!NAVSEC':!A!Recommender!System!for!3D! Network!Security!Visualiza<ons!
|
|
- Monica Chandler
- 8 years ago
- Views:
Transcription
1 !:!A!Recommender!System!for!3D! Network!Security!Visualiza<ons! Troy%Nunnally% Kulsoom!Abdullah! A.!Selcuk!Uluagac! John!A.!Copeland! Raheem!Beyah! October!14,!2013! CAP!Group,!School!of!ECE! VizSec!2013!
2 Outline Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Introduc<on! Related!Work!! Evalua<on!! 2! 2!
3 Convert this Textual network traffic for Tcpdump tool.
4 Into this. 2D Parallel Coordinate System Source IP Source Port Dest. Port Dest. IP
5 Source IP confusion 2D Parallel Coordinate System Source IP Source Port Dest. Port Dest. IP
6 Visualization Challenges Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Add Interactions to 2D visualizations Expand the visualization space Introduce!interac<on!techniques! such!as!linking'and'brushing.!! Add!the!z5direc8on'(i.e.,!3D)!to! allow!more!informa<on!to!be! visualized!vs.!its!2d!counterparts.! 6!
7 Visualization Challenges Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Add Interactions to 2D visualizations Expand the visualization space Many!of!today's!network!security!applica<ons!require!a! user!to!perform!many!interac<ons!within!a!ui.!! Introduce!interac<on!techniques! such!as!color,!linking,!brushing.!! Add!the!zYdirec<on!(i.e.,!3D)!to! allow!more!informa<on!to!be! visualized!vs.!its!2d!counterparts.! 7!
8 Visualization Challenges Security Visualization Overview Visualization Challenges Proposed Work Motivation Application A!large!number!of!interac<ons!could!overwhelm!or! confuse!a!novice!user.! Finding!visualiza<on!steps!to!complete!cri<cal!tasks! becomes!difficult!to!accomplish!and!could!take!years!to! master.! The!more!complex!visualiza<ons!become,!the!more! visualiza<ons!become!difficult!to!navigate.!! Tenable Nessus 3D Tool [1] 8! 8!
9 Security Visualization Overview Visualization Challenges Proposed Work Motivation Application NAVSEC: A Recommender System for 3D Network Security Visualizations The!objec<ve!of!this!work!is!to!help!network! administrators!navigate!through!complex!visualiza<ons! and!assist!in!searching!for!advanced!network!abacks.! 9!
10 Motivation Security Visualization Overview Visualization Challenges Proposed Work Motivation Application Visualization Goal t=n Visualization from an expert Visualization from an active user Recommend next interaction Interaction Path t=3 t=2 t=1 10!
11 Applications Background Security Visualization Overview Visualization Challenges Proposed Work Motivation Application As a new administrator, you may need guidance to help you find existing or new attacks. Network Administrator of Companies Military Personnel Education/Training 11!
12 Outline Introduc<on! Related!Work!! Evalua<on!! 12! 12!
13 Searching!takes!<me!and! effort.!also,!finding!specific! uses!of!visualiza<on!tool!of! abacks!is!difficult.!!! Experts!cost!<me!and!money.! Plus,!he/she!may!not!always! be!present.!! Ask an expert. 13!
14 Recommender!systems!(e.g.,!Neflix!and!Amazon)!are!used!in! recommending!products!and!services.! Community'Command'[16]'recommend!a!single!interac<on!for! soiware!applica<ons!such!as!autocad.!!nimble'[21]!calculates!the!similarity!for!given!ids!alerts!and! historical!alerts.! To!our!knowledge,!no!work!has!been!done!in!developing!a!recommender! system!to!help!a!novice!user!make!intelligent!decisions!about!network! abacks!in!3d!visualiza<on!applica<ons.! 14!
