DOCSLIB.ORG

D2.5 Threat Actors' Attack Strategies

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
D2.5 Threat Actors' Attack Strategies Advanced Cyber–Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things Grant Agreement: 786698 D2.5 Threat actors’ attack strategies Work Package 2: Cyber–threat landscape and end–user requirements Document Dissemination Level PU Public X CO Confidential, only for members of the Consortium (including the Commission Services) Document Due Date: 31/12/2018 Document Submission Date: 31/12/2018 Co–funded by the Horizon 2020 Framework Programme of the European Union D2.5 Threat actors’ attack strategies Document Information Deliverable number: D2.5 Deliverable title: Threat actors’ attack strategies Deliverable version: 1.00 Work Package number: WP2 Work Package title: Cyber–threat landscape and end–user requirements Due Date of delivery: 31/12/2018 Actual date of delivery: 31/12/2018 Dissemination level: PU Editor(s): Konstantinos Limniotis (UOP) Contributor(s): Nicholas Kolokotronis, Costas Vassilakis, Nicholas Kalouptsidis, Konstantinos Limniotis, Konstantinos Ntemos, Christos–Minas Mathas, Konstantinos–Panagiotis Grammatikakis (UOP) Dimitris Kavallieros, Giovana Bilali (KEMEA) Stavros Shiaeles, Bogdan Ghita, Julian Ludlow, Salam Ketab, Hussam Mohammed, Abdulrahman Alruban (CSCAN) Reviewer(s): Pavué Clément (SCORECHAIN) Michele Simioli (MATHEMA) Project name: Advanced Cyber–Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things Project Acronym Cyber–Trust Project starting date: 01/05/2018 Project duration: 36 months Rights: Cyber–Trust Consortium Copyright Cyber–Trust Consortium. All rights reserved. 2 D2.5 Threat actors’ attack strategies Version History Version Date Beneficiary Description 0.10 22/10/2018 UOP Proposed deliverable’s outline 0.15 06/11/2018 UOP Initial text in Section 5 has been written 0.20 11/11/2018 UOP First draft of Section 4 0.25 30/11/2018 UOP First draft of Section 5 0.30 07/12/2018 UOP First draft of Section 3 0.35 09/12/2018 UOP New material added, presentation enhancements, and structural changes 0.40 14/12/2018 UOP First draft of Section 1 0.45 15/12/2018 CSCAN First draft of Section 8 0.50 17/12/2018 KEMEA First draft of Section 7 0.55 18/12/2018 UOP First draft of Section 6 0.60 18/12/2018 UOP First draft of Section 2 0.65 19/12/2018 UOP Final draft of deliverable sent for review 1.00 30/12/2018 UOP Accommodation of review comments and other minor corrections Copyright Cyber–Trust Consortium. All rights reserved. 3 D2.5 Threat actors’ attack strategies Acronyms ACRONYM EXPLANATION ACT Attack Countermeasure Tree ADT Attack Defense Tree AFT Attack Fault Tree AG Attack graph AIV Annual Infrastructure Value ALE Annual Loss Expectancy API Application Programming Interface ARC Annual Response Cost ART Attack response Tree AT Attack tree BAG Bayesian Attack Graph CAG Core Attack Graph CMS Content Management System CoAG Conservative Attack Graph CPE Common Platform Enumeration CSV Comma–Separated Values CUI Character User Interface CVE Common Vulnerabilities and Exposures CVRF Common Vulnerability Reporting Format CVSS Common Vulnerability Scoring System CWE Common Weakness Enumeration DAG Directed Acyclic Graph DDoS Distributed Denial of Service DNS Domain Name Server DT Defense Tree EDG Exploit Dependency Graph eVDB enriched Vulnerability Data Base GCF Greenbone Community Feed GPL General Public License GPO Group Policy Object GPRS General Packet Radio Service GPS Global Positioning System GrSM Graphical Security Model GSF Greenbone Security Feed HARM Hierarchical Attack Representation Model HTTP Hypertext Transfer Protocol HVAC Heating, Ventilation, and Air Conditioning IDPS Intrusion Detection and Prevention System IDS Intrusion Detection System IEC International Electrotechnical Commission iIRS intelligent Intrusion Response System Copyright Cyber–Trust Consortium. All rights reserved. 4 D2.5 Threat actors’ attack strategies IoT Internet of Things IPS Intrusion Prevention System ISO International Standards Organization LGA Logical Attack Graph NASL Nessus Attack Scripting Language NCCIC National Cybersecurity and Communications Integration Center NFC Near Field Communication NGFW Next Generation FireWall NIST National Institute of Standards and Technology NSE Nmap Scripting Engine NVD National Vulnerability Database OS Operating System OSINT Open–Source INTelligence OVAL Open Vulnerability and Assessment Management OWAT Ordered Weighted Averaging Tree PAG Personalized Attack Graph PCAP Packet Capture PT Protection Tree RDF Resource Description Framework RM Risk Mitigation SCAP Security Content Automation Protocol SCT Security Compliance Toolkit SDN Software Defined Network SNMP Simple Network Management Protocol SQL Structured Query Language TCP Transmission Control Protocol TMS Trust Management Service TVA Topological Vulnerability Analysis UDP User Datagram Protocol UI User Interface URI Uniform Resource Identifier URL Uniform Resource Locator VDB Vulnerability Data Base VM Virtual Machine VPN Virtual Private Network XML eXtensible Markup Language Copyright Cyber–Trust Consortium. All rights reserved. 5 D2.5 Threat actors’ attack strategies Table of Contents 1. Introduction ................................................................................................................................. 13 1.1 Purpose of the document ................................................................................................................ 13 1.2 Relations to other activities in the project ....................................................................................... 14 1.3 Structure of the document .............................................................................................................. 