NETWORK SECURITY ASPECTS & VULNERABILITIES

Size: px
Start display at page:

Download "NETWORK SECURITY ASPECTS & VULNERABILITIES"

Transcription

1 NETWORK SECURITY ASPECTS & VULNERABILITIES Luis Sousa Cardoso FIINA President Brdo pri Kranju, 19. in 20. maj

2 Background Importance of Network Explosive growth of computers and network - To protect data and resources - To guarantee the authenticity of data - To protect systems Concerns of IT executives Reliability Complexity of the Transition Unproven Services Increased Telecom Costs Increased Operating Costs Quality of Management Tools Lack of Standards Lack of Applications to Exploit Other 1% 48% 75% 73% 69% 64% 64% 62% 61% 60% Source: Information Week. Brdo pri Kranju, 19. in 20. maj

3 aspects Attacks : An action that compromise the information Mechanism : Design to protect,prevent,recover from attacks Service : Enhance the security of data,systems, transfer Relationship between security objectives Treats Requirements services mechanisms algorithms objectives Brdo pri Kranju, 19. in 20. maj

4 INFORMATION FLOW MODEL A B Information Source NORMAL FLOW Information Destination Brdo pri Kranju, 19. in 20. maj

5 SECURITY THREATS A AVAILABILITY INTERRUPTION B A X INTERCEPTION B CONFIDENTIALITY A INTEGRITY X MODIFICATION B A X AUTHENTICITY FABRICATION B Brdo pri Kranju, 19. in 20. maj

6 SECURITY REQUIREMENTS AVAILABILITY CONFIDENTIALITY Communications NON-REPUDIATION & IT INTEGRITY AUTHENTICATION Brdo pri Kranju, 19. in 20. maj

7 SECURITY SERVICES Confidentiality Protection of transmitted data Authentication Assuring that communication is authentic Integrity Assuring that message has originality Non-repudiation Preventing denying message Access Control Limit & control the access Availability Automated or physical countermeasures Brdo pri Kranju, 19. in 20. maj

8 MODEL FOR NETWORK SECURITY Brdo pri Kranju, 19. in 20. maj

9 SIX LAYERS OF NETWORK SECURITY SECURITY AUDITING SECURITY TOOLS SOFTWARE MONITORING PHYSICAL SECURITY NETWORK ADMINISTRATOR Brdo pri Kranju, 19. in 20. maj

10 POLICY IS KEY TO SECURITY Policy Standards Mandate to implement security Standard to measure security Procedures, Guidelines & Practices Basis for all security technology and procedures Brdo pri Kranju, 19. in 20. maj

11 SECURITY VULNERABILITIES (PROTOCOLS) Brdo pri Kranju, 19. in 20. maj

12 EXPLOSION OF INCIDENTS Incidents CERT/CC Incidents Statistics 52,658 Q ,829 21, , , ,340 2,412 2,573 2, , Year

13 DECREASING BARRIERS TO INTRUSION: It just gets easier! High Low Wireless Hack-in-a-box e.g., AirSnort aimed at WEP/802.11b Sources: CERT Coordination Center Network Reliability and Interoperability Council back doors network element Trojans disabling audits network mgmt. diagnostics PAD to PAD hijacking Sophistication burglaries sessions exploiting known vulnerabilities self-replicating code password guessing scanners/sweepers password cracking packet spoofing sniffers Y2K enabled hacking stealth / advanced scanning techniques denial of service Baseline Reference: Telecommunications Risk Assessment NSTAC, June 99 GUI SONET /SDH backbone attacks automated probes Tools & Techniques Distributed denial of service / advanced virus /worm techniques Skills & Knowledge Threat

14 TRENDS OF CYBER TERROR TECHNOLOGIES Unification of Hacking Tech. and Virus Tech. Autonomy, Intelligence, Popularization, Distribution, Large Scale, Encapsulation Hacktivism : From Personal Purpose To Political, Social, Military, Industrial Purpose Hacking Tech. Area Virus Tech. Area

