Étude de l impact des attaques distribuées et multi-chemins sur les solutions de sécurité réseaux
|
|
|
- Shanon O’Neal’
- 8 years ago
- Views:
Transcription
1 Étude de l impact des attaques distribuées et multi-chemins sur les solutions de sécurité réseaux Damien Riquet Gilles Grimaud Michaël Hauspie Team 2xS Université Lille 1, France 29 Octobre 2012 D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 1/24
2 Study on security of cloud computing structure Cloud Computing: a popular model to process large data set Several layers according to the needs of customers Store confidential data Growing concern about its security Security could delay cloud adoption "62% of companies decided to wait at least 12 months because of the common mistrust to cloud security" [Spi10] Attacks on the cloud Distributed attacks to evade security solutions [RGH12] Weaknesses of cloud structure D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 2/24
![decided to wait at least 12 months because of the common mistrust to cloud security" [Spi10] Attacks on the cloud Distributed attacks to](/docs-images/43/1754906/images/page_2.jpg "evade security solutions [RGH12] Weaknesses of cloud structure D. Riquet, G. Grimaud, M.")
3 Structure weaknesses of cloud computing D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 3/24
4 Structure weaknesses of cloud computing D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 3/24
5 Structure weaknesses of cloud computing D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 3/24
6 Structure weaknesses of cloud computing D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 3/24
7 Goals of this paper Study security solutions used by Cloud Computing Show that distributed attacks could be very efficient Multi-path architecture Use-case: distributed portscan D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 4/24
8 Outline Security of the cloud 1 Security of the cloud 2 3 D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 5/24
9 Outline Security of the cloud Security solutions commonly used Previous work 1 Security of the cloud Security solutions commonly used Previous work 2 3 D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 6/24
10 Security solutions commonly used Previous work Cloud security - Security solutions commonly used Firewalls [BC94] At the border of the network Analyze traffic between two networks Security policies Intrusion Detection System (IDS) [Ped05] Network or Host based Passive device: raise alarms Pattern-matching, analyze traffic D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 7/24
![Intrusion Detection System (IDS) [Ped05] Network or Host based Passive device: raise alarms](/docs-images/43/1754906/images/page_10.jpg "Pattern-matching, analyze traffic D. Riquet, G. Grimaud, M.")
11 Previous work Security of the cloud Security solutions commonly used Previous work Large-scale coordinated attacks : Impact on the cloud security [RGH12] Our first study on the impact of distributed attacks Focuses on one-path architecture Security solutions: Open-source / Industrial Various variables on the distributed portscan use-case Few attackers were enough to remain undetected Goals of this paper Multipath architecture Worst cases of [RGH12] D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 8/24
12 Outline Security of the cloud Purpose Distributed portscan Structure topology 1 Security of the cloud 2 Purpose Distributed portscan Structure topology 3 D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 9/24
13 Purpose of experimentations Purpose Distributed portscan Structure topology Study the impact of attacks on large structure [RGH12] Identify weaknesses on such architecture, Know how many hosts are necessary to lead incognito an attack, Elaborate a way to collaboratively detect intrusion. Key variables Distribution methods, Attacks variables (techniques, timing, etc), Multipath structures. D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 10/24
14 Distributed portscan: a use case Purpose Distributed portscan Structure topology Usage and goals Reconnaissance phase, Discover weaknesses of a network, Used by worms, malicious hackers. Distribution methods Naive distribution, Loop distribution. D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 11/24
15 Network topology Security of the cloud Purpose Distributed portscan Structure topology Cloud Computing Internet host Cloud host Firewall / IDS D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 12/24
16 Multipath structures (1/3) Purpose Distributed portscan Structure topology Attackers Targets Attackers Targets D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 13/24
17 Multipath structures (2/3) Purpose Distributed portscan Structure topology Attackers Targets Attackers Targets D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 14/24
18 Multipath structures (3/3) Purpose Distributed portscan Structure topology Attackers Targets Attackers Targets D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 15/24
19 Outline Security of the cloud 1 Security of the cloud 2 3 D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 16/24
