information assurance and computing systems special presentation by dr. afccp qsl wyle (aka dr....
TRANSCRIPT
![Page 1: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/1.jpg)
Information Assurance and Computing Systems
Special PresentationBy
Dr. AFCCP QSL WYLE (AKA Dr. Yang)
![Page 2: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/2.jpg)
What is the talk not about?
• A thorough coverage of solutions to information assurance issues,
• An in-depth coverage of cryptography, database security, operating security, or network security.
![Page 3: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/3.jpg)
What is the talk about?
• A brief introduction to information assurance issues in computing,
• A brief introduction to defense strategies or countermeasures,
• Introduction to the area of computer forensics, and
• Emerging attacks.
![Page 4: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/4.jpg)
Objectives
• Raise the awareness about information assurance issues,
• Share the resource about how hackers attack, how campus networks can defend against malicious attacks, and
• Survey on how students react to IA topics.
![Page 5: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/5.jpg)
Outline (in disguise)
![Page 6: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/6.jpg)
Outline
• Introduction to the expedition of software security
• Attacks• Countermeasures• Conclusion
![Page 7: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/7.jpg)
Fasten the seat belt please!
Turbulence detectedahead!!
![Page 8: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/8.jpg)
Short Stories
Some historical ones:• (1942) Against Japanese—cryptanalysis found “AF” for
“Midway island” in an intercepted Japanese naval codes.• (1989) C. Stoll, “The Cuckoo’s Egg”.• (1988) Robert Morris Worm: released from MIT but originally
from Cornell. Robert was convicted to three years of probation, a fine of $10,050, and 400 hours of community service.
Some more recent ones: • (1999) Chernobyl virus, originated from Taiwan. • (2005) Virus attacks by the Beagle (or Bagle) Virus.• And many more.
![Page 9: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/9.jpg)
Are there security issues in computing areas?
• Operating systems - Windows
• Database systems - Telephone Database
• Application systems - EZ-Pass
• Network systems - Too many problems
• Web application systems – SQL Injection
• E-mail systems – Viruses, SPAM
![Page 10: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/10.jpg)
Is security breach a hole in software?
• Yes! – buffer overflow – SQL injection – telnet– ftp
![Page 11: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/11.jpg)
Is security breach a hole in software?
• No! – password – virus – SPAM
![Page 12: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/12.jpg)
Security
• Confidentiality• Integrity• Availability• Authenticity• Authority and
privileges
![Page 13: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/13.jpg)
Hacking Strategies
![Page 14: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/14.jpg)
Microsoft Windows XP [Version 5.1.2600](C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\75CYANG.PASSHE.000>nmap -v -A -T4 -P0 taz.cs.wcupa.edu
Starting Nmap 4.20 ( http://insecure.org ) at 2007-04-13 12:06 Eastern DaylightTimeInitiating Parallel DNS resolution of 1 host. at 12:06Completed Parallel DNS resolution of 1 host. at 12:06, 0.35s elapsedInitiating SYN Stealth Scan at 12:06Scanning taz.cs.wcupa.edu (144.26.29.100) [1697 ports]Discovered open port 22/tcp on 144.26.29.100Discovered open port 80/tcp on 144.26.29.100Discovered open port 21/tcp on 144.26.29.100Discovered open port 443/tcp on 144.26.29.100Discovered open port 25/tcp on 144.26.29.100SYN Stealth Scan Timing: About 9.99% done; ETC: 12:11 (0:04:31 remaining)Increasing send delay for 144.26.29.100 from 0 to 5 due to 11 out of 20 droppedprobes since last increase.
Attack Phase I: Reconnaissance & Scanning
Arin and whois Search
![Page 15: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/15.jpg)
Attack Phase II: Gaining Access1. Direct attack: denial-of-service, password guessing
2. Indirect attack with user ports: Trajan Horse, Backdoors, and RootKits, etc.
3. Indirect attack with well-known ports: Virus, Worms, SPAM
![Page 16: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/16.jpg)
Attack Phase II: Gaining Access – Password Guessing with Cain
1. Configure: choose an adaptor (or machine).
2. Start Dictionary Guessing
![Page 17: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/17.jpg)
Attack Phase II: Gaining Access – Password Guessing with LC4
1. Session>Options
2. Start Dictionary Guessing
Import>From Local Machine
(Brute Force version is not free)
![Page 18: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/18.jpg)
Result of Running LC4
![Page 19: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/19.jpg)
Result of Scanning Protected Storage
![Page 20: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/20.jpg)
Attack Phase II: Gaining Access – Packet Sniffing with Ethereal
1. Set the option
2. Open a Command Prompt
3. Start the Capturing
4. Enter the telnet
![Page 21: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/21.jpg)
Attack Phase II: Gaining Access – Packet Sniffing with Ethereal
![Page 22: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/22.jpg)
Attack Phase II: Gaining Access – Packet Sniffing with Ethereal
![Page 23: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/23.jpg)
Attack Phase II: Gaining Access – Packet Sniffing with Ethereal
Demonstration
![Page 24: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/24.jpg)
Attack Phase II: Gaining Access
More indirect attacks are found than direct attacks!
