1 / 28

James Cannady, Ph.D. Assistant Professor

Got Security? Information Assurance Considerations for Your Research, Course Projects, and Everyday Life. James Cannady, Ph.D. Assistant Professor. Information Security.

ellard
Download Presentation

James Cannady, Ph.D. Assistant Professor

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Got Security?Information Assurance Considerations for Your Research, Course Projects, and Everyday Life James Cannady, Ph.D. Assistant Professor

  2. Information Security • Those measures, procedures, or controls which provide an acceptable degree of safety of information resources from accidental or unauthorized intentional disclosure, modification, or destruction. • Based on the assumption that others either want your data or want to prevent you from having it. • Insecurity is the result of flaws, improper configurations, errors and bad design. • Patches and security add-ons merely address the symptoms, not the cause.

  3. Information Security Problem • A large, rapidly growing international issue • Key to growth of digital environments • Critical infrastructure at risk • True magnitude of the problem unknown

  4. Why bother with Information Security?? • Some of our information needs to be protected against unauthorized disclosure for legal and competitive reasons • All of the information we store and refer to must be protected against accidental or deliberate modification • Information must be available in a timely fashion. • We must also establish and maintain the authenticity (correct attribution) of documents we create, send and receive • If poor security practices allow damage to our systems, we may be subject to criminal or civil legal proceedings • Good security can be seen as part of the market development strategy

  5. The Changing Security Environment The landscape for information security is changing: • From closed systems and networks to Internet connectivity • From manual to automated processes • Increased emphasis of information security as core/critical requirement

  6. Evidence • 90%: businesses detected computer security breaches within the last twelve months • 70%: reported a variety of serious computer security breaches (e.g., theft of proprietary information, financial fraud, system penetration from outsiders, denial of service attacks and sabotage of data or networks) • 74%: acknowledged financial losses due to computer breaches • 19%: reported ten or more incidents Source: Computer Security Institute 2000 Computer Crime and Security Survey

  7. Specific Security Issues & Solutions The Four Big Issues: • Authentication: Validation of transmissions, messages, and users • Confidentiality: Assurance that information is not disclosed to unauthorized entities or processes • Integrity: Assurance that information is not modified by unauthorized entities or processes • Reliability & Availability: Assurance that information systems will function when required

  8. Authentication Validation of transmissions, messages, and users • IP Spoofing: • Filtering routers • Fake Web Sites: • Web Site Certification • DNS certification • Unauthorized Users: • IP authentication • Identification devices • Intrusion Detection Systems

  9. Confidentiality Assurance that information is not disclosed to unauthorized entities or processes • Sniffing: • Encryption • Intrusion Detection • Unauthorized File Access: • Firewalls • Intrusion Detection Systems

  10. Integrity Assurance that data or processes have not been altered or corrupted by chance or by malice • Corrupted Web Sites: • Web Site Certification • Intrusion Detection • Corrupted Data Bases: • Encryption • Intrusion Detection

  11. Reliability & Availability Assurance that information systems will function when required • Denial of Service Attacks (e.g. SYN flooding): • Bandwidth • Attack Detection • Redundancy

  12. The Threat Environment • Information technology is more vulnerable than ever: • Open • Distributed • Complex • Highly Dynamic • Attacks are becoming more sophisticated • Tools to exploit system vulnerabilities are readily available and require minimal expertise

  13. Typical Threats • Eavesdropping and “sniffing” • System Penetration • Authorization Violation • Spoofing/Masquerading • Tampering • Repudiation • Trojan Horse • Denial of Service

  14. Common Security Mechanisms • Obscurity • Firewalls • Intrusion Detection • Vulnerability/Security Assessment Tools • Virus Detection • Host Security • Authentication Systems • Cryptography

  15. InfoSec Hard Problems • 1999 INFOSEC Research Council • Defines nine particularly difficult security problems impacting all aspects of IT.

  16. InfoSec Hard Problems • Intrusion Detection • The timely and accurate detection of network attacks • Extremely important • No shortage of COTS • Limited effectiveness and reliability

  17. InfoSec Hard Problems • Intrusion Response • What do you do after an attack is detected? • What do you do when you’re wrong?

  18. InfoSec Hard Problems • Malicious Code Detection • Trojan horses, “dead” code, etc. • Example: Windows 98

  19. InfoSec Hard Problems • Controlled Sharing of Sensitive Information • Sharing information from a variety of sources to different recipients. • Classified information in an Open Environment

  20. InfoSec Hard Problems • Application Security • How do the applications enforce their own requirements? • How does it effect the rest of the network?

  21. InfoSec Hard Problems • Denial of Service • Simple and effective • “Unfortunately there is currently no method available of identifying and responding to a denial of service attack in an efficient and autonomous manner” (National Research Council, 1998).

  22. InfoSec Hard Problems • Communications Security • Protecting information in transit from unauthorized disclosure, and providing support for anonymity in networked environments.

  23. InfoSec Hard Problems • Security Management Infrastructure • Providing tools and techniques for managing the security services in very large networks that are subject to hostile attack.

  24. InfoSec Hard Problems • Information Security for Mobile Warfare • Developing information security techniques and systems that are responsive to the special needs of mobile tactical environments. • Wireless security

  25. Advantages of InfoSec Research • Important problem • Touches all aspects of IT • Little research has been done • Large variety of potential dissertation topics • Can be incorporated into other IT topics • Opportunities for publications • Growing number of publications • Can add InfoSec to more traditional topic to increase opportunities • Huge job market for those with experience • Job openings for network security professionals have increased 200 percent in the past six months

  26. In Review • Security is a complex and growing area of information technology • There are numerous opportunities for InfoSec research • Demonstrated security experience can be a key discriminator in any IT career

  27. Ongoing Research at NSU • Benedict Eu – Dynamic Computer Defense in Depth • Dennis Bauer – Intrusion detection using evolution strategies • Jim Dollens – Intrusion detection using computer system DNA • Al Fundaburk – Developing an information security curriculum

  28. Questions? Dr. James Cannady cannady@nova.edu (954) 262-2085 http://scis.nova.edu/~cannady

More Related