ebook img

Intrusion Detection and Threat Vectors PDF

27 Pages·2008·1.58 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Intrusion Detection and Threat Vectors

Insert photo here Intrusion Detection and Threat Vectors Michael Arent EDS-Global Information Security 1 / 07 May 2008 / EDS The direction is changing. . . . Intrusion Detection and Threat Vectors 2 / 07 May 2008 / EDS Intrusion costs are rising Per Record Cost Keeps Rising hh cc aa ee rr BB f f oo t t ss oo CC d d $138.00 $182.00 $197.00 oror cc ee RR r r ee PP 1 Data from Ponemon Institute (survey of 35 companies that have experienced breaches) Intrusion Detection and Threat Vectors 3 / 07 May 2008 / EDS Changing Motivation and Attack Vectors •During the 90’s and early 00’s the motivation was notoriety and Denial of Service. 4 / 07 May 2008 / EDS New Motivation and Attack Vectors • In 2005 the focus started changing – A shift from notoriety motives to financial motives – A shift from global attacks to targeted attacks – A shift from denial of service to stealth components • We started hearing new words: Rootkit Pharming Intrusion Detection and Threat Vectors 5 / 07 May 2008 / EDS Threat Landscape • Mail/Spam Volume - spam making up 89% of all email. • Malware -Trojans accounted for over 78% of all newly discovered malware, followed by Adware and Spyware that made up almost 1144%%.. 9977%% ooff aallll nneeww mmaallwwaarree ccaammee iinn tthhee form of Windows Executable files. • Zombies An average of 264,133 new zombies are detected daily, many associated with the new infections caused by the Storm worm. • Web Threats An average of 11,906 total new malicious websites are detected daily. Intrusion Detection and Threat Vectors 6 / 07 May 2008 / EDS New Threats Malcode Type Count • For the past 2 years, we have Adware 268 seen a dramatic increase in the Bot 378 number of stealth malicious Spyware 187 codes. Backdoor 828 • 11074 families of malicious Clicker 20 codes newly identified Dialer 22 Downloader 1755 Dropper 501 Keylogger 64 Trojan 6304 Proxy 89 RootKit 41 Stealer 617 Total 11074 Intrusion Detection and Threat Vectors 7 / 07 May 2008 / EDS Malware Snapshot – Feb.2008 The most prevalent targets as of late are; government, education, and financial. Intrusion Detection and Threat Vectors 8 / 07 May 2008 / EDS Exploits are now shorter Intrusion Detection and Threat Vectors 9 / 07 May 2008 / EDS Typical Costs To Business of Delayed Detection / Containment AAttttaacckk -- DDaammaaggee CCoosstt RReessppoonnssee CCoosstt FFaaccttoorr FFaaccttoorr VVeeccttoorr nnoorrmmaalliizzeedd ((11--1100)) ((11--1100)) 11==llooww,, 1100==hhiigghh 11==llooww,,1100==hhiigghh Root via Buffer Overflow 2 2.7 Remote Root 2 4 Root via Single Event 10 1.3 Single event Crash 6 .3 DoS (SQL Slammer) per 6 10 environment Port Scan .4 3.4 “Low and Slow” Probe .4 4.7 Intrusion Detection and Threat Vectors 10 / 07 May 2008 / EDS

Description:
Michael Arent. EDS-Global Information Security Changing Motivation and Attack Vectors. •During the 90's and early . ISO17799, CoBIT. Risk. 17.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.