![Page 25: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/25.jpg)
What do you mean?
More indirect attacks are found than direct attacks!
1. User ports are closed unless requested and approved.2. Most well-known ports are open (Check the folder C:\WINDOWS\system32\drivers\etc\services to find some well-known ports.)
![Page 26: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/26.jpg)
Direct Attacks vs. Indirect Attacks
• Direct attacks such as password attacks become more difficult as users become smarter.
• Sending viruses, worms, or spyware via e-mail has become more prevalent.
• E-mail spam is almost part of our life.
• Beware of the “wolf”, e.g., Trojan Horse!!
![Page 27: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/27.jpg)
Trojan Horse
• A set of programs known as a Trojan Horse server and client programs.
• The server must be installed on the victimized machine.
• Once this was done, the machine is considered compromised.
• A hacker can use a client program to communicate with the server from wherever the Internet accessing is available.
![Page 28: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/28.jpg)
A Trojan Horse Example
![Page 29: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/29.jpg)
Example of a Trojan Horse Server
![Page 30: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/30.jpg)
Example of a Trojan Horse Client
![Page 31: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/31.jpg)
Example of a Trojan Horse Client
![Page 32: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/32.jpg)
One Question Left - How can the server be installed?
• Clicking an icon that is appealing to your eye when you serve the web,
• Clicking the attachment that comes with an e-mail message, or
• Downloading a piece of software from a unfamiliar web site.
![Page 33: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/33.jpg)
Defense and Countermeasures
![Page 34: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/34.jpg)
Countermeasures:against Trojan Horse
• DeepFreeze software has been installed in all WCU computing lab machines.
• Once logged on and logged off, all software installed or downloaded during this period will be deleted.
• It is somewhat conservative but effective.
• User awareness is the key!! But …
![Page 35: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/35.jpg)
Countermeasures:Techniques
• Unplug the machine and
• Reformat the drive if you are sure the machine has been compromised.
• But…..are there other ways?
![Page 36: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/36.jpg)
Countermeasures:Techniques
• Cryptology: Cryptography/Cryptanalysis
• Users: Use appropriate passwords
• Use Intrusion Detection software
• Network users: Stop using telnet, ftp. Use putty in lieu of telnet, and secure ftp (or WinScp3) in lieu of ftp
• Forensics: Manual removal of beagle virus, forensic tools.
![Page 37: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/37.jpg)
Cryptography
• So What is my first name?
• My name is AFCCP QSL WYLE (aka Dr. Yang)
![Page 38: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/38.jpg)
Cryptography
• So What is my first name?
• My name is AFCCP QSL WYLE (aka Dr. Yang)
• A: Cheer Sun Yang
![Page 39: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/39.jpg)
Use SpyWare Detection – Netscape Browser
![Page 40: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/40.jpg)
Use SpyWare Detection – Netscape Browser
![Page 41: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/41.jpg)
Protect Password
• Use strong passwords – length > 7, consist of alphabets, numbers, special characters.
• Use the first letter of a password phrase, e.g., IlteiaCra7S (I love to eat in an Chinese restaurant at 7pm on Sunday)
• Don’t write it down and store it in a README file at your laptop.
![Page 42: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/42.jpg)
Countermeasures:Techniques – Forensics
• Understand how data hiding can be done,
• Prepare for incidents,
• Use incident response tools,
• Develop a methodology, and
• Know What to look for.
![Page 43: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/43.jpg)
Countermeasures:Techniques – Forensic Tools
• Installing Perl Package Manager (PPM)
• Refer to the book “Windows Forensics and Incident Recovery” for more techniques.
