suas: Cybersecurity Threats, Vulnerabilities, and Exploits
|
|
|
- Egbert Jefferson
- 5 years ago
- Views:
Transcription
1 National Training Aircraft Symposium (NTAS) The Changing Role of the Pilot Aug 13th, 3:15 PM - 4:15 PM suas: Cybersecurity Threats, Vulnerabilities, and Exploits Philip Craiger Embry-Riddle Aeronautical University, craigerj@erau.edu Gary Kessler Embry-Riddle Aeronautical University, kessleg1@erau.edu William Rose Embry-Riddle Aeronautical University, rosew@erau.edu Follow this and additional works at: Part of the Aviation Safety and Security Commons, and the Information Security Commons Craiger, Philip; Kessler, Gary; and Rose, William, "suas: Cybersecurity Threats, Vulnerabilities, and Exploits" (2018). National Training Aircraft Symposium (NTAS) This Presentation is brought to you for free and open access by the Conferences at Scholarly Commons. It has been accepted for inclusion in National Training Aircraft Symposium (NTAS) by an authorized administrator of Scholarly Commons. For more information, please contact commons@erau.edu.
2 suas: Cybersecurity Threats, Vulnerabilities, and Exploits J. Philip Craiger, Ph.D., CISSP, CCFP, CEH Gary C. Kessler, Ph.D., CCE, CISSP Dept. of Security Studies and International Affairs & William E. Rose Department of Aeronautical Sciences Embry-Riddle Aeronautical University Presentation for the 31st National Training Aircraft Symposium, Embry-Riddle Aeronautical University, Daytona Beach, FL, August 13, 2018
3 Components of Consumer Drones Common figurations include: CPU/RAM Wi-Fi/RF communications Camera Storage Sensors Aeronautical hardware A controller for manual flight operations
4 Components of Consumer Drones Common figurations include: CPU/RAM Wi-Fi/RF communications Camera Storage Sensors Aeronautical hardware A controller for manual flight operations
5
6 A drone is a flying computer
7 Caveats This is preliminary research, much more to come Experimenting with a single, older (and no longer manufactured) drone borrowed from Aeronautical Sciences Results are not necessarily generalizable to other drones This is a replication and extension of previously published research
8 Parrot AR.Drone 2.0
9 Step 1: Identify Vulnerabilities
10
11
12 Telnet and FTP provide remote access to the drone
13 ATTACKER! Wi-Fi Proxy Controller
14 ATTACKER! Wi-Fi MONITOR Proxy Controller
15 Connect to the Proxy
16 Connect to the Proxy
17 Connect to the Proxy
18 ATTACKER! MONITOR Proxy Controller
19 ATTACKER! MONITOR Proxy Controller
20 Connect to Drone from Proxy
21 Login from Raspberry PI to AR.Drone Access doesn t require a user ID or a password!!
22 Login from Raspberry PI to AR.Drone I m now running as root which is the same as Administrator under Windows ( God -like user)