15 Outline Overview Recommendation Engine Implementation Introduc<on! Related!Work!! Evalua<on!! 15!
16 System Overview Overview Recommendation Engine Implementation Ac<ve!User!!Y!!individual!naviga<ng! the!visualiza<on!tool.! Expert!User!Community!Y!a!set!of! users!with!significant!experience!in! the!network!security!and! visualiza<on!fields! Interac<on!Database!Y!a!collec<on!of! interac<on!sequences.!! Recommender!Y!!parses!the!data! computes!a!set!of!interac<ons!for! recommenda<on!to!an!ac<ve!user!in! realy<me.! 16!
17 Recommender Engine Overview Recommendation Engine Implementation We!apply!recommenda<ons!of!interac<ons!so!that!the!user!could! navigate!through!the!visualiza<on!more!effec<vely.!! 17!
18 3D Parallel Coordinates Recommendation Engine Overview Recommendation Engine Implementation 1 Formulate an interaction vector v k V k = interaction vector for an attack sessions s k n j = interaction type (zoom, rotate, etc.) for an attack sessions s k 2 Create a Similarity Matrix M v k Active users v h - Expert users M k similarity matrix 3 Recommend a set of interactions Recommend interaction sequence with the highest similarity score. 0 18!
19 Implementation Overview Recommendation Engine Implementation NAVSEC server uses an Application Programming Interface (API) to receive HTTP requests. NAVSEC API uses Model-View- Controller architecture design to assist in code reusability. NAVSEC server could act as a centralized database for multiple active user clients. 19!
20 Implementation Overview Recommendation Engine Implementation NAVSEC contains a client-side C++ component which is integrated as a module of FRE3DS to send GET HTTP request of interactions to the server-side application. ' FRE3DS NAVSEC Module P3D [19] T. Nunnally, A. S. Uluagac, J. Copeland, and R. Beyah, 3DSVAT: 3D Stereoscopic Vulnerability Assessment Tool for Network Security, in Proceedings of the 37 th IEEE Conference on Local Computer Networks (LCN), !
21 Use-case Convergence Test Introduc<on! Related!Work!! Evalua<on!! 21!
22 Concurrent FTP transfer Use-case Convergence Test 22!
23 Concurrent FTP transfer Use-case Convergence Test 23!
24 Disguised Port Scan Attack Use-case Convergence Test 24!
25 Convergence Test Use-case Convergence Test 5!Sessions!from!an!ac<ve!user.! 40!interac<on!vectors!from!expert! users.! 30!types!of!interac<on!types!(e.g.,! zoom!out,!zoom!in,!rotate,!add!lei! plane,!add!line!glyphs).!! These!results!suggest!that!with!the!use!of! NAVSEC,!visualiza<ons!for!the!P3D!tool! converges!towards!an!expert!user s! interac<on!set.! 25!
26 Outline Contributions and Summary Future Work Introduc<on! Related!Work!! Evalua<on!! 26!
27 Contributions and Summary Contributions and Summary Future Work NAVSEC!uses!advanced!data!mining!techniques!to! recommend!interac<ons.! NAVSEC!is!useful!for!assis<ng!novice!users!in!naviga<ng! 3D!visualiza<ons.!! Our!results!show!that!NAVSEC!can!converge!to!a! meaningful!visualiza<on!performed!by!a!user.!! 27!
28 Future Work Contributions and Summary Future Work The future work includes: Implementa<on!and!evalua<on!of!more!advance! useycase!scenarios!(i.e.,!introduce!benign!traffic).! User!tes<ng.! 28!
