Chat with us, powered by LiveChat After reading chapter 1, evaluate the threats of a botnet attack. Your response should be at least 200+ words, and contain at least one external citation and reference in APA format. | Wridemy

After reading chapter 1, evaluate the threats of a botnet attack. Your response should be at least 200+ words, and contain at least one external citation and reference in APA format.

After reading chapter 1, evaluate the threats of a botnet attack. Your response should be at least 200+ words, and contain at least one external citation and reference in APA format.

 

After reading chapter 1, evaluate the threats of a botnet attack. Your response should be at least 200+ words, and contain at least one external citation and reference in APA format. You are also required to post a response to a minimum of two  other students in the class.

Your initial response is due by Thursday of each week of the course and you must respond to a minimum of two other learners during the week.

Your responses to other students must be more than a simple "Good job" or "I agree with your post". They must also not just be "Let me add to your post…" Instead, your responses to each other should do three things:

1. Acknowledge the other student's post with some form of recognition about what they posted

2. Relate their posting to something you have learned or are familiar with

3. Add to the conversation by asking additional questions about their post, or discussing their topic further

Remember, this is a discussion forum. Your engagement with each other should be similar to how you would speak with each other if you were seated at the same table talking. Plagiarism in the discussion will not be tolerated.

11

Copyright © 2012, Elsevier Inc.

All Rights Reserved

Chapter 1

Introduction

Cyber Attacks Protecting National Infrastructure, 1st ed.

2

• National infrastructure – Refers to the complex, underlying delivery and support

systems for all large-scale services considered absolutely essential to a nation

• Conventional approach to cyber security not enough

• New approach needed – Combining best elements of existing security techniques

with challenges that face complex, large-scale national services

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Introduction

3

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.1 – National infrastructure cyber and physical attacks

4

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.2 – Differences between small- and large-scale cyber security

5

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n• Three types of malicious adversaries – External adversary

– Internal adversary

– Supplier adversary

National Cyber Threats, Vulnerabilities, and Attacks

6

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.3 – Adversaries and exploitation points in national

infrastructure

7

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n• Three exploitation points – Remote access

– System administration and normal usage

– Supply chain

National Cyber Threats, Vulnerabilities, and Attacks

8

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n• Infrastructure threatened by most common security concerns:

– Confidentiality

– Integrity

– Availability

– Theft

National Cyber Threats, Vulnerabilities, and Attacks

9

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Botnet Threat

• What is a botnet attack? – The remote collection of compromised end-user machines

(usually broadband-connected PCs) is used to attack a target.

– Sources of attack are scattered and difficult to identify

– Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target

10

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

• Five entities that comprise botnet attack:

– Botnet operator

– Botnet controller

– Collection of bots

– Botnot software drop

– Botnet target

• Distributed denial of service (DDOS) attack: bots create “cyber traffic jam”

Botnet Threat

11

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.4 – Sample DDOS attack from a botnet

12

National Cyber Security Methodology Components

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n• Ten basic design and operation principles:

– Deception – Discretion

– Separation – Collection

– Diversity – Correlation

– Commonality – Awareness

– Depth – Response

13

• Deliberately introducing misleading functionality or misinformation for the purpose of tricking an adversary – Computer scientists call this functionality a honey pot

• Deception enables forensic analysis of intruder activity

• The acknowledged use of deception may be a deterrent to intruders (every vulnerability may actually be a trap)

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Deception

14

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.5 – Components of an interface with deception

15

• Separation involves enforced access policy restrictions on users and resources in a computing environment

• Most companies use enterprise firewalls, which are complemented by the following:

– Authentication and identity management

– Logical access controls

– LAN controls

– Firewalls

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Separation

16

Fig. 1.6 – Firewall enhancements for national infrastructure

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

17

• Diversity is the principle of using technology and systems that are intentionally different in substantive ways.

• Diversity hard to implement – A single software vendor tends to dominate the PC

operating system business landscape

– Diversity conflicts with organizational goals of simplifying supplier and vendor relationships

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Diversity

18

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.7 – Introducing diversity to national infrastructure

19

• Consistency involves uniform attention to security best practices across national infrastructure components

• Greatest challenge involves auditing

• A national standard is needed

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Commonality

20

• Depth involves using multiple security layers to protect national infrastructure assets

• Defense layers are maximized by using a combination of functional and procedural controls

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Depth

21

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.8 – National infrastructure security through defense in depth

22

• Discretion involves individuals and groups making good decisions to obscure sensitive information about national infrastructure

• This is not the same as “security through obscurity”

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Discretion

23

• Collection involves automated gathering of system- related information about national infrastructure to enable security analysis

• Data is processed by a security information management system.

• Operational challenges – What type of information should be collected?

– How much information should be collected?

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Collection

24

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.9 – Collecting national infrastructure-related security

information

25

• Correlation involves a specific type of analysis that can be performed on factors related to national infrastructure protection – This type of comparison-oriented analysis is indispensable

• Past initiatives included real-time correlation of data at fusion center – Difficult to implement

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Correlation

26

Fig. 1.10 – National infrastructure high- level correlation approach

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

27

• Awareness involves an organization understanding the differences between observed and normal status in national infrastructure

• Most agree on the need for awareness, but how can awareness be achieved?

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Awareness

28

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.11 – Real-time situation awareness process flow

29

• Response involves the assurance that processes are in place to react to any security-related indicator – Indicators should flow from the awareness layer

• Current practice in smaller corporate environments of reducing “false positives” by waiting to confirm disaster is not acceptable for national infrastructure

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Response

30

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Fig. 1.12 – National infrastructure security response approach

31

• Commissions and groups

• Information sharing

• International cooperation

• Technical and operational costs

Copyright © 2012, Elsevier Inc.

All rights Reserved

C h a p te

r 1 –

In tro

d u c tio

n

Implementing the Principles Nationally

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?

About Wridemy

We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.

How It Works

To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Are there Discounts?

All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.

Hire a tutor today CLICK HERE to make your first order

Related Tags

Academic APA Writing College Course Discussion Management English Finance General Graduate History Information Justify Literature MLA