23 Let s snoop around to see what we can find
24
25 Destructive commands
26
27 Destructive commands
28 Let s perform some attacks
29 Can we download/upload files from the drone? (via File Transfer Protocol)
30
31
32
33
34
35 Denial-of-Service through De-authentication (like hanging up a phone call)
36 ATTACKER! Proxy Controller
37 ATTACKER! Proxy Controller
38 ATTACKER! De-authentication Complete Proxy Controller
39
40 Command Send de-auth packet Drone MAC Controller MAC Wireless NIC on Proxy
41 ATTACKER! Proxy Controller
42
43
44 Can we eavesdrop?
45 Let s listen in on the video feed
46 Capture the communications from the drone on the video channel.
47
48
49 Drone Controller Video channel
50
51 Video frames are wrapped by Parrot Video Encapsulation (PaVE), proprietary encapsulation format
52 Still working on unwrapping the video
53 Let s eavesdrop on ALL of the communications
54 AT commands are instructions to control the drone
55
56 Finally, let s turn the d*mn thing off
57
58
59
60
61
62
63
64 Conclusions Using it s default settings, the AR.Drone 2.0 has several security vulnerabilities No authentication (username/password) Commands are run as root ( God ) Eavesdrop: No encryption of the data and controller links Denial-of-service through de-authentication or poweroff Issues with system integrity as many destructive Linux commands are available Files can be downloaded and uploaded to/from the drone
65 Future Research Implement other exploits on the AR.Drone GPS jamming and/or spoofing Jamming is illegal FCC no muy bueno... MITM Unwrap the PaVE video Vulnerability assessments on other drones Parrot DJI
66 Thanks! ERAU FIRST grant program Dr. Michael Hickey Reviewers Nancy McCaffrey Aeronautical Sciences Dr. Michael Wiggins William E. Rose Security Studies and International Affairs Dr. Gary Kessler Electrical, Computer, Software and Systems Engineering Dr. Tim Wilson NTAS Nancy Riedel
67 Questions?
Detection and Countermeasures for COTS Drones Adrian Stevens, IMT
A-TEMP-009-1 ISSUE 002 Detection and Countermeasures for COTS Drones Adrian Stevens, IMT 15 th Little Crow Conference, 18 May 2017 Presentation Overview Background Understanding the Threat Detection and
Drone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
What is Eavedropping?
WLAN Security What is Eavedropping? War Driving War Driving refers to someone driving around with a laptop and an 802.11 client card looking for an 802.11 system to exploit. War Walking Someone walks
The 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013
The 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013 Florin OGÎGĂU-NEAMŢIU National Defense University of Romania "Carol I"/ The Regional
IoT Vulnerabilities. By Troy Mattessich, Raymond Fradella, and Arsh Tavi. Contribution Distribution
Security Penetration Through IoT Vulnerabilities By Troy Mattessich, Raymond Fradella, and Arsh Tavi Contribution Distribution Arsh Tavi Troy Mattessich Raymond Fradella Conducted research and compiled
Cybersecurity program & best practices
Cybersecurity program & best practices How Gogo Business Aviation secures its airborne networks and inflight internet systems Live Webinar Thursday, September 28, 2017 Welcome & housekeeping notes Webinar
Hacking UAVs: the integrity of Wi-Fi, Telemetry and RC links. Author: Mr. Xi Chen, Mr. Jeff Thomas
Hacking UAVs: the integrity of Wi-Fi, Telemetry and RC links Author: Mr. Xi Chen, Mr. Jeff Thomas WHO AM I Xi Chen PhD student at RMIT University Advanced control theory System identification Passionate
MRO Cybersecurity SWOT
International Journal of Aviation, Aeronautics, and Aerospace Volume 6 Issue 1 Article 9 2019 MRO Cybersecurity SWOT Danita Baghdasarin Boeing, baghdasd@my.erau.edu Follow this and additional works at:
A Better Space Mission Systems threat assessment by leveraging the National Cyber Range
A Better Space Mission Systems threat assessment by leveraging the National Cyber Range Chuck Allen (CISSP) & Jonathon Doubleday CORD Presented to GSAW, Feb-March 2018 2018 The Aerospace Corporation Abstract
D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.
Volume: 119 Questions Question No: 1 John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website.
