Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University"

Transcription

1 Module II. Internet Security Chapter 7 Intrusion Detection Web Security: Theory & Applications School of Software, Sun Yat-sen University

2 Outline 7.1 Threats to Computer System 7.2 Process of Intrusions 7.3 What Is Intrusion Detection 7.4 Methods of Intrusion Detection 7.5 Structure of IDS 7.6 HIDS and NIDS 7.7 Introduction to IPS Web Security : Theory And Applications 2 / 52

3 Outline 7.1 Threats to Computer System DoS Spoofing Eavesdrop 7.2 Process of Intrusions 7.3 What is Intrusion Detection 7.4 Methods of Intrusion Detection 7.5 Structure of IDS 7.6 HIDS and NIDS 7.7 Introduction to IPS Web Security : Theory And Applications 3 / 52

4 7.1 Threats to Computer System Threats to Computer System DoS Spoofing Eavesdrop Password Cracking Trojan Others:Buffer Overflow Web Security : Theory And Applications 4 / 52

5 Outline 7.1 Threats to Computer System 7.2 Process of Intrusions 7.3 What is Intrusion Detection 7.4 Methods of Intrusion Detection 7.5 Structure of IDS 7.6 HIDS and NIDS 7.7 Introduction to IPS Web Security : Theory And Applications 5 / 52

6 7.2 Process of Intrusions Information of the targets OS: Windows or Linux? Software version Active net service Bugs they have Its social information When to attack Guess the password Web Security : Theory And Applications 6 / 52

7 7.2 Process of Intrusions Conduct of the attack Afterwards Clear the footprints (logs and records) Open backdoors Web Security : Theory And Applications 7 / 52

8 Outline 7.1 Threats to Computer System 7.2 Process of Intrusions 7.3 What is Intrusion Detection Definition Function IDS and Firewall 7.4 Methods of Intrusion Detection 7.5 Structure of IDS 7.6 HIDS and NIDS 7.7 Introduction to IPS Web Security : Theory And Applications 8 / 52

9 7.3 What is Intrusion Detection Definition The act of detecting actions that attempt to compromise the Confidentiality, Integrity or Availability of a resource. Three classes of intruders Masquerader Pirates From outside Misfeasor Betrayers From inside Clandestine user Usurper Outside or inside Web Security : Theory And Applications 9 / 52

10 7.3 What is Intrusion Detection Threat Monitoring J. Anderson (University of Reading, Eng., 1980), Computer Security Threat Monitoring and Surveillance Web Security : Theory And Applications 10 / 52

11 7.3 What is Intrusion Detection Function Identify attacks already known Identify and block operations which is illegal or beyond the user s authority Check integrity of data Find vulnerability and bugs in the system Record legal behaviors Analyze illegal behaviors and intruders and record their features Web Security : Theory And Applications 11 / 52

12 7.3 What is Intrusion Detection Why do we need intrusion detection while we already have firewall For a firewall Attacks from outside Deployed at the frontline Static relatively Firewall Door and Lock Web Security : Theory And Applications 12 / 52

13 7.3 What is Intrusion Detection Why do we need intrusion detection while we already have firewall For an IDS Threats from inside Deployed in the building Intrusion Detection System Monitor Web Security : Theory And Applications 13 / 52

14 Outline 7.1 Threats to Computer System 7.2 Process of Intrusions 7.3 What is Intrusion Detection 7.4 Methods of Intrusion Detection Anomaly Detection Misuse Detection 7.5 Structure of IDS 7.6 HIDS and NIDS 7.7 Introduction to IPS Web Security : Theory And Applications 14 / 52

15 7.4 Methods of Intrusion Detection Two ways to tell whether a behavior is malicious How far from normal behaviors Anomaly Detection How similar to the attacks already known Misuse Detection Web Security : Theory And Applications 15 / 52

16 7.4 Methods of Intrusion Detection Anomaly Detection --Based on Behavior Behavioral Model Statistics Analysis Neural Network (Learning) Data Mining Web Security : Theory And Applications 16 / 52

17 7.4 Methods of Intrusion Detection Misuse (signature) Detection ---Based on Rules (Knowledge) Pattern matching Finding certain strings Simple but more false-alarms, higher system burden State transition Enhanced pattern matching Fast and flexible Depend on system states Expert system Web Security : Theory And Applications 17 / 52

18 Outline 7.1 Threats to Computer System 7.2 Process of Intrusions 7.3 What is Intrusion Detection 7.4 Methods of Intrusion Detection 7.5 Structure of IDS Information Gathering Analysis Engine Response Unit IDES & CIDF 7.6 HIDS and NIDS 7.7 Introduction to IPS Web Security : Theory And Applications 18 / 52

