!NAVSEC':!A!Recommender!System!for!3D! Network!Security!Visualiza<ons!
Size: px
Start display at page:

Download "!NAVSEC':!A!Recommender!System!for!3D! Network!Security!Visualiza<ons!"

Transcription

1 !:!A!Recommender!System!for!3D! Network!Security!Visualiza<ons! Troy%Nunnally% Kulsoom!Abdullah! A.!Selcuk!Uluagac! John!A.!Copeland! Raheem!Beyah! October!14,!2013! CAP!Group,!School!of!ECE! VizSec!2013!

2 Outline Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Introduc<on! Related!Work!! Evalua<on!! 2! 2!

3 Convert this Textual network traffic for Tcpdump tool.

4 Into this. 2D Parallel Coordinate System Source IP Source Port Dest. Port Dest. IP

5 Source IP confusion 2D Parallel Coordinate System Source IP Source Port Dest. Port Dest. IP

6 Visualization Challenges Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Add Interactions to 2D visualizations Expand the visualization space Introduce!interac<on!techniques! such!as!linking'and'brushing.!! Add!the!z5direc8on'(i.e.,!3D)!to! allow!more!informa<on!to!be! visualized!vs.!its!2d!counterparts.! 6!

7 Visualization Challenges Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Add Interactions to 2D visualizations Expand the visualization space Many!of!today's!network!security!applica<ons!require!a! user!to!perform!many!interac<ons!within!a!ui.!! Introduce!interac<on!techniques! such!as!color,!linking,!brushing.!! Add!the!zYdirec<on!(i.e.,!3D)!to! allow!more!informa<on!to!be! visualized!vs.!its!2d!counterparts.! 7!

8 Visualization Challenges Security Visualization Overview Visualization Challenges Proposed Work Motivation Application A!large!number!of!interac<ons!could!overwhelm!or! confuse!a!novice!user.! Finding!visualiza<on!steps!to!complete!cri<cal!tasks! becomes!difficult!to!accomplish!and!could!take!years!to! master.! The!more!complex!visualiza<ons!become,!the!more! visualiza<ons!become!difficult!to!navigate.!! Tenable Nessus 3D Tool [1] 8! 8!

9 Security Visualization Overview Visualization Challenges Proposed Work Motivation Application NAVSEC: A Recommender System for 3D Network Security Visualizations The!objec<ve!of!this!work!is!to!help!network! administrators!navigate!through!complex!visualiza<ons! and!assist!in!searching!for!advanced!network!abacks.! 9!

10 Motivation Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Visualization Goal t=n Visualization from an expert Visualization from an active user Recommend next interaction Interaction Path t=3 t=2 t=1 10!

11 Applications Background Security Visualization Overview Visualization Challenges Proposed Work Motivation Application As a new administrator, you may need guidance to help you find existing or new attacks. Network Administrator of Companies Military Personnel Education/Training 11!

12 Outline Introduc<on! Related!Work!! Evalua<on!! 12! 12!

13 Searching!takes!<me!and! effort.!also,!finding!specific! uses!of!visualiza<on!tool!of! abacks!is!difficult.!!! Experts!cost!<me!and!money.! Plus,!he/she!may!not!always! be!present.!! Ask an expert. 13!

14 Recommender!systems!(e.g.,!Neflix!and!Amazon)!are!used!in! recommending!products!and!services.! Community'Command'[16]'recommend!a!single!interac<on!for! soiware!applica<ons!such!as!autocad.!!nimble'[21]!calculates!the!similarity!for!given!ids!alerts!and! historical!alerts.! To!our!knowledge,!no!work!has!been!done!in!developing!a!recommender! system!to!help!a!novice!user!make!intelligent!decisions!about!network! abacks!in!3d!visualiza<on!applica<ons.! 14!

