Protecting Critical Information Infrastructures
|
|
- Tamsin Howard
- 8 years ago
- Views:
Transcription
1 Protecting Critical Information Infrastructures Hannu H. Kari National Defence University professor, research director professor Hannu H. Kari Page 1/43
2 New responsibilities of defence forces International operations Defending Finland professor Hannu H. Kari Page 2/43 Co-operation with civil authorities
3 Objectives Globality Stability & continuity Efficiency professor Hannu H. Kari Page 3/43
4 Global and asymmetric threats Normal circumstances Disruptive situations Extreme circumstances Threats to information systems Illegal immigration Threats to health & nutrition Environmental threats Economic threats International tension Organised crime & terrorism Catastrophies & major disasters Serious violation of Finland s territorial integrity and threat of war Armed attack, war and the aftermath of war professor Hannu H. Kari Page 4/43
5 Protecting vital structures of society Functions such as: * state leadership, * foreign trade, * military defence, * internal security, * ability to tolerate a crisis, * well-being of population, and * economical and social stability. professor Hannu H. Kari Page 5/43
6 Evolution of War Evolution of societies and their relations with war? AGRARIAN SOCIETY INDUSTRIALIZED SOCIETY INFORMATION SOCIETY VALUE SOCIETY? The war is fought for/with/against the most valuable assets of the society professor Hannu H. Kari Page 6/43
7 Decision making based on OODA-loop OODA-loop by Colonel John Boyd Model for human decision making Right information delivered to right place at right time professor Hannu H. Kari Page 7/43
8 War of values professor Hannu H. Kari Page 8/43
9 Security problems in Internet, samples October 2002, Scientific American 9 out of 13 root DNS servers were crippled by DDoS attack November 2004, Damages caused by worms/viruses, Mikko Hyppönen/F-Secure Slammer: Intranet of nuclear power plant in Ohio down Bank of America ATM network down Blaster: Electric power network down in NY, USA Several SCADA systems down Sasser: All train traffic halted in Australia Two hospitals in Sweden infected January 2005, BBC News Internet gambling hit hard by the attacks. Extortionists are targeting net-based betting firms and threatening to cripple their websites with deluges of data unless a ransom is paid. September 2006, Scientific American Attack on DNS (Domain Name System) allows cybercriminal to hijack ordinary netbanking sessions January 2007, Almost 1 Million stolen from a Scandinavian bank by a Russian hacker with a trojan distributed with spam mail The biggest so far.. January 2005, FBI/Tsunami Net criminals used fake web pages of American Red Cross to get credit card data May 2007, IT-Viikko Attacks on Estonian governmental and commercial net sites professor Hannu H. Kari Page 9/43
10 Security problems in Internet, samples October 2002, Scientific American 9 out of 13 root DNS servers were crippled by DDoS attack November 2004, Damages caused by worms/viruses, Mikko Hyppönen/F-Secure Slammer: Intranet of nuclear power plant in Ohio down Bank of America ATM network down Blaster: Electric power network down in NY, USA Several SCADA systems down Sasser: All train traffic halted in Australia Two hospitals in Sweden infected January 2005, FBI/Tsunami Net criminals used fake web pages of American Red Cross to get credit card data September 2006, Scientific American Estonia, May 2007, January 2005, BBC News Internet gambling hit hard by the attacks. Extortionists are targeting net-based betting firms and threatening to cripple their websites with deluges of data unless a ransom is paid. Attack on DNS (Domain Name System) allows cybercriminal to hijack ordinary netbanking sessions January 2007, Almost 1 Million stolen from a Scandinavian bank by a Russian hacker with a trojan distributed with spam mail The biggest so far.. Finland May 2007 May 2007, IT-Viikko Attacks on Estonian governmental and commercial net sites professor Hannu H. Kari Page 10/43
11 Security problems in Internet, samples DDoS attacks Design flaws DoS, DDoS attacks Criminal intentions Viruses, worms, mallware Criminal intentions DNS attacks Design flaws Phishing Users stupidity Scams Users stupidity DoS, DDoS attacks Design flaws professor Hannu H. Kari Page 11/43
12 Internet design criterion Primary goals Based on David D. Clark: Multiplexing of channel The Design Philosophy Various network archtectures of the DARPA Internet Protocols Administrative boundaries Packet switching Gateways (routers) between networks Secondary goals Robustness (loss of routers and links) Multiple services (reliable or realtime data) Usage of various networks Distributed management Cost efficient implementation Simple attachement to network Resource usage monitoring professor Hannu H. Kari Page 12/43