19 7.5 Structure of IDS Information gathering System and network logs Anomalous changes of system directories and files Anomalous behavior in program executing Analysis engine Pattern matching Statistics analysis Integrity analysis Response unit Alert Cut off connection Block user Change file attributes Web Security : Theory And Applications 19 / 52

20 7.5 Structure of IDS Information gathering System and network logs Login Authorization Anomalous changes of system directories and files Unexpected read, write and delete Changed log files Anomalous behavior in program executing Unexpected access for some processes to resources or data Web Security : Theory And Applications 20 / 52

21 7.5 Structure of IDS Analysis engine -- Methods of detection Pattern matching Statistics analysis Mean and standard deviation Operational model: large number of login in short period Multivariate: Operational model with multi variables Markov process: transition probabilities among various states Time series: whether an event happens at correct time and lasts regular period Integrity analysis Focus on files recently modified Files planted Trojans Web Security : Theory And Applications 21 / 52

22 7.5 Structure of IDS Response unit Alert Cut off connection Block user Change file attributes Web Security : Theory And Applications 22 / 52

23 7.5 Structure of IDS IDES, Intrusion Detection Expert System Dorothy Denning, 1986 NIDES, Next-Generation Intrusion Detection Expert System 1 Subjects 2 Objects 3 Audit records: <Object,Action,Object,Exception- Condition,Resource-Usage,Time-Stamp> 4 Activity Profile 5 Anomaly Record: <Event,Time-stamp,Profile> 6 Activity Rules Web Security : Theory And Applications 23 / 52

24 7.5 Structure of IDS CIDF, Common Intrusion Detection Framework CIDFTG, 1998 CDIF is an effort to develop protocols and application programming interfaces so that intrusion detection research projects can share information and resources and so that intrusion detection components can be reused in other systems. The Common Intrusion Detection Framework Architecture A Common Intrusion Specification Language Communication in the Common Intrusion Detection Framework Common Intrusion Detection Framework APIs Web Security : Theory And Applications 24 / 52

25 7.5 Structure of IDS The architecture of CIDF Event GIDO (generalized intrusion detection objects) Event generators Event analyzers Event databases Response units Event Generator gido Event Analyzer gido Response Unit action gido Event Database Web Security : Theory And Applications 25 / 52

26 Outline 7.1 Threats to Computer System 7.2 Process of Intrusions 7.3 What is Intrusion Detection 7.4 Methods of Intrusion Detection 7.5 Structure of IDS 7.6 HIDS and NIDS Host-Based IDS Network-Based IDS 7.7 Introduction to IPS Web Security : Theory And Applications 26 / 52

27 7.6 HIDS and NIDS Host-based IDS (HIDS) Monitor activities on the system Detect both external and internal intrusions Deployment (Distributed Host) Web Security : Theory And Applications 27 / 52

28 7.6 HIDS and NIDS Some potential threats to HIDS Abuse of privilege Temporary root Former employees Invisible account created by former administrator Access and modification on key information Student scores Individual information Coopetition Security configuration Guest account Nomadic user Screen saver not activated Web Security : Theory And Applications 28 / 52

29 7.6 HIDS and NIDS HIDS Advantages & Disadvantages Advantages Near targets of attacks No extra hardware devices Independent on network Deal with unencrypted messages Disadvantages Operating system dependent Burden on the host Limited to the host Complicated install and maintenance Web Security : Theory And Applications 29 / 52

30 7.6 HIDS and NIDS Network-based IDS (NIDS) Web Security : Theory And Applications 30 / 52

31 7.6 HIDS and NIDS Network-based IDS (NIDS) Typical NIDS includes : A number of sensors One or more servers for NIDS management functions One or more management consoles for human interface Web Security : Theory And Applications 31 / 52

32 7.6 HIDS and NIDS Network-based IDS (NIDS) Sensors Inline sensor IS Passive sensor PS Web Security : Theory And Applications 32 / 52

33 7.6 HIDS and NIDS Techniques: Signature Detection: Application layer: DHCP, IMAP, NFS, DNS, FTP Transport layer: SYN floods Network layer: spoofed IP address Anomaly Detection: DoS: significant increasing packet traffic or connection attempts Scanning: Worms: Web Security : Theory And Applications 33 / 52

34 7.6 HIDS and NIDS NIDS Advantages & Disadvantages Advantages Disadvantages Operating system independent Not influence the hosts Unable to deal with encrypted messages Capability problems Transparent to intruders Protect a domain Vulnerable to DoS Can detect lower layer attacks Original packets Web Security : Theory And Applications 34 / 52

35 7.6 HIDS and NIDS Making use of HIDS and NIDS Web Security : Theory And Applications 35 / 52