Strategies for Maritime Cyber Security Leveraging the Other Modes
Strategies for Maritime Cyber Security Leveraging the Other Modes Michael Dinning Innovative Technologies for a Resilient Marine Transportation System June 24, 2014 The National Transportation Systems
MOBILE SECURITY OVERVIEW. Tim LeMaster
MOBILE SECURITY OVERVIEW Tim LeMaster tim.lemaster@lookout.com Your data center is in the cloud. Your users and customers have gone mobile. Starbucks is your fall-back Network. Your mobile device is a
Obstacle Avoiding Wireless Surveillance Bot
Volume 118 No. 20 2018, 4309-4314 ISSN: 1314-3395 (on-line version) url: http://www.ijpam.eu Obstacle Avoiding Wireless Surveillance Bot ijpam.eu Aman Aryan, Aakanksha Mishra, Raashi Pradeep Shetty Department
Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability
Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 25,
4 Enter an IP address and sub-net mask for the ftp server and. 5 Go to the [System and Maintenance] > [Administrative Tools]
![4 Enter an IP address and sub-net mask for the ftp server and. 5 Go to the [System and Maintenance] > [Administrative Tools]](/thumbs/87/97409897.jpg "4 Enter an IP address and sub-net mask for the ftp server and. 5 Go to the [System and Maintenance] > [Administrative Tools]")
$00_WT-4_En.book Page 115 Friday, August 10, 2007 2:02 PM 4 Enter an IP address and sub-net mask for the ftp server and click [OK]. 5 Go to the [System and Maintenance] > [Administrative Tools] control
CTS2134 Introduction to Networking. Module 08: Network Security
CTS2134 Introduction to Networking Module 08: Network Security Denial of Service (DoS) DoS (Denial of Service) attack impacts system availability by flooding the target system with traffic or by exploiting
CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS
CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS Wireless networks are everywhere, from the home to corporate data centres. They make our lives easier by avoiding bulky cables and related problems. But with these
VLAN Hopping, ARP Poisoning, and Man-In-TheMiddle Attacks in Virtualized Environments
VLAN Hopping, ARP Poisoning, and Man-In-TheMiddle Attacks in Virtualized Environments Dr. Ronny L. Bull, Ph.D. Utica College Nexus Seminar Series Nov 10th 2017 About Me Ph.D. in Computer Science from Clarkson
Identifying Peer-to-Peer Traffic on Shared Wireless Networks
Annual ADFSL Conference on Digital Forensics, Security and Law 2013 Jun 10th, 1:45 PM Identifying Peer-to-Peer Traffic on Shared Wireless Networks Simon Piel Department of Computer Science, University
CS System Security 2nd-Half Semester Review
CS 356 - System Security 2nd-Half Semester Review Fall 2013 Final Exam Wednesday, 2 PM to 4 PM you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This
Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.
Name Date Chapter 10: Security After completion of this chapter, students should be able to: Explain why security is important and describe security threats. Explain social engineering, data wiping, hard
CIS 5373 Systems Security
CIS 5373 Systems Security Topic 4.1: Network Security Basics Endadul Hoque Slide Acknowledgment Contents are based on slides from Cristina Nita-Rotaru (Northeastern) 2 Network Security INTRODUCTION 3 What
ISO/IEC Common Criteria. Threat Categories
ISO/IEC 15408 Common Criteria Threat Categories 2005 Bar Biszick-Lockwood / QualityIT Redmond, WA 2003 Purpose This presentation introduces you to the threat categories contained in ISO/IEC 15408, used
Semester 1. Cisco I. Introduction to Networks JEOPADY. Chapter 11
Semester 1 Cisco I Introduction to Networks JEOPADY Chapter 11 Network Router Design Modes WAN WAN Router Router Safety Performance Commands ISR Potpourri Encapsulation Services Basics Commands F i n a
Common Security Attacks on Drones
Common Security Attacks on Drones Carlos Augusto Tovar Bonilla 1, Octavio José Salcedo Parra 1, 2, Jhon Hernán Díaz Forero 2 1 Faculty of Engineering - Universidad Nacional de Colombia, Bogotá D.C., Colombia.
Hacking Terminology. Mark R. Adams, CISSP KPMG LLP
Hacking Terminology Mark R. Adams, CISSP KPMG LLP Backdoor Also referred to as a trap door. A hole in the security of a system deliberately left in place by designers or maintainers. Hackers may also leave
Chapter 24 Wireless Network Security
Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically
Worldwide Release. Your world, Secured ND-IM005. Wi-Fi Interception System
Your world, Secured 2016 Worldwide Release System Overview Wi-Fi interception system is developed for police operations and searching of information leaks in the office premises, government agencies and
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE SECURE AIRBORNE CONNECTIVITY: OVERVIEW Gogo Business Aviation realizes the ever-pressing need to be vigilant in staying ahead of potential
Define information security Define security as process, not point product.
CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product. Define information security Information is
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
COURSE OUTLINE: A+ COMPREHENSIVE
COURSE OUTLINE: A+ COMPREHENSIVE Course Outline CompTIA A+ Comprehensive Chapter Outline 1. The Path of the PC Tech What is the CompTIA A+? How to Pass the A+ Exams 2. Operational Procedures Professionalism
Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.
Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/
NETWORK INTRUSION. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
NETWORK INTRUSION Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Recognize different
Security Authentication System using Encrypted Channel on UAV Network
2017 First IEEE International Conference on Robotic Computing Security Authentication System using Encrypted Channel on UAV Network Kwanwoong Yoon Pusan National University dbsrhksdnd@gmail.com Daejun
Internet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came
Victoria Ellsworth Dr. Ping Li ICTN 4040 04/11/17 Internet of Things (IoT) Attacks The Internet of Things (IoT) is based off a larger concept; the Internet of Things came from idea of the Internet of Everything.
WLAN Security. Dr. Siwaruk Siwamogsatham. ThaiCERT, NECTEC
WLAN Security Dr. Siwaruk Siwamogsatham ThaiCERT, NECTEC Agenda Wireless Technology Overview IEEE 802.11 WLAN Technology WLAN Security Issues How to secure WLAN? WLAN Security Technologies Wireless Technologies
BW1330. High Performance Hotspot Access Point
BW1330 High Performance Hotspot Access Point 9 July 2008 Overview Hardware Introduction Product Specification Product Features Application Overview Overview The BW1330 Hotspot Access Point is a high-performance
802.1x Port Based Authentication
802.1x Port Based Authentication Johan Loos Johan at accessdenied.be Who? Independent Information Security Consultant and Trainer Vulnerability Management and Assessment Wireless Security Next-Generation
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 10 Authenticating Users
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 10 Authenticating Users Learning Objectives Explain why authentication is a critical aspect of network security Explain
What action do you want to perform by issuing the above command?
1 GIAC - GPEN GIACCertified Penetration Tester QUESTION: 1 You execute the following netcat command: c:\target\nc -1 -p 53 -d -e cmd.exe What action do you want to perform by issuing the above command?
Security Concerns in Automotive Systems. James Martin
Security Concerns in Automotive Systems James Martin Main Questions 1. What sort of security vulnerabilities do modern cars face today? 2. To what extent are external attacks possible and practical? Background
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
Introduction to Computer Security
Introduction to Computer Security Instructor: Mahadevan Gomathisankaran mgomathi@unt.edu CSCE 4550/5550, Fall 2009 Lecture 7 1 Projects Groups Max 3 persons Topics Cryptography Network Security Program
AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo
ETHICAL HACKING (CEH) CURRICULUM Introduction to Ethical Hacking What is Hacking? Who is a Hacker? Skills of a Hacker? Types of Hackers? What are the Ethics and Legality?? Who are at the risk of Hacking
Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX
Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security HTML PHP Database Linux Operating System and Networking: LINUX NETWORKING Information Gathering:
Interoperability and Security of TraSH: A Transport Layer Seamless Handover
Interoperability and Security of TraSH: A Transport Layer Seamless Handover Panel Session at 23 rd IEEE International Performance, Computing, and Communications Conference April 16, 2004 Dr. Mohammed Atiquzzaman
Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies
Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies lwihl@scalable-networks.com 2 The Need OT security particularly in the
SPARK. Quick Start Guide V1.6
