Most introductory texts provide a technology-based survey of methods and techniques that leaves the reader without a clear understanding of the interrelationships between methods and techniques. By providing a strategy-based introduction, the reader is given a clear understanding of how to provide overlapping defenses for critical information. This understanding provides a basis for engineering and risk-management decisions in the defense of information.
Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel.
- Provides a broad introduction to the methods and techniques in the field of information security
- Offers a strategy-based view of these tools and techniques, facilitating selection of overlapping methods for in-depth defense of information
- Provides very current view of the emerging standards of practice in information security
Dr. Timothy Shimeall is an Adjunct Professor of the Heinz College of Carnegie Mellon University, with teaching and research interests focused in the area of information survivability. He is an active instructor in information security management and information warfare, and has led a variety of survivability-related independent studies. Tim is also a senior member of the technical staff with the CERT Network Situational Awareness Group of Carnegie Mellon's Software Engineering Institute, where he is responsible for overseeing and participating in the development of analysis methods in the area of network systems security and survivability. This work includes development of methods to identify trends in security incidents and in the development of software used by computer and network intruders. Of particular interest are incidents affecting defended systems and malicious software that are effective despite common defenses. Prior to his time at Carnegie Mellon, Tim was an Associate Professor at the Naval Postgraduate School in Monterey, CA.
Most introductory texts provide a technology-based survey of methods and techniques that leaves the reader without a clear understanding of the interrelationships between methods and techniques. By providing a strategy-based introduction, the reader is given a clear understanding of how to provide overlapping defenses for critical information. This understanding provides a basis for engineering and risk-management decisions in the defense of information.Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel. Provides a broad introduction to the methods and techniques in the field of information security Offers a strategy-based view of these tools and techniques, facilitating selection of overlapping methods for in-depth defense of information Provides very current view of the emerging standards of practice in information security
Strategies and Security
Dealing with resourced and persistent adversaries motivates defenders both to understand the adversaries’ strategies and to have a range of defense strategies available for use. Attack strategies include localized, progressive, and group attacks. Defense strategies include deception, frustration, resistance, and recognition and recovery. This chapter provides a basic outline of both groups of strategies for information security.
Keywords
strategy; deception; frustration; resistance; recognition; recovery; RSA; advanced persistent threat (APT); Robert Morris Jr.; direct attack; progressive attack; misdirection attack; massed attack
Information in this chapter
■ Security strategies
■ Attack strategies
■ Defense strategies
■ Security controls
Introduction
The motivation of adversaries attacking networks changed during the first decade of the twenty-first century. While there are still hobbyist-level adversaries, more and more became self-sustaining financially. During this time, large botnets were accumulated by a number of adversaries, and the selling of use of these botnets lead to one stream of income; another income stream was the emergence of fraud schemes, including phishing and credit card fraud. These self-sustaining adversaries are much more persistent than hobbyists, and protecting networks against these adversaries, or even making a network relatively difficult to compromise, requires understanding the strategies both that they may use to compromise, and that defenders may use to protect information.
This chapter presents concepts of attack and defense strategies. Some basic strategic options are laid out in the next section. Following that, the application of these strategies to security threats is discussed. Example security controls associated with each defense strategy are then covered briefly, and expanded on in the rest of this book. An example security incident and how the defense strategies could have applied are discussed immediately prior to the chapter summary.
Security Strategies
A strategy is defined as a “method or plan chosen to bring about a desired future” [1]. A security strategy is, therefore, a strategy that affects security, either in defense (often, increasing the security of an organization’s information) or in attack (often, decreasing the security of an organization’s inform-ation). Security strategies form the general approaches to security adopted by an organization, and many organizations employ overlapping security strategies to help prevent gaps.
This chapter will discuss both attack and defense security strategies. While the focus of most of this book lies with defense strategies, there is some value in a high-level understanding of security attack strategies as a context for deploying defense strategies. As adversaries have become better resourced and increasingly systematic, the attack strategies they employ have become increasingly diverse.
Attack Strategies
One motivation to systematically address information security risk (in addition to the legal requirements described in Chapter 1) is that the threats against information security are growing systematic. The RSA case [2] described in the “Case Study: RSA Attack” sidebar shows how adversaries may target trusted security controls as a means of facilitating later attacks. This shows a degree of attack planning beyond what has been typical of past adversaries. Robert Morris Jr., for example, released his malicious software without plans for follow-on activity (see the following sidebar). The revelations about government-sponsored cyber attacks in the 2007–2011 timeframe [3] have opened discussions about such attacks and their extensive planning and serious consequences for organizations. Pervasive fraud attempts have become a routine warning to business users of the Internet, including the dangers of trusting emailed web references or opening seemingly relevant attachments. As targeted frauds have proliferated, users find it difficult to differentiate legitimate and fraudulent financial web pages, to the detriment of organizational security.