36 7.6 HIDS and NIDS Host-Based IDS vs Network-Based IDS Comparative analysis of HIDS vs. NIDS Web Security : Theory And Applications 36 / 52

37 Outline 7.1 Threats to Computer System 7.2 Process of Intrusions 7.3 What is Intrusion Detection 7.4 Methods of Intrusion Detection 7.5 Structure of IDS 7.6 HIDS and NIDS 7.7 Introduction to IPS The need of IPS Security capabilities Types of IPS Compare IPS with IDS Web Security : Theory And Applications 37 / 52

38 7.7 Introduction to IPS What is an IPS (Intrusion Prevention System) IPS is a system that identify malicious activity, log information about malicious activity, attempt to block/stop malicious activity, and report malicious activity. Web Security : Theory And Applications 38 / 52

39 7.7 Introduction to IPS The need of IPS Users need an automate system to deal with Intrusion Users need a preferable system to remedy ( 补 救 ) IDS s defects Users need a high-performance system to keep the network s security Web Security : Theory And Applications 39 / 52

40 7.7 Introduction to IPS Security Capabilities Detect Intrusion Log Intrusion Stop Intrusion Report Intrusion Web Security : Theory And Applications 40 / 52

41 7.7 Introduction to IPS Detect Intrusion Signature-Based Detection Anomaly-Based Detection Stateful Protocol Analysis HoneyPot Evaluate the detect capabilities Threshold Blacklists & Whitelists Alert Setting Code Viewing and Editing Web Security : Theory And Applications 41 / 52

42 7.7 Introduction to IPS Log Intrusion IPS log information about the intrusion that they detect. The information is helpful to evaluate the intrusion and to find out an appropriate way to protect the target. Stop Intrusion Stop the attack independently Terminate the network connection Block the malicious packages Block the access to target Web Security : Theory And Applications 42 / 52

43 7.7 Introduction to IPS Changes the security environment The IPS could change the configuration of other security controls. For example: apply patches to a attacked host, alert the firewall to block the access of the intruders, etc. Change the attack s content The IPS could remove or replace malicious portions of an attack to make it benign Report Intrusion Report the Intrusion in detail or in summary depending on the require of users. When the intrusion begin, alert the manager as soon as possible. Web Security : Theory And Applications 43 / 52

44 7.7 Introduction to IPS Types of IPS Regardless of the types of IPS, all IPS will contain four major components: 1. Agent/Sensor 2. Management Server 3. Database Server 4. Console Web Security : Theory And Applications 44 / 52

45 7.7 Introduction to IPS Agent/Sensor Agent/Sensor monitor and analyze network s activity. The Agent is used for HIPS. The Sensor is used for NIPS Management Server A management server is a centralized device that receives information from the sensors or agents and manages them. Function: analyse the information identify the intrusion control the agents or sensors Web Security : Theory And Applications 45 / 52

46 7.7 Introduction to IPS Database Server A database server is a repository for event information. Particularly, the information is generate by agents or sensor. Console A console is a program provide administration and/or monitoring capabilities for the IDP s users and administrators. It s a interface between the IPS and the IPS s user and administrators Web Security : Theory And Applications 46 / 52

47 7.7 Introduction to IPS Host-Based Intrusion Prevention System, HIPS Web Security : Theory And Applications 47 / 52

48 7.7 Introduction to IPS Network-Based Intrusion Prevention System, NIPS In-line Web Security : Theory And Applications 48 / 52

49 7.7 Introduction to IPS NIPS - Passive Web Security : Theory And Applications 49 / 52

50 7.7 Introduction to IPS Compare IPS with IDS Usage: IPS is used to defend the outside attack while IDS is used to find out the attack. Security Policy: IDS will report the intrusion while IPS try to defend it automatically. Deployment: IPS is usually deployed on the network s boundary while IDS is deployed near to the center of the network. Web Security : Theory And Applications 50 / 52

51 References 1. The Practical Intrusion Detection Handbook, Paul E. Proctor 2. Computer Networks, fourth edition, Andrew S. Tanenbaum 3. Intrusion detection Wikipedia, 4. Intrusion Detection System (IDS) : Dawn of the new Security 5. Guide to Intrusion Detection and Prevention Systems(IDPS), Karen Scarfone, Peter Mell, Recommendations of the National Institute of Standards and Technology, NIST Special Publication Intrusion prevention system, Wikipedia, Web Security : Theory And Applications 51 / 52

52 Thank you! Web Security : Theory And Applications 52 / 52

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013 CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

