Research paper - APA format

Anonymous
timer Asked: Mar 28th, 2019
account_balance_wallet $10

Question Description

Choose the Research topic from the attachments.


For this Assignment, you will prepare a Research Paper (4-5 pages not including the title or reference pages) of your choosing related to a topics that has been covered during the Lessons 1 - 4. The paper will be:

clear: it provides enough specifics that one’s audience can easily understand its purpose without needing additional explanation.

focused: it is narrow enough that it can be answered thoroughly in the space the writing task allows.

concise: it is expressed in the fewest possible words.

Complex: it is not answerable with a simple “yes” or “no,” but rather requires synthesis and analysis of ideas and sources prior to composition of an answer.

arguable: its potential answers are open to debate rather than accepted facts.




Unformatted Attachment Preview

Cyber Attacks Protecting National Infrastructure, 1st ed. Chapter 1 Introduction Copyright © 2012, Elsevier Inc. All Rights Reserved 1 • National infrastructure – Refers to the complex, underlying delivery and support systems for all large-scale services considered absolutely essential to a nation Chapter 1 – Introduction Introduction • Conventional approach to cyber security not enough • New approach needed – Combining best elements of existing security techniques with challenges that face complex, large-scale national services Copyright © 2012, Elsevier Inc. All rights Reserved 2 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.1 – National infrastructure cyber and physical attacks 3 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.2 – Differences between small- and large-scale cyber security 4 • Three types of malicious adversaries Chapter 1 – Introduction National Cyber Threats, Vulnerabilities, and Attacks – External adversary – Internal adversary – Supplier adversary Copyright © 2012, Elsevier Inc. All rights Reserved 5 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.3 – Adversaries and exploitation points in national infrastructure 6 • Three exploitation points Chapter 1 – Introduction National Cyber Threats, Vulnerabilities, and Attacks – Remote access – System administration and normal usage – Supply chain Copyright © 2012, Elsevier Inc. All rights Reserved 7 • Infrastructure threatened by most common security concerns: – – – – Chapter 1 – Introduction National Cyber Threats, Vulnerabilities, and Attacks Confidentiality Integrity Availability Theft Copyright © 2012, Elsevier Inc. All rights Reserved 8 • What is a botnet attack? – The remote collection of compromised end-user machines (usually broadband-connected PCs) is used to attack a target. – Sources of attack are scattered and difficult to identify – Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Botnet Threat 9 • Five entities that comprise botnet attack: – – – – – Botnet operator Botnet controller Collection of bots Botnot software drop Botnet target Chapter 1 – Introduction Botnet Threat • Distributed denial of service (DDOS) attack: bots create “cyber traffic jam” Copyright © 2012, Elsevier Inc. All rights Reserved 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.4 – Sample DDOS attack from a botnet 11 • Ten basic design and operation principles: – – – – – Deception Separation Diversity Commonality Depth – – – – – Chapter 1 – Introduction National Cyber Security Methodology Components Discretion Collection Correlation Awareness Response Copyright © 2012, Elsevier Inc. All rights Reserved 12 • Deliberately introducing misleading functionality or misinformation for the purpose of tricking an adversary Chapter 1 – Introduction Deception – Computer scientists call this functionality a honey pot • Deception enables forensic analysis of intruder activity • The acknowledged use of deception may be a deterrent to intruders (every vulnerability may actually be a trap) Copyright © 2012, Elsevier Inc. All rights Reserved 13 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.5 – Components of an interface with deception 14 • Separation involves enforced access policy restrictions on users and resources in a computing environment Chapter 1 – Introduction Separation • Most companies use enterprise firewalls, which are complemented by the following: – Authentication and identity management – Logical access controls – LAN controls – Firewalls Copyright © 2012, Elsevier Inc. All rights Reserved 15 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.6 – Firewall enhancements for national infrastructure 16 • Diversity is the principle of using technology and systems that are intentionally different in substantive ways. • Diversity hard to implement Chapter 1 – Introduction Diversity – A single software vendor tends to dominate the PC operating system business landscape – Diversity conflicts with organizational goals of simplifying supplier and vendor relationships Copyright © 2012, Elsevier Inc. All rights Reserved 17 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.7 – Introducing diversity to national infrastructure 18 • Consistency involves uniform attention to security best practices across national infrastructure components • Greatest challenge involves auditing • A national standard is needed Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Commonality 19 • Depth involves using multiple security layers to protect national infrastructure assets • Defense layers are maximized by using a combination of functional and procedural controls Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Depth 20 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.8 – National infrastructure security through defense in depth 21 • Discretion involves individuals and groups making good decisions to obscure sensitive information about national infrastructure • This is not the same as “security through obscurity” Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Discretion 22 • Collection involves automated gathering of systemrelated information about national infrastructure to enable security analysis • Data is processed by a security information management system. • Operational challenges Chapter 1 – Introduction Collection – What type of information