C:\Documents and Settings\75CYANG.PASSHE.000>ppm install win32-apiDownloading ActiveState Package Repository packlist...doneUpdating ActiveState Package Repository database...doneSyncing site PPM database with .packlists...doneDownloading Win32-API-0.46...doneUnpacking Win32-API-0.46...doneGenerating HTML for Win32-API-0.46...doneUpdating files in site area...done 18 files installed
![Page 44: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/44.jpg)
Example of Intrusion Detection
Sophos Anti-Virus ProgramIs this a real virus or a false alarm?
![Page 45: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/45.jpg)
Countermeasures:Techniques – Forensics
• Understand how data hiding can be done,
• Prepare for incidents,
• Use incident response tools,
• Develop a methodology, and
• Know What to look for.
![Page 46: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/46.jpg)
Countermeasures:Techniques – Forensics
• What should we do first assuming our machine has probably been compromised?
• A: Disconnect from the network
• Then what?
• A: Find out where the spyware hides
• Remove the spyware using anti-virus software.
![Page 47: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/47.jpg)
Finding the Spyware Manually
![Page 48: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/48.jpg)
Finding the Spyware Manually
![Page 49: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/49.jpg)
Finding the Spyware Manually
![Page 50: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/50.jpg)
Finding the Spyware Manually
![Page 51: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/51.jpg)
Finding the Spyware Manually
![Page 52: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/52.jpg)
Protect Windows
![Page 53: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/53.jpg)
Protect Windows
The windows HOST file stored in C:
![Page 54: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/54.jpg)
Protect Windows
The host file stored in C:\WINDOWS\system32\drivers\etc\host contains some IP addresses for some URL’s. Be sure that these are correct IP addresses.
![Page 55: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/55.jpg)
Protect Windows
Browser Helper Objects – stored under the Registry Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
Under the key will be a list of globally unique identifier
Check the value at www.sysinfo.org
![Page 56: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/56.jpg)
Protect Windows
![Page 57: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/57.jpg)
Protect Windows
![Page 58: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/58.jpg)
Protect Windows – Detection and Removal Tools
• HijackThis
• a2HiJackFree
• InstallWatch Pro
• Unlocker
• VMWare
![Page 59: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/59.jpg)
Countermeasures:responsibilities
• System administrators
• Network users
• Teachers
• Students
![Page 60: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/60.jpg)
End of the Trip
![Page 61: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/61.jpg)
Conclusion
• Security does not depend on secure software alone.
• Security does not depend on security officers alone.
• Security does not depend on any single user alone.
• Security does not depend on network security alone.
![Page 62: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/62.jpg)
Bibliography(Classic)
• Ed Skoudis, “Counter Hack,” Prentice Hall PTR, 2006.
• Pfleeger and Pfleeger, “Security in Computing,” Prentice-Hall PTR.
• Warren G. Kruse II, Jay Heiser, “Computer Forensics,” Addison Wesley, 2002.
• Matt Bishop, “Computer Security,” Addison Wesley, 2003.
• Kaufman et. Al., “Network Security,” Prentice Hall.
![Page 63: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/63.jpg)
Bibliography(Recent)
• Christopher Kruegel et. Al., “Intrusion Detection and Correlation,” Springer-Verlag, 2005.
• Mihai Christodorescu et. Al., “Malware Detection,” Springer-Verlag, 2006.
• John Daniel et. Al., “Computer Viruses and Malware,” Springler-Verlag, 2006.
• Ed Skoudis, “Malware,” Pearson Education, 2003.• Mark Osborne, “How to Cheat at Managing Information
Security,” Syngress, 2006.• David Maynor et. Al., “Emerging Threat Analysis,”
Syngress, 2006.
![Page 64: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/64.jpg)
Bibliography(Recent)
• Ed Skoudis, “Counter Hack Reload,” PHPTR, 2006. • Michael Simpson, “Hands-On Ethical Hacking and
Network Defense,” Thomson Course Technology, 2006.• Ankit Fadia, “The Unofficial Guide to Ethical Hacking,”
Thomson Course Technology, 2005.• Jon Edney, William Arbaugh, “Real 802.11 Security,”
Addison Wesley, 2004.• Peter Szor, “The Art of Computer Virus Research and
Defense,” Addison Wesley, 2005.• Harlan Carvey, “Windows Forensics and Incident
Recovery,” Addison Wesley, 2005.
![Page 65: Information Assurance and Computing Systems Special Presentation By Dr. AFCCP QSL WYLE (AKA Dr. Yang)](https://reader030.vdocuments.site/reader030/viewer/2022032802/56649de75503460f94ae14ea/html5/thumbnails/65.jpg)
That’s all folks!
• Questions? Comments?
• Eggs and Tomatoes?