Taxonomy of Intrusion Detection System

Taxonomy of Intrusion Detection System Taxonomy of Intrusion Detection System Monika Sharma, Sumit Sharma Abstract During the past years, security of computer networks has become main stream in most of everyone's lives. Nowadays as the use

More information

Intrusion Detection. Tianen Liu. May 22, 2003. paper will look at different kinds of intrusion detection systems, different ways of

Intrusion Detection. Tianen Liu. May 22, 2003. paper will look at different kinds of intrusion detection systems, different ways of Intrusion Detection Tianen Liu May 22, 2003 I. Abstract Computers are vulnerable to many threats. Hackers and unauthorized users can compromise systems. Viruses, worms, and other kinds of harmful code

More information

A Proposed Architecture of Intrusion Detection Systems for Internet Banking

A Proposed Architecture of Intrusion Detection Systems for Internet Banking A Proposed Architecture of Intrusion Detection Systems for Internet Banking A B S T R A C T Pritika Mehra Post Graduate Department of Computer Science, Khalsa College for Women Amritsar, India Mehra_priti@yahoo.com

More information

CSCI 4250/6250 Fall 2015 Computer and Networks Security

CSCI 4250/6250 Fall 2015 Computer and Networks Security CSCI 4250/6250 Fall 2015 Computer and Networks Security Network Security Goodrich, Chapter 5-6 Tunnels } The contents of TCP packets are not normally encrypted, so if someone is eavesdropping on a TCP

More information

Introduction... Error! Bookmark not defined. Intrusion detection & prevention principles... Error! Bookmark not defined.

Introduction... Error! Bookmark not defined. Intrusion detection & prevention principles... Error! Bookmark not defined. Contents Introduction... Error! Bookmark not defined. Intrusion detection & prevention principles... Error! Bookmark not defined. Technical OverView... Error! Bookmark not defined. Network Intrusion Detection

More information

Name. Description. Rationale

Name. Description. Rationale Complliiance Componentt Description DEEFFI INITION Network-Based Intrusion Detection Systems (NIDS) Network-Based Intrusion Detection Systems (NIDS) detect attacks by capturing and analyzing network traffic.

More information

INTRUSION DETECTION SYSTEMS and Network Security

INTRUSION DETECTION SYSTEMS and Network Security INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS

More information

Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures

Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment

More information

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

More information

Firewalls, Tunnels, and Network Intrusion Detection

Firewalls, Tunnels, and Network Intrusion Detection Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

More information

Intruders & Intrusion Hackers Criminal groups Insiders. Detection and IDS Techniques Detection Principles Requirements Host-based Network-based

Intruders & Intrusion Hackers Criminal groups Insiders. Detection and IDS Techniques Detection Principles Requirements Host-based Network-based Lecture Outline Intruders & Intrusion Hackers Criminal groups Insiders Detection and IDS Techniques Detection Principles Requirements Host-based Network-based Honeypot Madartists Intruders significant

More information

IDS / IPS. James E. Thiel S.W.A.T.

IDS / IPS. James E. Thiel S.W.A.T. IDS / IPS An introduction to intrusion detection and intrusion prevention systems James E. Thiel January 14, 2005 S.W.A.T. Drexel University Overview Intrusion Detection Purpose Types Detection Methods

More information

Intrusion Detection. Overview. Intrusion vs. Extrusion Detection. Concepts. Raj Jain. Washington University in St. Louis

Intrusion Detection. Overview. Intrusion vs. Extrusion Detection. Concepts. Raj Jain. Washington University in St. Louis Intrusion Detection Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

Intruders and viruses. 8: Network Security 8-1

Intruders and viruses. 8: Network Security 8-1 Intruders and viruses 8: Network Security 8-1 Intrusion Detection Systems Firewalls allow traffic only to legitimate hosts and services Traffic to the legitimate hosts/services can have attacks CodeReds

More information

Introduction of Intrusion Detection Systems

Introduction of Intrusion Detection Systems Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:

More information

PROFESSIONAL SECURITY SYSTEMS

PROFESSIONAL SECURITY SYSTEMS PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security

More information

Intrusion Detection and Prevention System (IDPS) Technology- Network Behavior Analysis System (NBAS)

Intrusion Detection and Prevention System (IDPS) Technology- Network Behavior Analysis System (NBAS) ISCA Journal of Engineering Sciences ISCA J. Engineering Sci. Intrusion Detection and Prevention System (IDPS) Technology- Network Behavior Analysis System (NBAS) Abstract Tiwari Nitin, Solanki Rajdeep

More information

Network Based Intrusion Detection Using Honey pot Deception

Network Based Intrusion Detection Using Honey pot Deception Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.