29 Thank You Thank You 29!
NAVSEC : A Recommender System for 3D Network Security Visualizations
NAVSEC : A Recommender System for 3D Network Security Visualizations Troy Nunnally CAP Group troy.nunnally@gatech.edu Kulsoom Abdullah CAP Group kulsoom@gatech.edu John A. Copeland CSC Lab jcopeland@ece.gatech.edu
More informationNetwork Security - A Parallel 3D Visualization
P3D: A Parallel 3D Coordinate Visualization for Advanced Network Scans Troy Nunnally, Penyen Chi, Kulsoom Abdullah, A. Selcuk Uluagac, John A. Copeland, and Raheem Beyah CSC Lab., The School of ECE GT
More informationConfiguring Security for FTP Traffic
2 Configuring Security for FTP Traffic Securing FTP traffic Creating a security profile for FTP traffic Configuring a local traffic FTP profile Assigning an FTP security profile to a local traffic FTP
More informationSystem Specification. Author: CMU Team
System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect
More informationStochastic Protocol Modeling for Anomaly-Based Network Intrusion Detection
2003 IEEE International Workshop on Information Assurance March 24th, 2003 Darmstadt, Germany Stochastic Protocol Modeling for Anomaly-Based Network Intrusion Detection Juan M. Estévez-Tapiador (tapiador@ugr.es)
More informationChapter 11 Cloud Application Development
Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How
More informationQuick Start Guide: Utilizing Nessus to Secure Microsoft Azure
Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Introduction Tenable Network Security is the first and only solution to offer security visibility, Azure cloud environment auditing, system
More informationSingle Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications
Single Pass Load Balancing with Session Persistence in IPv6 Network C. J. (Charlie) Liu Network Operations Charter Communications Load Balancer Today o Load balancing is still in use today. It is now considered
More informationConfiguring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)
Configuring Virtual Switches for Use with PVS February 7, 2014 (Revision 1) Table of Contents Introduction... 3 Basic PVS VM Configuration... 3 Platforms... 3 VMware ESXi 5.5... 3 Configure the ESX Management
More informationCourse Title: Penetration Testing: Security Analysis
Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced
More informationAbstract. 978-1-4244-3487-9/09/$25.00 c 2009 IEEE
Abstract Network monitoring allows network managers to get a better insight in the network traffic transiting in a managed network. In order to make the tasks of a network manager easier, many network
More informationANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details
Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription
More informationAlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide
AlienVault Unified Security Management (USM) 4.x-5.x Deployment Planning Guide USM 4.x-5.x Deployment Planning Guide, rev. 1 Copyright AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,
More informationVirtual Server in SP883
Virtual Server in SP883 1 Introduction: 1.1 Micronet SP883 is a hard QoS broadband router, means its guaranteed service can provide absolute reservation of resource (bandwidth) for specific traffic;not
More informationImplementing Large-Scale Autonomic Server Monitoring Using Process Query Systems. Christopher Roblee Vincent Berk George Cybenko
Implementing Large-Scale Autonomic Server Monitoring Using Process Query Systems Christopher Roblee Vincent Berk George Cybenko These slides are based on the paper Implementing Large-Scale Autonomic Server
More informationTable of Contents. Introduction. Audience. At Course Completion
Table of Contents Introduction Audience At Course Completion Prerequisites Microsoft Certified Professional Exams Student Materials Course Outline Introduction This three-day instructor-led course provides
More informationConfiguring Security for SMTP Traffic
4 Configuring Security for SMTP Traffic Securing SMTP traffic Creating a security profile for SMTP traffic Configuring a local traffic SMTP profile Assigning an SMTP security profile to a local traffic
More information60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li
60467 Project 1 Net Vulnerabilities scans and attacks Chun Li Hardware used: Desktop PC: Windows Vista service pack Service Pack 2 v113 Intel Core 2 Duo 3GHz CPU, 4GB Ram, D-Link DWA-552 XtremeN Desktop
More information1 Scope of Assessment
CIT 380 Project Network Security Assessment Due: April 30, 2014 This project is a security assessment of a small group of systems. In this assessment, students will apply security tools and resources learned
More information3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for Network Security
3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for Network Security Troy Nunnally, A. Selcuk Uluagac, John A. Copeland, and Raheem Beyah CSC Lab., The School of ECE GT CAP Group, The School of
More informationTk20 Network Infrastructure
Tk20 Network Infrastructure Tk20 Network Infrastructure Table of Contents Overview... 4 Physical Layout... 4 Air Conditioning:... 4 Backup Power:... 4 Personnel Security:... 4 Fire Prevention and Suppression:...