SPARK Quick Start Guide V1.6 SPARK The DJI SPARK is DJI's smallest flying camera featuring a stabilized camera, Intelligent Flight Modes, and Obstacle Avoidance inside a light, portable body. Equipped
IT Service Delivery and Support Week Three. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao
IT Service Delivery and Support Week Three IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao 1 Infrastructure Essentials Computer Hardware Operating Systems (OS) & System Software Applications
Instructor: Eric Rettke Phone: (every few days)
Instructor: Eric Rettke Phone: 818 364-7775 email: rettkeeg@lamission.edu (every few days) Fall 2016 Computer Science 411 - Principles of Cyber Security 1 Please keep a copy of the syllabus handy for the
ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]
![ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]](/thumbs/78/77837973.jpg "ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]")
s@lm@n ECCouncil Exam 312-50v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ] Question No : 1 An Intrusion Detection System(IDS) has alerted the network administrator to a possibly
Curso: Ethical Hacking and Countermeasures
Curso: Ethical Hacking and Countermeasures Module 1: Introduction to Ethical Hacking Who is a Hacker? Essential Terminologies Effects of Hacking Effects of Hacking on Business Elements of Information Security
network security s642 computer security adam everspaugh
network security s642 adam everspaugh ace@cs.wisc.edu computer security today Announcement: HW3 to be released WiFi IP, TCP DoS, DDoS, prevention 802.11 (wifi) STA = station AP = access point BSS = basic
Chapter 2. Switch Concepts and Configuration. Part II
Chapter 2 Switch Concepts and Configuration Part II CCNA3-1 Chapter 2-2 Switch Concepts and Configuration Configuring Switch Security MAC Address Flooding Passwords Spoofing Attacks Console Security Tools
Personal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
Introduction. Assessment Test. Part I
Contents Introduction Assessment Test xxix lvii Part I 220 901 1 Chapter 1 Motherboards, Processors, and Memory 3 Identifying Components of Motherboards 5 System Board Form Factors 6 System Board Components
CompTIA A+ Certification ( ) Study Guide Table of Contents
CompTIA A+ Certification (220-902) Study Guide Table of Contents Course Introduction About This Course About CompTIA Certifications Module 1 / Supporting Windows 1 Module 1 / Unit 1 Windows Operating System
Why This Topic Is Essential For ICS/SCADA
Introduction Executive Security Consultant for Securicon 15+ years in Information Security Coauthor of Building A Security Awareness Program Social Engineering trainer Physical access enthusiast Agenda
Ethical Hacking and Prevention
Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive
CSC Network Security
CSC 474 -- Security Topic 9. Firewalls CSC 474 Dr. Peng Ning 1 Outline Overview of Firewalls Filtering Firewalls Proxy Servers CSC 474 Dr. Peng Ning 2 Overview of Firewalls CSC 474 Dr. Peng Ning 3 1 Internet
Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]
![Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]](/thumbs/72/67373120.jpg "Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]")
s@lm@n Cisco Exam 642-737 Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] Cisco 642-737 : Practice Test Question No : 1 RADIUS is set up with multiple servers
MikroTik Security : The Forgotten Things
Michael Takeuchi, MTC(ALL)E, CEH MikroTik Security : The Forgotten Things 21 January 2019, Phnom Penh MikroTik User Meeting Cambodia MikroTik Certified Engineer (ALL) (MTCNA, MTCRE, MTCINE, MTCWE, MTCUME,
The dark side of IOT. Francesco Zucca. Automation Instrumentation Summit Wireless Expert
Automation Instrumentation Summit - 2017 The dark side of IOT Francesco Zucca Wireless Expert 1 Agenda Introduction IIOT How to work WSN Typical hacker attack in WSN Issue with Drones Security Countermeasures
Ethernet Routing Switch 5000 Series Software Release 6.1.5
Ethernet Routing Switch 5000 Series Software Release 6.1.5 1. Release Summary Release Date: 29-November-2010 Purpose: Software patch release to address customer and internally found software issues. 2.
