CMPS 122: Computer Security
|
|
- Luke Bryant
- 7 years ago
- Views:
Transcription
1 CMPS 122: Computer Security Introduction Today s goals Course introduction Course overview Course logistics (details on the syllabus) Introduction to computer security What is computer security? Goals Attacks Who? How? Defenses Introduction 2 1
2 Welcome! Ethan Miller Office: 265 E2 Hours: Tue 11:00 noon Thu 12:30 1:30 PM Alisa Neeman Office: Hours: Mon 10:00 11:00 AM Wed 2:00 3:00 PM No discussion section or lab hours Ask us questions during office hours Class web page (assignments, slides, announcements, etc.) Introduction 3 Class outline Introduction & concepts Encryption & authentication Secure network protocols (Kerberos, SSL) Program security Bug exploits Malcode: viruses, worms, trojan horses, and more Writing safe code Attacks and defenses on computer systems Firewalls Intrusion detection Countermeasures Trusted operating systems Introduction 4 2
3 Textbooks Required Cryptography and Network Security (Stallings) Recommended Secrets and Lies (Schneier) Firewalls and Internet Security, 2nd Edition (Cheswick, Bellovin, Rubin) Introduction 5 Course requirements Two exams Midterm in the 5th 6th week Final exam Homework 5 6 homeworks during the quarter About one week per homework Graded Need not do every homework to pass the class Missing homeworks count as a zero! Hand in online Term project More on this in a bit Introduction 6 3
4 How are grades determined? Final grades based on: Homework: 30% all homeworks weighted equally Midterm: 16% Final: 24% Final project: 25% Class participation: 5% Approximate grade ranges: A: 89% 100% B: 79% 88% C: 69% 78% D: 60% 68% To pass the class, you must Take both exams Turn in a final project Have at least a 50% average on exams and 50% average on homework Satisfying both conditions does not guarantee a passing grade Introduction 7 Other ways to change your grade Up Solve a challenge problem (not normal homework) Find a security hole and have it published by a national organization (CERT, Mercury News, Time magazine ) Down Send me a virus ( or otherwise) Doesn t count if the virus is neutralized and sent as an FYI viruses that attack your address book do count Get arrested for a computer security attack Get convicted for a computer security attack To an F/U/NP (i.e., fail!) Get me arrested for something you do related to this class Cheat (we will catch you) Introduction 8 4
5 Homework Homework lets you Try to solve (or create) computer security problems Test your knowledge and understanding of the subject Homework isn t optional! Homework must be your own work! Programming may be required Use any language you want Use any sources you like, if you cite them Keep in mind that I ll take a dim view of copying someone else in class If the assignment requires that you write your own code, you may not get full credit for using someone else s code In many cases, the biggest benefit is the process! Introduction 9 Challenge problems Open until solved or last day of class First satisfactory answer gets bonus Later answer might still get bonus if it s better Solving in groups is OK Each member gets n/n * value (e.g., 3 people = 3/3 = 0.58) Unlike homework, there s not necessarily a correct answer (or even a solution!) Challenge problems will be listed on the course Web page Introduction 10 5
6 Final project Write a paper on a topic related to computer security Review several research papers Analyze the security of a particular system Compare the security or performance of several cryptosystems Evaluate security products (firewalls, software, etc.) Explore ways to write more secure code Lots of other possibilities Suggested topics will be posted on the class web site Papers should be about 7 8 pages long Introduction 11 Getting help Computer security can be a tough subject get help if you need it! I m here to help you learn the material It s up to you to ask for help Don t wait too long! Ask questions in class Visit office hours Ask general questions on the course newsgroup Ask specific questions by Expect short answers, not long explanations Introduction 12 6
7 What is cheating? Cheating is: Copying answers from your fellow students Having someone else do your project for you Using material without attribution Cheating is not: Studying in a group: your fellow students are a great resource for understanding difficult material Discussing homework in general terms Using information from the Web, assuming you write down where you got it Copying answers off the Web may be cheating, though. Everything you turn in should be yours Document completely if it s not! Use common sense: if you re not sure, ask me before doing it Introduction 13 The Simpsons rule You may discuss homework with others General issues only You may not take notes You must take a 30 minute break before working on any CMPS 122 assignments Watch the Simpsons or good Warner Brothers cartoons Watch mindless TV Work on other classes Take a nap Introduction 14 7
