Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Annex 3 - Presentation by Dr Tran Van Hoa

advertisement 
ARF WORKSHOP
PROXY ACTOR
CYBERCRIME USING PROXY ACTOR
Dr. TRAN VAN HOA
Deputy Director
VIETNAM HIGHTECH CRIME POLICE DEPARTMENT
HOIAN
March 2012
Vietnam Internet Security Report 2011
• Most common Cybercrime: illegal access, virus,
Credit card fraud, Online phishing; DDOS attacks
• 2,245 websites were attacked; Only in June 2011:
over 200 sites are attacked - 51 websites with
domain names “.gov.vn”
• 38,961 new virus - 64,2 million computers
infected
• Stealing of users’ accounts and passwords: such
as Nickname and email (Yahoo chat, Facebook)
Number of attacked websites (2011)
450
450
402
400
345
350
300
250
156
137
150
100
71
97
88
81
41
50
0
195
182
200
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Source: Bkav
Dec
Crime using Proxy
Vietnamnet Online Newspaper Case
Website www.vietnamnet.vn is defaced and DDOS. About
100,000 botnets participated in this DDOS attack.
BKAV Case
Feb 2012, website of BKAV was hacked. Hackers using Tor (Proxy Tool)
change their real IP to US, UK, Korean IP address…
5 Articles on cybercrime in Penal Code
Article 224. Spreading computer viruses and
programs with a feature of harming the operation
of computer networks, telecommunications
networks, Internet and digital devices
1. Those who intentionally spread computer
viruses and programs with a feature of harming
the operation of computer networks,
telecommunications networks, Internet and
digital devices shall be imposed a fine of between
twenty million and two hundred million dong or a
prison term of between one and five years.
5 Articles on cybercrime in Penal Code
Article 225. Obstructing or disordering the operation of
computer networks, telecommunications networks,
Internet and digital devices
1. Those who commit any of the following acts, causing
serious consequences but not falling into cases specified in
Articles 224 and 226a of this Code, shall be imposed a fine
of between twenty million and two hundred million dong
or a prison term of between one and five years:
a/ Deleting, damaging or altering without permission software
and data of digital devices:
b/ Illegally blocking the transmission of data of computer
networks, telecommunications networks. Internet and
digital devices:
c/ Other acts of obstructing or disordering the operation of
computer networks, telecommunications networks,
Internet and digital devices.
5 Articles on cybercrime in Penal Code
"Article 226a. Illegally accessing computer networks,
telecommunications networks, Internet or digital devices
of other persons
1. Those who intentionally pass warnings, access codes or
firewalls, use other's administration right or other means
to illegally access computer networks,
telecommunications networks. Internet or digital devices
of other persons and appropriate their control right;
intervene in the operation functions of digital
equipment; hack, modify, destroy or tamper with data or
illegally use services, shall be imposed a fine of between
twenty million and two hundred million dong or subject
to a prison term of between one and five years.
PROXY ACTOR
What is a proxy server?
- As an intermediary for requests from clients
seeking resources from other servers.
- Request of Client for service connecting to
proxy.
- Filtering the request: traffic by IP or protocol.
- Request of Proxy on behalf of the client.
- Sometimes: Providing respond from 'caches'
without contacting the specified server.
Four main functions of Proxy Server
• Filtering requests and access
monitoring
• Internet sharing
• Improving performance
• Anonymous function and firewall
bypass
Filtering requests and monitoring access
Proxies protecting internal network from virus, spyware,
unwanted intrusion from outside
Internet sharing
It helps multiple computers access the Internet through a computer (Proxy Server)
with access to certain accounts
Improving performance
Web proxies are commonly
used to cache web pages
from a web server to speed
up access to resources (using
caching)
Anonymous function and firewall bypass
The webserver receives requests from the proxy server. The webserver only know the
Proxy Servers’ IP address and does not recognize the real end-user’s IP address.
