Introduction to Network Security Security Overview
|
|
- Alvin McKenzie
- 8 years ago
- Views:
Transcription
1 Introduction to Network Security Security Overview Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology 31 August 2015 rev Egemen K. Çetinkaya
2 Network Security Overview Outline Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 2
3 Network Security Overview Overview and Role in Resilience Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 3
4 Security Security Definition property of a system and measures taken protect itself from unauthorized access or change subject to policy 31 August 2015 MST CPE 5420 Security Overview 4
5 Self-protection Self-Protection Importance to Resilience systems protect themselves from unauthorized access network control infrastructure Systems with the need to protect themselves end systems (e.g. firewalls) intermediate systems: routers, switches servers: DNS, Web, etc. enterprise networks (e.g. firewalls) virtual enclaves network realms that define trust boundaries 31 August 2015 MST CPE 5420 Security Overview 5
6 Self-protection Self-Protection Importance to Resilience systems protect themselves from unauthorized access network control infrastructure Network control infrastructure signalling (e.g. ICMP, RSVP/MPLS) routing protocols (e.g. S-BGP, OSPF, IS-IS) network services (e.g. DNSSEC, ICP) 31 August 2015 MST CPE 5420 Security Overview 6
7 Vulnerability Security Vulnerability flaw or weakness in system design, implementation, controls, operation, or management could be exploited to violate security policy [CNSS ] [S2007] note relation to definition with respect to faults internal fault that allows an external fault to cause an error [Laprie-1994], [ALR+2004] 31 August 2015 MST CPE 5420 Security Overview 7
8 Threat Security Threats entity, circumstance, capability, action, or event with potential to violate security and cause harm [CNSS ] [S2007] potential challenge that might exploit a vulnerability 31 August 2015 MST CPE 5420 Security Overview 8
9 Threat Security Threat Analysis entity, circumstance, capability, action, or event with potential to violate security and cause harm [CNSS ] [S2007] potential challenge that might exploit a vulnerability Threat analysis examination of information and analysis of actions to identify potential threats identifying probability of occurrence and consequences [CNSS ] [S2007] 31 August 2015 MST CPE 5420 Security Overview 9
10 Security Challenges Challenge : adverse event or condition that might violate security policy including availability impact dependability impact performability three aspects of trustworthiness 31 August 2015 MST CPE 5420 Security Overview 10
11 Security Discipline Evolution 1960s: computer system security security among multiple users on timesharing systems operating system security (e.g Multics) 1980s: computer network security security among computers sharing enterprise network 1990s: Internet security security against (almost) universal access to Global Internet 31 August 2015 MST CPE 5420 Security Overview 11
12 Network Security Overview Security Sub-disciplines Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 12
13 Security Relationship to Resilience Disciplines Egemen K. Çetinkaya Survivability many targetted failures Fault Tolerance (few random) Challenge Tolerance Traffic Tolerance Disruption Tolerance environmental delay connectivity energy mobility Robustness Complexity confidentiality Trustworthiness Dependability reliability maintainability safety availability auditability Security AAA authenticity integrity nonrepudiability authorisability legitimate flash crowd attack DDoS Performability QoS measures 31 August 2015 MST CPE 5420 Security Overview 13
14 Confidentiality AAA (triple-a) Security Security Properties and Attributes accounting or auditability (sometimes AAAA) authorisation authentication Attributes shared with dependability availability integrity Nonrepudiation note: all stated as -ilities in diagram for consistency 31 August 2015 MST CPE 5420 Security Overview 14
15 Confidentiality Security Confidentiality information is not made available or disclosed to unauthorized individuals, entities, processes, devices [X ] [CNSS ] [S2007] dependability with respect to the absence of unauthorized disclosure of information [Laprie-1994] includes privacy aspects Mechanisms for confidentiality? 31 August 2015 MST CPE 5420 Security Overview 15
16 Confidentiality Security Confidentiality information is not made available or disclosed to unauthorized individuals, entities, processes, devices [X ] [CNSS ] [S2007] dependability with respect to the absence of unauthorized disclosure of information [Laprie-1994] includes privacy aspects Mechanisms for confidentiality physical access restrictions encryption 31 August 2015 MST CPE 5420 Security Overview 16
17 Accounting Security Accounting and Auditing collecting information on access to resources generating audit trail Accounting is part of AAA auditing is sometimes separately added as AAAA 31 August 2015 MST CPE 5420 Security Overview 17
18 Authorization Security Authorization granting of privileges or rights [X ] [CNSS ] [S2007] Authorization is part of AAA Mechanisms for authorization? 31 August 2015 MST CPE 5420 Security Overview 18