13 Implicit Internet design criterion Silent assumptions Benevolence Openness Limited bandwidth Low level of dynamicity No mobility Limited computation capacity High cost of crypto algorithms professor Hannu H. Kari Page 13/43
14 Modern problems Today we have Internal problems Eavesdropping Packet manipulation Privacy problems Viruses Network criminals... professor Hannu H. Kari Page 14/43
15 Internet design flaws Original design principles: The enemy is out there! Everybody can send anything to anybody Security measures are introduced afterwards The new design principles: The enemy is among us! We must be prepared to pay for security/reliability in form of computation power, bandwidth, energy, etc. Strong security as the fundamental building block Legal sanctions against malevolent entities Every packet must have an owner! professor Hannu H. Kari Page 15/43
16 Security domains professor Hannu H. Kari Page 16/43
17 Four security domains 4. Virtual communities (Knowledge sharing) Restricted caller groups 3. Content integrity/authenticity/timelyness (information sharing) PGP, S/MIME 2. End-to-end secured communication (Data integrity and confidentiality) IPsec, TLS 1. Reliable operation of the critical network infrastructure Partial solutions: MPLS, Physical protection professor Hannu H. Kari Page 17/43
18 Weakest point: Infrastructure Info-bulimia Flooding, DoS/DDos, Smurf, Sync,... Info-anemia Link breakage, data corruption, rerouting packet, router attacks, DNS-attacks,... We don t get vital information in time We can t make decisions or we do decisions with incomplete information Reliably operating network is a MUST professor Hannu H. Kari Page 18/43
19 Solving the problems professor Hannu H. Kari Page 19/43
20 Securing network infrastructure professor Hannu H. Kari Page 20/43
21 Traditional Internet usage R R professor Hannu H. Kari Page 21/43
22 Protecting network infrastructure Need: Communication between two legitimate computers shall be possible despite any hostile attacks, manipulated packets, jammed networks, cut the communication links, etc. Target: The network (i.e., routers) shall distinguish whether a packet is Good: generated by a legitimate computer => forward packet Bad: generated or modified by attackers => discard packet Possibility to prioritize traffic based on importance of packet/user professor Hannu H. Kari Page 22/43
23 Ultimate solution: Packet Level Authentication (PLA) Analogy: Security measures on notes Holograms, Microprint, Watermarks, UV-light Any receiver of notes can verify the authenticity of every note without consulting with banks or other authorities In PLA (designed by HUT) every packet is digitally signed by originator with strong crypto contains all information to validate authority of the sender integrity, timeliness, uniqueness of the packet Project financed by Finnish government s (Tekes) strategic research funding professor Hannu H. Kari Page 23/43
24 Performance Altera FPGA ECC module With single chip solution: 200 Mbit/s with 150B packets 2 Gbit/s with 1500B packets Gigabit Ethernet IN Front end standard 1GE IP core ECC module ECC module ECC module ECC module HUT s HW implementation (Altera s Stratix II EP 2S180F1020C3 FPGA chips with 150 MHz clock) One ECC digital signature calculation/validation takes 120us With 19 parallel modules, max output is signatures/s With special ASIC its possible scale performance over 10 Gbit/s with single chip implementation Guestimated: 50M gates chip running 500 MHz... Back end standard 1GE IP core Gigabit Ethernet OUT professor Hannu H. Kari Page 24/43
25 Short term solution: Secured Infrastructure Router (SIR) SIR SIR professor Hannu H. Kari Page 25/43
26 Secured Infrastructure Router (SIR) SIR QoS control, duplication SIR QoS control, duplicate removal QoS reporting, management signaling professor Hannu H. Kari Page 26/43
27 Alternative SIR operation SIR SIR SIR SIR SIR SIR SIR SIR professor Hannu H. Kari Page 27/43
28 Securing services professor Hannu H. Kari Page 28/43
29 Increasing reliability of network services Internet ISP 1 ISP 2 REUNAREITITTIMET IPS / HYÖKKÄYKSEN LIEVENNYS PALOMUURIT SSL-SALAUS / SALAUKSEN PURKU IPS SISÄLTÖKYTKIMET / KUORMANJAKO EDUSTAPALVELIMET Tietokeskus 1 Tietokeskus 2 Varmistuskeskus SOVELLUSPALVELIMET source: Anssi Rajaniemi: Verkkopankin toimintavarmuuden turvaaminen tietoverkon näkökulmasta, HUT, Master s thesis, 2005 Tietokeskus PALOMUURIT KESKUSKONEET professor Hannu H. Kari Page 29/43
30 Securing content delivery professor Hannu H. Kari Page 30/43
31 Multichannel data delivery:today Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV National Defence Authorities University, Citizens professor Hannu H. Kari Page 31/43
32 Multichannel data delivery: in the future Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV National Defence Authorities University, Citizens professor Hannu H. Kari Page 32/43
33 Reliable delivery of a document document Sender Add FEC Signatures multichannel network check signatures Receiver data reconstruction defragmentation fragmentation document professor Hannu H. Kari Page 33/43
34 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 34/43
35 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 35/43
36 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 36/43
37 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 37/43
38 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 38/43
39 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Regenerating missing data by using error correction information in other packets locally Information professor Hannu H. Kari Page 39/43
40 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV correct and up to date information Information professor Hannu H. Kari Page 40/43
41 Conclusions professor Hannu H. Kari Page 41/43
42 Conclusions Risks with Internet are imminent...due to original design of Internet Architecture with several levels of security... one solution is not enough Plan-B: What shall we do, when our network doesn t work? manual work? What is the minimum level of service? professor Hannu H. Kari Page 42/43
43 NATIONAL DEFENCE UNIVERSITY Do the work that has a meaning Thank you for your Questions? attention! professor Hannu H. Kari Page 43/43
Protecting Critical Information Infrastructures
Protecting Critical Information Infrastructures Hannu H. Kari 1.4.2007 Helsinki University of Technology professor on mobility National Defence University professor, research director professor Hannu H.
More informationMobility research group
Mobility research group professor Hannu H. Kari Helsinki University (HUT) Department of Computer Science and Engineering Laboratory for Theoretical Computer Science Hannu H. Kari/HUT/CS/TCS Page 1/36 Research
More informationPacket Level Authentication Overview
Packet Level Authentication Overview Dmitrij Lagutin, Dmitrij.Lagutin@hiit.fi Helsinki Institute for Information Technology HIIT Aalto University School of Science and Technology Contents Introduction
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationThreats to be considered (1) ERSTE GROUP
VoIP-Implementation Lessons Learned Philipp Schaumann Erste Group Bank AG Group IT-Security philipp.schaumann@erstegroup.com http://sicherheitskultur.at/ Seite 1 Threats to be considered (1) Eavesdropping
More informationDDoS Overview and Incident Response Guide. July 2014
DDoS Overview and Incident Response Guide July 2014 Contents 1. Target Audience... 2 2. Introduction... 2 3. The Growing DDoS Problem... 2 4. DDoS Attack Categories... 4 5. DDoS Mitigation... 5 1 1. Target
More informationSIP and VoIP 1 / 44. SIP and VoIP
What is SIP? What s a Control Channel? History of Signaling Channels Signaling and VoIP Complexity Basic SIP Architecture Simple SIP Calling Alice Calls Bob Firewalls and NATs SIP URIs Multiple Proxies
More informationReal-time Network Monitoring and Security Platform for Securing Next-Generation Network. Assoc. Prof. Dr. Sureswaran Ramadass
Real-time Network Monitoring and Security Platform for Securing Next-Generation Network Assoc. Prof. Dr. Sureswaran Ramadass The platform Definition A description of a software framework that makes services
More informationEUCIP - IT Administrator. Module 5 IT Security. Version 2.0
EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single
More informationProtecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper
Protecting DNS Critical Infrastructure Solution Overview Radware Attack Mitigation System (AMS) - Whitepaper Table of Contents Introduction...3 DNS DDoS Attacks are Growing and Evolving...3 Challenges
More informationCybersecurity: Thailand s and ASEAN s priorities. Soranun Jiwasurat www.etda.or.th
Cybersecurity: Thailand s and ASEAN s priorities Soranun Jiwasurat www.etda.or.th Cyber Threat Landscape Overview 2 Cyber threat a hostile act using computers, electronic information and/or digital networks
More informationData Centers Protection from DoS attacks. Trends and solutions. Michael Soukonnik, Radware Ltd michaels@radware.com Riga. Baltic IT&T. 21.04.
