Advanced Cyber Security Techniques (PGDCS-07)
Total Page:16
File Type:pdf, Size:1020Kb
Post-Graduate Diploma in Cyber Security Advanced Cyber Security Techniques (PGDCS-07) Title Advanced Cyber Security Techniques Advisors(CEMCA) Mr. R. Thyagarajan, Head, Admn. & Finance and Acting Director, CEMCA Dr. Manas Ranjan Panigrahi, Program Officer(Education), CEMCA Editor Mr. Manish Koranga, Senior Consultant, Wipro Technologies, Bangalore Block I> Unit I, Unit II, Unit III & Unit Mr. Ashutosh Bahuguna, Scientist- Indian IV Computer Emergency Response Team (CERT-In), Department of Electronics & IT, Ministry of Communication & IT, Government of India Block II> Unit I, Unit II, Unit III & Unit Mr. Sani Abhilash, Scientist- Indian IV Computer Emergency Response Team Block III> Unit I, Unit II, Unit III & Unit (CERT-In), Department of Electronics & IT, IV Ministry of Communication & IT, Government of India ISBN: 978-93-84813-95-6 Acknowledgement The University acknowledges with thanks the expertise and financial support provided by Commonwealth Educational Media Centre for Asia(CEMCA), New Delhi, for the preparation of this study material. Uttarakhand Open University, 2016 © Uttarakhand Open University, 2016. Advanced Cyber Security Techniques is made available under a Creative Commons Attribution Share-Alike 4.0 Licence (international): http://creativecommons.org/licenses/by-sa/4.0/ It is attributed to the sources marked in the References, Article Sources and Contributors section. Published by: Uttarakhand Open University INDEX BLOCK I .................................................................................................................................. 15 1.1 LEARNING OBJECTIVES .................................................................................................. 1 1.2 INTRODUCTION................................................................................................................. 1 1.3 NETWORK ATTACKS ........................................................................................................ 1 1.3.1 Man-in-the-Middle (MITM) Attack ................................................................................1 1.3.2 Replay Attack .................................................................................................................2 1.3.3 Denial of Service (DoS) and Distributed Denial of Service (DDoS) ................................2 1.3.4 Password Based Attacks .................................................................................................3 1.3.5 Spoofing .........................................................................................................................4 1.3.6 Eavesdropping ................................................................................................................4 1.3.7 Installation of malicious programs - Backdoor or rooting ................................................4 1.4 THREAT LANDSCAPE - NETWORK SECURITY ............................................................. 5 1.4.1 Threats to watch .............................................................................................................5 1.4.1.1 Hactivist attacks .......................................................................................................5 1.4.1.2 DDoS Attacks ..........................................................................................................5 1.4.1.3 TOR- Onion Routing ...............................................................................................5 1.4.1.4 Web application attacks ...........................................................................................6 1.4.1.5 Malware propagation through Web ..........................................................................6 1.4.1.6 Targeted Attacks ......................................................................................................6 1.4.1.7 Exploit Pack Toolkit ................................................................................................6 1.4.1.8 Ransomware ............................................................................................................7 1.4.1.9 Attacks targeting Industrial Control Systems Networks ............................................7 1.4.1.10 Social Network Sites (SNS) Threats .......................................................................8 1.4.1.11 Threats to Mobile Devices and Mobile Communication .........................................8 1.4.1.12 Threats to Client System ........................................................................................9 1.4.1.13 Attacks on Certifying Authorities - Trust Infrastructure..........................................9 1.4.2 Emerging Threats ......................................................................................................... 10 1.4.2.1 Emerging threats targeting Industrial Control Systems (ICS) ................................. 10 1.4.2.2 Emerging Threats to cloud computing environment ............................................... 10 1.4.2.3 Emerging threats in Big Data ................................................................................. 11 1.4.2.4 Emerging threats in Internet of Things ................................................................... 12 1.4 CASE STUDY .................................................................................................................... 12 Case Study - Operation Payback and similar activist operations ............................................ 12 1.7 LET US SUM UP ............................................................................................................... 15 1.8 CHECK YOUR PROGRESS .............................................................................................. 15 1.9 MODEL QUESTIONS ........................................................................................................ 16 2.1 LEARNING OBJECTIVES ................................................................................................ 17 2.2 INTRODUCTION............................................................................................................... 17 2.3 FIREWALL ........................................................................................................................ 17 2.3.2.1 Network Firewalls ................................................................................................. 20 2.3.2.2 Host-Based Firewalls ............................................................................................. 21 2.3 INTRUSION DETECTION AND PREVENTION SYSTEM .............................................. 22 2.3.1 IDPS - Detection Technologies ..................................................................................... 23 2.3.1.2 Anomaly-Based Detection ..................................................................................... 23 2.3.1.3 Stateful Protocol Analysis ...................................................................................... 23 2.3.2 Types of Intrusion Detection and Prevention system (IDPS) ......................................... 24 2.3.2.1 Network Based Intrusion Detection and Prevention Systems (NBIDPS) ................ 24 2.3.2.2 Host Based Intrusion Detection and Prevention System (HBIDPS) ........................ 25 2.3.2.3 Wireless Intrusion Detection and Prevention Systems (WIDPS) ............................. 26 2.3.2.4 Network Behavior Analysis (NBA) ........................................................................ 26 2.4 SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) ............................. 26 2.5 HONEYPOT ....................................................................................................................... 28 2.6 LET US SUM UP ............................................................................................................... 29 2.7 CHECK YOUR PROGRESS .............................................................................................. 30 2.8 ANSWERS TO CHECK YOUR PROGRESS ..................................................................... 30 2.9 FURTHER READINGS ...................................................................................................... 31 2.10 MODEL QUESTIONS ...................................................................................................... 31 3.1 LEARNING OBJECTIVES ................................................................................................ 32 3.2 INTRODUCTION............................................................................................................... 32 3.3NETWORK INFRASTRUCTURE SECURITY BEST PRACTICES................................... 32 3.3.1 Threats to the organization network Infrastructure ........................................................ 32 3.3.2 Best practices for network infrastructure security .......................................................... 33 3.3.2.1 Secure the Network Infrastructure Edge ................................................................. 33 3.3.2.2 Protect Infrastructure Device Access ...................................................................... 33 3.3.2.3 Routing infrastructure Security .............................................................................. 34 3.3.2.5 Monitoring, Analysis and Correlation .................................................................... 35 3.3.2.6 Network Policy Enforcement ................................................................................. 37 3.3.2.7 Switching Infrastructure Security ..........................................................................