PRODUCT GUIDE Wireless Intrusion Prevention Systems
PRODUCT GUIDE Wireless Intrusion Prevention Systems The Need for Wireless INTRUSION PREVENTION SYSTEMS A Wireless Intrusion Prevention System (WIPS) is designed to address two classes of challenges facing
Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition. Chapter 2 Investigating Network Traffic
Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition Chapter 2 Investigating Network Traffic Objectives After completing this chapter, you should be able to: Understand network
CompTIA Cybersecurity Analyst+
CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity
Finding and Supporting Collaboration Needs and Opportunities
Finding and Supporting Collaboration Needs and Opportunities Deb Agarwal DAAgarwal@lbl.gov Lawrence Berkeley Laboratory 1 Evolution of Collaboration Distributed Collaboratory Experiment Environments Remote
Security+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
Security and Authentication
Security and Authentication Authentication and Security A major problem with computer communication Trust Who is sending you those bits What they allow to do in your system 2 Authentication In distributed
GETTING THE MOST OUT OF EVIL TWIN
GETTING THE MOST OUT OF EVIL TWIN B-SIDES ATHENS 2016 GEORGE CHATZISOFRONIOU (@_sophron) sophron@census-labs.com www.census-labs.com > WHOAMI Security Engineer at CENSUS S.A. Cryptography, Wi-Fi hacking,
Cyber Security on Commercial Airplanes
Cyber Security on Commercial Airplanes John Craig Chief Engineer Cabin and Network Systems The Boeing Company October 2014 1 Top ten tips Richard A. Clarke 1. Don t be in denial 2. Don t underestimate
TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified
TestOut Network Pro - English 5.0.x COURSE OUTLINE Modified 2018-03-06 TestOut Network Pro Outline - English 5.0.x Videos: 130 (17:10:31) Demonstrations: 78 (8:46:15) Simulations: 88 Fact Sheets: 136 Exams:
PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : HP0-Y24 Title : Securing HP ProCurve Networks Vendors : HP Version : DEMO Get Latest
Fast and Vulnerable A Story of Telematic Failures
Fast and Vulnerable A Story of Telematic Failures Center for Automotive Embedded Systems Security Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage Telematic Control Units Connects to car s
Spark Release Notes. What s New? Notes:
Date: 2017.12.13 Aircraft Firmware: V 01.00.0800 Remote Controller Firmware: V 01.00.0400 DJI GO 4 App ios: V 4.1.22 DJI GO 4 App Android: V 4.1.22 Added support for DJI Goggles RE (with firmware v01.00.00.02
HACKING EXPOSED WIRELESS: WIRELESS SECURITY SECRETS & SOLUTIONS SECOND EDITION JOHNNY CACHE JOSHUA WRIGHT VINCENT LIU. Mc Graw mim
HACKING EXPOSED WIRELESS: WIRELESS SECURITY SECRETS & SOLUTIONS SECOND EDITION JOHNNY CACHE JOSHUA WRIGHT VINCENT LIU Mc Graw mim CONTENTS Foreword Acknowledgments Introduction xvn xlx XX1 Hacking 802.11
Connecting Devices to the PSD-BYOD Network
Connecting Devices to the PSD-BYOD Network Students and staff can use the PSD-BYOD (Bring Your Own Device) network for internet access. Below are directions for connecting different types of devices. Selecting
Advisory Circular. Subject: INTERNET COMMUNICATIONS OF Date: 11/1/02 AC No.: AVIATION WEATHER AND NOTAMS Initiated by: ARS-100
U.S. Department of Transportation Federal Aviation Administration Advisory Circular Subject: INTERNET COMMUNICATIONS OF Date: 11/1/02 AC No.: 00-62 AVIATION WEATHER AND NOTAMS Initiated by: ARS-100 1.
Fault Tree Analysis for Safety/Security Verification in Aviation Software
Department of Electrical, Computer, Software & Systems Engineering - Daytona Beach College of Engineering 2013 Fault Tree Analysis for Safety/Security Verification in Aviation Software Andrew J. Kornecki
Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
The Features and Uses of Computer Networking. Unit 11 Task 1
The Features and Uses of Computer Networking Unit 11 Task 1 Features Office Network Peer to peer A peer to peer network is mostly used in homes or small businesses. The network consists of two or more
CONTENTS IN DETAIL INTRODUCTION
CONTENTS IN DETAIL ACKNOWLEDGMENTS xiii INTRODUCTION xv 1 HOW A NETWORK WILL IMPROVE YOUR LIFE 1 What s a Network?... 2 Sneakernet... 3 Data Networks and What You Can Do with Them... 4 File Sharing...