14 2. Methodology ................................................................................................................................ 15 3. Information acquisition ................................................................................................................. 18 3.1 Network topology and host connectivity ......................................................................................... 18 3.1.1 List of tools considered ....................................................................................................... 20 3.1.1.1 Nmap .................................................................................................................... 20 3.1.1.2 Angry IP scanner .................................................................................................. 21 3.1.1.3 Unicornscan ......................................................................................................... 22 3.1.1.4 Dipiscan ................................................................................................................ 22 3.1.1.5 Masscan ............................................................................................................... 23 3.1.1.6 Scanrand .............................................................................................................. 23 3.1.1.7 Zmap .................................................................................................................... 23 3.1.1.8 NetCrunch tools ................................................................................................... 24 3.1.1.9 MyNet toolset ...................................................................................................... 24 3.1.1.10 LanTopoLog .......................................................................................................... 25 3.1.1.11 Spiceworks NM .................................................................................................... 25 3.1.1.12 NetworkMiner...................................................................................................... 25 3.1.1.13 PcapViz ................................................................................................................. 26 3.1.1.14 Skydive ................................................................................................................. 26 3.1.1.15 Maltego ................................................................................................................ 27 3.1.1.16 Netglub ................................................................................................................ 27 3.1.1.17 Dnsdumpster.com................................................................................................ 28 3.1.1.18 Spiderfoot ............................................................................................................ 28 3.1.1.19 ReconDog ............................................................................................................. 29 3.1.2 Comparative analysis .......................................................................................................... 29 3.2 Vulnerability scanning ...................................................................................................................... 32 3.2.1 Tools and scanning taxonomies .......................................................................................... 32 3.2.2 Comparison criteria choice ................................................................................................. 33 3.2.3 List of tools considered ....................................................................................................... 35 3.2.3.1 OpenVAS .............................................................................................................. 35 3.2.3.2 Nessus
Load more

Recommended publications
  • An Internet-Wide View of Internet-Wide Scanning
    This paper appeared in Proceedings of the 23rd USENIX Security Symposium, August 2014. An Internet-Wide View of Internet-Wide Scanning Zakir Durumeric Michael Bailey J. Alex Halderman University of Michigan University of Michigan University of Michigan [email protected] [email protected] [email protected] Abstract scanning, and successfully fingerprint ZMap and Mass- can. We present a broad view of the current scanning While it is widely known that port scanning is widespread, landscape, including analyzing who is performing large neither the scanning landscape nor the defensive reactions scans, what protocols they target, and what software and of network operators have been measured at Internet scale. providers they use. In some cases we can determine the In this work, we analyze data from a large network tele- identity of the scanners and the intent of their scans. scope to study scanning activity from the past year, un- We find that scanning practice has changed dramati- covering large horizontal scan operations and identifying cally since previous studies from 5–10 years ago [5,39,45]. broad patterns in scanning behavior. We present an analy- Many large, likely malicious scans now originate from sis of who is scanning, what services are being targeted, bullet-proof hosting providers instead of from botnets. and the impact of new scanners on the overall landscape. Internet-scale horizontal scans have become common. Al- We also analyze the scanning behavior triggered by recent most 80% of non-Conficker probe traffic originates from vulnerabilities in Linksys routers, OpenSSL, and NTP. scans targeting ≥1% of the IPv4 address space and 68% We empirically analyze the defensive behaviors that orga- from scans targeting ≥10%.
