1 / 39

ITEC4621 Network Security

ITEC4621 Network Security. Dr. Supakorn Kungpisdan supakorn@mut.ac.th. Supakorn Kungpisdan. Education PhD (Computer Science and Software Engineering), Monash University, Australia M.Eng. (Computer Engineering), KMUTT Specializations

joey
Download Presentation

ITEC4621 Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ITEC4621 Network Security Dr. Supakorn Kungpisdan supakorn@mut.ac.th

  2. ITEC4621 Network Security Supakorn Kungpisdan • Education • PhD (Computer Science and Software Engineering), Monash University, Australia • M.Eng. (Computer Engineering), KMUTT • Specializations • Information and Network Security, Electronic Commerce, Formal Methods, Computer Networking • Experiences • Director, Master of Science in Network Engineering, MUT • External Research Advisor, Network Security Research Group, Monash University, Australia • http://www.mut.ac.th/~supakorn/ • http://www.msit.mut.ac.th/

  3. ITEC4621 Network Security Course Descriptions • Saturday 9.00 AM – 12.00 PM • Textbook • W. Stallings: Cryptography and Network Security, 4th Edition, Pearson Prentice Hall, ISBN 0-13-202322-9 • Supplementary materials • M. E. Whitman and H. J. Mattord, Principles of Information Security, 3rd Edition, Thomson, ISBN 1-4239-0177-0 • G. De Laet and G. Schauwers: Network Security Fundamentals, Cisco Press, ISBN 1-58705-167-2 • http://www.msit.mut.ac.th/

  4. ITEC4621 Network Security Evaluation Criteria • Quizzes 10% • Assignment 30% • Midterm exam 20% • Final exam 40%

  5. ITEC4621 Network Security Course Outlines • Network Security Overview • Information Security • Symmetric Cryptography, Public-key Cryptography, Hash Functions and MAC • Network Security • IP Security, Web Security, Email Security, Firewalls, Intrusion Detection Systems

  6. Lecture 01 Network Security Overview Dr. Supakorn Kungpisdam supakorn@mut.ac.th

  7. ITEC4621 Network Security What is Security? “The quality or state of being secure—to be free from danger” A successful organization should have multiple layers of security in place: Information Security Systems Security Network Security Security Management Physical security

  8. ITEC4621 Network Security Security Trends

  9. ITEC4621 Network Security C.I.A Triangle • Confidentiality • Ensure that the message is accessible only by authorized parties • Integrity • Ensure that the message is not altered during the transmission • Availability • Ensure that the information on the system is available for authorized parties at appropriate times without interference or obstruction

  10. ITEC4621 Network Security Vulnerabilities, Threats, and Attacks • Vulnerability • A weakness in the security system • E.g. a program flaw, poor security configuration, bad password policy • Threat • A set of circumstances or people that potentially causes loss or harm to a system • Attack • An action or series of actions to harm a system

  11. ITEC4621 Network Security Relationships among Different Security Components

  12. ITEC4621 Network Security Relationship of Threats and Vulnerabilities

  13. ITEC4621 Network Security How Hackers Exploit Weaknesses

  14. ITEC4621 Network Security Types of Attacks • Interruption • Attack on Availability • Interception • Attack on Confidentiality

  15. ITEC4621 Network Security Types of Attacks (cont.) • Modification • Attack on Integrity • Tampering a resource • Fabrication • Attack on Authenticity • Impersonation, masquerading

  16. ITEC4621 Network Security Passive VS Active Attacks • Passive Attacks • The goal is to obtain information that is being transmitted. • E.g. Release of confidential information and Traffic analysis • Difficult to detect  not alter data  nobody realizes the existence of the third party • Initiative to launch an active attack • Interception • May be relieved by using encryption

  17. ITEC4621 Network Security Passive VS Active Attacks (cont.) • Active Attacks • Involve modification of the data stream or creation of a false stream • E.g. Masquerade, replay, message modification, denial of services • Potentially detected by security mechanisms • Interruption, Modification, Fabrication

