Download presentation
Presentation is loading. Please wait.
1
计算机网络安全概述
2
Q & A 什么是计算机病毒? 你遇到过或听说过什么病毒?写出你能想到的和计算机安全相关的关键词 病毒发作会遇到什么样的问题?
一般如何避免遭到病毒入侵?
3
What does security mean?
In real life: No one should be able to break into my house Or steal something from me Or impersonate me or others I know Or attack me Or take my time with irrelevant things Or damage my property ……
4
What does security mean?
In networks: I want to communicate with A No one should be able to break into my computer Or sniff information I exchange Or spoof my address and act in my name (or somebody else’s) Or attack me and disable my machine Or take my resources with bogus packets Or plant malicious code Or attack anything on route from me to A Or misuse my machine to attack someone else ……
5
What does security mean?
Goal of networking is to enable communication At all times and in all scenarios!!! Security = robustness or fault tolerance? Security also means keeping communication private
6
What are the threats? No one should be able to break into my computer
Hackers Break password Misuse vulnerability Sniff my network Use social engineering Impersonate someone I trust Viruses Worms(网络) 蠕虫病毒是一种常见的计算机病毒。它是利用网络进行复制和传播,传染途径是通过网络和电子邮件 熊猫烧香这一病毒利用了微软视窗操作系统的漏洞 “中文版求职信”病毒可以通过邮件、局域网共 享目录等途径进行感染,并能自动获取用户地址薄中的信息乱发邮件。此病毒中的信息模仿求职信病毒,病毒内部的信息都是中文。病毒通过 163.com, 163.net, 263.net, sina.com,china.com,citiz.net的邮件服务器发邮件,邮件的地址是该病毒自己随机生成的。邮件会附带一个.exe或.vbs的文件。.exe文件就是该病毒本身,.vbs是包含其中的脚本病毒。 邮件标题包括以下几种: “我喜欢你!”、“您好”、“恭喜!”、“节日快乐”、“你中奖了”、“你的朋友”、“同学聚会”、“祝你生日快乐”、“你的朋友给你寄来的贺卡”等。
7
What are the threats? No one should sniff the information I exchange
I will use cryptography! There are many ways to break ciphers There are many ways to divulge partial information (e.g. who do you talk to) I would also like to hide who I talk to and when I will use anonymization techniques Anonymization hinders other security approaches that build models of normal traffic patterns
8
What are the threats? No one should spoof my address or act in my name
I want to be sure who I am talking to (authentication and digital signatures)
9
What are the threats? No one should attack me and disable my machine
Denial-of-service attacks (DOS) Viruses
10
What are the threats? No one should take up my resources with bogus
packets Denial-of-service attacks Spam mail Malicious mail Worms 凡是未经用户许可(与用户无关)就强行发送到用户的邮箱中的任何电子邮件就称为垃圾邮件 恶意代码(Malicious code)或者叫恶意软件Malware
11
What are the threats? No one should plant malicious code on my machine
Viruses Worms Denial-of-service attacks (preparatory phase)
12
What are the threats? No one should attack anything on route to A
A could be attacked Routers could be overloaded DNS (域名解析器) servers could be attacked 域名解析系统(=Domain Name System)
13
What are the threats? No one should misuse my machine to attack someone else Zombies Reflector attacks Worms with viruses Be a good citizen … zombies程序可以利用网络上计算机系统的安全漏洞将自动攻击脚本安装到多台主机上,这些主机成为受害者而听从攻击者指挥,在某个时刻,汇集到一起去再去攻击其他的受害者。 Reflector attacks: 反射攻击 A reflection attack is a method of attacking a challenge-response authentication system that uses the same protocol in both directions. That is, the same challenge-response protocol is used by each side to authenticate the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge
14
What are the challenges?
Your security frequently depends on others Good solution must Handle the problem to a great extent Handle future variations of the problem, too Be inexpensive Have economic incentive Require a few deployment points Require non-specific deployment points
15
What are the challenges?
Fighting a live enemy Security is adversarial field No problem is likely to be completely solved New advances lead to improvement of attack techniques Researchers must play double game
16
What are the challenges?
Attack patterns change Frequently there is scarce attack data No agreement about legitimate traffic patterns No agreement about metrics There is no standardized evaluation procedure Some security problems require a lot of resources to be reproduced realistically
17
案例 根据360安全中心的统计数据,2010年度网民面临的十大"丢钱"陷阱分别是:购物欺诈网站、股票或彩票欺诈网站、游戏盗号、木马劫持网上交易资金、QQ盗号及借钱诈骗、假冒网银页面钓鱼、网上黑药店、黑客窃取隐私敲诈、虚假中奖信息,以及木马删除重要文件后敲诈"数据恢复费"。
18
法国家乐福官方网站被中国黑客攻击,首页写着中国万岁
提议关闭社会网吧政协委员公司网站被黑 2009年黑客入侵花期银行,席卷千万美元引起股票大跌 2010年上半年, 59.2%的网民使用网络的过程中遇到了病毒和木马攻击
19
典型的网络安全事件 1983年 414黑客 6名少年黑客控制60多台电脑
1983年 414黑客 6名少年黑客控制60多台电脑 1988年 “蠕虫”病毒的发明 罗伯特一莫里斯 造成6000多个系统瘫痪(1/10) 损失1500万-1亿美元 1995年 凯文·米特尼克 被称为世界上“头号电脑黑客”闯入多台电脑 偷窃2万个信用卡号和复制软件,曾闯入“北美空中防务指挥系统”;破译“太平洋电话公司”在南加州通信网络的“改户密码”等,损失 8000万美元 2000年 雅虎,亚马逊,微软等网络遭到攻击,受害公司损失近10亿美元 2003年 “蠕虫王”病毒,利用SQL Server的漏洞进行传播,导致全球范围互联网瘫痪, 经济损失达12亿 2007年, 超过9400万用户的visa和mastercard信用卡信息被窃取
20
常见的攻击方式 病毒 木马 拒绝服务和分布式拒绝服务攻击 欺骗 邮件炸弹 口令破解 社会工程
21
攻击工具 标注的Tcp/ip工具 端口扫描和漏洞扫描 网络包分析 口令破解工具 木马
Similar presentations