Adversaries may threaten information security on multiple levels simultaneously. They attack individual hosts, exploiting weaknesses in the operating system (e.g., the Windows 95 LAND attack [4]), or in the application software (e.g., the Internet Worm, as described in the following sidebar). They attack via networks, using remote contact methods, or by exploiting the trust within networks to propagate from an initial point of compromise. They attack users, either as malicious insiders (e.g., the Chris Harn case [5], described in Chapter 1), or as malicious outsiders (e.g., using fraudulent email). They attack data that organizations use in essential business processes, including compromise, imitation, or redirection of data sources (e.g., phishing), using websites that closely imitate institutions to obtain authentication information used in later frauds [6].
Profile
Robert T. Morris, Jr.
Robert Morris grew up in a technical family. His father worked on many of the basic security technologies and is most famous for publishing an analysis of password security. After graduating from Harvard in 1987, the younger Morris entered Cornell as a Ph.D. student and continued research that included network security. In late 1988, he developed a self-replicating computer program, a worm, designed to both measure the size of the Internet and to evaluate the frequency of vulnerabilities in several common network services (remote command execution via email, weak authentication in remote access, and a buffer overflow in finger, a user identity service) [7]. He released the program in early November 1988, and it rapidly overwhelmed many of the hosts then on the Internet [8]. His attempts to both shut off the worm and to instruct others on how to block it were both unsuccessful due to a lack of trusted information channels and to blockages caused by the worm itself. Eventually, about two-thirds of the hosts on the Internet were affected to some extent. An ad-hoc group of network administrators and security investigators formed to analyze the worm and successfully blocked it by correcting the vulnerabilities it used. Subsequent investigation pointed back to MIT as the starting point for the worm. Morris was identified as the author and arrested. He was convicted under the Computer Fraud and Abuse Act, and served a suspended sentence involving a fine and community service [7].
Following his sentence, Morris focused on positive developments to computer science including network security. Morris continued his education via Harvard’s Ph.D. program. His graduate work included development of network switch technology, and his dissertation work involved modeling and controlling complex networks. Following his graduate work, he was appointed as a professor of computer science at MIT, and was awarded tenure in 1998 for his work on wireless networks, distributed operating systems, and peer-to-peer applications. He is currently continuing this highly respected work as a member of the PDOS group at MIT. Outside of his academic studies, Morris has been active in technology companies, developing e-business software, and partnering in an investment corporation [18].
To illustrate the usefulness of understanding attack (and defense) strategies, this chapter employs a brief continuing example. Consider a small nonprofit organization that has a website, a connection gateway providing external access to internal computers for the use of staff and organizational officers, a file server with shared information, several workstations internally for the staff and authorized volunteers, and an internal office server with human resources and financial information on it. A contract with a service provider supports hosting of the website, external-facing domain name system (DNS) service, and email service for the nonprofit. Figure 2.1 illustrates the organization’s logical network structure. After performing a risk analysis, the nonprofit’s staff determines the major security concerns are disgruntled staff or volunteers leading to information theft, external adversaries compromising computers as part of their botnet-building activities, and corruption or unauthorized dissemination of financial information.
Figure 2.1 Logical network structure for strategy example.
An adversary may have diverse malicious goals, including theft of data, misuse of computing time on hosts, consumption of network bandwidth, impersonation of users, and redirection of organization network addresses. Adversaries employ a wide variety of attack strategies to attain these goals. The generic strategies they use include direct attacks, progressive attacks, mass attacks, and misdirection. Most attacks are not launched directly from the host the adversary uses to access the Internet. Rather, adversaries use hosts previously compromised (or acquired legitimately) as launch points for their attacks.
The simplest attack strategy is the direct one. In this case, the adversary strikes against the target from the launch point, without intermediate or third-party hosts involved except in normal traffic routing. Figure 2.2 shows an abstraction of this strategy, where the solid node is the launch point and the patterned node is the...
| Erscheint lt. Verlag | 12.11.2013 |
|---|---|
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Informatik ► Office Programme ► Outlook | |
| ISBN-10 | 1-59749-972-2 / 1597499722 |
| ISBN-13 | 978-1-59749-972-9 / 9781597499729 |
| Haben Sie eine Frage zum Produkt? |
PDF (Adobe DRM)Größe: 9,4 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
EPUB (Adobe DRM)Größe: 3,6 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