15 Outline Overview Recommendation Engine Implementation Introduc<on! Related!Work!! Evalua<on!! 15!

16 System Overview Overview Recommendation Engine Implementation Ac<ve!User!!Y!!individual!naviga<ng! the!visualiza<on!tool.! Expert!User!Community!Y!a!set!of! users!with!significant!experience!in! the!network!security!and! visualiza<on!fields! Interac<on!Database!Y!a!collec<on!of! interac<on!sequences.!! Recommender!Y!!parses!the!data! computes!a!set!of!interac<ons!for! recommenda<on!to!an!ac<ve!user!in! realy<me.! 16!

17 Recommender Engine Overview Recommendation Engine Implementation We!apply!recommenda<ons!of!interac<ons!so!that!the!user!could! navigate!through!the!visualiza<on!more!effec<vely.!! 17!

18 3D Parallel Coordinates Recommendation Engine Overview Recommendation Engine Implementation 1 Formulate an interaction vector v k V k = interaction vector for an attack sessions s k n j = interaction type (zoom, rotate, etc.) for an attack sessions s k 2 Create a Similarity Matrix M v k Active users v h - Expert users M k similarity matrix 3 Recommend a set of interactions Recommend interaction sequence with the highest similarity score. 0 18!

19 Implementation Overview Recommendation Engine Implementation NAVSEC server uses an Application Programming Interface (API) to receive HTTP requests. NAVSEC API uses Model-View- Controller architecture design to assist in code reusability. NAVSEC server could act as a centralized database for multiple active user clients. 19!

20 Implementation Overview Recommendation Engine Implementation NAVSEC contains a client-side C++ component which is integrated as a module of FRE3DS to send GET HTTP request of interactions to the server-side application. ' FRE3DS NAVSEC Module P3D [19] T. Nunnally, A. S. Uluagac, J. Copeland, and R. Beyah, 3DSVAT: 3D Stereoscopic Vulnerability Assessment Tool for Network Security, in Proceedings of the 37 th IEEE Conference on Local Computer Networks (LCN), !

21 Use-case Convergence Test Introduc<on! Related!Work!! Evalua<on!! 21!

22 Concurrent FTP transfer Use-case Convergence Test 22!

23 Concurrent FTP transfer Use-case Convergence Test 23!

24 Disguised Port Scan Attack Use-case Convergence Test 24!

25 Convergence Test Use-case Convergence Test 5!Sessions!from!an!ac<ve!user.! 40!interac<on!vectors!from!expert! users.! 30!types!of!interac<on!types!(e.g.,! zoom!out,!zoom!in,!rotate,!add!lei! plane,!add!line!glyphs).!! These!results!suggest!that!with!the!use!of! NAVSEC,!visualiza<ons!for!the!P3D!tool! converges!towards!an!expert!user s! interac<on!set.! 25!

26 Outline Contributions and Summary Future Work Introduc<on! Related!Work!! Evalua<on!! 26!

27 Contributions and Summary Contributions and Summary Future Work NAVSEC!uses!advanced!data!mining!techniques!to! recommend!interac<ons.! NAVSEC!is!useful!for!assis<ng!novice!users!in!naviga<ng! 3D!visualiza<ons.!! Our!results!show!that!NAVSEC!can!converge!to!a! meaningful!visualiza<on!performed!by!a!user.!! 27!

28 Future Work Contributions and Summary Future Work The future work includes: Implementa<on!and!evalua<on!of!more!advance! useycase!scenarios!(i.e.,!introduce!benign!traffic).! User!tes<ng.! 28!

29 Thank You Thank You 29!

Similar documents

NAVSEC : A Recommender System for 3D Network Security Visualizations

NAVSEC : A Recommender System for 3D Network Security Visualizations NAVSEC : A Recommender System for 3D Network Security Visualizations Troy Nunnally CAP Group troy.nunnally@gatech.edu Kulsoom Abdullah CAP Group kulsoom@gatech.edu John A. Copeland CSC Lab jcopeland@ece.gatech.edu

More information

Network Security - A Parallel 3D Visualization

Network Security - A Parallel 3D Visualization P3D: A Parallel 3D Coordinate Visualization for Advanced Network Scans Troy Nunnally, Penyen Chi, Kulsoom Abdullah, A. Selcuk Uluagac, John A. Copeland, and Raheem Beyah CSC Lab., The School of ECE GT

More information

Configuring Security for FTP Traffic

Configuring Security for FTP Traffic 2 Configuring Security for FTP Traffic Securing FTP traffic Creating a security profile for FTP traffic Configuring a local traffic FTP profile Assigning an FTP security profile to a local traffic FTP

More information

System Specification. Author: CMU Team

System Specification. Author: CMU Team System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect

More information

Stochastic Protocol Modeling for Anomaly-Based Network Intrusion Detection

Stochastic Protocol Modeling for Anomaly-Based Network Intrusion Detection 2003 IEEE International Workshop on Information Assurance March 24th, 2003 Darmstadt, Germany Stochastic Protocol Modeling for Anomaly-Based Network Intrusion Detection Juan M. Estévez-Tapiador (tapiador@ugr.es)

More information

Chapter 11 Cloud Application Development

Chapter 11 Cloud Application Development Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How

More information

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Introduction Tenable Network Security is the first and only solution to offer security visibility, Azure cloud environment auditing, system

More information

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications Single Pass Load Balancing with Session Persistence in IPv6 Network C. J. (Charlie) Liu Network Operations Charter Communications Load Balancer Today o Load balancing is still in use today. It is now considered

More information

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1) Configuring Virtual Switches for Use with PVS February 7, 2014 (Revision 1) Table of Contents Introduction... 3 Basic PVS VM Configuration... 3 Platforms... 3 VMware ESXi 5.5... 3 Configure the ESX Management

More information

Course Title: Penetration Testing: Security Analysis

Course Title: Penetration Testing: Security Analysis Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced

More information

Abstract. 978-1-4244-3487-9/09/$25.00 c 2009 IEEE

Abstract. 978-1-4244-3487-9/09/$25.00 c 2009 IEEE Abstract Network monitoring allows network managers to get a better insight in the network traffic transiting in a managed network. In order to make the tasks of a network manager easier, many network

More information

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription

More information

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide AlienVault Unified Security Management (USM) 4.x-5.x Deployment Planning Guide USM 4.x-5.x Deployment Planning Guide, rev. 1 Copyright AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

Virtual Server in SP883

Virtual Server in SP883 Virtual Server in SP883 1 Introduction: 1.1 Micronet SP883 is a hard QoS broadband router, means its guaranteed service can provide absolute reservation of resource (bandwidth) for specific traffic;not

More information

Implementing Large-Scale Autonomic Server Monitoring Using Process Query Systems. Christopher Roblee Vincent Berk George Cybenko

Implementing Large-Scale Autonomic Server Monitoring Using Process Query Systems. Christopher Roblee Vincent Berk George Cybenko Implementing Large-Scale Autonomic Server Monitoring Using Process Query Systems Christopher Roblee Vincent Berk George Cybenko These slides are based on the paper Implementing Large-Scale Autonomic Server

More information

Table of Contents. Introduction. Audience. At Course Completion

Table of Contents. Introduction. Audience. At Course Completion Table of Contents Introduction Audience At Course Completion Prerequisites Microsoft Certified Professional Exams Student Materials Course Outline Introduction This three-day instructor-led course provides

More information

Configuring Security for SMTP Traffic

Configuring Security for SMTP Traffic 4 Configuring Security for SMTP Traffic Securing SMTP traffic Creating a security profile for SMTP traffic Configuring a local traffic SMTP profile Assigning an SMTP security profile to a local traffic

More information

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li 60467 Project 1 Net Vulnerabilities scans and attacks Chun Li Hardware used: Desktop PC: Windows Vista service pack Service Pack 2 v113 Intel Core 2 Duo 3GHz CPU, 4GB Ram, D-Link DWA-552 XtremeN Desktop

More information

1 Scope of Assessment

1 Scope of Assessment CIT 380 Project Network Security Assessment Due: April 30, 2014 This project is a security assessment of a small group of systems. In this assessment, students will apply security tools and resources learned

More information

3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for Network Security

3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for Network Security 3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for Network Security Troy Nunnally, A. Selcuk Uluagac, John A. Copeland, and Raheem Beyah CSC Lab., The School of ECE GT CAP Group, The School of

More information

Tk20 Network Infrastructure

Tk20 Network Infrastructure Tk20 Network Infrastructure Tk20 Network Infrastructure Table of Contents Overview... 4 Physical Layout... 4 Air Conditioning:... 4 Backup Power:... 4 Personnel Security:... 4 Fire Prevention and Suppression:...

