Attack Tree Of Computer Security

onrush Tree Of Computer SecurityThis report is introduces some the practical snipe for company and it represent by the attack steer plot. In the company start sextet calculating machine and internal master of ceremonies. Each in bringation processing dodge is using Microsoft windowpane 7. They atomic number 18 using the videodisc to retentiveness the backup and the router is default setting. Each employee has the telecommunicate address. Firstly, I lead attack the workstation, try to obtain the rallying cry illegitimately and attack the protection such as fix virus, trojan horse, worm and DOS attack. by and bywards that, I go out attack the dvd to get the dvd and do some malevolent action. Obtain the videodisk basis by means of the employee, such as bribe or stake. leering action volition interpose the threats into the DVD and spread to separate information processing system when they be using the backup. Then, we lead attack the router which is alter the WEP or filter the mac address to ca determination the computer tidy sum non marry to the mesh topology. We in any case green g one and only(a)ess using threats through the router to source in into the system, e.g plashing, pharming, DNS lay aside intoxication and spoofing. However, I will attack the server using the internal threats and outside threats, such as take up a person to disguise a node to get the teaching from company, or ask the temporarily customer to be a spy to do some venomed action. Moreover, attack the telecommunicate using the earnest system threats like phishing, email netmail, virus and spam. Then, obtain the email watchword from the target. Finally, attack the window 7 using hacking tools to bankrupt the host file cabinet from the system and using physiologic attack to the system and obtain the important entropy or change the information to make a big lose for the company. All of these attacks will discuss in this report.Introd uction and scope fervour maneuver helps one to understand security issue better, from the stand point of an attacker. approach path trees are a in writing(p) and mathematical construct used to identify most of the attack that will pay back the greatest try to the defender, determine effective strategies decrease the risk in a acceptable level for the defender, describe the potential drop attack between the adversary and the defender, nominate a communication mechanism for security analysts, capture what is cognize and believed about the system and its adversaries, and store the information in a diagram that can be dumb for the subsequently defenders. Although it is very hard to identify the entire possible factor that leads to intuition, it is based on the experiences and the aptitude to extrapolate how the experiences apply on the new situation.For example, the effectiveness of internet security, network security, banking system security, installation and strength secur ity whitethorn all be modelled using attack trees. The ideal of attack tree is that an equipment, soft intersection, butt against could have vulnerabilities that when successful, they could compromise the entire system.ScopeThere are six computers and one internal server and each computer encompasses Microsoft Window 7 and Microsoft Office 2007. Each workstation has been patched with all updates of March 25, 2010. They are using ADSL 2+ connection. The server and workstation backup is store in a DVD. All the employees have email addresses and thither share the enter through a D-Link DNS-323 NAS. The router is utilising default settings and consists of a D-Link DSL G604t. Each workstation is utilising Microsoft Windows Malicious Software Removal Tool.Assumptions-The room houses the server is not locked or well protected with introduction key.-The router is not updated with the latest patches and set the default setting.-The workstations are not created with substance ab user login account.-No legal antivirus software is installed.Attack tree for compromising availabilitySpywareTrojancomputer virusWormDOS attackSecurity attackAttack workstation expositionDue do the workstation do not have any legal antivirus software, so the security of the workstation is weak. We can use contrasting threats to attack the workstation. We will install spyware to the workstation through email, when the employee clicks on the email. Spyware will percolate some information from there without their knowledge. It is hard to detect, unless the user install the anti spyware software. We too use the identical way to install the Trojan, virus and worm into the workstation. Trojan will format the hard drive when the user unpicks it. Virus will spread from one device to other, when they are connecting to another computer or device. almost of the virus will overthrow the data or cause the computer keep reboot. Worm will use up the computer resources and possibly shutting down the system. Install the DOS (Denial of service) attack to proceed the user to penetration information or service, such as access email, website, etc.Attack workstation slipGet discussion from employeeBribeThreatenFind written passwordObtain login password illegallyUse widely know passwordLearn passwordGuess passwordDescriptionThe other way to attack the workstation is obtain the administrator login password illegally. First of all, we can try to guess the password or use the widely known password, because most of the users usually use the password to easy memories. After that, we also can learn the password such as husking the written password from the user. We also can get the password from the employee. There are many ways to get from them. Firstly, we can be the employee, like find out some secret from the employees. However, we can bribe the employees to give them some advantages, such as money or something they