More information

Chapter 9 Firewalls and Intrusion Prevention Systems

Chapter 9 Firewalls and Intrusion Prevention Systems Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish

More information

CS419 Computer Security

CS419 Computer Security CS419 Computer Security Vinod Ganapathy Topic: Intrusion Detection and Firewalls Security Intrusion & Detection Security Intrusion a security event, or combination of multiple security events, that constitutes

More information

Intrusion Detection System (IDS)

Intrusion Detection System (IDS) Intrusion Detection System (IDS) Characteristics Systems User, Process predictable actions describing process under that actions what pattern subvert actions attack of correspond the systems processes

More information

Network- vs. Host-based Intrusion Detection

Network- vs. Host-based Intrusion Detection Network- vs. Host-based Intrusion Detection A Guide to Intrusion Detection Technology 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free: 800.776.2362 Fax: 678.443.6477

More information

IDS : Intrusion Detection System the Survey of Information Security

IDS : Intrusion Detection System the Survey of Information Security IDS : Intrusion Detection System the Survey of Information Security Sheetal Thakare 1, Pankaj Ingle 2, Dr. B.B. Meshram 3 1,2 Computer Technology Department, VJTI, Matunga,Mumbai 3 Head Of Computer TechnologyDepartment,

More information

INTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad

INTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad INTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad OUTLINE Security incident Attack scenario Intrusion detection system Issues and challenges Conclusion

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013 CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access

More information

Performance Evaluation of Intrusion Detection Systems

Performance Evaluation of Intrusion Detection Systems Performance Evaluation of Intrusion Detection Systems Waleed Farag & Sanwar Ali Department of Computer Science at Indiana University of Pennsylvania ABIT 2006 Outline Introduction: Intrusion Detection

More information

IDS Categories. Sensor Types Host-based (HIDS) sensors collect data from hosts for

IDS Categories. Sensor Types Host-based (HIDS) sensors collect data from hosts for Intrusion Detection Intrusion Detection Security Intrusion: a security event, or a combination of multiple security events, that constitutes a security incident in which an intruder gains, or attempts

More information

Our Security. History of IDS Cont d In 1983, Dr. Dorothy Denning and SRI International began working on a government project.

Our Security. History of IDS Cont d In 1983, Dr. Dorothy Denning and SRI International began working on a government project. Our Security Ways we protect our valuables: By Edith Butler Fall 2008 Locks Security Alarm Video Surveillance, etc. History about IDS It began in 1980, with James Anderson's paper: History of IDS Cont

More information

IntruPro TM IPS. Inline Intrusion Prevention. White Paper

IntruPro TM IPS. Inline Intrusion Prevention. White Paper IntruPro TM IPS Inline Intrusion Prevention White Paper White Paper Inline Intrusion Prevention Introduction Enterprises are increasingly looking at tools that detect network security breaches and alert

More information

GFI White Paper PCI-DSS compliance and GFI Software products

GFI White Paper PCI-DSS compliance and GFI Software products White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption

More information

Architecture Overview

Architecture Overview Architecture Overview Design Fundamentals The networks discussed in this paper have some common design fundamentals, including segmentation into modules, which enables network traffic to be isolated and

More information

Network and Host-based Vulnerability Assessment

Network and Host-based Vulnerability Assessment Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Basics of Internet Security

Basics of Internet Security Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational

More information

Intrusion Detection Systems and Supporting Tools. Ian Welch NWEN 405 Week 12

Intrusion Detection Systems and Supporting Tools. Ian Welch NWEN 405 Week 12 Intrusion Detection Systems and Supporting Tools Ian Welch NWEN 405 Week 12 IDS CONCEPTS Firewalls. Intrusion detection systems. Anderson publishes paper outlining security problems 1972 DNS created 1984

More information

Intrusion Detection Systems

Intrusion Detection Systems Intrusion Detection Systems Assessment of the operation and usefulness of informatics tools for the detection of on-going computer attacks André Matos Luís Machado Work Topics 1. Definition 2. Characteristics

More information

Segurança Redes e Dados

Segurança Redes e Dados Segurança Redes e Dados I N T R U S Õ E S 2 0 1 2 / 2 0 1 2 M A N U E L E D U A R D O C O R R E I A P E D R O B R A N D Ã O Slides are based on slides by Dr Lawrie Brown (UNSW@ADFA) for Computer Security:

More information

Firewalls. CS 6v81 - Network Security. What is a firewall? Firewall capabilities. Firewall limitations. Firewall limitations, cont d

Firewalls. CS 6v81 - Network Security. What is a firewall? Firewall capabilities. Firewall limitations. Firewall limitations, cont d CS 6v81 - Network Security Firewalls Firewalls and Intrusion Detection Systems 2 (Source: Stallings book, papers) What is a firewall? Collection of components between two networks that filter cross traffic