15 Event ACTION Probe Scan Flood Autenticate Bypass Spoof Read Copy TARGET Account Process Data Component Computer Network Internetwork Steal Modify Delete Brdo pri Kranju, 19. in 20. maj

16 Attack Event TOOL Physical Attack Information Exchange User Command Script of Command Autonumus Agent Toolkit VULNERABILITY Design Implementation Configuration ACTION Probe Scan Flood Autenticate Bypass Spoof TARGET Account Process Data Compunent Computer Network UNAUTHORIZED RESULT Increased Access Discloser of Information Corruption of Information Denial of Service Thef of Resources Distributed Tool Data Tap Read Copy Internetwork Steal Modify Delete

17 WHAT IS A SECURITY VULNERABILITY? A security vulnerability is: A flaw or weakness in a system s design, implementation or operation that could be exploited to violate the system s security (RFC 2828). A security vulnerability is not: a risk, a threat, or an attack. Brdo pri Kranju, 19. in 20. maj

18 VULNERABILITIES, THREATS AND RISKS A security vulnerability combined with a security threat creates a security risk. Example: Vulnerability Threat Risk Overflow Bug Hacker Knowledge & Tools & Access Risk of Webserver Attack Brdo pri Kranju, 19. in 20. maj

19 THE HIGH-IMPACT OF PROTOCOL SECURITY VULNERABILITIES Threats change, but security vulnerabilities exist throughout the life of a protocol. With standardized protocols, protocol-based security risks can be very large global in scale. Brdo pri Kranju, 19. in 20. maj

20 Map of Vulnerability (with standard examples) Types Theft Sabotage Application Specific Operating System Instant Social Engineering Logic Error Seconds Minutes Internal Spying Information Fishing Network Protocol Design Forced Trust Violations Hours Physical Protection Policy Data Protection Policy Eavesdropping Weak Passwords Days Policy Oversight Weakness Months Personal Protection Policy Information Divulgence Policy Custom Obscure Encryption Years Requires close interaction with Victim Requires some familiarity with Victim s behaviors Requires response from Victim Special attention required by attacker May require simple decisionby attacker Cause-effect simple results No ability to automate Attempts to automate will usually invoke suspicion Automatable but forfeits control to chance Automation helpful but results may be incomplete Automation handles majority of situations Completely automatable Human Interaction Required Brdo pri Kranju, 19. in 20. maj

21 COMMON PROBLEMS VULNERABILITIES & ERRORS Policies and standards driven by known exploits rather than integral with evolving technology and services Unencrypted Login Sessions over vulnerable networking coupled with Reusable Passwords Poor access controls Search for Holes in Protocols Outdated Physical Uncontrolled networking Inadequate documentation Insecure System Defaults Weak Auditing & Reporting Critical Infrastructure Resources Brdo pri Kranju, 19. in 20. maj

22 THESIS Standards bodies have a unique ability and responsibility to address security vulnerabilities in protocols. There are immediate and relatively simple actions standards bodies can take to improve the security of all protocols currently being standardized. Brdo pri Kranju, 19. in 20. maj

23 PROTOCOL SECURITY VULNERABILITY TYPES Threat Model New threats from those originally considered. SS7 Design & Specification Errors make the protocol inherently vulnerable. BGP Implementations Errors create unexpected vulnerabilities. SNMP, ASN.1, BER Usage & Configuration Improper usage opens or magnifies security vulnerabilities b, BGP Brdo pri Kranju, 19. in 20. maj

24 A SIMPLE PROTOCOL VULNERABILITY MODEL Vulnerabilities Threats Risks Threat Model Design & Specification Implementatio n Operations & Configuration Hackers Insiders Terrorists Vandals Organized crime State sponsored Data loss Data corruption Privacy loss Fraud Down-time Public loss of confidence Confusion Brdo pri Kranju, 19. in 20. maj