More information

A Prevention & Notification System By Using Firewall. Log Data. Pilan Lin

A Prevention & Notification System By Using Firewall. Log Data. Pilan Lin A Prevention & Notification System By Using Firewall Log Data By Pilan Lin 1 Table Of Content ABSTRACT... 3 1 INTRODUCTION... 4 2. Firewall Log data... 6 2.1 How to collect log data... 6 3. Prevention

More information

Web Security School Final Exam

Web Security School Final Exam Web Security School Final Exam By Michael Cobb 1.) Which of the following services is not required to run a Windows server solely configured to run IIS and publish a Web site on the Internet? a. IIS Admin

More information

s@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ]

s@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ] s@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ] Topic break down Topic No. of Questions Topic 1: Network Architecture 183 Topic 2: Network Operations 149

More information

Solution of Exercise Sheet 5

Solution of Exercise Sheet 5 Foundations of Cybersecurity (Winter 15/16) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Protocols = {????} Client Server IP Address =???? IP Address =????

More information

2 Technologies for Security of the 2 Internet

2 Technologies for Security of the 2 Internet 2 Technologies for Security of the 2 Internet 2-1 A Study on Process Model for Internet Risk Analysis NAKAO Koji, MARUYAMA Yuko, OHKOUCHI Kazuya, MATSUMOTO Fumiko, and MORIYAMA Eimatsu Security Incidents

More information

Tenable for CyberArk

Tenable for CyberArk HOW-TO GUIDE Tenable for CyberArk Introduction This document describes how to deploy Tenable SecurityCenter and Nessus for integration with CyberArk Enterprise Password Vault. Please email any comments

More information

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications November, 2010 2010 Websense, Inc. All rights reserved. Websense is a registered

More information

VPN Lesson 2: VPN Implementation. Summary

VPN Lesson 2: VPN Implementation. Summary VPN Lesson 2: VPN Implementation Summary 1 Notations VPN client (ok) Firewall Router VPN firewall VPN router VPN server VPN concentrator 2 Basic Questions 1. VPN implementation options for remote users

More information

Metrics Suite for Enterprise-Level Attack Graph Analysis

Metrics Suite for Enterprise-Level Attack Graph Analysis Metrics Suite for Enterprise-Level Attack Graph Analysis Cyber Security Division 2012 Principal Investigators Meeting October 11, 2012 Sushil Jajodia (PI), Steven Noel (co-pi) Metrics Suite for Enterprise-Level

More information

Metasploit Unleashed. Class 2: Information Gathering and Vulnerability Scanning. Georgia Weidman Director of Cyberwarface, Reverse Space

Metasploit Unleashed. Class 2: Information Gathering and Vulnerability Scanning. Georgia Weidman Director of Cyberwarface, Reverse Space Metasploit Unleashed Class 2: Information Gathering and Vulnerability Scanning Georgia Weidman Director of Cyberwarface, Reverse Space Information Gathering Learning as much as possible about targets Ex:

More information

However,duetoboththescaleandthecomplexityoftheInternet,itisunlikelythatameasure-

However,duetoboththescaleandthecomplexityoftheInternet,itisunlikelythatameasure- Part1:AServer-BasedMeasurementInfrastructure NetworkPerformanceMeasurementandAnalysis Y.ThomasHou (ConceptPaper) AsInternettraccontinuestogrowexponentially,itisessentialforboththeusersandserviceproviders

More information

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance

More information

Indexing Full Packet Capture Data With Flow

Indexing Full Packet Capture Data With Flow Indexing Full Packet Capture Data With Flow FloCon January 2011 Randy Heins Intelligence Systems Division Overview Full packet capture systems can offer a valuable service provided that they are: Retaining

More information

Integrating Web Application Security into the IT Curriculum

Integrating Web Application Security into the IT Curriculum Integrating Web Application Security into the IT Curriculum James Walden Northern Kentucky University Topics 1. 2. 3. 4. Why should we teach web application security? What material do we need to cover?

