Police/NCA Cybercrime Training Denis A Nicole dan@ecs.soton.ac.uk 2014-08-07 - PowerPoint PPT Presentation

Loading...

PPT – Police/NCA Cybercrime Training Denis A Nicole dan@ecs.soton.ac.uk 2014-08-07 PowerPoint presentation | free to download - id: 67041f-OThkN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Police/NCA Cybercrime Training Denis A Nicole dan@ecs.soton.ac.uk 2014-08-07

Description:

Title: Main presentation title goes here. Author: sep Last modified by: dan Created Date: 1/25/2008 10:32:18 AM Document presentation format: On-screen Show (4:3) – PowerPoint PPT presentation

Number of Views:1
Avg rating:3.0/5.0
Date added: 5 January 2020
Slides: 23
Provided by: SEP
Learn more at: http://www.hpcc.ecs.soton.ac.uk
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Police/NCA Cybercrime Training Denis A Nicole dan@ecs.soton.ac.uk 2014-08-07


1
Police/NCA Cybercrime Training Denis A
Nicole dan_at_ecs.soton.ac.uk 2014-08-07
2
  • When the militarys top cyberwarriors gathered
    last year inside a secretive compound at Fort
    Meade, Maryland, for a classified war game
    exercise, a team of active-duty troops faced off
    against several teams of reservists.
  • And the active-duty team apparently took a
    beating.
  • They were pretty much obliterated, said one
    Capitol Hill staffer who attended the exercise.
    The active-duty team didnt even know how theyd
    been attacked.
  • http//www.navytimes.com/article/20140804/NEWS04/3
    08040019

3
  • Congress has authorized the FBI to add 2,000
    personnel to its rolls this year, and many of
    those new recruits will be assigned to tackle
    cyber crimes, a growing priority for the agency.
    And thats a problem, FBI Director Comey told the
    White Collar Crime Institute, an annual
    conference held at the New York City Bar
    Association in Manhattan. A lot of the nations
    top computer programmers and hacking gurus are
    also fond of marijuana.
  • I have to hire a great work force to compete
    with those cyber criminals and some of those kids
    want to smoke weed on the way to the interview,
    Mr. Comey said.
  • Mr. Comey said that the agency was grappling
    with the question right now of how to amend the
    agencys marijuana policies, which excludes from
    consideration anyone who has smoked marijuana in
    the previous three years, according to the FBIs
    Web site. One conference goer asked Mr. Comey
    about a friend who had shied away from applying
    because of the policy. He should go ahead and
    apply, despite the marijuana use, Mr. Comey
    said.
  • http//blogs.wsj.com/law/2014/05/20/director-comey
    -fbi-grappling-with-hiring-policy-concerning-marij
    uana/

4
Nobody but us?
https//firstlook.org/theintercept/document/2014/0
8/05/directorate-terrorist-identities-dti-strategi
c-accomplishments-2013/
5
http//stakeholders.ofcom.org.uk/market-data-resea
rch/market-data/communications-market-reports/cmr1
4/uk/
6
Year of Code
  • Teachers could be trained how to educate students
    in computer programming in a day
  • Lottie Dexter http//www.bbc.co.uk/news/technology
    -26150717

7
1969
  • Toby Harris went on to be the first chair of the
    Metropolitan Police Authority.

8
Content
  • Basics of Computer Networking
  • IP4 and IP6, NAT (private addresses)
  • BGP (Border Gateway Protocol), attacks
  • DNS, dynamic DNS, secure DNS, attacks
  • HTTP, HTTPS, VPNs, ssh
  • Firewalls
  • Public Key Infrastructure
  • Tor, Bitcoin
  • This is all standard material for us

9
Cybercrime concepts
  • Basic SQL injection, cross-site scripting, DDoS.
  • Malware viruses, attack surfaces (software and
    hardware).
  • Patching, antivirus, network monitoring.
  • Motivations, sophistication of attackers,
    insiders?
  • Forensic analysis little real experience at
    Southampton.
  • Network traffic analysis off-site specialists.