25 NEW THREAT MODEL Old Model SS7 Designed for a closed network of well-known service providers of fixed services. No interface to IP-based networks. Software extensively tested. New Model Rogue providers may be malicious. Software and protocols for new services may be poorly tested or a poor fit with SS7. Network convergence puts IP interfaces on SS7-capable elements. Brdo pri Kranju, 19. in 20. maj

26 DESIGN & SPECIFICATION ERRORS BGP (RFC1771) Design implies an ASN of 0 is illegal. Specification allows 0 (and 65535). What happens when an ASN of 0 is advertised? Different implementations probably handle this differently. Such protocol inconsistencies are at the root of many attacks on specific implementations. Brdo pri Kranju, 19. in 20. maj

27 IMPLEMENTATION ERRORS SNMP, ASN.1, BER SNMP security depends on proper parsing of ASN.1 and BER. Some ASN.1 and BER parsers are not robust and make mistakes or allow buffer overflows. Limited specifics on SNMP error handling lead to unpredictable behaviors across implementations. Brdo pri Kranju, 19. in 20. maj

28 USAGE OR CONFIGURATION ERRORS B, BGP In b, a stream cipher is misused so that there is very little privacy protection b operators often turn off even the basic security features. BGP operators turn off the authentication mechanisms. Errors and rogue messages can then easily propagate through core networks. Brdo pri Kranju, 19. in 20. maj

29 LESSONS LEARNED Standards bodies have accepted protocols with serious vulnerabilities. depends on the whole protocol. Protocol vulnerabilities last a long time. Threats change over time. Implicit assumptions are often violated. Application layer protocols also have security vulnerabilities. Inattention to security issues creates vulnerable protocols. Brdo pri Kranju, 19. in 20. maj

30 RECOMMENDATIONS FOR DISCUSSION A Simple Protocol Vulnerability Model Vulnerabilities Threat Model Design & Specification Implementation Operations & Configuration Threats Hacker Risks Data loss Insider Data corruption Privacy loss Terrorists Fraud Vandals Down-time Organized crime State sponsored Public loss of confidence Confusion Openly discuss with security experts the security algorithms and mechanisms used in protocols. Establish simple but effective security guidelines for protocol authors. Initiate a systematic root-cause study of protocol vulnerabilities. Brdo pri Kranju, 19. in 20. maj

31 OPEN SECURITY DISCUSSIONS A Simple Protocol Vulnerability Model Vulnerabilities Threat Model Design & Specification Implementation Operations & Configuration Threats Hacker Risks Data loss Insider Data corruption Privacy loss Terrorists Fraud Vandals Down-time Organized crime State sponsored Public loss of confidence Confusion The security community has learned that two elements improve security: Exposure of the details to a wide audience Time to analyze and discuss the details. Secrecy does not improve security. Standards bodies should promote: Open discussion of security algorithms and mechanisms. Engagement with security experts on every standard. Brdo pri Kranju, 19. in 20. maj

32 SECURITY GUIDELINES FOR PROTOCOL AUTHORS A Simple Protocol Vulnerability Model Vulnerabilities Threat Model Design & Specification Implementation Operations & Configuration Threats Hacker Risks Data loss Insider Data corruption Privacy loss Terrorists Fraud Vandals Down-time Organized crime State sponsored Public loss of confidence Confusion Early attention to security is best. Guidelines provide a way to quickly improve the process. Standards bodies should issue guidelines in four areas for all protocol authors: Specify Threat Models Protocol Designs & Specifications Secure Implementation Issues Operational & Configuration Issues Brdo pri Kranju, 19. in 20. maj

33 ROOT-CAUSE ANALYSIS A Simple Protocol Vulnerability Model Vulnerabilities Threat Model Design & Specification Implementation Operations & Configuration Threats Hacker Risks Data loss Insider Data corruption Privacy loss Terrorists Fraud Vandals Down-time Organized crime State sponsored Public loss of confidence Confusion Incident analysis usually focuses on threat reduction and prosecution. The root cause(s) of an enabling vulnerability are usually not found. Standards bodies should: Systematically analyze the root causes of serious protocol vulnerabilities. Understand how their decisions and processes produce security vulnerabilities. Brdo pri Kranju, 19. in 20. maj