    [Show full text]
  • Enhanced Security Administrative Environment Helps Prevent Compromise of Administrative Credentials from Cyber-Attacks
    Enhanced Security Administrative Environment Helps prevent compromise of administrative credentials from cyber-attacks Enhanced Security Administration Production Resources Protections for your most valuable accounts Overview Provide an enhanced security environment Cyber-attackers have been very successful at rapidly for administrative accounts gaining administrative access to corporate and government Implement advanced security tools computing environments. These devastating attacks result including exploit technique mitigations, in malicious actors with full remote access to most or all of attack surface analysis, and application an organization’s electronic documents, presentations, whitelisting applications, databases, and other intellectual property. Separate admin and user accounts Recovery from these attacks is extremely difficult, slow, and Enforce two-factor authentication for expensive. admins Restrict admin accounts to high trust The Enhanced Security Administrative Environment (ESAE) computers offering is designed to help thwart a critical element of Restrict internet browsing and other high- these credential theft attacks by limiting exposure of risk activities for administrative accounts administrative credentials. Monitoring of enhanced security environment and production Domain How the Offering Works Controllers (DCs) for security events and The ESAE offering leverages advanced technologies and operational health recommended practices to provide an administrative Easy to use for administrators environment and
    [Show full text]
  • 4. Offensive and Defensive Network Security Cryptoworks21 • July 15, 2021
    Fundamentals of Network Security 4. Offensive and defensive network security CryptoWorks21 • July 15, 2021 Dr Douglas Stebila https://www.douglas.stebila.ca/teaching/cryptoworks21 Fundamentals of Network Security • Basics of Information Security – Security architecture and infrastructure; security goals (confidentiality, integrity, availability, and authenticity); threats/vulnerabilities/attacks; risk management • Cryptographic Building Blocks – Symmetric crypto: ciphers (stream, block), hash functions, message authentication codes, pseudorandom functions – Public key crypto: public key encryption, digital signatures, key agreement • Network Security Protocols & Standards – Overview of networking and PKI – Transport Layer Security (TLS) protocol – Overview: SSH, IPsec, Wireless (Tool: Wireshark) • Offensive and defensive network security – Offensive: Pen-tester/attack sequence: reconnaissance; gaining access; maintaining access (Tool: nmap) • Supplemental material: denial of service attacks – Defensive: Firewalls and intrusion detection • Access Control & Authentication; Web Application Security – Access control: discretionary/mandatory/role-based; phases – Authentication: something you know/have/are/somewhere you are – Web security: cookies, SQL injection – Supplemental material: Passwords 3 Assignment 2 2a) Offensive network 2b) Defensive network security security • Use nmap to scan • Set up firewall rules in services running on your Kali to prevent your computer certain types of – Will be scanning from outbound traffic (egress guest
    [Show full text]
  • Identifying Vulnerabilities Using Internet-Wide Scanning Data
    Identifying Vulnerabilities Using Internet-wide Scanning Data Jamie O’Hare, Rich Macfarlane, Owen Lo School of Computing Edinburgh Napier University Edinburgh, United Kingdom 40168785, r.macfarlane, [email protected] Abstract—Internet-wide scanning projects such as Shodan and of service, through the considerable time and resources re- Censys, scan the Internet and collect active reconnaissance results quired to perform the scans. Due to this potential issue, as for online devices. Access to this information is provided through well as specific legal requirements, vulnerability assessment associated websites. The Internet-wide scanning data can be used to identify devices and services which are exposed on the Internet. tools typically require permission from the target organization It is possible to identify services as being susceptible to known- before being used. vulnerabilities by analysing the data. Analysing this information The known vulnerabilities identified by these tools are is classed as passive reconnaissance, as the target devices are associated with a specific Common Vulnerabilities and Ex- not being directly communicated with. This paper goes on to posure (CVE), which highlights a vulnerability for a specific define this as contactless active reconnaissance. The vulnerability identification functionality in these Internet-wide scanning tools is service. A CVE entry contains information associated with currently limited to a small number of high profile vulnerabilities. the vulnerability including a Common Platform Enumeration This work looks towards extending these features through the (CPE) and a Common Vulnerability Scoring System (CVSS). creation of a tool Scout which combines data from Censys The CPE ties a CVE to a specific product and version, while and the National Vulnerability Database to passively identify the CVSS provides an impact score.