More information

Network Monitoring and Traffic CSTNET, CNIC

Network Monitoring and Traffic CSTNET, CNIC Network Monitoring and Traffic Analysis in CSTNET Chunjing Han Aug. 2013 CSTNET, CNIC Topics 1. The background of network monitoring 2. Network monitoring protocols and related tools 3. Network monitoring

More information

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Chapter 5: Security Concepts for Networks Firewalls Intrusion Detection

More information

MetaXSSploit. Bringing XSS in Pentesting A journey in building a security tool. Claudio Criscione @paradoxengine

MetaXSSploit. Bringing XSS in Pentesting A journey in building a security tool. Claudio Criscione @paradoxengine ` MetaXSSploit Bringing XSS in Pentesting A journey in building a security tool Claudio Criscione @paradoxengine /me No Aff XSS And how a security tool is born! Relevant? Web Application Security Statistics

More information

Intro to Firewalls. Summary

Intro to Firewalls. Summary Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer

More information

ECS 235A Project - NVD Visualization Using TreeMaps

ECS 235A Project - NVD Visualization Using TreeMaps ECS 235A Project - NVD Visualization Using TreeMaps Kevin Griffin Email: kevgriffin@ucdavis.edu December 12, 2013 1 Introduction The National Vulnerability Database (NVD) is a continuously updated United

More information

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,

More information

Blended Security Assessments

Blended Security Assessments Blended Security Assessments Combining Active, Passive and Host Assessment Techniques October 12, 2009 (Revision 9) Renaud Deraison Director of Research Ron Gula Chief Technology Officer Table of Contents

More information

Firewall Defaults and Some Basic Rules

Firewall Defaults and Some Basic Rules Firewall Defaults and Some Basic Rules ProSecure UTM Quick Start Guide This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSecure Unified

More information

Microsoft SharePoint 2010, Application Development Course Outline

Microsoft SharePoint 2010, Application Development Course Outline Course 10175A: Microsoft SharePoint 2010, Application Development Course Outline Module 1: Introduction to the SharePoint 2010 Development Platform This module describes the SharePoint 2010 development

More information

WHITEPAPER. Nessus Exploit Integration

WHITEPAPER. Nessus Exploit Integration Nessus Exploit Integration v2 Tenable Network Security has committed to providing context around vulnerabilities, and correlating them to other sources, such as available exploits. We currently pull information

More information

Vulnerability Assessment Using Nessus

Vulnerability Assessment Using Nessus Vulnerability Assessment Using Nessus Paul Asadoorian, GCIA, GCIH Network Security Engineer Brown University Paul_Asadoorian@brown.edu Overview Introduction to Nessus Nessus Architecture Nessus in Action

More information

INTRODUCTION TO FIREWALL SECURITY

INTRODUCTION TO FIREWALL SECURITY INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ

More information

NV: Nessus Vulnerability Visualization for the Web

NV: Nessus Vulnerability Visualization for the Web NV: Nessus Vulnerability Visualization for the Web Lane Harrison harrisonlt@ornl.gov Evan Downing epdowning@gmail.com Riley Spahn spahnrb1@ornl.gov John R. Goodall jgoodall@ornl.gov Mike Iannacone iannaconemd@ornl.gov

More information

State of Oregon Open Source Application Use in the Enterprise

State of Oregon Open Source Application Use in the Enterprise State of Oregon Open Source Application Use in the Enterprise Case Study: Asterisk used to create powerful audio conferencing service For large Agency user. Background: Data and Video Services (DVS), a

More information

Design Notes for an Efficient Password-Authenticated Key Exchange Implementation Using Human-Memorable Passwords