should be collected? – How much information should be collected? Copyright © 2012, Elsevier Inc. All rights Reserved 23 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.9 – Collecting national infrastructure-related security information 24 • Correlation involves a specific type of analysis that can be performed on factors related to national infrastructure protection Chapter 1 – Introduction Correlation – This type of comparison-oriented analysis is indispensable • Past initiatives included real-time correlation of data at fusion center – Difficult to implement Copyright © 2012, Elsevier Inc. All rights Reserved 25 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.10 – National infrastructure highlevel correlation approach 26 • Awareness involves an organization understanding the differences between observed and normal status in national infrastructure • Most agree on the need for awareness, but how can awareness be achieved? Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Awareness 27 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.11 – Real-time situation awareness process flow 28 • Response involves the assurance that processes are in place to react to any security-related indicator Chapter 1 – Introduction Response – Indicators should flow from the awareness layer • Current practice in smaller corporate environments of reducing “false positives” by waiting to confirm disaster is not acceptable for national infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved 29 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.12 – National infrastructure security response approach 30 • • • • Commissions and groups Information sharing International cooperation Technical and operational costs Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Implementing the Principles Nationally 31 Cyber Attacks Protecting National Infrastructure, 1st ed. Chapter 2 Deception Copyright © 2012, Elsevier Inc. All Rights Reserved 1 • Deception is deliberately misleading an adversary by creating a system component that looks real but is in reality a trap Chapter 2 – Deception Introduction – Sometimes called a honey pot • Deception helps accomplish the following security objectives – – – – Attention Energy Uncertainty Analysis Copyright © 2012, Elsevier Inc. All rights Reserved 2 • If adversaries are aware that perceived vulnerabilities may, in fact, be a trap, deception may defuse actual vulnerabilities that security mangers know nothing about. Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Introduction 3 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.1 – Use of deception in computing 4 • Four distinct attack stages: – – – – Scanning Discovery Exploitation Exposing Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Introduction 5 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.2 – Stages of deception for national infrastructure protection 6 • Adversary is scanning for exploitation points – May include both online and offline scanning Chapter 2 – Deception Scanning Stage • Deceptive design goal: Design an interface with the following components – Authorized services – Real vulnerabilities – Bogus vulnerabilities • Data can be collected in real-time when adversary attacks honey pot Copyright © 2012, Elsevier Inc. All rights Reserved 7 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.3 – National asset service interface with deception 8 • Deliberately inserting an open service port on an Internet-facing server is the most straightforward deceptive computing practice • Adversaries face three views – Valid open ports – Inadvertently open ports – Deliberately open ports connected to honey pots • Must take care the real assets aren’t put at risk by bogus ports Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Deliberately Open Ports 9 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.4 – Use of deceptive bogus ports to bogus assets 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.5 – Embedding a honey pot server into a normal server complex 11 • The discovery stage is when an adversary finds and accepts security bait embedded in the trap • Make adversary believe real assets are bogus Chapter 2 – Deception Discovery Stage – Sponsored research – Published case studies – Open solicitations • Make adversary believe bogus assets are real – Technique of duplication is often used for honey pot design Copyright © 2012, Elsevier Inc. All rights Reserved 12 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.6 – Duplication in honey pot design 13 • Creation and special placement of deceptive documents can be used to trick an adversary (Especially useful for detecting a malicious insider) Chapter 2 – Deception Deceptive Documents – Only works when content is convincing and – Protections appear real Copyright © 2012, Elsevier Inc. All rights Reserved 14 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.7 – Planting a bogus document in protected enclaves 15 • This stage is when an adversary exploits a discovered vulnerability Chapter 2 – Deception Exploitation Stage – Early activity called low radar actions – When detected called indications and warnings • Key requirement: Any exploitation of a bogus asset must not cause disclosure, integrity, theft, or availability problems with any real asset Copyright © 2012, Elsevier Inc. All rights Reserved 16 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.8 – Pre- and post-attack stages at the exploitation stage 17 • Related issue: Intrusion detection and incident response teams might be fooled into believing trap functionality is real. False alarms can be avoided by – – – – Chapter 2 – Deception Exploitation Stage Process coordination Trap isolation Back-end insiders Process allowance Copyright © 2012, Elsevier Inc. All rights Reserved 18 • Understand adversary behavior by comparing it in different environments. • The procurement lifecycle is one of the most underestimated components in national infrastructure protection (from an attack perspective) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Procurement Tricks 19 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.9 – Using deception against malicious suppliers 20 • The deception lifecycle ends with the adversary exposing