34 SUMMARY A Simple Protocol Vulnerability Model Vulnerabilities Threat Model Design & Specification Implementation Operations & Configuration Threats Hacker Risks Data loss Insider Data corruption Privacy loss Terrorists Fraud Vandals Down-time Organized crime State sponsored Public loss of confidence Confusion vulnerabilities in important protocols have created serious security risks that were avoidable. Standards bodies should: Promote open security discussions. Provide protocol security guidelines. Identify root causes of vulnerabilities. Brdo pri Kranju, 19. in 20. maj

35 Acronyms & References b IEEE Wireless Local Area Network Standard BGP Border Gateway Protocol Version DoS - Denial of Service (attack) IETF Internet Engineering Task Force IEEE - Institute of Electronic and Electrical Engineers IP Internet Protocol MPLS Multi-protocol Label Switching SNMP Simple Network Management Protocol SS7 Signaling System #7 IETF ID draft-rescorla-sec-cons-05.txt, Guidelines for Writing RFC Text on Considerations IETF RFC #2828, Internet Glossary Lorenz, Moore, Manes, Hale, Shenoi. Securing SS7 Telecommunications Networks. Proceedings of the 2001 IEEE Workshop on Information Assurance and. Sharp. Principles of Protocol Design. Prentice Hall, Brdo pri Kranju, 19. in 20. maj

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

Network Security. Introduction. Security services. Players. Conclusions. Distributed information Distributed processing Remote smart systems access

Network Security. Introduction. Security services. Players. Conclusions. Distributed information Distributed processing Remote smart systems access Roadmap Introduction Network services X.800 RFC 2828 Players Marco Carli Conclusions 2 Once.. now: Centralized information Centralized processing Remote terminal access Distributed information Distributed

More information

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1 Threats and Attacks Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to:

More information

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 Outline Infosec, COMPUSEC, COMSEC, and Network Security Why do we need Infosec and COMSEC? Security

More information

Introduction to Security

Introduction to Security 2 Introduction to Security : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l01, Steve/Courses/2013/s2/its335/lectures/intro.tex,

More information

Chap. 1: Introduction

Chap. 1: Introduction Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed

More information

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff

More information

COB 302 Management Information System (Lesson 8)

COB 302 Management Information System (Lesson 8) COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this

More information

What is Web Security? Motivation

What is Web Security? Motivation brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Passing PCI Compliance How to Address the Application Security Mandates

Passing PCI Compliance How to Address the Application Security Mandates Passing PCI Compliance How to Address the Application Security Mandates The Payment Card Industry Data Security Standards includes several requirements that mandate security at the application layer. These

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

Advanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech

Advanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Advanced Topics in Distributed Systems Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Security Introduction Based on Ch1, Cryptography and Network Security 4 th Ed Security Dr. Ayman Abdel-Hamid,

More information

TOPIC understanding VoIP vulnerabilities

TOPIC understanding VoIP vulnerabilities How Fragile is your VoIP Implementation? For a long time, telecommunications networks and telephony services have been a part of the critical information infrastructure. They have always had high requirements

More information

Network Security: Introduction

Network Security: Introduction Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has

More information

Data Management & Protection: Common Definitions

Data Management & Protection: Common Definitions Data Management & Protection: Common Definitions Document Version: 5.5 Effective Date: April 4, 2007 Original Issue Date: April 4, 2007 Most Recent Revision Date: November 29, 2011 Responsible: Alan Levy,

More information

IPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region

IPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express

More information

What is Really Needed to Secure the Internet of Things?

