DOC PREVIEW
SJSU CS 265 - Simple and Complex Threats Shape the Future

This preview shows page 1-2-14-15-29-30 out of 30 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Simple and Complex Threats Shape the FuturePowerPoint PresentationSlide 3Faster, Frequent, and More Complex Blended ThreatsSlide 5Attack Sources*Less Knowledge Required to AttackSoftware Vulnerabilities on the RiseThreat Evolution: Day-zero ThreatsSlide 10Slide 11New Technologies and TargetsGeneral Threat EvolutionThreat Evolution: Malicious CodeMalicious Code Protection StrategiesSlide 16Slide 17Slide 18Information Security Solutions TodaySymantec is Securing the EnterpriseSecuring the EnterpriseSlide 22Securing the EnterpriseSymantec Client SecurityIntrusion Protection SolutionsSymantec AV for Handhelds Corp EditionSlide 27Slide 28Conclusion: Optimize Control and Minimize ComplexitySlide 30Simple and Complex Threats Shape the Future Linda McCarthyExecutive Security AdvisorNovember 22, 2003© 2003 Symantec Corp.Page 2ARPA Network - 1969© 2003 Symantec Corp.Page 3Internet Backbone - 2003© 2003 Symantec Corp.Page 4Faster, Frequent, and More Complex Blended Threats•Increasing prevalence of blended threats•Combine hacking, denial of service, more aggressive, and spread faster than ever before•August 2003 tested defenses of home and corporate users•Four high impact attacks in the span of eight days•Tested the defenses of home an corporate users•Attackers turning up the heat© 2003 Symantec Corp.Page 5 Tremendous Challenges•Increasing number and sophistication of attacks•Increasing complexity across an enterprise •Resource Constraints •Risks difficult to define and prioritize•Products alone are reactive1995 1996 1997 1998 1999 2000 2001 2002200M300M400M500M600M700M900M0Infection Attempts100M800M*Analysis by Symantec Security Response using data from Symantec, IDC & ICSA; 2002 estimated**Source: CERTNetwork Intrusion Attempts20,00040,00060,00080,000120,0000100,000Blended Threats(CodeRed, Nimda, Slammer)Denial of Service(Yahoo!, eBay)Mass Mailer Viruses(Love Letter/Melissa)ZombiesPolymorphic Viruses(Tequila) Malicious Code InfectionAttempts* Network IntrusionAttempts**Worldwide Attacks© 2003 Symantec Corp.Page 6Attack Sources*•Top ten attack source countries account for 80% of all attacks•51% of all attacks originate in the United States•Japan is 9th most common sourceSource: Internet Security Threat Report, Symantec, September 20032%Italy102%Japan92%Netherlands82%Great Britain73%France64%Canada54%South Korea45%Germany35%China251%United States1Six Months Ending June 30, 2003CountryRankingHighlights – Attacks© 2003 Symantec Corp.Page 7HighLow1980 1985 1990 1995 2000 2005Less Knowledge Required to AttackIntruderKnowledgeAutomated Tools &Attack Sophistication© 2003 Symantec Corp.Page 81025305060010203040506070'99 '00 '01 '02 '03 Source: BugtraqAverage number of new vulnerabilities discovered every weekSoftware Vulnerabilities on the Rise© 2003 Symantec Corp.Page 9Vulnerability-ThreatWindowVulnerabilityIdentifiedThreatReleasedTimeThreat Evolution: Day-zero ThreatsA day-zero threat exploits a previously unknown, and therefore unprotected vulnerability.