1 / 33

Security in Networks— Their design, development, usage…

Security in Networks— Their design, development, usage…. Barbara Endicott-Popovsky CSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center for Secure and Dependable Systems University of Idaho. Text Book. Both broad survey and focused Chapters 1-2 lay groundwork

chenoa
Download Presentation

Security in Networks— Their design, development, usage…

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in Networks—Their design, development, usage… Barbara Endicott-PopovskyCSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center for Secure and Dependable Systems University of Idaho

  2. Text Book • Both broad survey and focused • Chapters 1-2 lay groundwork • Chapters 3 –7 Software • Chapter 7 • Contrast to standalone environments • Threats • Controls • Tools: Firewalls, Intrusion detection, Secure e-mail • Chapter 9 Privacy, ethics, the law • Chapter 10 Cryptography – the how

  3. In this section of the course we will look at… • Networks—their design, development, usage • The Basics • Threats • Controls • Tools • Firewalls • Intrusion Detection • Secure e-mail Source: Pfleeger & Pfleeger

  4. Agenda • I. The Basics • II. Threats • III. Controls • IV. Tools Source: Pfleeger & Pfleeger

  5. I. The Basics • Terms • Topology • Media • Analog/digital • Protocols • LAN/WAN • Internet • Distributed System • API’s Source: Pfleeger & Pfleeger

  6. ISO/OSI Model Source: Pfleeger & Pfleeger

  7. TCP/IP vs. OSI Source: Pfleeger & Pfleeger

  8. TCP/IP Source: Pfleeger & Pfleeger

  9. Issues • ISO/OSI:Slows things down • TCP/IP:More efficientOpen • Results:TCP/IP used over InternetIntroduces security issues NOTE:Study this part of the Chapter Source: Pfleeger & Pfleeger

  10. II. Threats • Vulnerabilities • Attackers • Threats • Precursors • In transit • Protocol flaws • Impersonation • Spoofing • Message Confidentiality / Integrity threats • Web Site Defacement • Denial of Service (DOS) • Distributed Denial of Service (DDOS) • Active or Mobile Code Threats • Complex Attacks Source: Pfleeger & Pfleeger

  11. Vulnerabilities • Anonymity • Many points of attacks—targets and origins • Sharing • Complexity of system • Unknown perimeter • Unknown path Source: Pfleeger & Pfleeger

  12. Attackers • Kiddiescripters • Industrial spies • Information warfare • Cyber terrorists • “Hactivists” • Wardrivers, etc. Profile—see Mittnick Source: Pfleeger & Pfleeger

  13. Threat Spectrum Source: Deb Frincke

  14. From CSI/FBI Report 2002 • 90% detected computer security breaches • 80% acknowledged financial losses • 44% (223) were willing / able to quantify losses: $455M • Most serious losses: theft of proprietary information and fraud • 26 respondents: $170M • 25 respondents: $115M • 74% cited Internet connection as a frequent point of attack • 33% cited internal systems as a frequent point of attack • 34% reported intrusions to law enforcement. (up from 16%-1996) Source: Deb Frincke

  15. More from CSI/FBI 2002 • 40% detected external penetration • 40% detected DOS attacks. • 78% detected employee abuse of Internet • 85% detected computer viruses. • 38% suffered unauthorized access on Web sites • 21% didn’t know. • 12% reported theft of information. • 6% reported financial fraud (up from 3%-- 2000). Source: Deb Frincke

  16. Threats: Precursors • Port Scan • Social Engineering • Reconnaissance • OS Fingerprinting • Bulletin Boards / Chats • Available Documentation Source: Pfleeger & Pfleeger

  17. Threats: In Transit • Packet Sniffing • Eavesdropping • Wiretapping • Microwaves • Satellites • Fiber • Wireless Source: Pfleeger & Pfleeger

  18. Threats: Protocol Flaws • Public protocols • Flaws public • Human errors Source: Pfleeger & Pfleeger

  19. Threats: Impersonation • Guessing • Stealing • Wiretapping • Eavesdropping • Avoid authentication • Nonexistent authentication • Known authentication • Trusted authentication • Delegation • MSN Passport Source: Pfleeger & Pfleeger

  20. Threats: Spoofing • Masquerade • Session hijacking • Man-in-the Middle attack Source: Pfleeger & Pfleeger

  21. Threats: Message Confidentiality/Integrity • Misdelivery • Exposure • Traffic flow analysis • Falsification of messages • Noise Source: Pfleeger & Pfleeger

  22. Threats: Web Site Defacement • Buffer overflows • Dot-Dot and address problems • Server-Side include Source: Pfleeger & Pfleeger

  23. Threats: Denial of Service (DOS) • Transmission failure • Connection flooding • Echo-chargen • Ping of death • Smurf attack • Syn flood • Traffic redirection • DNS attack • BIND Service Source: Pfleeger & Pfleeger

  24. Threats: Distributed Denial of Service (DDOS) • Trojan horses planted • Zombies attack Source: Pfleeger & Pfleeger

  25. Threats: Active/Mobile Code(Code Pushed to the Client) • Cookies • Per-session • Persistent • Scripts • Active code • Hostile applet • Auto Exec by type Source: Pfleeger & Pfleeger

  26. Threats: Complex Attacks • Script Kiddies • Building Blocks Source: Pfleeger & Pfleeger

  27. III. Controls • Design • Architecture • Segmentation • Redundancy • Single points of failure • Encryptions • Link encryption • End-to-end encryption • VPN’s • PKI and Certificates • SSH and SSL encryption • IPSec • Signed code • Encrypted e-mail Source: Pfleeger & Pfleeger

  28. Controls(cont’d.) • Content Integrity • Error correcting codes • Cryptographic Checksum • Strong Authentication • One-time password • Challenge-Response systems • Digital distributed authentication • Kerberos • Access controls • ACL’s on routers • Firewalls • Alarms and Alerts • Honeypots • Traffic Flow Security • Onion routing Source: Pfleeger & Pfleeger

  29. IV. Tools • Firewalls • Intrusion Detection Systems • Secure e-Mail Source: Pfleeger & Pfleeger

  30. Firewalls • Packet filtering gateway • Stateful inspection firewall • Application proxy gateway • Guard • Personal firewalls Source: Pfleeger & Pfleeger

  31. Intrusion Detection Systems • Signature-based IDS • Heuristic IDS • Stealth mode Source: Pfleeger & Pfleeger

  32. IDS Characteristics • Goals • Detect all attacks • Little performance impacts • Alarm response • Monitor and collect data • Protect • Call administrator • Limitations • Avoidance strategies • Sensitivity • Only as good as the process/people Source: Pfleeger & Pfleeger

  33. Secure e-Mail • Designs • Confidentiality—encryption • Message integrity checks • Examples • PGP • S/MIME Source: Pfleeger & Pfleeger

More Related