Therefore, the client can hide their information, leaving no trace on the server's log
Proxy can help user to access resources that are restricted by a
firewall
Types of proxy
By supported protocol:
• HTTP Proxy Server
• FTP Proxy
• SOCKS Proxy Server
• CGI Proxy Server
By anonymous ability
• Transparent Proxy
• Anonymous Proxy
• High Anonymous Proxy
Common Proxy Servers and Tools
CGI Proxy
Thousands of free-proxy-server sites available on the Internet
HTTP & SOCKS Proxy
http://aliveproxy.com/
http://www.proxyblind.org/
http://www.atomintersoft.com/
http://www.proxy-list.net/
http://www.cybersyndrome.net
A free SOCKS Proxy site
This free proxy site providing hundreds of SOCKS proxies.
Proxy Tools
• The Onion Routing (Tor)
• Internet Invisible Project (I2P)
• Others: Sockscap, Hotspot Shield,
Hide the Ip, GhostSurf Proxy
Platinum, Anonymous Surfing, Proxy
Finder Pro
The Onion Router (Tor)
• Tor was originally designed, implemented, and
deployed as a third-generation onion routing
project of the U.S. Naval Research Laboratory
• Tor was financially supported by the Electronic
Frontier Foundation from 2004
• Until 2011, Tor had 26 million users
Functions of Tor
• To improve privacy and security on the
Internet
• To hide the IP, when access internet, upload
and download sensitive data, cybercrime
activities
• To protects client against “traffic analysis” and
other forms of Internet surveillance
How Tor works?
How Tor works?
How Tor works?
Advantages of Tor
• Completely anonymous
• Secure your data (including data payload
and header)
• Easy to use
• Constantly change the IP (after a specific
time)
• Multi-layer encryption
• Impossible to trace back
Internet Invisible Project (I2P)
• Formed in 2003 to support the more
free society, by offering them an
anonymous and secure communication
system
• Work with mail, peer-peer, IRC chat,
and others
How I2P works?
How I2P works?
Other Proxy Tools
Vietnam Initiatives in International Cooperation
on fighting against cybercrime using Proxy
• The need of international cooperation for
building guideline and national Law, for
Collaboration in implementing the secure free
internet, especially the use of Proxy Actor.
• Organizing workshop with attending of specialist
from ARF countries to create the policy for proxy
actor.
• Avoid the spontaneous Development of Proxy
Actor in the Internet and the misuse by hacker,
criminal, terrorist, may harm other countries and
internet environment
Vietnam Initiatives in International Cooperation
on fighting against cybercrime using Proxy
• Every countries should have strict control of the
Proxy Server list, maintain log file in the time of –
at least 3 month for the review and not allow it’s
citizen and Proxy server in their countries, to be
used for the attacking other countries and to
commit crime.
• Enhancement of the information exchange,
assistance the cybercrime investigation, tracing
the IP…
• Build a secure internet system, to protect the
privacy without criminal Proxy Actor.
THANK YOU
36
Related documents
Mock AFM (Atomic Force Microscope) powerpoint
Mock AFM (Atomic Force Microscope) powerpoint
FRESHWATER BIOLOGICAL ASSOCIATION
FRESHWATER BIOLOGICAL ASSOCIATION
HTTP Error 407 - Proxy authentication required
HTTP Error 407 - Proxy authentication required
THE FRESHWATER BIOLOGICAL ASSOCIATION FORM OF
THE FRESHWATER BIOLOGICAL ASSOCIATION FORM OF
Team Challenge Results
Team Challenge Results
REQUISITES OF A VALID MEETING
REQUISITES OF A VALID MEETING
About GeoEdge - Fiddler Book
About GeoEdge - Fiddler Book
正向代理(Forward Proxy)
正向代理(Forward Proxy)
AGM 2015 Proxy Form - za Domain Name Authority
AGM 2015 Proxy Form - za Domain Name Authority
Download
advertisement