8 Why should you take this course? Reason #1: Fate of Humanity Cryptography plays a central role in human history Survival of humanity depends on computer security Reason #2: Intellectual Curiosity Cryptology and computer security are about making and solving puzzles It s fun to do this! Reason #3: $$$ Computer security is a growing business There are always jobs for people who know how to keep vital computer resources safe Introduction 15 Bad reasons for taking this class You want to write the ultimate virus to wipe the world s hard drives clean You want to show (by doing) just how insecure Windows is You want to break into (UCSC s the NSA s your bank s) computer systems You re bored, and there s nothing better to take this quarter (I guess this isn t so bad) Introduction 16 8
9 What is security? Keeping something (information in our case) secure against Someone stealing it Someone destroying it Someone changing it Someone preventing me from using it More specifically Confidentiality: nobody else can see it Integrity: nobody else can change it Availability: I can get at it whenever I want Introduction 17 Security on physical things Use physical security rather than computer security Access to valuables was more difficult to obtain Had to be physically present in many cases! Moving the valuable could be difficult Alteration was easier to notice Physical marks were left if you tried to change something Physical goods had one copy If you have the copy, I don t No notion of multiple parties sharing the item Physical security could be Expensive: need to hire guards Difficult & dangerous: people got injured or killed Introduction 18 9
10 Security on information: the old way Information isn t like a physical object Copies can be made inexpensively A copy doesn t prevent the original from being used Easy to transport Less need for physical presence Value can be very high for small data Before computers, some things were still easy Integrity easier to check: look for signs of alteration Confidentiality: keep it a locked bank vault (and hope there are no bank robbers) Availability: only when the bank is open Introduction 19 Security in computing More difficult because of the nature of computers Confidentiality Easier to break into a networked computer without physical presence Easy to spread information around the world in minutes Integrity No signs that information has been altered Can t easily check to see if someone might have had access to the information to alter it Availability All the old ways of denying access still work Physical attacks Destroying the information New ways exist Keep the computer too busy to respond Prevent authorized users from seeing the information Introduction 20 10
11 Addressing security issues What are the risks? How likely is each one? How expensive would it be if the risk came to pass? What are the available countermeasures? How expensive are they to implement? How inconvenient are they? What are the vulnerabilities? Simple design flaws more than basic problems How can they be addressed? Bug fixes Workarounds Introduction 21 Computer intrusions This is (usually) a crime! Typically done for one of two reasons Commercial gain Fun Commercial gain Go after the most valuable item: often information Information can be Destroyed: loss of use to the owner Copied: used by a competitor for commercial advantage Fun Because it s there Because I disagree with their policies In both cases, intrusions follow the path of least resistance Strong security in one area doesn t cover for weak security elsewhere Relative security of different mechanisms can change over time Introduction 22 11
12 Attacks: terminology Attacks can be made on any of Hardware Software Data (information) Terms Threat: circumstances that may lead to loss or harm Vulnerability: weakness in the security system Control: something that reduces or removes a vulnerability Types of attacks Interception: unauthorized party gets access to an asset Interruption: asset becomes unusable (lost or destroyed) Modification: existing asset is changed Fabrication: fake asset is planted in the system Introduction 23 Goals of computer security Ensure that the system maintains Confidentiality Integrity May have many different (conflicting) meanings Must specify what it means in this case Availability Responds at all? Responds in a timely fashion? Can be used as it was intended? Has sufficient capacity? Others Maintaining these properties can be difficult! Introduction 24 12
