Salami attack
SantoshKavhar
7,939 views
14 slides
Aug 21, 2018
Slide 1 of 14
1
2
3
4
5
6
7
8
9
10
11
12
13
14
About This Presentation
One unique type of cyber attack.
Slide Content
SALAMI ATTACK Prepared by: Santosh Kavhar Sumit Bharsawde
True Meaning The thin slice here is a part of “SALAMI” Looks Yummy !!!
Definition One type of computer crime that gets mentioned in introductory courses or in conversations among security experts is the salami fraud. In the salami technique, criminals steal money or resources a bit at a time. Two different etymologies are circulating about the origins of this term. One school of security specialists claim that it refers to slicing the data thin – like a salami. Others argue that it means building up a significant object or amount from tiny scraps – like a salami .
Origin
How It’s Done The classic story about a salami attack is the old “ collect-the-round off ” trick. In this scam, a programmer modifies the arithmetic routines such as interest computations. Typically, the calculations are carried out to several decimal places beyond the customary 2 or 3 kept for financial records . For example, when currency is in Rupee, the round off goes up to the nearest paisa about half the time and down the rest of the time. If the programmer arranges to collect these fractions of paisa in a separate account, a sizable fund can grow with no warning to the financial institution . Statutory Warning: Don’t try it until you are an expert or you love Indian Jails.
The Difference Remember 1.01 365 = 37.78... While 0.99 365 = 0.02…
Salami Attack In Student’s Life There is this person who Eats from everybody's tiffin Leaving his own at home, its kind of Partial Salami Attack, but it is definitely an Attack. Writing Research or Assignments without mentioning the Researchers.
Past Cases In January 1993, four executives of a rental-car franchise in Florida were charged with defrauding at least 47,000 customers using a salami technique . In Los Angeles, in October 1998, district attorneys charged four men with fraud for allegedly installing computer chips in gasoline pumps that cheated consumers by overstating the amounts pumped . In 2008, a man was arrested for fraudulently creating 58,000 accounts which he used to collect money through verification deposits from online brokerage firms a few cents at a time .
Movies on SALAMI Attack Office Space Blackhat Hackers Superman III
Prevention or Cure There is no Prevention for this!!! Its because normal humans will always stay vulnerable to attacks for whatsoever reasons . There are cures however.
Cure from SALAMI Attack Unfortunately, salami attacks are designed to be difficult to detect. The only hope is that random audits, especially of financial data, will pick up a pattern of discrepancies and lead to discovery. As any accountant will warn, even a tiny error must be tracked down, since it may indicate a much larger problem. For example, Cliff Stoll's famous adventures tracking down spies in the Internet began with an unexplained $0.75 discrepancy between two different resource accounting systems on UNIX computers at the Keck Observatory of the Lawrence Berkeley Laboratories. Stoll's determination to understand how the problem could have occurred revealed an unknown user; investigation led to the discovery that resource-accounting records were being modified to remove evidence of system use. The rest of the story is told in Stoll’s book.
Trying to Avoid the SALAMI Attack The main resolution for this attack is educating the user. Only through user awareness, we can avoid this. Users should report back to the bank or the concerned authority if they notice any deductions without their knowledge even if it is a small amount . Don’t store any personal bank information like credit card, debit card number in any of the online websites, these days we are getting an option of saving our card details in different websites . Another important thing is to track your money, most people don’t know their remaining balance in the account.
Conclusion SALAMI Attack is a type of serious cyber crime , can be financial or data theft related. Moral : Don’t ignore what appear to be errors in computer-based financial or other accounting systems. Boond Boond se hi Samandar banta hai … Satark rahe , Savdhan rahe . Kyuki JURM aapki chaukhat pe dastak de sakta hai . Jai Hind.
References Salami fraud By M. E. Kabay Network World Security Newsletter, 07/24/02. " Hacker takes $50,000 a few cents at a time" . PC Pro. 2008-05-28 . " The Salami Technique“ Salami Fraud by M. E. Kabay , PhD, CISSP, Associate Professor, Computer Information Systems, Norwich University, Northfield VT. www.fraudfighting.org Images from various sources.
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 7,939
- Slides 14
- Favorites 2
- Age 2660 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views