10
Types of Malware
  • Browser attacks
  • Application attacks
  • OS attacks
  • Rootkits
  • HW attacks

11
Basic Computer Forensics
  • Major tools are probably
  • EnCase expensive, no experience in
    ECS https//www.guidancesoftware.com/
  • SANS we have some experience here
    http//digital-forensics.sans.org/community/cheat-
    sheets
  • More advanced techniques
  • Malware analysis (IDA Pro) https//www.hex-rays.co
    m/products/ida/
  • Password Cracking http//www.openwall.com/john/

12
Hands-on laboratory work
  • RFID
  • CHIP AND PIN
  • Penetration testing PonziBank
  • XSS
  • Side Channels
  • Malware analysis

13
Which do you trust?
14
EMV electrical protocol
C1 Vcc (5V, 55mA until Jan 2014) C2 Reset
(active low) C3 Clock (1MHz to 5MHz) C5
Ground C7 Input/Output (1 bit 372 clocks)
15
Check a PIN
  • Sending 80 CA 9F 17 00 How many tries do I have
    left?
  • Received 9F 17 01 03 90 00 Three. It might not
    tell you!
  • Sending 00 20 00 80 08 24 00 00 FF FF FF FF FF
    Is it 0000?
  • Received 63 C2 Nope two tries left
  • State of non-volatile memory changed. Counter
    0x2
  • Sending 00 20 00 80 08 24 00 01 FF FF FF FF FF
    0001?
  • Received 90 00 Yes
  • Sending 80 CA 9F 17 04
  • Received 9F 17 01 03 90 00 Were back to three
    tries
  • If you brick your card, an ATM should check
    online and reset it.

Gives a good introduction to ASN.1
16
PonziBank
http//xkcd.com/327/
17
Research C/C Verification Presentation to
HP Denis A Nicole dan_at_ecs.soton.ac.uk 2014-05-07
18
Our contribution to security
  • A whole new class of software vulnerabilities
    arise in multicore chips all modern phones,
    desktops and servers.
  • The vulnerabilities are timing-dependent and
    cannot usually be found by conventional testing.

19
ESBMC is a Collaboration between
  • University of Southampton
  • Jeremy Morse and Denis Nicole
  • Federal University of Amazonas, Brazil
  • Mikhail Ramalho, Mauro Freitas, Felipe Sousa,
    Hendrio Marques and Lucas Cordeiro
  • University of Stellenbosch, South Africa
  • Bernd Fischer


20
ESBMC is a bounded model checker
  • It exhaustively analyses all possible behaviours
    of a (multithreaded) C or C program up to a
    fixed depth of
  • loop iteration (including backward jumps and
    recursion),
  • thread interleaving.
  • Within these bounds, it checks for
  • C errors pointer errors, arithmetic errors,
    array bounds, malloc()/free(), assert() failures,
    data races, etc.
  • Violation of Linear Temporal Logic
    specifications.

21
Model Checking is not Simulation
  • Simulation (testing) checks correctness for a
    particular input and a particular thread
    interleaving.
  • You need to run multiple simulations with
    different data and different timing before you
    get some assurance.
  • Model Checking exhaustively analyses all possible
    behaviours over a range of possible inputs and
    generates a witness, a trace of program state, if
    there are any possible failures.
  • Good-coverage simulation may be effective against
    random errors it offers little protection
    against tailored attacks.

22
Improvement by competition
  • The field of C model checking research is now
    large enough to support annual competitions
    perhaps the best known is that held in
    conjunction with the International Conference on
    Tools and Algorithms for the Construction and
    Analysis of Systems (TACAS).
  • The team is proud to report that ESBMC v1.17 won
    the Gold Medal in the SystemC and Concurrency
    categories and the Bronze Medal in the overall
    ranking of the first International Competition on
    Software Verification at TACAS 2012.
  • ESBMC v1.20 won the  Bronze Medal in the overall
    ranking of the second competition at TACAS 2013.
About PowerShow.com