More informationA Prevention & Notification System By Using Firewall. Log Data. Pilan Lin
A Prevention & Notification System By Using Firewall Log Data By Pilan Lin 1 Table Of Content ABSTRACT... 3 1 INTRODUCTION... 4 2. Firewall Log data... 6 2.1 How to collect log data... 6 3. Prevention
More informationWeb Security School Final Exam
Web Security School Final Exam By Michael Cobb 1.) Which of the following services is not required to run a Windows server solely configured to run IIS and publish a Web site on the Internet? a. IIS Admin
More informations@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ]
s@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ] Topic break down Topic No. of Questions Topic 1: Network Architecture 183 Topic 2: Network Operations 149
More informationSolution of Exercise Sheet 5
Foundations of Cybersecurity (Winter 15/16) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Protocols = {????} Client Server IP Address =???? IP Address =????
More information2 Technologies for Security of the 2 Internet
2 Technologies for Security of the 2 Internet 2-1 A Study on Process Model for Internet Risk Analysis NAKAO Koji, MARUYAMA Yuko, OHKOUCHI Kazuya, MATSUMOTO Fumiko, and MORIYAMA Eimatsu Security Incidents
More informationTenable for CyberArk
HOW-TO GUIDE Tenable for CyberArk Introduction This document describes how to deploy Tenable SecurityCenter and Nessus for integration with CyberArk Enterprise Password Vault. Please email any comments
More informationWebsense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications
Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications November, 2010 2010 Websense, Inc. All rights reserved. Websense is a registered
More informationVPN Lesson 2: VPN Implementation. Summary
VPN Lesson 2: VPN Implementation Summary 1 Notations VPN client (ok) Firewall Router VPN firewall VPN router VPN server VPN concentrator 2 Basic Questions 1. VPN implementation options for remote users
More informationMetrics Suite for Enterprise-Level Attack Graph Analysis
Metrics Suite for Enterprise-Level Attack Graph Analysis Cyber Security Division 2012 Principal Investigators Meeting October 11, 2012 Sushil Jajodia (PI), Steven Noel (co-pi) Metrics Suite for Enterprise-Level
More informationMetasploit Unleashed. Class 2: Information Gathering and Vulnerability Scanning. Georgia Weidman Director of Cyberwarface, Reverse Space
Metasploit Unleashed Class 2: Information Gathering and Vulnerability Scanning Georgia Weidman Director of Cyberwarface, Reverse Space Information Gathering Learning as much as possible about targets Ex:
More informationHowever,duetoboththescaleandthecomplexityoftheInternet,itisunlikelythatameasure-
Part1:AServer-BasedMeasurementInfrastructure NetworkPerformanceMeasurementandAnalysis Y.ThomasHou (ConceptPaper) AsInternettraccontinuestogrowexponentially,itisessentialforboththeusersandserviceproviders
More informationPort Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology
Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance
More informationIndexing Full Packet Capture Data With Flow
Indexing Full Packet Capture Data With Flow FloCon January 2011 Randy Heins Intelligence Systems Division Overview Full packet capture systems can offer a valuable service provided that they are: Retaining
More informationIntegrating Web Application Security into the IT Curriculum
Integrating Web Application Security into the IT Curriculum James Walden Northern Kentucky University Topics 1. 2. 3. 4. Why should we teach web application security? What material do we need to cover?