  18. ITEC4621 Network Security Direct VS Indirect Attacks Computer can be subject of an attack and/or the object of an attack When the subject of an attack, computer is used as an active tool to conduct attack  indirect attack When the object of an attack, computer is the entity being attacked  direct attack

  19. ITEC4621 Network Security Direct VS Indirect Attacks (cont.)

  20. ITEC4621 Network Security Hackers • White Hat Hackers • Grey Hat Hackers • Script Kiddies • Hacktivists • Crackers or Black Hat Hackers

  21. ITEC4621 Network Security Hackers’ Steps • Gather information • Telephone conversation, password crackers • Gain initial system access • Often limited access and rights • Increase privileges and expand access • Try to get root privilege • Carry out purpose of the attack • Steal or destroy information • Install backdoors • Build entrance for the next visit • Cover tracks and exit • Remove all traces. Usually modifying log files

  22. ITEC4621 Network Security Malicious Codes • Viruses • A destructive program code that attaches itself to a host and copies itself and spreads to other hosts • Viruses replicates and remains undetected until being activated. • Worms • Unlike viruses, worms is independent of other programs or files. No trigger is needed. • Trojans • Externally harmless program but contains malicious code • Spyware • Software installed on a target machine sending information back to an owning server

  23. ITEC4621 Network Security Security at Each Layer

  24. ITEC4621 Network Security Security at Each Layer (cont.) • Firewall combats a range of attacks including some DoS attacks • Proxy protects the application layer. It combats against unauthorized access and packet spoofing • NAT hides LAN addresses and topology • STP cabling helps against network eavesdropping and signal interference • NIDS sensor monitors traffic at the network layer for known attack signatures • IPSec is configured for VPN connections. It protects against masquerading, data manipulation, and unauthorized access • Web server is configured against unauthorized access • Mail server with antivirus protects against viruses and DoS attacks

  25. ITEC4621 Network Security A Model for Network Security

  26. ITEC4621 Network Security A Model for Network Access Security

  27. ITEC4621 Network Security Security Controls

  28. ITEC4621 Network Security

  29. ITEC4621 Network Security NSTISSC Security Model

  30. ITEC4621 Network Security Balancing Information Security and Access Impossible to obtain perfect security—it is a process, not a goal Security should be considered balance between protection and availability To achieve balance, level of security must allow reasonable access, yet protect against threats Give an example of a completely secure information system !!!

  31. ITEC4621 Network Security

  32. ITEC4621 Network Security Approaches to Information Security Implementation: Bottom-Up Approach Grassroots effort: systems administrators attempt to improve security of their systems Key advantage: technical expertise of individual administrators Seldom works, as it lacks a number of critical features: Participant support Organizational staying power

  33. ITEC4621 Network Security Approaches to Information Security Implementation: Top-Down Approach Initiated by upper management Issue policy, procedures, and processes Dictate goals and expected outcomes of project Determine accountability for each required action The most successful also involve formal development strategy referred to as systems development life cycle

  34. ITEC4621 Network Security

  35. ITEC4621 Network Security Information Security: Is it an Art or a Science? Implementation of information security often described as combination of art and science “Security artesan” idea: based on the way individuals perceive systems technologists since computers became commonplace

  36. ITEC4621 Network Security Security as Art No hard and fast rules nor many universally accepted complete solutions No manual for implementing security through entire system

  37. ITEC4621 Network Security Security as Science Dealing with technology designed to operate at high levels of performance Specific conditions cause virtually all actions that occur in computer systems Nearly every fault, security hole, and systems malfunction are a result of interaction of specific hardware and software If developers had sufficient time, they could resolve and eliminate faults

  38. ITEC4621 Network Security Security as a Social Science Social science examines the behavior of individuals interacting with systems Security begins and ends with the people that interact with the system Security administrators can greatly reduce levels of risk caused by end users, and create more acceptable and supportable security profiles

  39. Questions? Next week Symmetric Cryptography 1

More Related