    [Show full text]
  • An Intelligent Improvement of Internet-Wide Scan Engine for Fast Discovery of Vulnerable Iot Devices
    S S symmetry Article An Intelligent Improvement of Internet-Wide Scan Engine for Fast Discovery of Vulnerable IoT Devices Hwankuk Kim ID , Taeun Kim and Daeil Jang * Korea Internet & Security Agency, 9, Jinheung-gil, Naju-si, Jeollanam-do 58324, Korea; [email protected] (H.K.); [email protected] (T.K.) * Correspondence: [email protected]; Tel.: +82-61-820-1274 Received: 31 March 2018; Accepted: 7 May 2018; Published: 10 May 2018 Abstract: Since 2016, Mirai and Persirai malware have infected hundreds of thousands of Internet of Things (IoT) devices and created a massive IoT botnet, which caused distributed denial of service (DDoS) attacks. IoT malware targets vulnerable IoT devices, which are vulnerable to security risks. Techniques are needed to prevent IoT devices from being exploited by attackers. However, unlike high-performance PCs, IoT devices are lightweight, low-power, and low-cost, having performance limitations regarding processing and memory, which makes it difficult to install security and anti-malware programs. Recently, several studies have been attempted to quickly search for vulnerable internet-connected devices to solve this real issue. Issues yet to be studied still exist regarding these types of internet-wide scan technologies, such as filtering by security devices and a shortage of collected operating system (OS) information. This paper proposes an intelligent internet-wide scan model that improves IP state scanning with advanced internet protocol (IP) randomization, reactive protocol (port) scanning, and OS fingerprinting scanning, applying k* algorithm in order to find vulnerable IoT devices. Additionally, we describe the experiment’s results compared to the existing internet-wide scan technologies, such as ZMap and Shodan.
    [Show full text]
  • A Large-Scale Empirical Study on the Vulnerability of Deployed Iot Devices
    A Large-scale Empirical Study on the Vulnerability of Deployed IoT Devices Binbin Zhao, Shouling Ji, Wei-Han Lee, Changting Lin, Haiqin Weng, Jingzheng Wu, Pan Zhou, Liming Fang, Raheem Beyah Abstract—The Internet of Things (IoT) has become ubiquitous and greatly affected peoples’ daily lives. With the increasing development of IoT devices, the corresponding security issues are becoming more and more challenging. Such a severe security situation raises the following questions that need urgent attention: What are the primary security threats that IoT devices face currently? How do vendors and users deal with these threats? In this paper, we aim to answer these critical questions through a large-scale systematic study. Specifically, we perform a ten-month-long empirical study on the vulnerability of 1; 362; 906 IoT devices varying from six types. The results show sufficient evidence that N-days vulnerability is seriously endangering the IoT devices: 385; 060 (28:25%) devices suffer from at least one N-days vulnerability. Moreover, 2; 669 of these vulnerable devices may have been compromised by botnets. We further reveal the massive differences among five popular IoT search engines: Shodan [1], Censys [2], [3], Zoomeye [4], Fofa [5] and NTI [6]. To study whether vendors and users adopt defenses against the threats, we measure the security of MQTT [7] servers, and identify that 12; 740 (88%) MQTT servers have no password protection. Our analysis can serve as an important guideline for investigating the security of IoT devices, as well as advancing the development of a more secure environment for IoT systems. Index Terms—IoT Search Engine, Vulnerable Device Assessment.
    [Show full text]
  • Windows 2012 Server Network Security Save 30% on Syngress Books and Ebooks
    Windows 2012 Server Network Security Save 30% on Syngress books and eBooks n Save 30% on all Syngress books and eBooks at the Elsevier Store when you use promo code CW3013. n Free shipping on all orders. No minimum purchase. n Offer valid only on Syngress books sold by the Elsevier store until 31 December 2014. Click here to order a copy of: Windows Server 2012 Server Network Security How it works: 1. Choose a Syngress title. 2. Add the title to your shopping cart. 3. Click on “Enter Discount Code” in your shopping cart. 4. Enter code CW3013 to obtain your discount and click apply. Windows 2012 Server Network Security Securing Your Windows Network Systems and Infrastructure Derrick Rountree Richard Hicks, Technical Editor AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Syngress is an Imprint of Elsevier Acquiring Editor: Chris Katsaropoulos Editorial Project Manager: Heather Scherer Project Manager: Priya Kumaraguruparan Designer: Mark Rogers Syngress is an imprint of Elsevier 225 Wyman Street, Waltham, MA 02451, USA Copyright © 2013 Elsevier Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrange- ments with organizations, such as the Copyright Clearance Center and the Copyright Licens- ing Agency, can be found at our website: www.elsevier.com/permissions.