What is Really Needed to Secure the Internet of Things? What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices

More information

Basics of Internet Security

Basics of Internet Security Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments

WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Sponsored

More information

Data Security Incident Response Plan. [Insert Organization Name]

Data Security Incident Response Plan. [Insert Organization Name] Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security

More information

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,

More information

Risk Assessment and Cloud Strategy Development: Getting it Right this Time!

Risk Assessment and Cloud Strategy Development: Getting it Right this Time! Risk Assessment and Cloud Strategy Development: Getting it Right this Time! Barbara Endicott-Popovsky, PhD University of Washington Center of Information Assurance and Cybersecurity Kirsten Ferguson-Boucher

More information

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶 Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course

More information

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems

More information

Ten Deadly Sins in Wireless Security

Ten Deadly Sins in Wireless Security Ten Deadly Sins in Wireless Security The emergence and popularity of wireless devices and wireless networks has provided a platform for real time communication and collaboration. This emergence has created

More information

Managing Information Systems Seventh Canadian Edition. Laudon, Laudon and Brabston. CHAPTER 8 Securing Information Systems

Managing Information Systems Seventh Canadian Edition. Laudon, Laudon and Brabston. CHAPTER 8 Securing Information Systems Managing Information Systems Seventh Canadian Edition Laudon, Laudon and Brabston CHAPTER 8 Securing Information Systems Copyright 2015 Pearson Canada Inc. 8-1 System Vulnerability and Abuse Security:

More information

Securing VoIP Networks using graded Protection Levels

Securing VoIP Networks using graded Protection Levels Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract

More information

Detailed Description about course module wise:

Detailed Description about course module wise: Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

Threat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN

Threat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process

More information

University of Khartuom. Switch port security

University of Khartuom. Switch port security University of Khartuom Information technology & Network Administrator Switch port security Presented: by Ali Jbraldar National Security Telecommunications and Information Systems Security Committee (NSTISSC)

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

Common Cyber Threats. Common cyber threats include:

Common Cyber Threats. Common cyber threats include: Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...

More information

Network and Host-based Vulnerability Assessment

Network and Host-based Vulnerability Assessment Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:

More information

CSC 474 Information Systems Security

CSC 474 Information Systems Security CSC 474 Information Systems Security Introduction About Instructor Dr. Peng Ning, assistant professor of computer science http://www.csc.ncsu.edu/faculty/ning pning@ncsu.edu (919)513-4457 Office: Room

More information

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division

More information

HACKING RELOADED. Hacken IS simple! Christian H. Gresser cgresser@nesec.de

HACKING RELOADED. Hacken IS simple! Christian H. Gresser cgresser@nesec.de HACKING RELOADED Hacken IS simple! Christian H. Gresser cgresser@nesec.de Agenda About NESEC IT-Security and control Systems Hacking is easy A short example where we currently are Possible solutions IT-security

More information

Innovative means to exchange telecom fraud and network security risks information

Innovative means to exchange telecom fraud and network security risks information Innovative means to exchange telecom fraud and network security risks information Anastasius Gavras Eurescom GmbH Outline Who is Eurescom? Collaboration as an innovation instrument INNO-UTILITIES Sharing

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

White Paper. Information Security -- Network Assessment

White Paper. Information Security -- Network Assessment Network Assessment White Paper Information Security -- Network Assessment Disclaimer This is one of a series of articles detailing information security procedures as followed by the INFOSEC group of Computer

More information

Evolving Optical Transport Network Security

Evolving Optical Transport Network Security Evolving Optical Transport Network Security May 15, 2012 Prepared by: John Kimmins Executive Director 732-699-6188 jkimmins@appcomsci.com Copyright 2012 All Rights reserved 1 Outline Overview of Optical

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

86-10-15 The Self-Hack Audit Stephen James Payoff

86-10-15 The Self-Hack Audit Stephen James Payoff 86-10-15 The Self-Hack Audit Stephen James Payoff As organizations continue to link their internal networks to the Internet, system managers and administrators are becoming increasingly aware of the need

More information

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs EXECUTIVE SUMMARY Supervisory Control and Data Acquisition (SCADA) systems are used for remote

More information

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

Session Hijacking Exploiting TCP, UDP and HTTP Sessions Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor shray.kapoor@gmail.com Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.