Data Centers Protection from DoS attacks. Trends and solutions Michael Soukonnik, Radware Ltd michaels@radware.com Riga. Baltic IT&T. 21.04.2010 Cybercrime Trends Page 2 Types of DoS attacks and classical
More informationNetwork Security. by David G. Messerschmitt. Secure and Insecure Authentication. Security Flaws in Public Servers. Firewalls and Packet Filtering
Network Security by David G. Messerschmitt Supplementary section for Understanding Networked Applications: A First Course, Morgan Kaufmann, 1999. Copyright notice: Permission is granted to copy and distribute
More informationDKIM Enabled Two Factor Authenticated Secure Mail Client
DKIM Enabled Two Factor Authenticated Secure Mail Client Saritha P, Nitty Sarah Alex M.Tech Student[Software Engineering], New Horizon College of Engineering, Bangalore, India Sr. Asst Prof, Department
More informationPART D NETWORK SERVICES
CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationA Brief Discussion of Network Denial of Service Attacks. by Eben Schaeffer 0040014 SE 4C03 Winter 2004 Last Revised: Thursday, March 31
A Brief Discussion of Network Denial of Service Attacks by Eben Schaeffer 0040014 SE 4C03 Winter 2004 Last Revised: Thursday, March 31 Introduction There has been a recent dramatic increase in the number
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationNetworks. Connecting Computers. Measures for connection speed. Ethernet. Collision detection. Ethernet protocol
Connecting Computers Networks Computers use networks to communicate like people use telephones or the postal service Requires either some sort of cable point-to-point links connect exactly 2 computers
More informationNetwork Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
More informationfor Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs
for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs EXECUTIVE SUMMARY Supervisory Control and Data Acquisition (SCADA) systems are used for remote
More informationAnthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa
SECURING THE DIGITAL DIVIDE: COMBATING CYBERCRIME Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa INTRODUCTION q Given modern
More informationNetwork Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000
Network Security Protective and Dependable With the growth of the Internet threats, network security becomes the fundamental concerns of family network and enterprise network. To enhance your business
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationBest Practices for Securing IP Telephony
Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationCE 817 - Advanced Network Security VoIP Security
CE 817 - Advanced Network Security VoIP Security Lecture 25 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationVoIP Security Challenges: 25 Ways to Secure your VoIP Network from Versign Security, Dec 01, 2006
VoIP Security Challenges: 25 Ways to Secure your VoIP Network from Versign Security, Dec 01, 2006 VoIP technology has the tech geeks buzzing. It has been touted as: - the killer of telecoms - a solution
More informationHow To Stop A Ddos Attack On A Website From Being Successful
White paper Combating DoS/DDoS Attacks Using Cyberoam Eliminating the DDoS Threat by Discouraging the Spread of Botnets www.cyberoam.com Introduction Denial of Service (DoS) and Distributed Denial of Service
More informationSecuring VoIP Networks using graded Protection Levels
Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract
More informationSoftware Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS
Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005
More informationThe FBI and the Internet
The FBI and the Internet Special Agent Robert Flaim Federal Bureau of Investigation Presentation Goals To give you a better understanding of: The FBI Cyber Division, its priorities, and its mission The
More informationAchieving Truly Secure Cloud Communications. How to navigate evolving security threats
Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
More informationSecured Voice over VPN Tunnel and QoS. Feature Paper