19 Authorization Security Authorization granting of privileges or rights [X ] [CNSS ] [S2007] Authorization is part of AAA Mechanisms for authorization ACLs (access control lists) and capabilities authentication 31 August 2015 MST CPE 5420 Security Overview 19
20 Authentication Security Authentication data origin authentication: assurance that the source of data is as claimed peer-entity authentication: assurance that peer in association is as claimed [X ] [CNSS ] [S2007] Authentication is part of AAA Mechanisms for authentication? 31 August 2015 MST CPE 5420 Security Overview 20
21 Authentication Security Authentication data origin authentication: assurance that the source of data is as claimed peer-entity authentication: assurance that peer in association is as claimed [X ] [CNSS ] [S2007] Authentication is part of AAA Mechanisms for authentication digital certificates and signatures 31 August 2015 MST CPE 5420 Security Overview 21
22 Availability Security Availability property of being accessible and useable upon demand by an authorized entity [X ] [CNSS ] [S2007] Availability is also a dependability aspect probability of a of system operational at a given time 31 August 2015 MST CPE 5420 Security Overview 22
23 Integrity Security Integrity refers to logical correctness [ATIS-T ] data integrity: not changed, lost, destroyed; maliciously or accidentally system integrity: correct operation without unauthorized manipulation source integrity: data trustworthy based on its source and handling [X ] [CNSS ] [S2007] Integrity is also a dependability aspect Mechanisms for integrity? 31 August 2015 MST CPE 5420 Security Overview 23
24 Integrity Security Integrity refers to logical correctness [ATIS-T ] data integrity: not changed, lost, destroyed; maliciously or accidentally system integrity: correct operation without unauthorized manipulation source integrity: data trustworthy based on its source and handling [X ] [CNSS ] [S2007] Integrity is also a dependability aspect Mechanisms for integrity message digest (e.g. MD5, SHA-1) 31 August 2015 MST CPE 5420 Security Overview 24
25 Nonrepudiation Security Nonrepudiation inability to deny having participated in communication [X ] [CNSS ] [S2007] Mechanisms for nonrepudiation? 31 August 2015 MST CPE 5420 Security Overview 25
26 Nonrepudiation Security Nonrepudiation inability to deny having participated in communication [X ] [CNSS ] [S2007] Mechanisms for nonrepudiation digital certificates and signatures 31 August 2015 MST CPE 5420 Security Overview 26
27 Network Security Overview Overview of Attacks and Defenses Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 27
28 Misuse of terminology Network Security Attackers Do all of the below mean a malicious entity? Adversary? Cracker? Hacker? Intruder? 31 August 2015 MST CPE 5420 Security Overview 28
29 Network Security Attackers Adversary? entity that attacks a system Cracker? (also spelled kracker) someone who tries to break into someone else s system Hacker? (cracker hacker) someone working on computers and make cool things Intruder? entity that tries to gain unauthorized access Packet monkey? (deprecated) someone who floods a system for a DOS condition Script kiddy? someone who uses existing scripts, but not innovative [S2007] 31 August 2015 MST CPE 5420 Security Overview 29
30 Application attacks Protocol attacks Operational Policy Hardware Network Security Attack Types 31 August 2015 MST CPE 5420 Security Overview 30
31 Application attacks Attack Types Applications attacks exploit vulnerability in end-user software Examples: attacks against web browsers 31 August 2015 MST CPE 5420 Security Overview 31
32 Attack Types Protocols Attacks on network protocols Examples: BGP DNS 31 August 2015 MST CPE 5420 Security Overview 32
33 Operational Attack Types Operational attacks exploiting operation procedures to mismanage traffic Examples: attacks on routers attacks on links DoS, DDoS 31 August 2015 MST CPE 5420 Security Overview 33
34 Attack Types Policy Attacks exploiting policy aspects Examples: password? 31 August 2015 MST CPE 5420 Security Overview 34
35 Attacks on hardware Attack Types Hardware Can be more expensive as an attacker need to be involved from the design stage but the attack can be more damaging Examples: malicious design in hardware cutting fibre sniper attack on California power station [TK2010] 31 August 2015 MST CPE 5420 Security Overview 35
36 Passive attacks Attack Types Passive and Active Attacks attempts to learn or make use of the information but does not impact system resources difficult to detect Examples? Active attacks [S2014] 31 August 2015 MST CPE 5420 Security Overview 36
37 Attack Types Passive and Active Attacks Passive attacks attempts to learn or make use of the information but does not impact system resources difficult to detect Examples wiretapping telephone conversations s traffic analysis Encryption is defensive mechanism Active attacks [S2014] 31 August 2015 MST CPE 5420 Security Overview 37
38 Passive attacks Active attacks Attack Types Passive and Active Attacks modify the existing communication insertion of false information in the communication difficult to prevent Examples? [S2014] 31 August 2015 MST CPE 5420 Security Overview 38