More information

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA To purchase Full version of Practice exam click below; http://www.certshome.com/jk0-022-practice-test.html FOR CompTIA JK0-022 Exam Candidates

More information

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 40 Firewalls and Intrusion

More information

Volume 3, Issue 3, March 2015 International Journal of Advance Research in Computer Science and Management Studies

Volume 3, Issue 3, March 2015 International Journal of Advance Research in Computer Science and Management Studies Volume 3, Issue 3, March 2015 International Journal of Advance Research in Computer Science and Management Studies Research Article / Survey Paper / Case Study Available online at: www.ijarcsms.com A Review

More information

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control

More information

Intrusion Detection and Prevention Systems in the Industrial Automation and Control Systems Environment

Intrusion Detection and Prevention Systems in the Industrial Automation and Control Systems Environment Intrusion Detection and Prevention Systems in the Industrial Automation and Control Systems Environment Chris Martin Senior Director Product Strategy Industrial Defender Inc. Agenda Overview of IDS/IPS

More information

Role of Anomaly IDS in Network

Role of Anomaly IDS in Network Role of Anomaly IDS in Network SumathyMurugan 1, Dr.M.Sundara Rajan 2 1 Asst. Prof, Department of Computer Science, Thiruthangal Nadar College, Chennai -51. 2 Asst. Prof, Department of Computer Science,

More information

A Review of Anomaly Detection Techniques in Network Intrusion Detection System

A Review of Anomaly Detection Techniques in Network Intrusion Detection System A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In

More information

FISMA / NIST 800-53 REVISION 3 COMPLIANCE

FISMA / NIST 800-53 REVISION 3 COMPLIANCE Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security

More information

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow IDS 4.0 Roadshow Module 1- IDS Technology Overview Agenda Network Security Network Security Policy Management Protocols The Security Wheel IDS Terminology IDS Technology HIDS and NIDS IDS Communication

More information

Radware s Smart IDS Management. FireProof and Intrusion Detection Systems. Deployment and ROI. North America. International. www.radware.

Radware s Smart IDS Management. FireProof and Intrusion Detection Systems. Deployment and ROI. North America. International. www.radware. Radware s Smart IDS Management FireProof and Intrusion Detection Systems Deployment and ROI North America Radware Inc. 575 Corporate Dr. Suite 205 Mahwah, NJ 07430 Tel 888 234 5763 International Radware

More information

Intrusion Detection for Mobile Ad Hoc Networks

Intrusion Detection for Mobile Ad Hoc Networks Intrusion Detection for Mobile Ad Hoc Networks Tom Chen SMU, Dept of Electrical Engineering tchen@engr.smu.edu http://www.engr.smu.edu/~tchen TC/Rockwell/5-20-04 SMU Engineering p. 1 Outline Security problems

More information

The SIEM Evaluator s Guide

The SIEM Evaluator s Guide Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,

More information

Environment. Attacks against physical integrity that can modify or destroy the information, Unauthorized use of information.

Environment. Attacks against physical integrity that can modify or destroy the information, Unauthorized use of information. Cyber Security. Environment, Solutions and Case study. Special Telecommunications Service David Gabriel, Buciu Adrian Contact: gdavid13@sts.ro adibuciu@sts.ro Environment Network/services can be damaged

More information

Integration Misuse and Anomaly Detection Techniques on Distributed Sensors

Integration Misuse and Anomaly Detection Techniques on Distributed Sensors Integration Misuse and Anomaly Detection Techniques on Distributed Sensors Shih-Yi Tu Chung-Huang Yang Kouichi Sakurai Graduate Institute of Information and Computer Education, National Kaohsiung Normal

More information

Firewalls and Intrusion Detection

Firewalls and Intrusion Detection Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall

More information

WHITE PAPER: ENTERPRISE SECURITY. Strengthening Database Security

WHITE PAPER: ENTERPRISE SECURITY. Strengthening Database Security WHITE PAPER: ENTERPRISE SECURITY Strengthening Database Security White Paper: Enterprise Security Strengthening Database Security Contents Introduction........................................................................4

More information

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA Configuring Personal Firewalls and Understanding IDS Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA 1 Configuring Personal Firewalls and IDS Learning Objectives Task Statements 1.4 Analyze baseline

More information

Computer Networks & Computer Security

Computer Networks & Computer Security Computer Networks & Computer Security Software Engineering 4C03 Project Report Hackers: Detection and Prevention Prof.: Dr. Kartik Krishnan Due Date: March 29 th, 2004 Modified: April 7 th, 2004 Std Name:

