Dr Iftikhar Ahmad Department of Information Technology Faculty of Computing and Information Technology King Abdulaziz University Saudi Arabia OUTLINE CYBER as a new domain What is cyber security ID: 806336
Download The PPT/PDF document "1 CYBER SECURITY CHALLENGES" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
1
CYBER SECURITY CHALLENGES
Dr
. Iftikhar Ahmad
Department
of
Information Technology
Faculty of Computing and Information
Technology, King Abdulaziz University, Saudi Arabia.
Slide2OUTLINE CYBER as a new domainWhat is cyber security?Cyber security in NewsWhy cyber security is important?Cyber threats evolutionTypes of cyber threatsCyber security challenges
Slide3CYBER: A NEW DOMAIN OF WARFARE
Slide4Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment, organization and user’s assets. (International Telecommunication Unit–T X.1205)The general security objectives comprise the following:Confidentiality: ensures that the information will be accessed by authorized persons
Reliability:Integrity: No any unauthorized person can modify the informationAuthentication: Information belongs to the correct personAvailability: The information will be accessed by authorized users when they need without any
interferencesWHAT IS CYBERSECURITY ?
Slide5Slide6CYBER SECURITY IN NEWS
Slide7CYBER ATTACK ON LOCKHEED MARTIN
Slide8CYBER ATTACK ON USAF DRONE
Slide9CYBER ATTACK ON SAUDI ARAMCO
Slide10CYBER ATTACK SHAMOONShamoon-1 (Aug 2012)Saudi AramcoRasGASWiped data from 35000 computers
Slide11CYBER ATTACK SHAMOONShamoon-2 (Nov 2016)GACATransport MinistrySaudi Arabian Monetary Authority
Slide12CYBER ATTACK SHAMOONShamoon-2 (Jan 2017)Government and private sectors
Slide13WHY CYBER SECURITY IS IMPORTANT?A big challenge is heavy dependency on technologyThink about what happen when you are on the road your smartphone runs out of battery!If technology fails than this dependency becomes
vulnerable.Some experts predict that by 2020 there will be 200 billion connected things. Cars, planes, homes, cities, and even animals are being connected. It is very necessary at personal, organizational and national level to protect their private and sensitive assets from cyber attacks.
In today's world, it’s important that technology is available, protected and secure. If not, we will suffer consequences in our daily lives.
Slide14CYBER THREATS EVOLUTION
Virus
Breaking Web Sites
Malicious Code (Melissa)
Advanced Worm / Trojan (I LOVE YOU)
Identity Theft (Phishing)
Organized
Crime
Data Theft, DoS /
DDoS, Probe, R2L,U2R,
Malware
and others
1995
2000
2003-04
2005-06
2007-17
1980’s
Slide15TYPES OF CYBER THREATSType
MotivationTarget
MethodInformation Warfare
Military or political dominance
Critical infrastructure, political and military assets
Attack, corrupt, exploit, deny, conjoint with physical attack
Cyber Espionage
Gain of intellectual Property and Secrets
Governments, companies, individuals
Advanced Persistent Threats
Cyber Crime
Economic gain
Individuals, companies, governments
Fraud, ID theft, extortion, Attack, Exploit
Cracking
Ego, personal enmity
Individuals, companies, governments
Attack, Exploit
Hacktivism
Political change
Governments, Companies
Attack, defacing
Cyber Terror
Political change
Innocent victims, recruiting
Marketing, command and control, computer based violence
Source: analysis,
Dr
Irv
Lachov
Slide16http://camthao.us/News/332/what-will-the-warrior-guardian-of-the-future-look-like
Slide17CYBER Security Challenges
Slide18External SecurityLocks offices/labs/C2 centersPrompt access to security forcesCamerasMotion sensorsAlarm systemsCard based accessBiometricDNA(Forensic testing - to help identify suspects or victims in a criminal investigation)
DOD using: fingerprint, latent fingerprint, facial recognition, iris recognitionDOD Looking for : vascular patterns, voice, hand geometry, DNA.
Slide19External SecurityPassword and Login CryptographyDigital SignatureFirewall / Access listAnti VirusesIDSIPS
Slide20Major security issuePrevention of intrusionsPrevention depends on detectionDetection is a key part of any security tools e.g. IDS, IPS, ASA, checkpoints & firewalls.Accurate detectionVariety of approachesDetection RateFalse Alarms
PerformanceTP+TNFP+FNTrue Positive
True NegativeFalse PositiveFalse NegativeCYBER Security Challenges
Research Problem
Slide21Research Problem
Building datasetDOS AttacksProbing AttacksU2R Attacks
DatasetR2L AttacksOther Attacks
POD, Back, Land, Smurf, Neptune, Teardrop
Imap, Ftpwrite, Phf, Warezmaster, and Warezclient
Loadmodule, Buffer overflow and Perl
IPsweep,
Portsweep, Nmap, and Satan
Guessing passwords, rootkits, multi-hope, and spy programs
Slide22Research Problem
Building datasetReal TrafficDatasetSanitized Traffic
Simulated Traffic
Unacceptable to attack an origination's server
Security and privacy issue
May lose some imp. features
Impossible to sanitize huge data
Difficult to establish testbed
Complex & costly
Slide23Research Problem
FT
Raw Dataset
Features Transformation
Confusion
False alarms
Training overhead
More Memory & Computational resources
Decrease DR
IDS Arch. More complex and malfunction
Classifier
Lose sensitive features
Selecting large Nos. of PCs decrease training & testing efficiency
Arch. more complex as PCs increases
Slide24Research Problem
FT
OA
Raw Dataset
New feature space
Visible, organized, arranged & sensitive
Which feature is selected?
How is it selected?
Feature Subset
Classifier
Optimal feature subset
Optimal feature subset
Normal
Intrusive
Optimization Algorithm
Slide25Research Problem
FT
OA
Raw Dataset
New feature space
Visible, organized, arranged & sensitive
Which feature is selected?
How is it selected?
Classifier enhancement
Classifier
Optimal feature subset
Optimal feature subset
Normal
Intrusive
Optimization Algorithm
Slide26Research Problem
Developing dataset Features preprocessing Determine classifier architecture
Reducing training overhead Reducing memory and computation overheads
Slide27Thanks