20 Evaluation Security of the cloud Attacker Success Rate n = Number of ports successfully scanned before detection T = Total number of ports to scan ASR = n T Gain p = Number of possible paths ASR x = ASR for an attack on a x-path structure Gain p = ASR p ASR 1 D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 17/24
21 - 1 path, Connect scanning Naive - 50ms Naive - 250ms Naive ms Loop - 50ms Loop - 250ms Loop ms ASR (Percentage) Number of attackers D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 18/24
22 - Multipath, Loop distribution, 32 attackers, 250ms 7 6 T1 - SYN T2 - SYN T3 - SYN T1 - Connect T2 - Connect T3 - Connect 5 Gain Number of paths D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 19/24
23 conclusion Keypoints Few scanners could be enough to remain undetected Weakness of a network is proportionnal to number of paths Basic distribution methods D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 20/24
24 Impact of distributed attacks on multipath architecture Few scanners are enough to remain undetected Effectiveness of the attack proportionnal to the number of paths No network noise, basic distribution methods Future work Collaborative IDS using virtual and physical probes Design of a Language for this security application domain D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 21/24
25 Questions Security of the cloud Security probes all over the cloud Damien Riquet - damien.riquet@lifl.fr Gilles Grimaud - gilles.grimaud@lifl.fr Michaël Hauspie - michael.hauspie@lifl.fr riquetd/ D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 22/24
26 References I Security of the cloud S. M Bellovin and W. R Cheswick, Network firewalls, IEEE Communications Magazine 32 (1994), no. 9, Naga Raju Peddisetty, State-of-the-art intrusion detection: Technology, challenges, and evaluation, Damien Riquet, Gilles Grimaud, and Michael Hauspie, Large-scale coordinated attacks : Impact on the cloud security, The Second International Workshop on Mobile Commerce, Cloud Computing, Network and Communication Security 2012 (2012), 558 (Anglais). Spiceworks, New study sees rise in cloud services adoption among small and medium businesses in first half of 2010, D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 23/24
27 Collaborative security system DSL Host Hypervisor Virtual probe FPGA Guest OS Guest OS Physical probe Virtual probe D. Riquet, G. Grimaud, M. Hauspie Étude de l impact des attaques distribuées... 24/24
Large-scale coordinated attacks: Impact on the cloud security
Large-scale coordinated attacks: Impact on the cloud security Damien Riquet Gilles Grimaud M. Hauspie Team 2xS Université Lille 1, France MCNCS, Palermo, 2012 D. Riquet, G. Grimaud, M. Hauspie Large-scale
8 Steps for Network Security Protection
8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because
8 Steps For Network Security Protection
8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their
Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.
Port Scanning Objectives 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap. Introduction: All machines connected to a LAN or connected to Internet via a modem
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Chapter 5: Security Concepts for Networks Firewalls Intrusion Detection
Host-based Intrusion Prevention System (HIPS)
Host-based Intrusion Prevention System (HIPS) White Paper Document Version ( esnhips 14.0.0.1) Creation Date: 6 th Feb, 2013 Host-based Intrusion Prevention System (HIPS) Few years back, it was relatively
Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals
Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
Analyzing Intrusion Detection System Evasions Through Honeynets
Analyzing Intrusion Detection System Evasions Through Honeynets J.S Bhatia 1, Rakesh Sehgal 2, Simardeep Kaur 3, Siddharth Popli 4 and Nishant Taneja 5 1 Centre for Development of Advanced Computing 2,
Special Issues for Penetration testing of Firewall
보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 4 호, 2008년 8월 Special Issues for Penetration testing of Firewall Hoon Ko 1) Abstract A firewall is a device or software that controls the traffic of
Advancement in Virtualization Based Intrusion Detection System in Cloud Environment
Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Jaimin K. Khatri IT Systems and Network Security GTU PG School, Ahmedabad, Gujarat, India Mr. Girish Khilari Senior Consultant,
Keep you computer running Keep your documents safe Identity theft Spreading infection Data Integrity (DPA: Data Protection Act)
Security Analysis E-Commerce Security 2008 Matthew Cook Network & Security Manager Loughborough University Why bother? Keep you computer running Keep your documents safe Identity theft Spreading infection
Banking Security using Honeypot
Banking Security using Honeypot Sandeep Chaware D.J.Sanghvi College of Engineering, Mumbai smchaware@gmail.com Abstract New threats are constantly emerging to the security of organization s information
Virtualization Technologies (ENCS 691K Chapter 3)
Virtualization Technologies (ENCS 691K Chapter 3) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ The Key Technologies on Which Cloud Computing
Attacks and Defense. Phase 1: Reconnaissance
Attacks and Defense Phase 1: Reconnaissance Phase 2: Port Scanning Phase 3: Gaining Access Using Application and Operating System Using Networks Phase 1: Reconnaissance Known as information gathering.