behavior to the deception operator • Therefore, deception must allow a window for observing that behavior Chapter 2 – Deception Exposing Stage – Sufficient detail – Hidden probes – Real-time observation Copyright © 2012, Elsevier Inc. All rights Reserved 21 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.10 – Adversary exposing stage during deception 22 • Gathering of forensic evidence relies on understanding how systems, protocols, and services interact – – – – Chapter 2 – Deception Interfaces Between Humans and Computers Human-to-human Human-to-computer Computer-to-human Computer-to-computer • Real-time forensic analysis not possible for every scenario Copyright © 2012, Elsevier Inc. All rights Reserved 23 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 – Deception Fig. 2.11 – Deceptively exploiting the human-to-human interface 24 • Programs for national deception would be better designed based on the following assumptions: Chapter 2 – Deception National Deception Program – Selective infrastructure use – Sharing of results and insights – Reuse of tools and methods • An objection to deception that remains is that it is not effective against botnet attacks – Though a tarpit might degrade the effectiveness of a botnet Copyright © 2012, Elsevier Inc. All rights Reserved 25 Cyber Attacks Protecting National Infrastructure, 1st ed. Chapter 3 Separation Copyright © 2012, Elsevier Inc. All Rights Reserved 1 • Using a firewall to separate network assets from intruders is the most familiar approach in cyber security • Networks and systems associated with national infrastructure assets tend to be too complex for firewalls to be effective Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Introduction 2 • Three new approaches to the use of firewalls are necessary to achieve optimal separation Chapter 3 – Separation Introduction – Network-based separation – Internal separation – Tailored separation Copyright © 2012, Elsevier Inc. All rights Reserved 3 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.1 – Firewalls in simple and complex networks 4 • Separation is a technique that accomplishes one of the following Chapter 3 – Separation What Is Separation? – Adversary separation – Component distribution Copyright © 2012, Elsevier Inc. All rights Reserved 5 • A working taxonomy of separation techniques: Three primary factors involved in the use of separation Chapter 3 – Separation What Is Separation? – The source of the threat – The target of the security control – The approach used in the security control (See figure 3.2) Copyright © 2012, Elsevier Inc. All rights Reserved 6 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.2 – Taxonomy of separation techniques 7 • Separation is commonly achieved using an access control mechanism with requisite authentication and identity management • An access policy identifies desired allowances for users requesting to perform actions on system entities • Two approaches Chapter 3 – Separation Functional Separation? – Distributed responsibility – Centralized control – (Both will be required) Copyright © 2012, Elsevier Inc. All rights Reserved 8 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.3 – Distributed versus centralized mediation 9 • Firewalls are placed between a system or enterprise and an un-trusted network (say, the Internet) • Two possibilities arise Chapter 3 – Separation National Infrastructure Firewalls – Coverage: The firewall might not cover all paths – Accuracy: The firewall may be forced to allow access that inadvertently opens access to other protected assets Copyright © 2012, Elsevier Inc. All rights Reserved 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.4 – Wide area firewall aggregation and local area firewall segregation 11 • Increased wireless connectivity is a major challenge to national infrastructure security • Network service providers offer advantages to centralized security Chapter 3 – Separation National Infrastructure Firewalls – Vantage point: Network service providers can see a lot – Operations: Network providers have operational capacity to keep security software current – Investment: Network service providers have the financial wherewithal and motivation to invest in security Copyright © 2012, Elsevier Inc. All rights Reserved 12 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.5 – Carrier-centric network-based firewall 13 • Network-based firewall concept includes device for throttling distributed denial of service (DDOS) attacks • Called a DDOS filter • Modern DDOS attacks take into account a more advanced filtering system Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation DDOS Filtering 14 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.6 – DDOS filtering of inbound attacks on target assets 15 • SCADA – Supervisory control and data acquisition • SCADA systems – A set of software, computer, and networks that provide remote coordination of control system for tangible infrastructures • Structure includes the following – – – – Chapter 3 – Separation SCADA Separation Architecture Human-machine interface (HMI) Master terminal unit (MTU) Remote terminal unit (RTU) Field control systems Copyright © 2012, Elsevier Inc. All rights Reserved 16 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.7 – Recommended SCADA system firewall architecture 17 • Why not simply unplug a system’s external connections? (Called air gapping) • As systems and networks grow more complex, it becomes more likely that unknown or unauthorized external connections will arise • Basic principles for truly air-gapped networks: – – – – Chapter 3 – Separation Physical Separation Clear policy Boundary scanning Violation consequences Reasonable alternatives Copyright © 2012, Elsevier Inc. All rights Reserved 18 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 3 – Separation Fig. 3.8 – Bridging an isolated network via a dual-homing user 19 • • • • Hard to defend against a determined insider Threats may also come fro ...
Purchase answer to see full attachment

Tutor Answer

SeniorIvywriter
School: Duke University

hey there, i have five ...

flag Report DMCA
Review

Anonymous
Thanks, good work

Similar Questions
Related Tags

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors