This chapter focuses on attack strategies that can be (and have been) used against financial IT infrastructures. The first section presents an overview and a classification of the different kinds of frauds and attacks carried out against financial institutions and their IT infrastructures. We then restrict our focus by analyzing in detail five attack scenarios, selected among the ones presented in the previous section. These attack scenarios are: Man in the Middle (and its variant, Man in the Browser), distributed denial of service (DDoS), distributed portscan, session hijacking, and malware-based attacks against Internet banking customers. These scenarios have been selected because of their distributed nature: all of them involve multiple, geographically distributed financial institutions. Hence their detection will benefit greatly from the deployment of new technologies and best practices for information sharing and cooperative event processing. For each scenario we present a theoretical description of the attack as well as implementation details and consequences of past attacks carried out against real financial institutions.
[1]
Stefan Savage,et al.
Inside the Slammer Worm
,
2003,
IEEE Secur. Priv..
[2]
Farnam Jahanian,et al.
The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets
,
2005,
SRUTI.
[3]
Dahlia Malkhi,et al.
Hold Your Sessions: An Attack on Java Session-Id Generation
,
2005,
CT-RSA.
[4]
S. Kumar,et al.
Smurf-based Distributed Denial of Service (DDoS) Attack Amplification in Internet
,
2007,
Second International Conference on Internet Monitoring and Protection (ICIMP 2007).
[5]
Stuart Staniford-Chen,et al.
Practical Automated Detection of Stealthy Portscans
,
2002,
J. Comput. Secur..
[6]
Roberto Baldoni,et al.
Inter-domain stealthy port scan detection through complex event processing
,
2011,
EWDC '11.
[7]
Kjell Jørgen Hole,et al.
Robbing Banks with Their Own Software-an Exploit Against Norwegian Online Banks
,
2008,
SEC.