More informationNetwork Monitoring and Traffic CSTNET, CNIC
Network Monitoring and Traffic Analysis in CSTNET Chunjing Han Aug. 2013 CSTNET, CNIC Topics 1. The background of network monitoring 2. Network monitoring protocols and related tools 3. Network monitoring
More informationLehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Chapter 5: Security Concepts for Networks Firewalls Intrusion Detection
More informationMetaXSSploit. Bringing XSS in Pentesting A journey in building a security tool. Claudio Criscione @paradoxengine
` MetaXSSploit Bringing XSS in Pentesting A journey in building a security tool Claudio Criscione @paradoxengine /me No Aff XSS And how a security tool is born! Relevant? Web Application Security Statistics
More informationIntro to Firewalls. Summary
Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer
More informationECS 235A Project - NVD Visualization Using TreeMaps
ECS 235A Project - NVD Visualization Using TreeMaps Kevin Griffin Email: kevgriffin@ucdavis.edu December 12, 2013 1 Introduction The National Vulnerability Database (NVD) is a continuously updated United
More informationWe will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall
Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,
More informationBlended Security Assessments
Blended Security Assessments Combining Active, Passive and Host Assessment Techniques October 12, 2009 (Revision 9) Renaud Deraison Director of Research Ron Gula Chief Technology Officer Table of Contents
More informationFirewall Defaults and Some Basic Rules
Firewall Defaults and Some Basic Rules ProSecure UTM Quick Start Guide This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSecure Unified
More informationMicrosoft SharePoint 2010, Application Development Course Outline
Course 10175A: Microsoft SharePoint 2010, Application Development Course Outline Module 1: Introduction to the SharePoint 2010 Development Platform This module describes the SharePoint 2010 development
More informationWHITEPAPER. Nessus Exploit Integration
Nessus Exploit Integration v2 Tenable Network Security has committed to providing context around vulnerabilities, and correlating them to other sources, such as available exploits. We currently pull information
More informationVulnerability Assessment Using Nessus
Vulnerability Assessment Using Nessus Paul Asadoorian, GCIA, GCIH Network Security Engineer Brown University Paul_Asadoorian@brown.edu Overview Introduction to Nessus Nessus Architecture Nessus in Action
More informationINTRODUCTION TO FIREWALL SECURITY
INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ
More informationNV: Nessus Vulnerability Visualization for the Web
NV: Nessus Vulnerability Visualization for the Web Lane Harrison harrisonlt@ornl.gov Evan Downing epdowning@gmail.com Riley Spahn spahnrb1@ornl.gov John R. Goodall jgoodall@ornl.gov Mike Iannacone iannaconemd@ornl.gov
More informationState of Oregon Open Source Application Use in the Enterprise
State of Oregon Open Source Application Use in the Enterprise Case Study: Asterisk used to create powerful audio conferencing service For large Agency user. Background: Data and Video Services (DVS), a
More informationDesign Notes for an Efficient Password-Authenticated Key Exchange Implementation Using Human-Memorable Passwords
Design Notes for an Efficient Password-Authenticated Key Exchange Implementation Using Human-Memorable Passwords Author: Paul Seymer CMSC498a Contents 1 Background... 2 1.1 HTTP 1.0/1.1... 2 1.2 Password
More informationCHAPTER 20 TESING WEB APPLICATIONS. Overview
CHAPTER 20 TESING WEB APPLICATIONS Overview The chapter describes the Web testing. Web testing is a collection of activities whose purpose is to uncover errors in WebApp content, function, usability, navigability,
More informationA Review on Zero Day Attack Safety Using Different Scenarios
Available online www.ejaet.com European Journal of Advances in Engineering and Technology, 2015, 2(1): 30-34 Review Article ISSN: 2394-658X A Review on Zero Day Attack Safety Using Different Scenarios
More information5 Mistakes to Avoid on Your Drupal Website
5 Mistakes to Avoid on Your Drupal Website Table of Contents Introduction.... 3 Architecture: Content.... 4 Architecture: Display... 5 Architecture: Site or Functionality.... 6 Security.... 8 Performance...