    [Show full text]
  • Mitigating Pass-The-Hash and Other Credential Theft, Version 2
    Mitigating Pass-the-Hash and Other Credential Theft, version 2 Trustworthy Computing Trustworthy Computing 1 Legal disclaimer This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. This document is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. Microsoft, Windows, Active Directory, Forefront, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Copyright © 2014 Microsoft Corporation. All rights reserved. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. 2 Mitigating Pass-the-Hash and Other Credential Theft, version 2 Acknowledgments Writers Patrick Jungles Mark Simos Ben Godard Joe Bialek Matthew Bucher Cal Waits William Peteroy Thomas Garnier Contributors Aaron Margosis Eric Leonard Michael Howard Aaron Tebrink Eric Mitchell Michael Poole Adam Stasiniewicz Eugene Siu Michael Scovetta Al Tieman Georgeo Pulikkathara Michiko Short Andrea Piazza Glenn Pittaway Nate Morin Andrew Idell Graham Calladine Nathan Ide Arden White Hasnat Naveed Nicholas DiCola Bill Talbot James Noyce Patrick Arnold Chris Betz Joe Corey Paul Cullimore Chris Hale John Rodriguez Roger Grimes Chris Jeuell John Wall Ted Daley Cristin Goodwin Joshua Talbot Tom Stolk Cynthia Sandvick Keith
    [Show full text]
  • Windows Server 2012 Security from End to Edge and Beyond Save 30% on Syngress Books and Ebooks
    Windows Server 2012 Security from End to Edge and Beyond Save 30% on Syngress books and eBooks n Save 30% on all Syngress books and eBooks at the Elsevier Store when you use promo code CW3013. n Free shipping on all orders. No minimum purchase. n Offer valid only on Syngress books sold by the Elsevier store until 31 December 2014. Click here to order a copy of: Windows Server 2012 Security from End to Edge and Beyond How it works: 1. Choose a Syngress title. 2. Add the title to your shopping cart. 3. Click on “Enter Discount Code” in your shopping cart. 4. Enter code CW3013 to obtain your discount and click apply. Windows Server 2012 Security from End to Edge and Beyond Architecting, Designing, Planning, and Deploying Windows Server 2012 Security Solutions Thomas W. Shinder Yuri Diogenes Debra Littlejohn Shinder Richard Hicks, Technical Editor AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Syngress is an Imprint of Elsevier Acquiring Editor: Chris Katsaropoulos Editorial Project Manager: Benjamin Rearick Project Manager: Punithavathy Govindaradjane Designer: Alan Studholme Syngress is an imprint of Elsevier 225 Wyman Street, Waltham, MA 02451, USA Copyright © 2013 Elsevier, Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher's permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
    [Show full text]
  • Secure Coding in C and C++ Second Edition the SEI Series in Software Engineering Software Engineering Institute of Carnegie Mellon University and Addison-Wesley
    Secure Coding in C and C++ Second Edition The SEI Series in Software Engineering Software Engineering Institute of Carnegie Mellon University and Addison-Wesley Visit informit.com/sei for a complete list of available publications. he SEI Series in Software Engineering is a collaborative undertaking of the TCarnegie Mellon Software Engineering Institute (SEI) and Addison-Wesley to develop and publish books on software engineering and related topics. The common goal of the SEI and Addison-Wesley is to provide the most current information on these topics in a form that is easily usable by practitioners and students. Titles in the series describe frameworks, tools, methods, and technologies designed to help organizations, teams, and individuals improve their technical or management capa- bilities. Some books describe processes and practices for developing higher-quality soft- ware, acquiring programs for complex systems, or delivering services more effectively. Other books focus on software and system architecture and product-line development. Still others, from the SEI’s CERT Program, describe technologies and practices needed to manage software and network security risk. These and all titles in the series address critical problems in software engineering for which practical solutions are available. Make sure to connect with us! informit.com/socialconnect Secure Coding in C and C++ Second Edition Robert C. Seacord Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City The SEI Series in Software Engineering Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trade- marks.
