BIE-UKB Lecture 03 Recall: Security development lifecycle, introduction to concepts of applications security

• Bug - any defect in a product
  • behavior violating specification
• Exploit - sequence of commands that takes advantage of a bug or vulnerability
• from implicit to explicit rights
• FMEA - Failure Mode and Effects Analysis
• Software Release Life Cycle (SRL)
  • Linear release model
  • Experimental/Stable releases
  • Extended support (LTS/ERS)

BIE-UKB Lecture 04 Notes: Threat Intelligence, Cyber Crime and its Economy

Terms

• Intrusion Detection System (IDS)
  • NIDS - Network IDS
  • HIDS - Host IDS
• Intrusion Protection System (IPS)
  • NIPS - Network IPS
  • HIPS - Host IPS
• Data Execution Prevention (DEP)
• Tactics, Techniques, and Procedures (TTP)
  • behavioral analysis

Threat Intelligence

• Sliding Scale of CyberSecurity
  • model of categories of actions and investments that contribute to cyber security
  • cost vs. trade-off
• Types of the Threat Intelligence
  • strategic
  • tactical
  • operational
• Intelligence provides insight based on analysis
• Threat Intelligence is a specific type of intelligence that seeks to give defenders knowledge of the adversary, their actions within the defender's environment, and their capabilities as well as their tactics, techniques, and procedures
• Threat Intelligence is data containing detailed knowledge about the cybersecurity threats targeting an organization (def. by IBM)
• What is it?
  • NOT raw data, but a structured result of analysis
  • Organization-specific
  • Detailed and contextual
  • Actionable
    • actionable knowledge
  • Risk Analysis Input
• Security Intelligence
  • superset - integral analysis

Vulnerability Modeling

• Cyber Kill Chain
  • Aim is to identify an attack in each step and break the chain
• Diamond Model
• The Unified Kill Chain
  • Kill Chain (Lockheed Martin), is perimeter- and malware-focused
  • fails to cover other attack vectors and attacks that occur behind the organizational perimeter
  • Unified Kill Chain offers significant improvements over these scope limitations of the original model

Cyber Crime

• Hacker
  • Dennis MacAlistair Ritchie & Brian Wilson Kernighan & Ken Thompson
  • Richard Stallman
  • Linus Torvalds
• Cracker
• Ethical Hacker
  • penetration tests (pen test)
• criminal activity that involves a computer, networked device or a network
• FBI's Internet Crime Complaint Center (IC3): defines cybercrime as those Internet crimes perpetrated against individuals, regardless of whether the individuals were victimized (e.g., receiving a phishing email would apparently be counted in the statistics)

Advanced Persistent Threat (APT)

• Advanced, sophisticated and sustained
• Persistent, establishing an undetected presence
• Threat, having capability and malicious intent