Design Notes for an Efficient Password-Authenticated Key Exchange Implementation Using Human-Memorable Passwords Design Notes for an Efficient Password-Authenticated Key Exchange Implementation Using Human-Memorable Passwords Author: Paul Seymer CMSC498a Contents 1 Background... 2 1.1 HTTP 1.0/1.1... 2 1.2 Password

More information

CHAPTER 20 TESING WEB APPLICATIONS. Overview

CHAPTER 20 TESING WEB APPLICATIONS. Overview CHAPTER 20 TESING WEB APPLICATIONS Overview The chapter describes the Web testing. Web testing is a collection of activities whose purpose is to uncover errors in WebApp content, function, usability, navigability,

More information

A Review on Zero Day Attack Safety Using Different Scenarios

A Review on Zero Day Attack Safety Using Different Scenarios Available online www.ejaet.com European Journal of Advances in Engineering and Technology, 2015, 2(1): 30-34 Review Article ISSN: 2394-658X A Review on Zero Day Attack Safety Using Different Scenarios

More information

5 Mistakes to Avoid on Your Drupal Website

5 Mistakes to Avoid on Your Drupal Website 5 Mistakes to Avoid on Your Drupal Website Table of Contents Introduction.... 3 Architecture: Content.... 4 Architecture: Display... 5 Architecture: Site or Functionality.... 6 Security.... 8 Performance...

More information

By : Khalid Alfalqi Department of Computer Science, Umm Al-Qura University

By : Khalid Alfalqi Department of Computer Science, Umm Al-Qura University By : Khalid Alfalqi Department of Computer Science, Umm Al-Qura University History of Web History of the Internet Basic Web System Architecture URL DNS Creating Static and Dynamic Information Security

More information

Analyzing HTTP/HTTPS Traffic Logs

Analyzing HTTP/HTTPS Traffic Logs Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that

More information

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by

More information

Intrusion Log Sharing University of Wisconsin-Madison

Intrusion Log Sharing University of Wisconsin-Madison Intrusion Log Sharing University of Wisconsin-Madison John Bethencourt (bethenco@cs.wisc.edu) Jason Franklin (jfrankli@cs.wisc.edu) Mary Vernon (vernon@cs.wisc.edu) 1 Talk Outline Background: Blacklists,

More information

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION Table of Contents Executive Summary...3 Vulnerability Scanners Alone Are Not Enough...3 Real-Time Change Configuration Notification is the

More information

Oracle Collaboration Suite

Oracle Collaboration Suite Oracle Collaboration Suite Firewall and Load Balancer Architecture Release 2 (9.0.4) Part No. B15609-01 November 2004 This document discusses the use of firewall and load balancer components with Oracle

More information

Stateful Firewalls. Hank and Foo

Stateful Firewalls. Hank and Foo Stateful Firewalls Hank and Foo 1 Types of firewalls Packet filter (stateless) Proxy firewalls Stateful inspection Deep packet inspection 2 Packet filter (Access Control Lists) Treats each packet in isolation

More information

CONQUERING COMPLIANCE ISSUES WITH RHN SATELLITE AND TENABLE NESSUS SECURITY

CONQUERING COMPLIANCE ISSUES WITH RHN SATELLITE AND TENABLE NESSUS SECURITY CONQUERING COMPLIANCE ISSUES WITH RHN SATELLITE AND TENABLE NESSUS SECURITY Akash Chandrashekar - Solution Architect, Red Hat Renaud Deraison - Tenable Network Security, Inc. / Nessus.org Compliance Issues

More information

E-commerce Production Firewalls

E-commerce Production Firewalls E-commerce Production Firewalls A Proper Security Design 2006 Philip J. Balsley. This document and all information contained herein is the sole and exclusive property of Philip J. Balsley. All rights reserved.