© 2003 Symantec Corp.Page 10VulnerabilityidentifiedThreatreleasedTimeDay-zero exploitThreatreleasedThreat Evolution: Day-zero ThreatsA day-zero threat exploits a previously unknown, and therefore unprotected vulnerability. MonthsDaysHours“Day 0”NoviceProgrammerSophisticated ProgrammerOrganized Crime/Terrorist OrganizationNation/State ThreatAs attacker demographics shift,we see a reduction in the vulnerability-threat window.Time Until Exploitation© 2003 Symantec Corp.Page 11Faster, More Aggressive Attacks•More attacks are targeting new vulnerabilities•New vulnerabilities are being exploited more quickly•Faster exploitation requires better patch management policies39%25%14%10%4%5%1% 1%0%10%20%30%40%50%0 to 6 6 to 12 12 to 18 18 to 24 24 to 30 30 to 36 36 to 42 42 to 48Vulnerability Age Range (months)Percent of New Attack Targets•64% of new attacks targeted•vulnerabilities less than •1 year oldTrends© 2003 Symantec Corp.Page 12New Technologies and TargetsBroadband120M subscribers worldwide by 2005SCADAUsed by oil and natural gas, controls electric power and water suppliesInstant Messaging/P2POver 500M users by 2005Wireless484M users worldwide by 2005Grid Computing$4.1B market by 2005Web Services Security$4.4B market by 2006© 2003 Symantec Corp.Page 13 Flash threats? Massive worm-driven DDoS?Critical infrastructure attacks?RegionalScopeIndividualPCsIndividual Orgs.SectorGlobalImpact2000 2003 1st gen. viruses Individual DoS Web defacement1990sGeneral Threat Evolutionemail wormsDDoSCredit hacking Blended threats Limited Warhol threats Worm-driven DDoS National credit hacking Infrastructure hackingTime© 2003 Symantec Corp.Page 14HoursTimeWeeks or monthsDaysMinutesSecondsClass IIHuman response: difficult/impossibleAutomated response: possibleEarly 1990s Mid 1990s Late 1990s 2000 2003Class IIIHuman response: impossibleAutomated response: unlikelyProactive blocking: possibleThreat Evolution: Malicious CodeContagion TimeframeFile VirusesMacro Virusese-mail WormsBlended Threats“Warhol” Threats“Flash” ThreatsClass I Human response: possible© 2003 Symantec Corp.Page 15Threat Class Sensing StrategiesReactive Protection StrategiesProactive Protection StrategiesClass III threats(Flash threats, Day-Zero)Class II threats(Blended threats, Warhol, Day-Zero)Class I threats(Blended threats, worms, viruses) Distributed Sensor Networks ProtocolAnomaly Detection Rule and Statistical CorrelationMalicious Code Protection StrategiesGeneric Exploit Blocking Network Intrusion PreventionHost Intrusion PreventionOnly useful after initial wave Manual Fingerprints Auto Fingerprint Generation Auto Fingerprint Generation(for slowerClass II threats) Adaptive Security© 2003 Symantec Corp.Page 16Faster, More Frequent Blended Threats•20% increase in blended threats •New blended threats spread more quickly•Protection against blended threats requires a layered, integrated approach to securityTrends© 2003 Symantec Corp.Page 17New Blended Threat Targets•Microsoft IIS vulnerabilities–Large installed base–Numerous severe vulnerabilities•Microsoft Internet Explorer vulnerabilities–Large installed base–Easy exploitationTrends© 2003 Symantec Corp.Page 18Expanded Dangers from Blended Threats•Theft of confidential information–Bugbear.B –50% increase in attacks on confidential data•Remote attacks–Disguised as worm activity–Bot


View Full Document

SJSU CS 265 - Simple and Complex Threats Shape the Future

Documents in this Course
Stem

Stem

9 pages

WinZip

WinZip

6 pages

Rsync

Rsync

7 pages

Hunter

Hunter

11 pages

SSH

SSH

16 pages

RSA

RSA

7 pages

Akenti

Akenti

17 pages

Blunders

Blunders

51 pages

Captcha

Captcha

6 pages

Radius

Radius

8 pages

Firewall

Firewall

10 pages

SAP

SAP

6 pages

SECURITY

SECURITY

19 pages

Rsync

Rsync

18 pages

MDSD

MDSD

9 pages

honeypots

honeypots

15 pages

VPN

VPN

6 pages

Wang

Wang

18 pages

TKIP

TKIP

6 pages

ESP

ESP

6 pages

Dai

Dai

5 pages

Load more
Download Simple and Complex Threats Shape the Future
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Simple and Complex Threats Shape the Future and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Simple and Complex Threats Shape the Future 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?