More information

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton

More information

OS Security. Malware (Part 2) & Intrusion Detection and Prevention. Radboud University Nijmegen, The Netherlands. Winter 2015/2016

OS Security. Malware (Part 2) & Intrusion Detection and Prevention. Radboud University Nijmegen, The Netherlands. Winter 2015/2016 OS Security Malware (Part 2) & Intrusion Detection and Prevention Radboud University Nijmegen, The Netherlands Winter 2015/2016 A short recap Different categories of malware: Virus (self-reproducing, needs

More information

Section 12 MUST BE COMPLETED BY: 4/22

Section 12 MUST BE COMPLETED BY: 4/22 Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege

More information

Second-generation (GenII) honeypots

Second-generation (GenII) honeypots Second-generation (GenII) honeypots Bojan Zdrnja CompSci 725, University of Auckland, Oct 2004. b.zdrnja@auckland.ac.nz Abstract Honeypots are security resources which trap malicious activities, so they

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2. Intrusion Detection and Prevention Systems

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2. Intrusion Detection and Prevention Systems FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 13 Intrusion Detection and Prevention Systems By Whitman, Mattord, & Austin 2008 Course Technology Learning Objectives Describe

More information

Science Park Research Journal

Science Park Research Journal 2321-8045 Science Park Research Journal Original Article th INTRUSION DETECTION SYSTEM An Approach for Finding Attacks Ashutosh Kumar and Mayank Kumar Mittra ABSTRACT Traditionally firewalls are used to

More information

Intrusion Detection Systems. Overview. Evolution of IDSs. Oussama El-Rawas. History and Concepts of IDSs

Intrusion Detection Systems. Overview. Evolution of IDSs. Oussama El-Rawas. History and Concepts of IDSs Intrusion Detection Systems Oussama El-Rawas History and Concepts of IDSs Overview A brief description about the history of Intrusion Detection Systems An introduction to Intrusion Detection Systems including:

More information

Ohio Supercomputer Center

Ohio Supercomputer Center Ohio Supercomputer Center Intrusion Prevention and Detection No: Effective: OSC-12 5/21/09 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original

More information

Critical Security Controls

Critical Security Controls Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security

More information

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A

More information

Intrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool

Intrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool Intrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool Mukta Garg Assistant Professor, Advanced Educational Institutions, Palwal Abstract Today s society

More information

Locking down a Hitachi ID Suite server

Locking down a Hitachi ID Suite server Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Advancement in Virtualization Based Intrusion Detection System in Cloud Environment

Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Jaimin K. Khatri IT Systems and Network Security GTU PG School, Ahmedabad, Gujarat, India Mr. Girish Khilari Senior Consultant,

More information

SURVEY OF INTRUSION DETECTION SYSTEM

SURVEY OF INTRUSION DETECTION SYSTEM SURVEY OF INTRUSION DETECTION SYSTEM PRAJAPATI VAIBHAVI S. SHARMA DIPIKA V. ASST. PROF. ASST. PROF. MANISH INSTITUTE OF COMPUTER STUDIES MANISH INSTITUTE OF COMPUTER STUDIES VISNAGAR VISNAGAR GUJARAT GUJARAT

More information

Intrusion Detection Systems

Intrusion Detection Systems Intrusion Detection Systems Advanced Computer Networks 2007 Reinhard Wallner reinhard.wallner@student.tugraz.at Outline Introduction Types of IDS How works an IDS Attacks to IDS Intrusion Prevention Systems

More information

Fundamentals of Network Security - Theory and Practice-

Fundamentals of Network Security - Theory and Practice- Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring

More information

USM IT Security Council Guide for Security Event Logging. Version 1.1

USM IT Security Council Guide for Security Event Logging. Version 1.1 USM IT Security Council Guide for Security Event Logging Version 1.1 23 November 2010 1. General As outlined in the USM Security Guidelines, sections IV.3 and IV.4: IV.3. Institutions must maintain appropriate

More information

Dragon solution. Zdeněk Pala. ECIE certified engineer ECI certified instructor zpala@enterasys.com. There is nothing more important than our customers

Dragon solution. Zdeněk Pala. ECIE certified engineer ECI certified instructor zpala@enterasys.com. There is nothing more important than our customers There is nothing more important than our customers Dragon solution Zdeněk Pala ECIE certified engineer ECI certified instructor zpala@enterasys.com A Division of Siemens Enterprise Communications GmbH

More information

Speedy Signature Based Intrusion Detection System Using Finite State Machine and Hashing Techniques

Speedy Signature Based Intrusion Detection System Using Finite State Machine and Hashing Techniques www.ijcsi.org 387 Speedy Signature Based Intrusion Detection System Using Finite State Machine and Hashing Techniques Utkarsh Dixit 1, Shivali Gupta 2 and Om Pal 3 1 School of Computer Science, Centre