39 Passive attacks Active attacks Attack Types Passive and Active Attacks modify the existing communication insertion of false information in the communication difficult to prevent Examples replay: capture data to produce an unauthorized effect masquerade: one entity pretends to be a different entity modification of messages: altered, delayed or reordered denial of service: inhibits use of services [S2014] 31 August 2015 MST CPE 5420 Security Overview 39
40 Network Security Defense Mechanisms Cryptographic algorithms: symmetric encryption asymmetric encryption data integrity protocols authentication protocols Security in network protocols: PGP, S/MIME, HTTPS, SSL, TLS, IPsec, S-BGP, DNSSEC i (WEP WPA WPA2) Firewall, ACL (access control list) 31 August 2015 MST CPE 5420 Security Overview 40
41 Network Security Overview Metrics and Evaluation Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 41
42 Security Metrics Overview How can the security evaluated? Generally two ideas: security is binary it can be evaluated within a range Security metrics metric indicating strength/weakness of security mechanism very immature field (except for cryptanalysis) Examples confidentiality: key length, CPU time for brute-force attack 31 August 2015 MST CPE 5420 Security Overview 42
43 Rainbow series NIST FIPS 199 Attack graphs Attack trees [NST2004] Security Evaluation Methods 31 August 2015 MST CPE 5420 Security Overview 43
44 Security Evaluation Rainbow Series Rainbow series About computer security guidelines Published by DoD and NSA in early 1980s Replaced by Common Criteria in 2000s Orange book is known for security evaluation 31 August 2015 MST CPE 5420 Security Overview 44
45 Security Evaluation Orange Book Trusted Computer System Evaluation Criteria TCSEC Initially issued 1983, later updated in 1985 Replaced by common criteria in 2005 Evaluation criteria Class D: minimal protection Class C1: discretionary security protection Class C2: controlled access protection Class B1: labelled security protection Class B2: structured protection Class B3: security domains Class A1: verified design 31 August 2015 MST CPE 5420 Security Overview 45
46 NIST FIPS 199 Security Evaluation NIST FIPS 199 NIST: National Institute of Standards and Technology FIPS: Federal Information Processing Standards Pub 199: issued in Feb Evaluation criteria based on levels of impact high: moderate: low: catastrophic effect serious effect limited effect 31 August 2015 MST CPE 5420 Security Overview 46
47 Security Evaluation Attack Graphs Attack graphs also called scenario graphs More info in Chapter 9, [QTK+2008] 31 August 2015 MST CPE 5420 Security Overview 47
48 Security Evaluation Attack Trees Describes combinatorial events leading to failure Nonleaf nodes describe attack goal Leaf nodes describe atomic attacks Uses AND and OR logic gates AND node OR node [NST2004] 31 August 2015 MST CPE 5420 Security Overview 48
49 References and Further Reading [L2001] Carl E. Landwehr, Computer Security, Intl. J. of Information Security, vol.1, #1, Aug. 2001, pp [CM2002] Anirban Chakrabarti and G. Manimaran, Internet Infrastructure Security: A Taxonomy, IEEE Network, vol.16, #6, Nov./Dec. 2002, pp [IW2008] Vinay M. Igure, and Ronald D. Williams, Taxonomies of Attacks and Vulnerabilities in Computer Systems, IEEE Comm. Surv. & Tut., vol.10 iss.1, 1st qtr pp [S2007] Robert W. Shirey, Internet Security Glossary, Version 2, FYI 36, RFC 4949, August [S2014] William Stallings, Cryptography and Network Security: Principles and Practice, 6th edition, Prentice Hall, Some slides are adopted from KU EECS 983 Resilient and Survivable Networking class taught by Prof. James P.G. Sterbenz 31 August 2015 MST CPE 5420 Security Overview 49
50 References and Further Reading [TK2010] Mohammad Tehranipoor and Farinaz Koushanfar, A Survey of Hardware Trojan Taxonomy and Detection, IEEE Design & Test of Computers, Vol. 27, No. 1, pp , [ALR+2004] Algirdas Avižienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr, Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE Transactions on Dependable and Secure Computing, Vol. 1, No. 1, pp , January-March [QTK+2008] Yi Qian, David Tipper, Prashant Krishnamurthy, and James Joshi, Information Assurance: Dependability and Security in Networked Systems, Morgan Kaufmann, [NST2004] David M. Nicol, William H. Sanders, and Kishor S. Trivedi, Model-Based Evaluation: From Dependability to Security, IEEE Transactions on Dependable and Secure Computing, Volume 1, Issue 1, pp , January-March August 2015 MST CPE 5420 Security Overview 50
51 References and Further Reading [KPS2002] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall, August 2015 MST CPE 5420 Security Overview 51
52 End of Foils 31 August 2015 MST CPE 5420 Security Overview 52
Introduction to Security
2 Introduction to Security : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l01, Steve/Courses/2013/s2/its335/lectures/intro.tex,
More informationIntroduction to Network Security Key Management and Distribution
Introduction to Network Security Key Management and Distribution Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu http://web.mst.edu/~cetinkayae/teaching/cpe5420fall2015
More informationChap. 1: Introduction
Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed
More informationIY2760/CS3760: Part 6. IY2760: Part 6
IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationNotes on Network Security - Introduction
Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationNetwork Security Informik Version
Network Security Chapter 1 Prof. Dr.-Ing. Georg Carle Dr. Heiko Niedermayer Cornelius Diekmann, M.Sc. Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Version: June 13, 2015 IN2101,
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Shinu Mathew John http://shinu.info/ Chapter 1 Introduction http://shinu.info/ 2 Background Information Security requirements
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationCryptography and Network Security Overview & Chapter 1. Network Security. Chapter 0 Reader s s Guide. Standards Organizations.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 0 Reader s s Guide The art of war teaches us to rely
More informationCSCI 4541/6541: NETWORK SECURITY
1 CSCI 4541/6541: NETWORK SECURITY COURSE INFO CSci 4541/6541 Tuesdays 6:10pm 8:40pm Bell Hall 108 Office Hours: Tuesdays 2:30pm 4:30pm Dr. Nan Zhang Office: SEH 4590 Phone: (202) 994-5919 Email: nzhang10
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationAdvanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech
Advanced Topics in Distributed Systems Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Security Introduction Based on Ch1, Cryptography and Network Security 4 th Ed Security Dr. Ayman Abdel-Hamid,
More informationWeighted Total Mark. Weighted Exam Mark
CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU
More informationNetwork Security. Network Security Hierarchy. CISCO Security Curriculum
Network Security Network Security Hierarchy Material elaborat dupa: CISCO Security Curriculum Kenny Paterson s Lectures for: M.Sc. in Information Security, Royal Holloway, University of London 1 Objectives
More informationNetwork Security. Introduction. Security services. Players. Conclusions. Distributed information Distributed processing Remote smart systems access
Roadmap Introduction Network services X.800 RFC 2828 Players Marco Carli Conclusions 2 Once.. now: Centralized information Centralized processing Remote terminal access Distributed information Distributed
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationCSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun
CSCI 454/554 Computer and Network Security Instructor: Dr. Kun Sun About Instructor Dr. Kun Sun, Assistant Professor of Computer Science http://www.cs.wm.edu/~ksun/ Phone: (757) 221-3457 Email: ksun@wm.edu
More informationCSC 474 Information Systems Security
CSC 474 Information Systems Security Introduction About Instructor Dr. Peng Ning, assistant professor of computer science http://www.csc.ncsu.edu/faculty/ning pning@ncsu.edu (919)513-4457 Office: Room
More informationSecurity Goals Services
1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;
More informationNetwork Security: Introduction
Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationNetwork Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶
Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course
More information資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系
資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 Outline Infosec, COMPUSEC, COMSEC, and Network Security Why do we need Infosec and COMSEC? Security
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationAPNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)
APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &
More informationCity University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013
City University of Hong Kong Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 01/013 Part I Course Title: Course Code: Course Duration: Cryptography
More informationCryptography and Network Security Chapter 1
Cryptography and Network Security Chapter 1 Acknowledgments Lecture slides are based on the slides created by Lawrie Brown Chapter 1 Introduction The art of war teaches us to rely not on the likelihood
More informationNetwork Security Fundamentals
APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationSecurity Issues with Distributed Web Applications
Security Issues with Distributed Web Applications Device Connectivity We are entering the era of Device Connectivity, which is the fourth wave of evolution for Internet-enabled applications. The first
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationCourse Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)
Page 1 of 5 Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description:
More informationOverview of computer and communications security
Overview of computer and communications security 2 1 Basic security concepts Assets Threats Security services Security mechanisms 2 Assets Logical resources Information Money (electronic) Personal data
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationHögskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :
Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh Written Exam in Network Security ANSWERS May 28, 2009. Allowed aid: Writing material. Name (in block letters)
More informationTIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13
COURSE TITLE : INFORMATION SECURITY COURSE CODE : 5136 COURSE CATEGORY : ELECTIVE PERIODS/WEEK : 4 PERIODS/SEMESTER : 52 CREDITS : 4 TIME SCHEDULE MODULE TOPICS PERIODS 1 Introduction to Computer Security