Chapter 2 Addendum (More on Virtualization)
Chapter 2 Addendum (More on Virtualization) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ More on Systems Virtualization Type I (bare metal)
G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy
For Public Use G/On Basic Best Practice Reference Guide Version 6 Make Connectivity Easy 2006 Giritech A/S. 1 G/On Basic Best Practices Reference Guide v.6 Table of Contents Scope...3 G/On Server Platform
Product Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity
NIP IDS Product Overview The Network Intelligent Police (NIP) Intrusion Detection System (IDS) is a new generation of session-based intelligent network IDS developed by Huaweisymantec. Deployed in key
BlackRidge Technology Transport Access Control: Overview
2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service
Bendigo and Adelaide Bank Ltd Security Incident Response Procedure
Bendigo and Adelaide Bank Ltd Security Incident Response Procedure Table of Contents 1 Introduction...1 2 Incident Definition...2 3 Incident Classification...2 4 How to Respond to a Security Incident...4
Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS
Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005
Divide and Conquer Real World Distributed Port Scanning
Divide and Conquer Real World Distributed Port Scanning Ofer Maor CTO Hacktics 16 Feb 2006 Hackers & Threats I, 3:25PM (HT1-302) Introduction Divide and Conquer: Real World Distributed Port Scanning reviews
Footprinting and Reconnaissance Tools
Footprinting and Reconnaissance Tools Topic 1: Common Port Scanning Techniques Do some research on computer ports that are most often scanned by hackers. Identify a port scanning exploit that is interesting
Cooperating Security Management for Mutually Trusted Secure Networks
Cooperating Security Management for Mutually Trusted Secure Networks Lai-Ming Shiue Department of Applied Mathematics National Chung-Hsing University Taichung 402, Taiwan Shang-Juh Kao Department of Computer
Course Title: Penetration Testing: Network & Perimeter Testing
Course Title: Penetration Testing: Network & Perimeter Testing Page 1 of 7 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics
Intrusion Detection Systems and Supporting Tools. Ian Welch NWEN 405 Week 12
Intrusion Detection Systems and Supporting Tools Ian Welch NWEN 405 Week 12 IDS CONCEPTS Firewalls. Intrusion detection systems. Anderson publishes paper outlining security problems 1972 DNS created 1984
REDCENTRIC MANAGED FIREWALL SERVICE DEFINITION
REDCENTRIC MANAGED FIREWALL SERVICE DEFINITION SD007 V4.1 Issue Date 04 July 2014 1) SERVICE OVERVIEW 1.1) SERVICE OVERVIEW Redcentric s managed firewall service (MFS) is based on a hardware firewall appliance
Need for Database Security. Whitepaper
Whitepaper 2 Introduction The common factor in today s global economy where most of the business is done electronically via B2B [Business to Business] or via B2C [business to consumer] or other more traditional
City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013
City University of Hong Kong Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 01/013 Part I Course Title: Course Code: Course Duration: Cryptography
Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University
Module II. Internet Security Chapter 7 Intrusion Detection Web Security: Theory & Applications School of Software, Sun Yat-sen University Outline 7.1 Threats to Computer System 7.2 Process of Intrusions
National Cyber League Certified Ethical Hacker (CEH) TM Syllabus
National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)
Development of a Network Intrusion Detection System
Development of a Network Intrusion Detection System (I): Agent-based Design (FLC1) (ii): Detection Algorithm (FLC2) Supervisor: Dr. Korris Chung Please visit my personal homepage www.comp.polyu.edu.hk/~cskchung/fyp04-05/
How Secure is Your SCADA System?