More information

WHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT

WHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT WHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT WHAT S INSIDE: 1. GENERAL INFORMATION 1 2. EXECUTIVE SUMMARY 1 3. BACKGROUND 2 4. QUESTIONS FOR CONSIDERATION

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

Blacklist Example Configuration for StoneGate

Blacklist Example Configuration for StoneGate Blacklist Example Configuration for StoneGate 4.1 1 (8) Blacklist Example Configuration for StoneGate StoneGate versions: SMC 4.1.2, IPS 4.1.2, FW 3.0.8 Blacklist Example Configuration for StoneGate 4.1

More information

Intrusion Detection Systems

Intrusion Detection Systems Intrusion Detection Systems In this chapter, you will Understand host-based intrusion detection systems Explore network-based intrusion detection systems Learn what honeypots are used for Learn how to

More information

CSE590IS Intrusion Detection Systems. Marianne Shaw January 29, 2003. DDoS: Can t prevent malicious traffic reaching you

CSE590IS Intrusion Detection Systems. Marianne Shaw January 29, 2003. DDoS: Can t prevent malicious traffic reaching you CSE590IS Intrusion Detection Systems Marianne Shaw January 29, 2003 Plan DDoS: Can t prevent malicious traffic reaching you Worms: Huge number of mostly-identical, poorly managed hosts Cost/effort of timely

More information

Hackers: Detection and Prevention

Hackers: Detection and Prevention Computer Networks & Computer Security SE 4C03 Project Report Hackers: Detection and Prevention Due Date: March 29 th, 2005 Modified: March 28 th, 2005 Student Name: Arnold Sebastian Professor: Dr. Kartik

More information

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order

More information

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption Technology Blueprint Protect Your VoIP/SIP Servers Insulating your voice network and its servers from attacks and disruption LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint?

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Why? Focused on Managed Intrusion Security Superior-Architected Hardened Technology Security

More information

Intrusion Detection from Simple to Cloud

Intrusion Detection from Simple to Cloud Intrusion Detection from Simple to Cloud ICTN 6865 601 December 7, 2015 Abstract Intrusion detection was used to detect security vulnerabilities for a long time. The methods used in intrusion detection

More information

C. Universal Threat Management C.4. Defenses

C. Universal Threat Management C.4. Defenses UTM I&C School Prof. P. Janson September 2014 C. Universal Threat Management C.4. Defenses 1 of 20 Over 80 000 vulnerabilities have been found in existing software These vulnerabilities are under constant

More information

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it Complete and high performance protection where you need it Overview delivers high-performance protection against physical and virtual server downtime with policy based prevention, using multiple protection

More information

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam JK0 015 CompTIA E2C Security+ (2008 Edition) Exam Version 4.1 QUESTION NO: 1 Which of the following devices would be used to gain access to a secure network without affecting network connectivity? A. Router

More information

Financial Institution Letters

Financial Institution Letters Financial Institution Letters Risk Assessment Tools And Practices For Information System Security FIL-68-99 July 7, 1999 TO: SUBJECT: CHIEF EXECUTIVE OFFICER FDIC Issues Paper on Information System Security

More information

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Aakanksha Vijay M.tech, Department of Computer Science Suresh Gyan Vihar University Jaipur, India Mrs Savita Shiwani Head Of

More information

Analysis and Evaluation of Network-Based Intrusion Detection and Prevention System in an Enterprise Network Using Snort Freeware

Analysis and Evaluation of Network-Based Intrusion Detection and Prevention System in an Enterprise Network Using Snort Freeware Analysis and Evaluation of Network-Based Intrusion Detection and Prevention System in an Enterprise Network Using Snort Freeware 1 Corresponding Author: lawal5@yahoo.com 1 O.B. Lawal Computer Science Department,

More information

System Security Policy Management: Advanced Audit Tasks

System Security Policy Management: Advanced Audit Tasks System Security Policy Management: Advanced Audit Tasks White Paper October 6, 2005 2005 Altiris Inc. All rights reserved. ABOUT ALTIRIS Altiris, Inc. is a pioneer of IT lifecycle management software that

More information

APPENDIX 3 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT

APPENDIX 3 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 3 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 3 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT TUGeneral TUSecurity TURequirements TUDesign TUIntegration

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

New possibilities in latest OfficeScan and OfficeScan plug-in architecture New possibilities in latest OfficeScan and OfficeScan plug-in architecture Märt Erik AS Stallion Agenda New in OfficeScan 10.5 OfficeScan plug-ins» More Active Directory support» New automated client grouping

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human

More information