Secured Voice over VPN Tunnel and QoS Feature Paper Table of Contents Introduction...3 Preface...3 Chapter 1: The Introduction of Virtual Private Network (VPN) 3 1.1 The Functions and Types of VPN...3
More informationFirewalls CSCI 454/554
Firewalls CSCI 454/554 Why Firewall? 1 Why Firewall (cont d) w now everyone want to be on the Internet w and to interconnect networks w has persistent security concerns n can t easily secure every system
More informationSecurity and Risk Analysis of VoIP Networks
Security and Risk Analysis of VoIP Networks S.Feroz and P.S.Dowland Network Research Group, University of Plymouth, United Kingdom e-mail: info@network-research-group.org Abstract This paper address all
More informationEstonia 2007 Cyberattakcs
Estonia 2007 Cyberattakcs 2010 Agenda Background April 2007 What is cyberattack Estonia as an information society Cyberattacks Protection measures used Lessons learned What are we doing - measures Background
More informationInformation Technology Cyber Security Policy
Information Technology Cyber Security Policy (Insert Name of Organization) SAMPLE TEMPLATE Organizations are encouraged to develop their own policy and procedures from the information enclosed. Please
More informationKASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks
KASPERSKY DDOS PROTECTION Discover how Kaspersky Lab defends businesses against DDoS attacks CYBERCRIMINALS ARE TARGETING BUSINESSES If your business has ever suffered a Distributed Denial of Service (DDoS)
More informationHow To Prevent Hacker Attacks With Network Behavior Analysis
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationSecurity in Global IP Networks
Security Technology for the Internet Security in Global IP Networks Tatu Ylönen SSH Communications Security Corp What are global IP networks? The Internet The consumer internet Global uncontrolled
More informationFirewall and UTM Solutions Guide
Firewall and UTM Solutions Guide Telephone: 0845 230 2940 e-mail: info@lsasystems.com Web: www.lsasystems.com Why do I need a Firewall? You re not the Government, Microsoft or the BBC, so why would hackers
More informationHow Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail
How Fail Today s Networks And Why Will Prevail Why your current firewall may be jeopardizing your security, and how you can counter today s threats, manage web 2.0 apps and enforce acceptable-use policies.
More informationNetwork Security Workshop
Network Security Workshop Threat Pragmatics Fakrul (Pappu) Alam bdhub Limited fakrul@bdhub.com Targets Many sorts of targets: Network infrastructure Network services Application services User machines
More informationDetailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
More informationVoice Over IP (VoIP) Denial of Service (DoS)
Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationAdvanced Security and Mobile Networks
Advanced Security and Mobile Networks W.Buchanan (1) 3. Encryption 4. Forensic Computing Advanced Security and Mobile Networks: Learning Outcomes: 2. IDS 1. Network Security 5. Software Security 6. Network
More informationNetwork Security. 1 Pass the course => Pass Written exam week 11 Pass Labs
Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet
More informationUpdated January 2016. Hosting and Managed Services Acceptable Use Policy
Updated January 2016 Hosting and Managed Services Acceptable Use Policy Key Comment This policy provides Cologix customers ordering hosting and managed services from Cologix with standards and rules regarding
More informationEmail Security - A Holistic Approach to SMBs
Implementing the latest anti-virus software and security protection systems can prevent many internal and external threats. But these security solutions have to be updated regularly to keep up with new
More informationChallenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved
Siemens AG - Corporate Technology - IT Security Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved Not a single
More informationCyber Security Where Do I Begin?