How Secure is Your SCADA System? Charles Drobny GlobaLogix, Inc. Houston, TX, USA Our Industry is a Target 40% of cyber attacks on Critical Infrastructure targets are aimed at the Energy Industry The potential
Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper
Vulnerability Audit: Why a Vulnerability Scan Isn t Enough White Paper May 10, 2005 TABLE OF CONTENTS Introduction: How Secure Are My Systems?... 3 Vulnerability: The Modern Meaning Of A Muddled Word...
Malicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
Vulnerability Scanning & Management
Vulnerability Scanning & Management (An approach to managing the risk level of a vulnerability) Ziad Khalil 1, Mohamed Elammari 2 1 Higher Academy, 2 Rogue Wave Software Ottawa, Canada Abstract Vulnerability
CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
Distributed Port-Scan Attack in Cloud Environment
Distributed Port-Scan Attack in Cloud Environment Prachi Deshpande 1, Aditi Aggarwal 1, S.C.Sharma 1, P.Sateesh Kumar 1 1 Indian Institute of Technology Roorkee, Roorkee-India-247 667 {deprachi3, aditi127,
OPEN SOURCE SECURITY
OPEN SOURCE SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA
INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA OVERVIEW Introduction Overview The IDS Puzzle Current State of IDS Threats I have a good firewall, why do I need an IDS? Expectations
Agenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka
Taxonomy of Botnet Threats Trend Micro Inc. Presented by Tushar Ranka Agenda Summary Background Taxonomy Attacking Behavior Command & Control Rallying Mechanisms Communication Protocols Evasion Techniques
DSL and Cable Modems: The Dangers of Having a Static IP Address
DSL and Cable Modems: The Dangers of Having a Static IP Address By Joe Edwards ECE 478 Spring 2000 1.0 Introduction As computer technology continues to rapidly progress, more and more people are abandoning
Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
Understanding Security Testing
Understanding Security Testing Choosing between vulnerability assessments and penetration testing need not be confusing or onerous. Arian Eigen Heald, M.A., Ms.IA., CNE, CISA, CISSP I. Introduction Many
Description: Course Details:
Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet
Intrusion Detection Systems
Intrusion Detection Systems Advanced Computer Networks 2007 Reinhard Wallner reinhard.wallner@student.tugraz.at Outline Introduction Types of IDS How works an IDS Attacks to IDS Intrusion Prevention Systems
OfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010
OfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010 What is Trend Micro OfficeScan? Trend Micro OfficeScan Corporate Edition protects campus networks from viruses, Trojans, worms, Web-based
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
DDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT
DDoS Protection How Cisco IT Protects Against Distributed Denial of Service Attacks A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Prevent low-bandwidth DDoS attacks coming from a broad
System Specification. Author: CMU Team
System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect
Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur
Demystifying Penetration Testing for the Enterprise Presented by Pravesh Gaonjur Pravesh Gaonjur Founder and Executive Director of TYLERS Information Security Consultant Certified Ethical Hacker (CEHv8Beta)
Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking
Hacking Book 1: Attack Phases Chapter 1: Introduction to Ethical Hacking Objectives Understand the importance of information security in today s world Understand the elements of security Identify the phases
Description: Objective: Attending students will learn:
Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of
defending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
Barracuda Web Application Firewall vs. Intrusion Prevention Systems (IPS) Whitepaper
Barracuda Web Application Firewall vs. Intrusion Prevention Systems (IPS) Whitepaper Securing Web Applications As hackers moved from attacking the network to attacking the deployed applications, a category