More information

HOB WebSecureProxy as an SSL Terminal for E-Mail Clients

HOB WebSecureProxy as an SSL Terminal for E-Mail Clients HOB GmbH & Co. KG Schwadermühlstr. 3 90556 Cadolzburg Tel: 09103 / 715-0 Fax: 09103 / 715-271 E-Mail: support@hob.de Internet: www.hob.de HOB WebSecureProxy as an SSL Terminal for E-Mail Clients November

More information

Configuring Network Load Balancing with Cerberus FTP Server

Configuring Network Load Balancing with Cerberus FTP Server Configuring Network Load Balancing with Cerberus FTP Server May 2016 Version 1.0 1 Introduction Purpose This guide will discuss how to install and configure Network Load Balancing on Windows Server 2012

More information

Pwning Intranets with HTML5

Pwning Intranets with HTML5 Javier Marcos de Prado Juan Galiana Lara Pwning Intranets with HTML5 2009 IBM Corporation Agenda How our attack works? How we discover what is in your network? What does your infrastructure tell us for

More information

Client/server is a network architecture that divides functions into client and server

Client/server is a network architecture that divides functions into client and server Page 1 A. Title Client/Server Technology B. Introduction Client/server is a network architecture that divides functions into client and server subsystems, with standard communication methods to facilitate

More information

Tenable Tools for Security Compliance The Antivirus Challenge

Tenable Tools for Security Compliance The Antivirus Challenge Tenable Tools for Security Compliance The Antivirus Challenge January 20, 2005 (Updated February 7, 2007) Nicolas Pouvesl e / John Lampe Table of Contents TABLE OF CONTENTS... 2 INTRODUCTION... 3 WHAT

More information

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...

More information

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3. Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System

More information

DataSocket Simplifies Live Data Transfer for LabVIEW

DataSocket Simplifies Live Data Transfer for LabVIEW DataSocket Simplifies Live Data Transfer for LabVIEW Many typical instrumentation solutions involve a single local application for acquisition, logging, analysis, and presentation. However, because of

More information

8 Steps for Network Security Protection

8 Steps for Network Security Protection 8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because

More information

Secure Networks for Process Control

Secure Networks for Process Control Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

More information

8 Steps For Network Security Protection

8 Steps For Network Security Protection 8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their

More information

Enterprise Security Interests Require SSL with telnet server from outside the LAN

Enterprise Security Interests Require SSL with telnet server from outside the LAN Create and Use an SSL on Goals Provide secure and encrypted 5250 data stream conversations with the server (including authentication) use a digital certificate we create with Digital Manager Show a client

More information

Penetration Testing for iphone Applications Part 1

Penetration Testing for iphone Applications Part 1 Penetration Testing for iphone Applications Part 1 This article focuses specifically on the techniques and tools that will help security professionals understand penetration testing methods for iphone

More information

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide IBM Security QRadar SIEM Version 7.1.0 MR1 Vulnerability Assessment Configuration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks

More information

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network.

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network. Architecture The policy discussed suggests that the network be partitioned into several parts with guards between the various parts to prevent information from leaking from one part to another. One part

More information

Firewall Security: Policies, Testing and Performance Evaluation

Firewall Security: Policies, Testing and Performance Evaluation Firewall Security: Policies, Testing and Performance Evaluation Michael R. Lyu and Lorrien K. Y. Lau Department of Computer Science and Engineering The Chinese University of Hong Kong, Shatin, HK lyu@cse.cuhk.edu.hk,

More information

Application Note. Onsight TeamLink And Firewall Detect v6.3

Application Note. Onsight TeamLink And Firewall Detect v6.3 Application Note Onsight And Firewall Detect v6.3 1 ONSIGHT TEAMLINK HTTPS TUNNELING SERVER... 3 1.1 Encapsulation... 3 1.2 Firewall Detect... 3 1.2.1 Firewall Detect Test Server Options:... 5 1.2.2 Firewall

More information

Android Security Evaluation Framework

Android Security Evaluation Framework INTRODUCING... A S E F Android Security Evaluation Framework - Parth Patel $ whoami_ Agenda Manual Research Automation - A S E F Let s solve problems Conclusion Android OS Open Source Security Evaluation

More information

CompTIA Network+ (Exam N10-005)

CompTIA Network+ (Exam N10-005) CompTIA Network+ (Exam N10-005) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human