like. Finally, we can steal from the employee, like install remo te password thief computer and receive the password through email.BlackmailBribeEmployeeCopyStealExchange DVDObtain DVDAttack backupDescriptionThe backup of company is store in a DVD, so there are many possible ways to obtain the DVD. Firstly, we can use another DVD to exchange with the DVD backup, so they cannot find out any problem before they use the DVD. After that, we also can steal the DVD or copy the DVD. Finally, we can bribe the employee or blackmail the employee to let him get the DVD.Attack backupMalicious actionSpywareVirusTrojan subvert DVDDescriptionanother(prenominal) way to attack the backup is do malicious action. We can destroy DVD, like burn or break it. We also can put the threats through email or employee to the workstation, so after they backup the threats also in the DVD. When they use the backup DVD, the Trojan will install in the system, and format the hard drive of the system. Virus will spread into the system to destroy the data or make the system error. Spyware will install into the system and collects some information from the system, so we can know what is the user doing in the system.Filter the mac addressSet the WEPGet in the routerAttack routerChange router login passwordBlock the websiteDescriptionBecause of the router is using the default setting, so they do not change the login password. So we can get in the router using the default password. After that, we can change the login password and set a WEP to ignore the employee using the wireless. However, we can filter the mac address to disable employees computer to connect internet. Furthermore, we also can block some URL about the company, so the employee cannot access the website.PhlashingPharmingDNS cache poisoningSpoofingAttack routerSecurity attackDescriptionThere is some security attack to the router. We can use the spoofing attack to masquerades as another program to falsifying data and gaining some advantages. Furthermore, DNS cache poisoning will corrupts the DNS tab le and cache, so the domain name will assign with a malicious IP address. When the employee use the malicious IP address, the computer will infected by worm, viruses or spyware. Moreover, we also can use pharming to attack the router. Pharming is redirecting the website work to a bogus website. When the employee get in the website, pharming will conducted to change the hosts file or exploitation the vulnerability in DNS server software. Finally, phlashing will exploit vulnerability in network based micro regulation update, it will permanently disable the hardware by loading corrupted BIOS onto the hardware.Attack serverTrojanWormVirusCheck for the security protectionInstall remote accessDisguiseEavesdropSecurity attackEspionageTemporarily employeeCustomer intrinsic threatsDescriptionThere are two internal threats to attack the server. Due to the room of server is do not lock properly, so the temporarily employee can easily get in the room. Temporarily employee maybe is espionage to get the information from the server. They will install remote access to control the server, such as delete the data or destroy the server. They also will attack the security and install virus, worm and Trojan to exploit the server and cause the server crash. Attacker also will disguise be a customer, so they can go to the company easily. They can be eavesdrop in the company, and they can check for the security protection of the company, find out the vulnerability, so they can easily get into the company when nobody inside.Attack serverInternal threatsAcross to the computer room powerAcross to the power switchTurn off security protectionRename serverTurn the power offSteal dataEmployeeDescriptionAnother internal threat is employee. We can bribe the employee, because employees already work in the company for a vast time, so we can ask them to steal important data or some secret data of the company. However, we also can ask them to turn off the power of the server room, so some docum ent have not save will missing. Employees can across the power switch or across to the computer room power to turn off the power. Then, turn off the security protection in the server, so we can easily to hack into the server. Finally, rename the server and cause all computer cannot connect to the server.Obtain password from targetThreatsTrojanVirusesEmail spamPhishingSecurity attackAttack emailDescriptionEmail will attack by the threats and obtain the password illegally from the target. We can threaten or blackmail the target to get the email password, so we can send email for others and provide wrong information to them. There are four types of threats send to the email and bluff the employee to click it, so the threats will install into the system. First, phishing will send by the email and come out well known website, then the employee go to the website and key in the username and password, their information will obtain by attacker. Moreover, the email spam will send the message to numerous recipients by email, and it is unsolicited. However, viruses are dangerous because they often deliver extremely destructive payloads, destroying data, and bringing down entire mail systems. Finally, use email installs Trojan to obtain underground information or gain control of the server.Attack Microsoft Window 7Change the document place down host fileSpywareMalwareHacking toolsTurn off power turn inDisguise CleanerDestroy computerDescriptionMicrosoft window 7 is the widely operating system in the world, so there are many hacking tools to hack into the system. Attacker can pretend be a cleaner, and using the tools to hack into the system, after that install the malware to destroy the host file or change the important document, effects the company process. Then, install the spyware to spy the user work in