How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?
Cybersecurity Due Diligence Checklist Control # Control Name Risks Questions for IT 1 Make an Benign Case: Employees Inventory of using unapproved Authorized devices without Devices appropriate security
Securing Internet of things Infrastructure Standard and Techniques
Securing Internet of things Infrastructure Standard and Techniques Paper Author : Zubair A. Baig Name: Farooq Abdullah M.Sc Programming and Networks University of Oslo. Security internet of Things Standards
Defining and Mitigating Cyber Risks to Reap the Benefits of IIoT
Defining and Mitigating Cyber Risks to Reap the Benefits of IIoT National Defense Industrial Association Cybersecurity for Advanced Manufacturing Joint Working Group Forum Nina C. Vajda November 15, 2016
ISDP 2018 Industry Skill Development Program In association with
ISDP 2018 Industry Skill Development Program In association with Penetration Testing What is penetration testing? Penetration testing is simply an assessment in a industry computer network to test the
TECHNICAL NOTES. Player Security Statement. BrightSign, LLC Lark Ave., Suite 200 Los Gatos, CA
TECHNICAL NOTES Player Security Statement BrightSign, LLC. 16795 Lark Ave., Suite 200 Los Gatos, CA 95032 408-852-9263 www.brightsign.biz INTRODUCTION The network settings of a BrightSign player are highly
NIST Cybersecurity Framework Protect / Maintenance and Protective Technology
NIST Cybersecurity Framework Protect / Maintenance and Protective Technology Presenter Charles Ritchie CISSP, CISA, CISM, GSEC, GCED, GSNA, +6 Information Security Officer IT experience spanning two centuries
Snort Rules Classification and Interpretation
Snort Rules Classification and Interpretation Pop2 Rules: Class Type Attempted Admin(SID: 1934, 284,285) GEN:SID 1:1934 Message POP2 FOLD overflow attempt Summary This event is generated when an attempt
Vulnerability Notice. Symmetric Key NTP. Summary. Background (From CVE Project) Impact
Vulnerability tice Symmetric Key NTP Summary The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero
Children s Health System. Remote User Policy
Children s Health System Remote User Policy July 28, 2008 Reason for this Policy This policy defines standards for connecting to the Children s Health System (CHS) network from any remote host. These standards
CIT 380: Securing Computer Systems. Network Security Concepts
CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines
INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER
INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER 1 INCIDENT RESPONDER'S FIELD GUIDE TABLE OF CONTENTS 03 Introduction
Prerequisite: Completion of Computer I, Computer II, and AP Computer Science, as well as a teacher recommendation.
Jonathan Peterson Computer Science Independent Study Course Outline/Curriculum Course Description: This course is designed to be a yearlong independent study for students wishing to further study the inner
Linux Network Administration
Secure Remote Connections with OpenSSH Objective At the conclusion of this module, the student will be able to: Configure the ssh daemon start, stop, and restart sshd 17 January 2005 NETW 111 - SSH 2 SSH
Merge physical security and cybersecurity for field operations.
Security Gateway Merge physical security and cybersecurity for field operations. Small form factor and wide temperature range for cabinet installation on distribution poles and in substation yards. Accelerometer,
CS System Security Mid-Semester Review
CS 356 - System Security Mid-Semester Review Fall 2013 Mid-Term Exam Thursday, 9:30-10:45 you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This is to
Man In The Middle Project completed by: John Ouimet and Kyle Newman
Man In The Middle Project completed by: John Ouimet and Kyle Newman What is MITM? Man in the middle attacks are a form of eves dropping where the attacker relays messages that are sent between victims