More information

Internet Banking System Web Application Penetration Test Report

Internet Banking System Web Application Penetration Test Report Internet Banking System Web Application Penetration Test Report Kiev - 2014 1. Executive Summary This report represents the results of the Bank (hereinafter the Client) Internet Banking Web Application

More information

VULNERABILITY MANAGEMENT

VULNERABILITY MANAGEMENT Vulnerability Management (VM) software differ in the richness of reporting, and the capabilities for application and security configuration assessment. Companies must consider how a VM technology will

More information

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security Security+ Supported Labs - V1 Lab 1 Network Devices and Technologies - Capturing Network Using tcpdump to Capture Network with Wireshark with Network Miner 2 Secure Network Administration Principles -

More information

FTP e TFTP. File transfer protocols PSA1

FTP e TFTP. File transfer protocols PSA1 FTP e TFTP File transfer protocols PSA1 PSA2 PSA3 PSA4 PSA5 PSA6 PSA7 PSA8 PSA9 Firewall problems with FTP Client-side Firewalls the client is behind a firewall and cannot be reached directly from the

More information

How To Compare Your Web Vulnerabilities To A Gamascan Report

How To Compare Your Web Vulnerabilities To A Gamascan Report Differential Report Target Scanned: www.gamasec-test.com Previous Scan: Wed Jul 2 15:29:12 2008 Recent Scan: Wed Jul 9 00:50:01 2008 Report Generated: Thu Jul 10 12:00:51 2008 Page 1 of 15 Differential

More information

April 11, 2011. (Revision 2)

April 11, 2011. (Revision 2) Passive Vulnerability Scanning Overview April 11, 2011 (Revision 2) Copyright 2011. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of

More information

Cisco RSA Announcement Update

Cisco RSA Announcement Update Cisco RSA Announcement Update May 7, 2009 Presented by: WWT and Cisco Agenda Cisco RSA Conference Announcements Collaborate with Confidence Overview Cisco s Security Technology Differentiation Review of

More information

Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!

Black Box Penetration Testing For GPEN.KM V1.0 Month dd #$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;! Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$%&'#)*)&'+,-./0.-121.030045.5675895.467:;83-/;0383; th, yyyy A&0#0+4*M:+:#&*#0%+C:,#0+4N:

More information

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning

More information

Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08

Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 What is a firewall? Firewalls are programs that were designed to protect computers from unwanted attacks and intrusions. Wikipedia

More information

MS 10972A Administering the Web Server (IIS) Role of Windows Server

MS 10972A Administering the Web Server (IIS) Role of Windows Server MS 10972A Administering the Web Server (IIS) Role of Windows Server Description: Days: 5 Prerequisites: This course provides students with the fundamental knowledge and skills to configure and manage Internet

More information

Linux Network Security

Linux Network Security Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols

More information

NVisionIP and VisFlowConnect-IP: Two Tools for Visualizing NetFlows for Security

NVisionIP and VisFlowConnect-IP: Two Tools for Visualizing NetFlows for Security NVisionIP and VisFlowConnect-IP: Two Tools for Visualizing NetFlows for Security William Yurcik National Center for Supercomputing Applications (NCSA) University of Illinois at

More information

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder. CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files

More information

Web Application Vulnerability Testing with Nessus

Web Application Vulnerability Testing with Nessus The OWASP Foundation http://www.owasp.org Web Application Vulnerability Testing with Nessus Rïk A. Jones, CISSP rikjones@computer.org Rïk A. Jones Web developer since 1995 (16+ years) Involved with information

More information

Building Reliable, Scalable AR System Solutions. High-Availability. White Paper

Building Reliable, Scalable AR System Solutions. High-Availability. White Paper Building Reliable, Scalable Solutions High-Availability White Paper Introduction This paper will discuss the products, tools and strategies available for building reliable and scalable Action Request System

More information

Basic & Advanced Administration for Citrix NetScaler 9.2

Basic & Advanced Administration for Citrix NetScaler 9.2 Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios

More information

PROFESSIONAL SECURITY SYSTEMS

PROFESSIONAL SECURITY SYSTEMS PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security

More information
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information