    [Show full text]
  • Measuring the Deployment of Source Address Validation of Inbound Traffic
    1 The Closed Resolver Project: Measuring the Deployment of Source Address Validation of Inbound Traffic Maciej Korczy´nski, Yevheniya Nosyk, Qasim Lone, Marcin Skwarek, Baptiste Jonglez, Andrzej Duda Abstract—Source Address Validation (SAV) is a standard achieved by filtering packets at the network edge, formalized aimed at discarding packets with spoofed source IP addresses. in RFC 2827, and called Source Address Validation (SAV) [3]. The absence of SAV for outgoing traffic has been known as a Given the prevalent role of IP spoofing in cyberattacks, there root cause of Distributed Denial-of-Service (DDoS) attacks and received widespread attention. While less obvious, the absence is a need to estimate the level of SAV deployment by network of inbound filtering enables an attacker to appear as an internal providers. Projects such as Spoofer [4] already enumerate host of a network and may reveal valuable information about the networks that do not implement packet filtering. However, a network infrastructure. Inbound IP spoofing may amplify other great majority of this existing work concentrates on outbound attack vectors such as DNS cache poisoning or the recently dis- SAV and filtering since it can prevent reflection-based DDoS covered NXNSAttack. In this paper, we present the preliminary results of the Closed Resolver Project that aims at mitigating the attacks near their origin [5]. While less obvious, the lack of problem of inbound IP spoofing. We perform the first Internet- inbound filtering enables an external attacker to masquerade wide active measurement study to enumerate networks that filter as an internal host of a network, which may reveal valuable or do not filter incoming packets by their source address, for both information about the network infrastructure that is usually the IPv4 and IPv6 address spaces.
    [Show full text]
  • Quizzes Security
    أﻣن اﻟﺗطﺑﯾﻘﺎت واﻟﻣﻌطﯾﺎت اﻟدﻛﺗور ﺳﺎﻣﻲ ﺧﯾﻣﻲ ISSN: 2617-989X Boo ks أمن التطبيقات والمعطيات الدكتور سامي الخيمي من منشورات الجامعة اﻻفتراضية السورية الجمهورية العربية السورية 2018 هذا الكتاب منشور تحت رخصة المشاع المبدع – النسب للمؤلف – حظر اﻻشتقاق )CC– BY– ND 4.0( https://creativecommons.org/licenses/by-nd/4.0/legalcode.ar يحق للمستخدم بموجب هذه الرخصة نسخ هذا الكتاب ومشاركته وإعادة نشره أو توزيعه بأية صيغة وبأية وسيلة للنشر وﻷية غاية تجارية أو غير تجارية، وذلك شريطة عدم التعديل على الكتاب وعدم اﻻشتقاق منه وعلى أن ينسب للمؤلف اﻷصلي على الشكل اﻵتي حصرا : سامي خيمي، اﻹجازة في تقانة المعلومات، من منشورات الجامعة اﻻفتراضية السورية، الجمهورية العربية السورية، 2018 متوفر للتحميل من موسوعة الجامعة /https://pedia.svuonline.org Data and application security Sami Khiami Publications of the Syrian Virtual University (SVU) Syrian Arab Republic, 2018 Published under the license: Creative Commons Attributions- NoDerivatives 4.0 International (CC-BY-ND 4.0) https://creativecommons.org/licenses/by-nd/4.0/legalcode Available for download at: https://pedia.svuonline.org/ ISSN: 2617-989X وثيقة تعريف المادة المقرر: أمن البيانات والتطبيقات. رمز المقرر: IWB404 ملخص: يقدم محتوى المادة مقاربة لموضوع أمن المعلومات من منظور سوية التطبيقات بالتركيز على حقيقة أن اﻷمن كالسلسلة قوي بقوة أضعف حلقة في هذه السلسلة. إن طبيعة و تنوع واختﻻف معايير تطوير تطبيقات الوب والتقنيات التي يستخدمها المطورون يجعل من سوية التطبيقات من أكثر اﻷهداف عرضة للهجومات الموجهة إلى أنظمة المعلومات. يركز المحتوى في هذه المادة على إعطاء الطالب فكرة نظرية و تطبيقية عن أكثر الهجومات شيوعاً والتي تؤثر على سوية التطبيقات مع التركيز على الذهنية و اﻹجارئية المستخدمة من قبل المخترقين في تنفيذ الهجوم إضافة إلى اﻷدوات المستخدمة لهذا الغرض.
    [Show full text]