Computer Fraud and Abuse Techniques计算机欺诈与滥用技术.pptx
《Computer Fraud and Abuse Techniques计算机欺诈与滥用技术.pptx》由会员分享,可在线阅读,更多相关《Computer Fraud and Abuse Techniques计算机欺诈与滥用技术.pptx(17页珍藏版)》请在得力文库 - 分享文档赚钱的网站上搜索。
1、Computer Fraud and Abuse Techniques,Chapter 6,6-1,Learning Objectives,Compare and contrast computer attack and abuse tactics.Explain how social engineering techniques are used to gain physical or logical access to computer resources.Describe the different types of malware used to harm computers.,6-2
2、,Types of Attacks,HackingUnauthorized access, modification, or use of an electronic device or some element of a computer systemSocial EngineeringTechniques or tricks on people to gain physical or logical access to confidential informationMalwareSoftware used to do harm,6-3,Hacking,HijackingGaining c
3、ontrol of a computer to carry out illicit activitiesBotnet (robot network)ZombiesBot herdersDenial of Service (DoS) AttackSpammingSpoofingMakes the communication look as if someone else sent it so as to gain confidential information.,6-4,Forms of Spoofing,E-mail spoofingCaller ID spoofingIP address
4、spoofingAddress Resolution (ARP) spoofingSMS spoofingWeb-page spoofing (phishing)DNS spoofing,6-5,Hacking with Computer Code,Cross-site scripting (XSS)Uses vulnerability of Web application that allows the Web site to get injected with malicious code. When a user visits the Web site, that malicious c
5、ode is able to collect data from the user.Buffer overflow attackLarge amount of data sent to overflow the input memory (buffer) of a program causing it to crash and replaced with attackers program instructions.SQL injection (insertion) attackMalicious code inserted in place of a query to get to the
6、database information,6-6,Other Types of Hacking,Man in the middle (MITM)Hacker is placed in between a client (user) and a host (server) to read, modify, or steal data.PiggybackingPassword crackingWar dialing and drivingPhreakingData diddlingData leakagepodslurping,6-7,Hacking Used for Embezzlement,S
7、alami technique: Taking small amounts at a timeRound-down fraudEconomic espionageTheft of information, intellectual property and trade secretsCyber-extortionThreats to a person or business online through e-mail or text messages unless money is paid,6-8,Hacking Used for Fraud,Internet misinformationE
8、-mail threatsInternet auction Internet pump and dumpClick fraudWeb crammingSoftware piracy,6-9,Social Engineering Techniques,Identity theftAssuming someone elses identityPretextingUsing a scenario to trick victims to divulge information or to gain accessPosingCreating a fake business to get sensitiv
9、e informationPhishingSending an e-mail asking the victim to respond to a link that appears legitimate that requests sensitive dataPharmingRedirects Web site to a spoofed Web site,URL hijackingTakes advantage of typographical errors entered in for Web sites and user gets invalid or wrong Web siteScav
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ComputerFraudandAbuseTechniques 计算机 欺诈 滥用 技术
链接地址:https://www.deliwenku.com/p-776217.html
限制150内