ISPE Automation Forum Cyber Security Where Do I Begin? Don Dickinson Project Engineer Phoenix Contact ..50% more infected Web pages Click in the on one last and three you months won t of notice 2008 than
More informationThe FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
More informationDistributed Denial of Service Attacks
Distributed Denial of Service Attacks Steve Crocker Chair, SSAC June 25, 2007 San Juan, Puerto Rico 1 Agenda Types of Attacks DDoS attacks Amplified DDoS attacks - 2006 Estonia - May 2007 What do Do 2
More informationEvolution of attacks and Intrusion Detection
Evolution of attacks and Intrusion Detection AFSecurity seminar 11 April 2012 By: Stian Jahr Agenda Introductions What is IDS What is IDS in mnemoic How attacks have changed by time and how has it changed
More informationLegal Issues / Estonia Cyber Incident
Control System Cyber Security Conference 22 October 2009 Legal Issues / Estonia Cyber Incident Maeve Dion Center for Infrastructure Protection George Mason University School of Law Legal Issues / Estonia
More informationInformation Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need
More informationHuawei Eudemon200E-N Next-Generation Firewall
Huawei 200E-N Next-Generation Firewall With the popularity of mobile working using smartphones and tablets, mobile apps, Web2.0, and social networking become integral parts of works. This change in IT
More informationVirus Protection Across The Enterprise
White Paper Virus Protection Across The Enterprise How Firewall, VPN and /Content Security Work Together Juan Pablo Pereira Sr. Technical Marketing Manager Juniper Networks, Inc. 1194 North Mathilda Avenue
More informationCISCO IOS NETWORK SECURITY (IINS)
CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
More informationDDoS Basics. internet: unique numbers that identify areas and unique machines on the network.
DDoS Basics Introduction Distributed Denial of Service (DDoS) attacks are designed to prevent or degrade services provided by a computer at a given Internet Protocol 1 (IP) address. This paper will explain,
More informationInsiders View: Network Security Devices
Insiders View: Network Security Devices Dennis Cox CTO @ BreakingPoint Systems CanSecWest/Core06 Vancouver, April 2006 Who am I? Chief Technology Officer - BreakingPoint Systems Director of Engineering
More informationOtas%serumquis%es%explibu%sanimet%et%aut%omnisse Otas%serumquis%es%explibu%sanimet%et%aut%omnisse%nimpore%rendae% nonecerum% NUCLEUS BVBA MATTIAS GENIAR SENIOR SYSTEM ENGINEER dolorem.% MATTIAS@NUCLEUS.BE
More informationManaged Security Services
Managed Security Services 1 Table of Contents Possible Security Threats 3 ZSL s Security Services Model 4 Managed Security 4 Monitored Security 5 Self- Service Security 5 Professional Services 5 ZSL s
More informationSPAM FILTER Service Data Sheet
Content 1 Spam detection problem 1.1 What is spam? 1.2 How is spam detected? 2 Infomail 3 EveryCloud Spam Filter features 3.1 Cloud architecture 3.2 Incoming email traffic protection 3.2.1 Mail traffic
More informationSecurity Issues with Distributed Web Applications
Security Issues with Distributed Web Applications Device Connectivity We are entering the era of Device Connectivity, which is the fourth wave of evolution for Internet-enabled applications. The first
More informationComputer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings
Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,
More informationHow To Use A Phone Over Ip (Phyto) For A Phone Call
SIP and VoIP Skype an example VoIP client 1 SIP / VoIP: what are these? Voice over IP (VoIP) Session Initiation Protocol (SIP) Control channel Known in telephone world as signaling channel Does call setup:
More informationThreats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1
Threats and Attacks Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to:
More informationNetwork Security. Protective and Dependable. Pioneer of IP Innovation
Network Protective and Dependable Pioneer of IP Innovation Why PLANET Network Solution? With the growth of the threats, network security becomes the fundamental concerns of home and enterprise network.
More informationSECURITY FLAWS IN INTERNET VOTING SYSTEM
SECURITY FLAWS IN INTERNET VOTING SYSTEM Sandeep Mudana Computer Science Department University of Auckland Email: smud022@ec.auckland.ac.nz Abstract With the rapid growth in computer networks and internet,
More informationE-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
More informationNetwork Security and the Small Business
Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,
More informationAt dincloud, Cloud Security is Job #1
At dincloud, Cloud Security is Job #1 A set of surveys by the international IT services company, the BT Group revealed a major dilemma facing the IT community concerning cloud and cloud deployments. 79
More information9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500
INFO 1500 9. Information Assurance and Security, Protecting Information Resources 11. ecommerce and ebusiness Janeela Maraj Tutorial 9 21/11/2014 9. Information Assurance and Security, Protecting Information
More informationVoIP Security Threats and Vulnerabilities
Abstract VoIP Security Threats and Vulnerabilities S.M.A.Rizvi and P.S.Dowland Network Research Group, University of Plymouth, Plymouth, UK e-mail: info@network-research-group.org This paper presents the
More informationWhat would you like to protect?