More informationBy : Khalid Alfalqi Department of Computer Science, Umm Al-Qura University
By : Khalid Alfalqi Department of Computer Science, Umm Al-Qura University History of Web History of the Internet Basic Web System Architecture URL DNS Creating Static and Dynamic Information Security
More informationAnalyzing HTTP/HTTPS Traffic Logs
Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationIntrusion Log Sharing University of Wisconsin-Madison
Intrusion Log Sharing University of Wisconsin-Madison John Bethencourt (bethenco@cs.wisc.edu) Jason Franklin (jfrankli@cs.wisc.edu) Mary Vernon (vernon@cs.wisc.edu) 1 Talk Outline Background: Blacklists,
More informationWHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION
WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION Table of Contents Executive Summary...3 Vulnerability Scanners Alone Are Not Enough...3 Real-Time Change Configuration Notification is the
More informationOracle Collaboration Suite
Oracle Collaboration Suite Firewall and Load Balancer Architecture Release 2 (9.0.4) Part No. B15609-01 November 2004 This document discusses the use of firewall and load balancer components with Oracle
More informationStateful Firewalls. Hank and Foo
Stateful Firewalls Hank and Foo 1 Types of firewalls Packet filter (stateless) Proxy firewalls Stateful inspection Deep packet inspection 2 Packet filter (Access Control Lists) Treats each packet in isolation
More informationCONQUERING COMPLIANCE ISSUES WITH RHN SATELLITE AND TENABLE NESSUS SECURITY
CONQUERING COMPLIANCE ISSUES WITH RHN SATELLITE AND TENABLE NESSUS SECURITY Akash Chandrashekar - Solution Architect, Red Hat Renaud Deraison - Tenable Network Security, Inc. / Nessus.org Compliance Issues
More informationE-commerce Production Firewalls
E-commerce Production Firewalls A Proper Security Design 2006 Philip J. Balsley. This document and all information contained herein is the sole and exclusive property of Philip J. Balsley. All rights reserved.
More informationHOB WebSecureProxy as an SSL Terminal for E-Mail Clients
HOB GmbH & Co. KG Schwadermühlstr. 3 90556 Cadolzburg Tel: 09103 / 715-0 Fax: 09103 / 715-271 E-Mail: support@hob.de Internet: www.hob.de HOB WebSecureProxy as an SSL Terminal for E-Mail Clients November
More informationConfiguring Network Load Balancing with Cerberus FTP Server
Configuring Network Load Balancing with Cerberus FTP Server May 2016 Version 1.0 1 Introduction Purpose This guide will discuss how to install and configure Network Load Balancing on Windows Server 2012
More informationPwning Intranets with HTML5
Javier Marcos de Prado Juan Galiana Lara Pwning Intranets with HTML5 2009 IBM Corporation Agenda How our attack works? How we discover what is in your network? What does your infrastructure tell us for
More informationClient/server is a network architecture that divides functions into client and server
Page 1 A. Title Client/Server Technology B. Introduction Client/server is a network architecture that divides functions into client and server subsystems, with standard communication methods to facilitate
More informationTenable Tools for Security Compliance The Antivirus Challenge
Tenable Tools for Security Compliance The Antivirus Challenge January 20, 2005 (Updated February 7, 2007) Nicolas Pouvesl e / John Lampe Table of Contents TABLE OF CONTENTS... 2 INTRODUCTION... 3 WHAT
More informationTABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY
IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...
More informationpacket retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.
Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System
More informationDataSocket Simplifies Live Data Transfer for LabVIEW
DataSocket Simplifies Live Data Transfer for LabVIEW Many typical instrumentation solutions involve a single local application for acquisition, logging, analysis, and presentation. However, because of
More information8 Steps for Network Security Protection
8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More information8 Steps For Network Security Protection
8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their
More informationEnterprise Security Interests Require SSL with telnet server from outside the LAN
Create and Use an SSL on Goals Provide secure and encrypted 5250 data stream conversations with the server (including authentication) use a digital certificate we create with Digital Manager Show a client
More informationPenetration Testing for iphone Applications Part 1
Penetration Testing for iphone Applications Part 1 This article focuses specifically on the techniques and tools that will help security professionals understand penetration testing methods for iphone
More informationIBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide
IBM Security QRadar SIEM Version 7.1.0 MR1 Vulnerability Assessment Configuration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks
More informationArchitecture. The DMZ is a portion of a network that separates a purely internal network from an external network.