More informationCIS 6930/4930 Computer and Network Security. Dr. Yao Liu
CIS 6930/4930 Computer and Network Security Dr. Yao Liu About Instructor Dr. Yao Liu, Office: ENB 336 Phone: 813-974-1079 Email: yliu@cse.usf.edu URL: http://www.cse.usf.edu/~yliu/ Office hour: TR 2:00pm
More information7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.
Content 1.Introduction to Data and Network Security. 2. Why secure your Network 3. How Much security do you need, 4. Communication of network systems, 5. Topology security, 6. Cryptosystems and Symmetric
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationCS5490/6490: Network Security- Lecture Notes - November 9 th 2015
CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 Wireless LAN security (Reference - Security & Cooperation in Wireless Networks by Buttyan & Hubaux, Cambridge Univ. Press, 2007, Chapter
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationCNT5412/CNT4406 Network Security. Course Introduction. Zhenhai Duan
CNT5412/CNT4406 Network Security Course Introduction Zhenhai Duan 1 Instructor Professor Zhenhai Duan (duan@cs.fsu.edu) Office: 162 LOV Office hours: 1:00PM to 2:00PM, T/Th Or by appointment Email: duan@cs.fsu.edu
More informationCompter Networks Chapter 9: Network Security
Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationE-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
More informationDraft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications
Draft ITU-T Recommendation X.805 (Formerly X.css), architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationNSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs
Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary
More informationSkoot Secure File Transfer
Page 1 Skoot Secure File Transfer Sharing information has become fundamental to organizational success. And as the value of that information whether expressed as mission critical or in monetary terms increases,
More informationInformation System Security
Information System Security Chapter 1:Introduction Dr. Lo ai Tawalbeh Faculty of Information system and Technology, The Arab Academy for Banking and Financial Sciences. Jordan Chapter 1 Introduction The
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More information1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services
1. Computer Security: An Introduction Definitions Security threats and analysis Types of security controls Security services Mar 2012 ICS413 network security 1 1.1 Definitions A computer security system
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationAll vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices
Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationCryptography and Network Security: Overview
Cryptography and Network Security: Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/
More informationIntrusion Detection. Overview. Intrusion vs. Extrusion Detection. Concepts. Raj Jain. Washington University in St. Louis
Intrusion Detection Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationHow To Protect Your Data From Attack
Security in Communication Networks Lehrstuhl für Informatik 4 RWTH Aachen Prof. Dr. Otto Spaniol Dr. rer. nat. Dirk Thißen Page 1 Organization Lehrstuhl für Informatik 4 Lecture Lecture takes place on
More informationSecurity in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity
Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration
More informationDepartment of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus
Department of Computer & Information Sciences CSCI-445: Computer and Network Security Syllabus Course Description This course provides detailed, in depth overview of pressing network security problems
More informationData Security Incident Response Plan. [Insert Organization Name]
Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security
More informationCourse Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
More informationCNT4406/5412 Network Security Introduction
CNT4406/5412 Network Security Introduction Zhi Wang Florida State University Fall 2014 Zhi Wang (FSU) CNT4406/5412 Network Security Fall 2014 1 / 35 Introduction What is Security? Protecting information
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationSecurity + Certification (ITSY 1076) Syllabus
Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and
More informationDescription: Objective: Attending students will learn:
Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography
More informationChapter 6: Fundamental Cloud Security
Chapter 6: Fundamental Cloud Security Nora Almezeini MIS Department, CBA, KSU From Cloud Computing by Thomas Erl, Zaigham Mahmood, and Ricardo Puttini(ISBN: 0133387526) Copyright 2013 Arcitura Education,
More informationIntroduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities
TÜBİTAK Ulusal Elektronik ve Kriptoloji Araştırma Enstitüsü Introduction to Network Security (Revisit an Historical 12 year old Presentation) Prof. Dr. Halûk Gümüşkaya Why Security? Three primary reasons
More informationBUY ONLINE FROM: http://www.itgovernance.co.uk/products/497
CISSP EXAM CRAM 2 1. The CISSP Certification Exam. Assessing Exam Readiness. Taking the Exam. Multiple-Choice Question Format. Exam Strategy. Question-Handling Strategies. Mastering the Inner Game. 2.