Network Security What would you like to protect? Your data The information stored in your computer Your resources The computers themselves Your reputation You risk to be blamed for intrusions or cyber
More informationCisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices
Data Sheet Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices Medium-sized enterprises face the same daunting challenges as the Fortune 500 and Global 2000 - higher mail volumes and
More informationVoice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005
Voice over IP VoIP (In) Security Presented by Darren Bilby NZISF 14 July 2005 Security-Assessment.com Who We Are NZ s only pure-play security firm Largest team of security professionals in NZ Offices in
More informationChapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers 2012. Your Interactive Guide to the Digital World
Chapter 11 Manage Computing Securely, Safely and Ethically Discovering Computers 2012 Your Interactive Guide to the Digital World Objectives Overview Define the term, computer security risks, and briefly
More informationHow To Stop A Ddos Attack On A Network From Tracing To Source From A Network To A Source Address
Inter-provider Coordination for Real-Time Tracebacks Kathleen M. Moriarty 2 June 2003 This work was sponsored by the Air Force Contract number F19628-00-C-002. Opinions, interpretations, conclusions, and
More informationPractical guide for secure Christmas shopping. Navid
Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security
More informationTLP WHITE. Denial of service attacks: what you need to know
Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationDDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT
DDoS Protection How Cisco IT Protects Against Distributed Denial of Service Attacks A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Prevent low-bandwidth DDoS attacks coming from a broad
More informationTELE 301 Network Management. Lecture 18: Network Security
TELE 301 Network Management Lecture 18: Network Security Haibo Zhang Computer Science, University of Otago TELE301 Lecture 18: Network Security 1 Security of Networks Security is something that is not
More informationVerizon Columbia Research on VoIP Security A Model Academia/Industry Collaboration. Gaston Ormazabal. Verizon Laboratories.
Verizon 2009 All Rights Reserved. 1 Verizon Columbia Research on VoIP Security A Model Academia/Industry Collaboration Gaston Ormazabal Verizon Laboratories May 13, 2009 June 16, 2009 Verizon 2009 All
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationCisco ASA 5500 Series Content Security Edition for the Enterprise
Cisco ASA 5500 Series Content Security Edition for the Enterprise Viruses and other malicious code can overwhelm your IT resources, disrupting business operations and impacting business transactions. The
More informationSession Initiation Protocol Security Considerations
Session Initiation Protocol Security Considerations Sami Knuutinen Helsinki University of Technology Department of Computer Science and Engineering May 28, 2003 Abstract Session Initiation Protocol (SIP)
More informationDr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview
DDoS and IP Traceback Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu Louisiana State University DDoS and IP Traceback - 1 Overview Distributed Denial of Service
More informationDOMAIN NAME SECURITY EXTENSIONS
DOMAIN NAME SECURITY EXTENSIONS The aim of this paper is to provide information with regards to the current status of Domain Name System (DNS) and its evolution into Domain Name System Security Extensions
More informationE-Business, E-Commerce
E-Business, E-Commerce Lecture Outline 11 Instructor: Kevin Robertson Introduction to Information Systems Explain the differences between extranets and intranets as well as show how organizations utilize
More informationSonicWALL Unified Threat Management. Alvin Mann April 2009
SonicWALL Unified Threat Management Alvin Mann April 2009 Agenda Who is SonicWALL? Networking Drivers & Trends SonicWALL Unified Threat Management (UTM) Next Generation Protection SonicWALL CONFIDENTIAL
More informationOnline International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN2249-9598, Volume-III, Issue-IV, July-Aug 2013
Need to understand Cyber Crime s Impact over national Security in India: A case study P.R. Patil and D.V. Bhosale Dept. of Defence & Strategic Studies, Tuljaram Chaturchand College, Baramati, Dist- Pune,
More informationU. S. Attorney Office Northern District of Texas March 2013
U. S. Attorney Office Northern District of Texas March 2013 What Is Cybercrime? Hacking DDOS attacks Domain name hijacking Malware Other computer related offenses, i.e. computer and internet used to facilitate
More information