This covers a part of a financial crime involving secret execution of an unauthorized program that causes the unnoticed debiting of a small amount of assets or money from a large number of sources or accounts .
It gained the Popularity from the fact that the small slices of profits are to be taken without noticeably reducing the whole amount.
The Person, who was really responsible for slicing, then sneaks away with all the stolen pieces. From another angle, the person deceptively acquires the whole slices, formed by aggregating those tiny slices of the source ; Of course, it is to be considered the potential danger of the salami attacks, we must consider an example of salami slicing, well known as penny shaving or penny slicing that is as mentioned.
If we consider a banking system, the DD (Demand Deposit) system of programs for checking accounts could be changed or can be modified (using the unauthorized method or the illegal methods ) to randomly reduce each of a few thousand accounts by 1 rupee or 2 rupees by transferring the money to the persons favored account, where it can be withdrawn through authorized methods. i.e is to make the black money white.
No controls and checking mechanism are violated because the money is not removed from the system of accounts. Instead, very small amounts of funds are merely rearranged, which the affected persons rarely notice. Many such variations are possible.
• Contrast programs and files that may contain checksums with backup versions to determine the veracity loss.
• Write-protect the diskettes, more than ever when testing an untrusted computer program.
• Prevent booting a hard disk drive system from a diskette.
• While transferring files from one computer to the another, use diskettes that does not have an executable files that strength to be infected.
Detection of Salami Attacks
There are several technical methods that are available :
– A very specialized detection checksum can be built into the suspect program to determine the salami attacks.
-A snapshot storage space dump listing could be obtained at times in alleged program.
-The identifiable amounts are being taken, which can be traced.
– Iterative binary search for matching halves of all accounts is another costly way to segregate an felonious account.
However, a clever man can change the amounts debited and credited. So now comes a question can he be detected ?
Yes, Person performing this attack usually withdraws the money from the accounts in which it accumulates; so records will show an imbalance between the deposit and withdrawal transaction isn’t it. However, all accounts and transactions would have to be balanced over a significant period of time to detect these discrepancies.
Author : cialfor
Updated : 9/26/2016