1 / 19

CSCE 715: Network Systems Security

Join us for a graduate-level course covering key aspects of network security, cryptography fundamentals, and research paper analysis. Enhance your understanding of security issues and develop skills to combat emerging threats.

josephmartin
Download Presentation

CSCE 715: Network Systems Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSCE 715:Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina

  2. About Me • Chin-Tser Huang • Ph.D. in Computer Sciences, University of Texas at Austin • Research in network security, network protocol design and verification, distributed systems • My web page can be found at http://www.cse.sc.edu/~huangct (C) 2009 Chin-Tser Huang

  3. About You • What’s your name? • Where are you from? • When did you join USC? • What are your research interests? (C) 2009 Chin-Tser Huang

  4. About the Course • A grad-level course focusing on basics and issues in network security • First half will be lectures about elements of network security, cryptography backgrounds, and introduction to network security designs • Second half will be your chance to present what you have learned from key research papers (C) 2009 Chin-Tser Huang

  5. Course Information Online • http://www.cse.sc.edu/~huangct/CSCE715S09/index.htm • List of assigned paper and useful links are available on the page • Lecture slides will be available online too (C) 2009 Chin-Tser Huang

  6. Why Should You Take This Course • Security is an increasingly important issue • You want to have basic knowledge about network security • You can learn latest attacks and newest skills to counter those attacks • You have a chance to implement the skills learned in the class (C) 2009 Chin-Tser Huang

  7. Your Best Strategy • Come to every lecture to learn basic security problems and skills to counter them • Keep yourself exposed to articles related to network security to collect project ideas • Read each assigned paper and write good summary for each paper • Do not wait till last minute to prepare for exam or work on project • Enjoy the fun! (C) 2009 Chin-Tser Huang

  8. What Can Go Wrong… • …when your computer y receive or is waiting for a message m? ? Internet m x y (C) 2009 Chin-Tser Huang

  9. Message Loss • Adversary A can discard m in its transit A m x y (C) 2009 Chin-Tser Huang

  10. Message Interception • Adversary A can get a copy of m when m passes by m A m m x y (C) 2009 Chin-Tser Huang

  11. Message Modification • Adversary A can arbitrarily modify the content of m to become m’ A m m’ x y (C) 2009 Chin-Tser Huang

  12. Message Insertion • Adversary A can arbitrarily fabricate a message m, pretending that m was sent by x src: x dst: y A m x y (C) 2009 Chin-Tser Huang

  13. Message Replay • Adversary A can replay a message m that has been sent earlier by x and received by y m A m x y (C) 2009 Chin-Tser Huang

  14. … … … … … Denial-of-Service Attack • Adversary A can send huge amount of messages to y to block m from arriving at y • In the case of botnet attack, the adversary instructs many bots to send messages to y simultaneously A m ????? x y (C) 2009 Chin-Tser Huang

  15. More Scenarios • In one case, x wants y to be able to verify message m is sent by a legitimate party but not able to determine identity of x src: ? dst: y Internet m x y (C) 2009 Chin-Tser Huang

  16. z x sent to y m More Scenarios • In another case, y wants to be able to prove to third party z that y receives message m from x Internet m x y (C) 2009 Chin-Tser Huang

  17. Network Security Is Great… • Protect messages from interception in their transit • Provide desired level of privacy for user or data • Detect and discard messages that are modified, inserted, or replayed • Disallow unauthorized access to local system resource and sensitive data (C) 2009 Chin-Tser Huang

  18. …But Hard To Achieve • Many layers in network architecture • Many different media of network connection • Adversary’s location hard to determine • New attacks keep emerging • Cryptographic overhead (C) 2009 Chin-Tser Huang

  19. Next Class • Type of attacks • Network security services • Formal specification and verification of network protocols • Read Ch. 1 (C) 2009 Chin-Tser Huang

More Related