7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11. Content 1.Introduction to Data and Network Security. 2. Why secure your Network 3. How Much security do you need, 4. Communication of network systems, 5. Topology security, 6. Cryptosystems and Symmetric

More information

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7 20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic

More information

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification 1. Module Title Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader Safwan M. 5. Teaching Semester 7 and 8 Soran University Faculty of Science and Engineering Computer

More information

Computer System Security Updates

Computer System Security Updates Why patch? If you have already deployed a network architecture, such as the one recommended by Rockwell Automation and Cisco in the Converged Plantwide Ethernet Design and Implementation Guide (http://www.ab.com/networks/architectures.html),

More information

Network Security Audit. Vulnerability Assessment (VA)

Network Security Audit. Vulnerability Assessment (VA) Network Security Audit Vulnerability Assessment (VA) Introduction Vulnerability Assessment is the systematic examination of an information system (IS) or product to determine the adequacy of security measures.

More information

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

Potential Targets - Field Devices

Potential Targets - Field Devices Potential Targets - Field Devices Motorola Field Devices: Remote Terminal Units ACE 3600 Front End Devices ACE IP Gateway ACE Field Interface Unit (ACE FIU) 2 Credential Cracking Repeated attempts to

More information

Security Type of attacks Firewalls Protocols Packet filter

Security Type of attacks Firewalls Protocols Packet filter Overview Security Type of attacks Firewalls Protocols Packet filter Computer Net Lab/Praktikum Datenverarbeitung 2 1 Security Security means, protect information (during and after processing) against impairment

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

E-Commerce Security and Fraud Protection CHAPTER 9

E-Commerce Security and Fraud Protection CHAPTER 9 E-Commerce Security and Fraud Protection CHAPTER 9 LEARNING OBJECTIVES 1. Understand the importance and scope of security of information systems for EC. 2. Describe the major concepts and terminology of

More information

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Course Description This class will immerse the student into an interactive environment where they will

More information

Network Incident Report

Network Incident Report To submit copies of this form via facsimile, please FAX to 202-406-9233. Network Incident Report United States Secret Service Financial Crimes Division Electronic Crimes Branch Telephone: 202-406-5850

More information

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How Network Security Is Breached Network Security Policy

More information

Secure Web Applications. The front line defense

Secure Web Applications. The front line defense Secure Web Applications The front line defense Agenda Web Application Security Threat Overview Exploiting Web Applications Common Attacks & Preventative techniques Developing Secure Web Applications -Security

More information

IY2760/CS3760: Part 6. IY2760: Part 6

IY2760/CS3760: Part 6. IY2760: Part 6 IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University Module II. Internet Security Chapter 7 Intrusion Detection Web Security: Theory & Applications School of Software, Sun Yat-sen University Outline 7.1 Threats to Computer System 7.2 Process of Intrusions

More information

SECURITY TRENDS-ATTACKS-SERVICES

SECURITY TRENDS-ATTACKS-SERVICES SECURITY TRENDS-ATTACKS-SERVICES 1.1 INTRODUCTION Computer data often travels from one computer to another, leaving the safety of its protected physical surroundings. Once the data is out of hand, people

More information

Information Security Services

Information Security Services Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual

More information

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Managing IT Security with Penetration Testing

Managing IT Security with Penetration Testing Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to

More information

ELECTRONIC COMMERCE SYSTEMS

ELECTRONIC COMMERCE SYSTEMS CHAPTER ELECTRONIC COMMERCE SYSTEMS This chapter discusses one of the most visible segments of the business world today e-commerce. In general terms, the issues involve the electronic processing and transmission

More information

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA : Understanding Security to Ensure Compliance with HIPAA Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants and other