More informationIntroduction to Information Security
Introduction to Information Security Chapter 1 Information Security Basics Winter 2015/2016 Stefan Mangard, www.iaik.tugraz.at What is Information Security? 2 Security vs. Safety The German word Sicherheit
More informationInformation Technology Security Training Requirements APPENDIX A. Appendix A Learning Continuum A-1
APPENDIX A Appendix A Learning Continuum A-1 Appendix A Learning Continuum A-2 APPENDIX A LEARNING CONTINUUM E D U C A T I O N Information Technology Security Specialists and Professionals Education and
More informationEUCIP - IT Administrator. Module 5 IT Security. Version 2.0
EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationThreat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationBuilding Secure Network Infrastructure For LANs
Building Secure Network Infrastructure For LANs Yeung, K., Hau; and Leung, T., Chuen Abstract This paper discusses the building of secure network infrastructure for local area networks. It first gives
More informationName. Description. Rationale
Complliiance Componentt Description DEEFFI INITION Network-Based Intrusion Detection Systems (NIDS) Network-Based Intrusion Detection Systems (NIDS) detect attacks by capturing and analyzing network traffic.
More informationFundamentals of Network Security - Theory and Practice-
Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring
More informationThreats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1
Threats and Attacks Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to:
More informationSecurity Testing. How security testing is different Types of security attacks Threat modelling
Security Testing How security testing is different Types of security attacks Threat modelling Note: focus is on security of applications (not networks, operating systems) Security testing is about making
More informationSecurity Implications Associated with Mass Notification Systems
Security Implications Associated with Mass Notification Systems Overview Cyber infrastructure: Includes electronic information and communications systems and services and the information contained in these
More informationCryptography and network security CNET4523
1. Name of Course 2. Course Code 3. Name(s) of academic staff 4. Rationale for the inclusion of the course/module in the programme Cryptography and network security CNET4523 Major The Great use of local
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationIntroduction to Computer Security
Introduction to Computer Security (ECE 458) Vijay Ganesh Spring 2014 Online Resources, Books, Notes,... Books Introduction to Computer Security by Matt Bishop Computer Security: Art and Science by Matt
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationIntrusion Detection for Mobile Ad Hoc Networks
Intrusion Detection for Mobile Ad Hoc Networks Tom Chen SMU, Dept of Electrical Engineering tchen@engr.smu.edu http://www.engr.smu.edu/~tchen TC/Rockwell/5-20-04 SMU Engineering p. 1 Outline Security problems
More informationJoseph Migga Kizza. A Guide to Computer Network Security. 4) Springer
Joseph Migga Kizza A Guide to Computer Network Security 4) Springer Contents Part I Understanding Computer Network Security 1 Computer Network Fundamentals 1.1 Introduction 1.2 Computer Network Models
More informationNetwork Security Concepts
Network Security Concepts Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse571-07/ 2-1 Overview
More informationAchieving Truly Secure Cloud Communications. How to navigate evolving security threats
Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
More informationNetwork Security and Firewall 1
Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week
More informationHow To Secure Wireless Networks
Lecture 24 Wireless Network Security modified from slides of Lawrie Brown Wireless Security Overview concerns for wireless security are similar to those found in a wired environment security requirements
More information