the system and obtain the login password. Furthermore, we also can destroy the computer such as use water or burn it. Finally, turn off the power supply and cause th e system lost the data before the user save it.Attack Microsoft Window 7Physical attackSecurity attackTeardropRemote access trojanWormVirusCrash Win 7DescriptionMicrosoft window 7 also can attack physically. Because of the window 7 is widely use, so attacker are found many security vulnerability. Teardrop attack is a form of denial of service (DOS) attack, it will exploit the system when the internet protocol requires that a packet too big for the next router to handle has to split into shards. In the teardrop attack, attackers IP puts an odd and confusing offset value in the second fragment or in a fragment thereafter. If the operating system under the teardrop attacks, the system will crash. Another is security attack, we can ask the employee or using the email to install virus, worm and spread all of these threats to the entire computer in the company on the network, and make the system down. Another threat is using remote access Trojan to control the system. This type of Trojan creates a backdoor into the system. We can use the client to control the server, this can allot to almost completing control over the victims system.Attack Microsoft Office 2007Confidential needinessThreats of document unity lossAltered dataCorrupt dataSell dataBroadcast dataDescriptionThe method of attack the Microsoft Office 2007 is threats the document. Firstly, we can get the document from employee or using the Trojan or virus through email send to the system to obtain the document. Then, it will cause the integrity loss and confidential loss. In the integrity loss, we will altered the data and corrupt the data. In the confidential loss, we will broadcast the data or sell the data to another company, so the secret of the company will know by everyone. These two type of method will cause big loss for the company. deathAs you can seem that from the diagram, there are many attack come from many different ways such as internal threats, external threats. Internal threats are caus e by the employee, customer and the worker in the company. External threats are cause by the attacker using different method to hack into the system to do malicious action. But comparatively, the attacking from internal is easier, because the employee is know more about the company and can get the data easily, but that is dangerous, if the company found that, they will get catch. In the other hand, the attacking from external is difficult but safe, because they do not know where is the data and also need to avoid the security protection, but if the company found that, they is hard to track the attacker. All of the diagram above is some of the possible attack, there are still have many possible attack. Indeed, with the scientific advancements, it is likely that the computer threats will emerge in endlessly, so the possible attack will come out more and more in the future.GlossaryVirus- A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting i.e., inserting a copy of itself into and becoming part of another program. A virus cannot run by itself it requires that its host program be run to make the virus active.Trojan- A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.Worm- A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.Spyware- Spyware is a type of malware that can be installed on computers and collects little bits of information at a time about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is on the QT installed on the users personal computer.Spam-Electronic junk mail or junk newsgroup posting s.Spoofing-Attempt by an unauthorized entity to gain access to a system by posing as an authorized user.Pharming-This is a more sophisticated form of MITM attack. A users session is redirected to a masquerading website. This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading websites IP. Almost all users use a URL like www.worldbank.com quite of the real IP (192.86.99.140) of the website. Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website. At the pseudo website, transactions can be mimicked and information like login certificate can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website.Phishing-The use of e-mails that appear to originate from a sure source to trick a user into entering valid credentials at a elude website. Typically the e-mail and the web site looks lik e they are part of a bank the user is doing business with.Denial of service-The prevention of authorized access to a system resource or the delaying of system operations and functions.Malware-A generic term for a number of different types of malicious code.DNS cache poisoning-DNS poisoning is also called DNS cache poisoning, and refers to the corruption of DNS tables and caches so that a domain name points to a malicious IP address. at once the user is re-directed to the malicious IP address his/her computer can be infected with worms, viruses, spy ware etc.Phlashing- Phlashing is a permanent denial of service (DoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable.Teardrop-Teardrop is a program that sends IP fragments to a machine connected to the Internet or a network. Teardrop exploits an lapping IP fragment bug present in Windows 95, Windows NT and Windows 3.1 machines. The bug causes the TCP/IP fragmentation re-assembly code to improperly handle overlapping IP fragments. This attack has not been shown to cause any significant constipation to systems, and a simple reboot is the preferred remedy. It should be noted, though, that while this attack is considered to be non-destructive, it could cause problems if there is unsaved data in open applications at the time that the machine is attacked. The primary problem with this is a loss of data.