More information

DDos. Distributed Denial of Service Attacks. by Mark Schuchter

DDos. Distributed Denial of Service Attacks. by Mark Schuchter DDos Distributed Denial of Service Attacks by Mark Schuchter Overview Introduction Why? Timeline How? Typical attack (UNIX) Typical attack (Windows) Introduction limited and consumable resources (memory,

More information

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd. Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised

More information

By David G. Holmberg, Ph.D., Member ASHRAE

By David G. Holmberg, Ph.D., Member ASHRAE The following article was published in ASHRAE Journal, November 2003. Copyright 2003 American Society of Heating, Refrigerating and Air-Conditioning Engineers, Inc. It is presented for educational purposes

More information

Overview. Packet filter

Overview. Packet filter Computer Network Lab 2015 Fachgebiet Technische h Informatik, Joachim Zumbrägel Overview Security Type of attacks Firewalls Protocols Packet filter Security Security means, protect information (during

More information

Security issues in Voice over IP: A Review

Security issues in Voice over IP: A Review www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 2 February, 2014 Page No. 3879-3883 Security issues in Voice over IP: A Review Rajni a, Preeti a, Ritu

More information

Information Technology Cyber Security Policy

Information Technology Cyber Security Policy Information Technology Cyber Security Policy (Insert Name of Organization) SAMPLE TEMPLATE Organizations are encouraged to develop their own policy and procedures from the information enclosed. Please

More information

Financial Institution Letters

Financial Institution Letters Financial Institution Letters Risk Assessment Tools And Practices For Information System Security FIL-68-99 July 7, 1999 TO: SUBJECT: CHIEF EXECUTIVE OFFICER FDIC Issues Paper on Information System Security

More information

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing

More information

FINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

FINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES Purpose: The Department of Information Technology (DoIT) is committed to developing secure applications. DoIT s System Development Methodology (SDM) and Application Development requirements ensure that

More information

IBM Protocol Analysis Module

IBM Protocol Analysis Module IBM Protocol Analysis Module The protection engine inside the IBM Security Intrusion Prevention System technologies. Highlights Stops threats before they impact your network and the assets on your network

More information

Cryptography and Network Security Sixth Edition by William Stallings

Cryptography and Network Security Sixth Edition by William Stallings Cryptography and Network Security Sixth Edition by William Stallings Chapter 1 Overview The combination of space, time, and strength that must be considered as the basic elements of this theory of defense

More information

Risk Assessment Guide

Risk Assessment Guide KirkpatrickPrice Assessment Guide Designed Exclusively for PRISM International Members KirkpatrickPrice. innovation. integrity. delivered. KirkpatrickPrice Assessment Guide 2 Document Purpose The Assessment

More information

74% 96 Action Items. Compliance

74% 96 Action Items. Compliance Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

Application Intrusion Detection

Application Intrusion Detection Application Intrusion Detection Drew Miller Black Hat Consulting Application Intrusion Detection Introduction Mitigating Exposures Monitoring Exposures Response Times Proactive Risk Analysis Summary Introduction

More information

The Hidden Dangers of Public WiFi

The Hidden Dangers of Public WiFi WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect

More information

SHORT MESSAGE SERVICE SECURITY

SHORT MESSAGE SERVICE SECURITY SHORT MESSAGE SERVICE SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

VoIP: The Evolving Solution and the Evolving Threat. Copyright 2004 Internet Security Systems, Inc. All rights reserved worldwide

VoIP: The Evolving Solution and the Evolving Threat. Copyright 2004 Internet Security Systems, Inc. All rights reserved worldwide VoIP: The Evolving Solution and the Evolving Threat Copyright 2004 Internet Security Systems, Inc. All rights reserved worldwide VoIP: The Evolving Solution and the Evolving Threat An ISS Whitepaper 2

More information

Security Issues with Integrated Smart Buildings

Security Issues with Integrated Smart Buildings Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information