emerging threats3

profilerabako2020
Cyber_Attacks_Chapter03_PowerPoint_Lecture_Slides.ppt
Home>Computer Science homework help>emerging threats3

*

Copyright © 2012, Elsevier Inc. All Rights Reserved

Chapter 3

Separation

Cyber Attacks

Protecting National Infrastructure, 1st ed.

Copyright © 2012, Elsevier Inc. All Rights Reserved

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

  • Using a firewall to separate network assets from intruders is the most familiar approach in cyber security
  • Networks and systems associated with national infrastructure assets tend to be too complex for firewalls to be effective

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Introduction

Copyright © 2012, Elsevier Inc. All rights Reserved

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

  • Three new approaches to the use of firewalls are necessary to achieve optimal separation
  • Network-based separation
  • Internal separation
  • Tailored separation

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Introduction

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Fig. 3.1 – Firewalls in simple and complex networks

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Copyright © 2012, Elsevier Inc. All rights Reserved

*

  • Separation is a technique that accomplishes one of the following
  • Adversary separation
  • Component distribution

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

What Is Separation?

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

  • A working taxonomy of separation techniques: Three primary factors involved in the use of separation
  • The source of the threat
  • The target of the security control
  • The approach used in the security control

(See figure 3.2)

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

What Is Separation?

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.2 – Taxonomy of separation techniques

*

  • Separation is commonly achieved using an access control mechanism with requisite authentication and identity management
  • An access policy identifies desired allowances for users requesting to perform actions on system entities
  • Two approaches
  • Distributed responsibility
  • Centralized control
  • (Both will be required)

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Functional Separation?

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.3 – Distributed versus centralized mediation

*

  • Firewalls are placed between a system or enterprise and an un-trusted network (say, the Internet)
  • Two possibilities arise
  • Coverage: The firewall might not cover all paths
  • Accuracy: The firewall may be forced to allow access that inadvertently opens access to other protected assets

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

National Infrastructure Firewalls

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.4 – Wide area firewall aggregation and local area firewall segregation

*

  • Increased wireless connectivity is a major challenge to national infrastructure security
  • Network service providers offer advantages to centralized security
  • Vantage point: Network service providers can see a lot
  • Operations: Network providers have operational capacity to keep security software current
  • Investment: Network service providers have the financial wherewithal and motivation to invest in security

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

National Infrastructure Firewalls

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.5 – Carrier-centric network-based firewall

*

  • Network-based firewall concept includes device for throttling distributed denial of service (DDOS) attacks
  • Called a DDOS filter
  • Modern DDOS attacks take into account a more advanced filtering system

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

DDOS Filtering

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.6 – DDOS filtering of inbound attacks on target assets

*

  • SCADA – Supervisory control and data acquisition
  • SCADA systems – A set of software, computer, and networks that provide remote coordination of control system for tangible infrastructures
  • Structure includes the following
  • Human-machine interface (HMI)
  • Master terminal unit (MTU)
  • Remote terminal unit (RTU)
  • Field control systems

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

SCADA Separation Architecture

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.7 – Recommended SCADA system firewall architecture

*

  • Why not simply unplug a system’s external connections? (Called air gapping)
  • As systems and networks grow more complex, it becomes more likely that unknown or unauthorized external connections will arise
  • Basic principles for truly air-gapped networks:
  • Clear policy
  • Boundary scanning
  • Violation consequences
  • Reasonable alternatives

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Physical Separation

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.8 – Bridging an isolated network via a dual-homing user

*

  • Hard to defend against a determined insider
  • Threats may also come from trusted partners
  • Background checks are a start
  • Techniques for countering insider attack
  • Internal firewalls
  • Deceptive honey pots
  • Enforcement of data markings
  • Data leakage protection (DLP) systems
  • Segregation of duties offers another layer of protection

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Insider Separation

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.9 – Decomposing work functions for segregation of duty

*

  • Involves the distribution, replication, decomposition, or segregation of national assets
  • Distribution: creating functionality using multiple cooperating components that work together as distributed system
  • Replication: copying assets across components so if one asset is broken, the copy will be available
  • Decomposition: breaking complex assets into individual components so an isolated compromise won’t bring down asset
  • Segregation: separation of assets through special access controls, data markings, and policy enforcement

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Asset Separation

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.10 – Reducing DDOS risk through CDN-hosted content

*

  • Typically, mandatory access controls and audit trail hooks were embedded into the underlying operating system kernel
  • Popular in the 1980s and 1990s

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Multilevel Security (MLS)

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer

*

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

Fig. 3.11 – Using MLS logical separation to protect assets

*

  • Internet separation: Certain assets simply shouldn’t be accessible from the Internet
  • Network-based firewalls: These should be managed by a centralized group
  • DDOS protection: All assets should have protection in place before an attack
  • Internal separation: Critical national infrastructure settings need an incentive to implement internal separation policy
  • Tailoring requirements: Vendors should be incentivized to build tailored systems such as firewalls for special SCADA environments

Copyright © 2012, Elsevier Inc. All rights Reserved

Chapter 3 – Separation

National Separation Program

The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science

*

Chapter 2 — Instructions: Language of the Computer

*

Chapter 2 — Instructions: Language of the Computer