (IO) as “the application of force and the employment of information with the goal of affecting the perception and will of adversaries” and in terms of seven components: computer network attack (CNA), computer network defense (CND), intelligence gathering, electronic warfare, computer network espionage (CNE), psychological operations (PSYOPS), and operations security.
    [Show full text]
  • Conversation with Sabu at 3/30/2012 4:38:56 AM on M45t3rs4d0w8 (Aim)
    Conversation with sabu at 3/30/2012 4:38:56 AM on m45t3rs4d0w8 (aim) Conversation with sabu at 3/30/2012 4:38:56 AM on m45t3rs4d0w8 (aim) (4:38:56 AM) Sabu: Yo (4:39:07 AM) Sabu: Sang? (4:39:35 AM) m45t3rs4d0w8: lolwhat? (4:39:58 AM) Sabu: what up ninja (4:40:10 AM) m45t3rs4d0w8: this is rather odd :P (4:41:23 AM) m45t3rs4d0w8: how can you be sabu? (4:42:01 AM) Sabu: Well first off keep this convo priv8. I trusted you before I know I can again (4:42:08 AM) Sabu: And ask me anything from our last convos (4:42:31 AM) m45t3rs4d0w8: that I can do (4:43:03 AM) m45t3rs4d0w8: and I think I'll play it by ear (4:43:28 AM) Sabu: Word (4:43:43 AM) Sabu: how's it going brother? (4:43:58 AM) m45t3rs4d0w8: pretty good (4:44:04 AM) m45t3rs4d0w8: just surprised at the im :P (4:44:13 AM) m45t3rs4d0w8: you? (4:44:37 AM) Sabu: I'm good. I hope you weren't one of those who believed the medias bullshit (4:44:47 AM) m45t3rs4d0w8: nada (4:44:50 AM) Sabu: I think more non-anons questioned foxnews and media than actual anons did (4:45:03 AM) Sabu: Sadly (4:45:17 AM) m45t3rs4d0w8: it looked more and more like some kind of false flag op (4:45:22 AM) m45t3rs4d0w8: the more I looked into it (4:46:42 AM) m45t3rs4d0w8: the legal docs where not legal (4:47:06 AM) m45t3rs4d0w8: and it seems a bit of a stretch to have agents 24/7 watching you (4:49:28 AM) Sabu: Let's just say foxnews made so much shit up and ran with it.
    [Show full text]