Architecture The policy discussed suggests that the network be partitioned into several parts with guards between the various parts to prevent information from leaking from one part to another. One part
More informationFirewall Security: Policies, Testing and Performance Evaluation
Firewall Security: Policies, Testing and Performance Evaluation Michael R. Lyu and Lorrien K. Y. Lau Department of Computer Science and Engineering The Chinese University of Hong Kong, Shatin, HK lyu@cse.cuhk.edu.hk,
More informationApplication Note. Onsight TeamLink And Firewall Detect v6.3
Application Note Onsight And Firewall Detect v6.3 1 ONSIGHT TEAMLINK HTTPS TUNNELING SERVER... 3 1.1 Encapsulation... 3 1.2 Firewall Detect... 3 1.2.1 Firewall Detect Test Server Options:... 5 1.2.2 Firewall
More informationAndroid Security Evaluation Framework
INTRODUCING... A S E F Android Security Evaluation Framework - Parth Patel $ whoami_ Agenda Manual Research Automation - A S E F Let s solve problems Conclusion Android OS Open Source Security Evaluation
More informationCompTIA Network+ (Exam N10-005)
CompTIA Network+ (Exam N10-005) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationInternet Banking System Web Application Penetration Test Report
Internet Banking System Web Application Penetration Test Report Kiev - 2014 1. Executive Summary This report represents the results of the Bank (hereinafter the Client) Internet Banking Web Application
More informationVULNERABILITY MANAGEMENT
Vulnerability Management (VM) software differ in the richness of reporting, and the capabilities for application and security configuration assessment. Companies must consider how a VM technology will
More informationCSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security
Security+ Supported Labs - V1 Lab 1 Network Devices and Technologies - Capturing Network Using tcpdump to Capture Network with Wireshark with Network Miner 2 Secure Network Administration Principles -
More informationFTP e TFTP. File transfer protocols PSA1
FTP e TFTP File transfer protocols PSA1 PSA2 PSA3 PSA4 PSA5 PSA6 PSA7 PSA8 PSA9 Firewall problems with FTP Client-side Firewalls the client is behind a firewall and cannot be reached directly from the
More informationHow To Compare Your Web Vulnerabilities To A Gamascan Report
Differential Report Target Scanned: www.gamasec-test.com Previous Scan: Wed Jul 2 15:29:12 2008 Recent Scan: Wed Jul 9 00:50:01 2008 Report Generated: Thu Jul 10 12:00:51 2008 Page 1 of 15 Differential
More informationApril 11, 2011. (Revision 2)
Passive Vulnerability Scanning Overview April 11, 2011 (Revision 2) Copyright 2011. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of
More informationCisco RSA Announcement Update
Cisco RSA Announcement Update May 7, 2009 Presented by: WWT and Cisco Agenda Cisco RSA Conference Announcements Collaborate with Confidence Overview Cisco s Security Technology Differentiation Review of
More informationBlack Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!
Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$%&'#)*)&'+,-./0.-121.030045.5675895.467:;83-/;0383; th, yyyy A&0#0+4*M:+:#&*#0%+C:,#0+4N:
More informationPTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access
The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning
More informationFirewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08
Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 What is a firewall? Firewalls are programs that were designed to protect computers from unwanted attacks and intrusions. Wikipedia
More informationMS 10972A Administering the Web Server (IIS) Role of Windows Server
MS 10972A Administering the Web Server (IIS) Role of Windows Server Description: Days: 5 Prerequisites: This course provides students with the fundamental knowledge and skills to configure and manage Internet
More informationLinux Network Security
Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols
More informationNVisionIP and VisFlowConnect-IP: Two Tools for Visualizing NetFlows for Security
NVisionIP and VisFlowConnect-IP: Two Tools for Visualizing NetFlows for Security William Yurcik National Center for Supercomputing Applications (NCSA) University of Illinois at
More informationMake a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.
CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files
More informationWeb Application Vulnerability Testing with Nessus
The OWASP Foundation http://www.owasp.org Web Application Vulnerability Testing with Nessus Rïk A. Jones, CISSP rikjones@computer.org Rïk A. Jones Web developer since 1995 (16+ years) Involved with information
More informationBuilding Reliable, Scalable AR System Solutions. High-Availability. White Paper
Building Reliable, Scalable Solutions High-Availability White Paper Introduction This paper will discuss the products, tools and strategies available for building reliable and scalable Action Request System
More informationBasic & Advanced Administration for Citrix NetScaler 9.2
Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios
More informationPROFESSIONAL SECURITY SYSTEMS
PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security
More information