TIME TO LIVE ON THE NETWORK
TIME TO LIVE ON THE NETWORK Executive Summary This experiment tests to see how well commonly used computer platforms withstand Internet attacks in the wild. The experiment quantifies the amount of time
Information Security Services
Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual
Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso
Cyber Attacks Protecting National Infrastructure Student Edition Edward G. Amoroso ELSEVIER. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Butterworth-Heinemann
McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version 8.1.0 and earlier
Application Note TrustedSource in McAfee Firewall Enterprise McAfee version 8.1.0 and earlier Firewall Enterprise This document uses a question and answer format to explain the TrustedSource reputation
Security Mgt. Tools and Subsystems
Security Mgt. Tools and Subsystems some attack and defense security tools at work Reconaissance Passive Active Penetration Classes of tools (network-bound) Passive Reconaissance Passively listen and analyze
Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
Intrusion Detection for Mobile Ad Hoc Networks
Intrusion Detection for Mobile Ad Hoc Networks Tom Chen SMU, Dept of Electrical Engineering tchen@engr.smu.edu http://www.engr.smu.edu/~tchen TC/Rockwell/5-20-04 SMU Engineering p. 1 Outline Security problems
Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP
Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Aakanksha Vijay M.tech, Department of Computer Science Suresh Gyan Vihar University Jaipur, India Mrs Savita Shiwani Head Of
Building Secure Networks for the Industrial World
Building Secure Networks for the Industrial World Anders Felling Vice President, International Sales Westermo Group Managing Director Westermo Data Communication AB 1 Westermo What do we do? Robust data
Reducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
Introduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
VIEWABILL. Cloud Security and Operational Architecture. featuring RUBY ON RAILS
VIEWABILL Cloud Security and Operational Architecture featuring RUBY ON RAILS VAB_CloudSecurity V1 : May 2014 Overview The Viewabill.com cloud is a highly-secure, scalable and redundant solution that enables
Securing Virtual Applications and Servers
White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating
Joint ITU-T/IEEE Workshop on Carrier-class Ethernet
Joint ITU-T/IEEE Workshop on Carrier-class Ethernet Quality of Service for unbounded data streams Reactive Congestion Management (proposals considered in IEE802.1Qau) Hugh Barrass (Cisco) 1 IEEE 802.1Qau
IDS Categories. Sensor Types Host-based (HIDS) sensors collect data from hosts for
Intrusion Detection Intrusion Detection Security Intrusion: a security event, or a combination of multiple security events, that constitutes a security incident in which an intruder gains, or attempts
IBM. Vulnerability scanning and best practices
IBM Vulnerability scanning and best practices ii Vulnerability scanning and best practices Contents Vulnerability scanning strategy and best practices.............. 1 Scan types............... 2 Scan duration
How To Protect A Network From Attack From A Hacker (Hbss)
Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment
CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24
Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key
Cyril Onwubiko Networking and Communications Group http://ncg. ncg.kingston.ac.
Cyril Onwubiko Networking and Communications Group http://ncg ncg.kingston.ac..ac.uk http://ncg.kingston.ac.uk +44 (0)20 8547 2000 Security Threats & Vulnerabilities in assets are two most fundamental
CS2107 Introduction to Information and System Security (Slid. (Slide set 8)
Networks, the Internet Tool support CS2107 Introduction to Information and System Security (Slide set 8) National University of Singapore School of Computing July, 2015 CS2107 Introduction to Information
NETWORK PENETRATION TESTING
Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes
packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.
Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System
VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION
VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION copyright 2003 securitymetrics Security Vulnerabilities of Computers & Servers Security Risks Change Daily New
CHAPTER 1 INTRODUCTION
21 CHAPTER 1 INTRODUCTION 1.1 PREAMBLE Wireless ad-hoc network is an autonomous system of wireless nodes connected by wireless links. Wireless ad-hoc network provides a communication over the shared wireless
A Denial of Service Resistant Intrusion Detection Architecture
A Denial of Service Resistant Intrusion Detection Architecture Peter Mell, Donald Marks, Mark McLarnon National Institute of Standards and Technology Computer Security Division 5-24-2000 Keywords: Intrusion
THE ROLE OF IDS & ADS IN NETWORK SECURITY
THE ROLE OF IDS & ADS IN NETWORK SECURITY The Role of IDS & ADS in Network Security When it comes to security, most networks today are like an egg: hard on the outside, gooey in the middle. Once a hacker
Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!
Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$%&'#)*)&'+,-./0.-121.030045.5675895.467:;83-/;0383; th, yyyy A&0#0+4*M:+:#&*#0%+C:,#0+4N:
Multifaceted Approach to Understanding the Botnet Phenomenon
Multifaceted Approach to Understanding the Botnet Phenomenon Christos P. Margiolas University of Crete A brief presentation for the paper: Multifaceted Approach to Understanding the Botnet Phenomenon Basic
Network/Cyber Security
Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security
Network Incident Report
To submit copies of this form via facsimile, please FAX to 202-406-9233. Network Incident Report United States Secret Service Financial Crimes Division Electronic Crimes Branch Telephone: 202-406-5850
Research on the Essential Network Equipment Risk Assessment Methodology based on Vulnerability Scanning Technology Xiaoqin Song 1
International Conference on Informatization in Education, Management and Business (IEMB 2015) Research on the Essential Network Equipment Risk Assessment Methodology based on Vulnerability Scanning Technology
Passive Vulnerability Detection
Page 1 of 5 Passive Vulnerability Detection "Techniques to passively find network security vulnerabilities" Ron Gula rgula@securitywizards.com September 9, 1999 Copyright 1999 Network Security Wizards
case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME:
The Computerworld Honors Program Summary developed the first comprehensive penetration testing product for accurately identifying and exploiting specific network vulnerabilities. Until recently, organizations
locuz.com Professional Services Security Audit Services
locuz.com Professional Services Security Audit Services Today s Security Landscape Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System layer.
Introduction of Intrusion Detection Systems
Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:
Course: Information Security Management in e-governance. Day 3. Session 1: Information Security Audits
Course: Information Security Management in e-governance Day 3 Session 1: Information Security Audits Agenda Need for information security audit and its objectives Categories of information security audit
Intrusion Detection Systems
Intrusion Detection Systems Assessment of the operation and usefulness of informatics tools for the detection of on-going computer attacks André Matos Luís Machado Work Topics 1. Definition 2. Characteristics
I D C E X E C U T I V E B R I E F
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com I D C E X E C U T I V E B R I E F P e netration Testing: Taking the Guesswork Out of Vulnerability
IS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS
Botnet Detection by Abnormal IRC Traffic Analysis
Botnet Detection by Abnormal IRC Traffic Analysis Gu-Hsin Lai 1, Chia-Mei Chen 1, and Ray-Yu Tzeng 2, Chi-Sung Laih 2, Christos Faloutsos 3 1 National Sun Yat-Sen University Kaohsiung 804, Taiwan 2 National
Network Scanning. What is a Network scanner? Why are scanners needed? How do scanners do? Which scanner does the market provide?
Network Scanning What is a Network scanner? Why are scanners needed? How do scanners do? Which scanner does the market provide? Where will our research go? Page : 1 Function - attacker view What hosts
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK AN OVERVIEW OF MOBILE ADHOC NETWORK: INTRUSION DETECTION, TYPES OF ATTACKS AND
Slow Port Scanning Detection
Slow Port Scanning Detection Mehiar Dabbagh 1, Ali J. Ghandour 1, Kassem Fawaz 1, Wassim El Hajj 2, Hazem Hajj 1 1 Department of Electrical and Computer Engineering 2 Department of Computer Science American