13 Vulnerabilities Interruption Interception Modification Fabrication Hardware Denial of service Physical attack Theft Planting fake computers Software Data Deletion Deletion Unauthorized copying Surveillance Insider theft Logic bomb Trojan horse Virus Trapdoor Information leak Modify databases Change files Fake (or modified) software False records Introduction 25 Types of intruders Amateurs People who steal resources for their own uses Typically unsophisticated Crackers Access resources without permission Typically for fun, but may be other reasons Career criminals Well-planned attacks Usually for financial gain Military Done to disable opposing forces, typically Gain strategic advantage Introduction 26 13
EECS 588: Computer and Network Security. Introduction
EECS 588: Computer and Network Security Introduction January 13, 2014 Today s Cass Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade
More informationCSC 474 Information Systems Security
CSC 474 Information Systems Security Introduction About Instructor Dr. Peng Ning, assistant professor of computer science http://www.csc.ncsu.edu/faculty/ning pning@ncsu.edu (919)513-4457 Office: Room
More informationBBM 461: SECURE PROGRAMMING INTRODUCTION. Ahmet Burak Can
BBM 461: SECURE PROGRAMMING INTRODUCTION 1 Ahmet Burak Can COURSE MATERIAL Counter Hack Reloaded:A Step-by- Step Guide to Computer Attacks and Effective Defenses, Edward Skoudis, Tom Liston, Prentice Hall
More informationCourse mechanics. CS 458 / 658 Computer Security and Privacy. Course website. Additional communication
CS 458 / 658 Computer Security and Privacy Module 1 Introduction to Computer Security and Privacy Fall 2008 Course mechanics Instructor: Ian Goldberg Contact info: http://www.cs.uwaterloo.ca/ iang/ Office
More informationCS 458 / 658 Computer Security and Privacy. Course mechanics. Course website. Module 1 Introduction to Computer Security and Privacy.
CS 458 / 658 Computer Security and Privacy Module 1 Introduction to Computer Security and Privacy Spring 2013 Course mechanics Instructor: Ian Goldberg https://cs.uwaterloo.ca/ iang/ Office hours: Thursdays
More informationEECS 588: Computer and Network Security. Introduction January 14, 2014
EECS 588: Computer and Network Security Introduction January 14, 2014 Today s Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade
More informationE-BUSINESS THREATS AND SOLUTIONS
E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were
More information1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services
1. Computer Security: An Introduction Definitions Security threats and analysis Types of security controls Security services Mar 2012 ICS413 network security 1 1.1 Definitions A computer security system
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationCIS 6930/4930 Computer and Network Security. Dr. Yao Liu
CIS 6930/4930 Computer and Network Security Dr. Yao Liu About Instructor Dr. Yao Liu, Office: ENB 336 Phone: 813-974-1079 Email: yliu@cse.usf.edu URL: http://www.cse.usf.edu/~yliu/ Office hour: TR 2:00pm
More informationComputer and Network Security
EECS 588 Computer and Network Security Introduction January 12, 2016 Alex Halderman Today s Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components
More informationInformation Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationCSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun
CSCI 454/554 Computer and Network Security Instructor: Dr. Kun Sun About Instructor Dr. Kun Sun, Assistant Professor of Computer Science http://www.cs.wm.edu/~ksun/ Phone: (757) 221-3457 Email: ksun@wm.edu
More informationComputer Security (EDA263 / DIT 641)
Computer Security (EDA263 / DIT 641) Lecture 1: Course introduction Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology Sweden https://www.youtube.com/watch?v=kpyvenbpj5c
More informationSoran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification
1. Module Title Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader Safwan M. 5. Teaching Semester 7 and 8 Soran University Faculty of Science and Engineering Computer
More informationWEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project
WEB SECURITY Oriana Kondakciu 0054118 Software Engineering 4C03 Project The Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure
More informationCSE331: Introduction to Networks and Security. Lecture 1 Fall 2004
CSE331: Introduction to Networks and Security Lecture 1 Fall 2004 Course Information Steve Zdancewic lecturer Web: http://www.cis.upenn.edu/~stevez E-mail: stevez@cis.upenn.edu Office hours: Mon. 3:00
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationComputer and Information Security
Computer Computer and Information Lecture 1 Introduction Computer Course Description Course Work Course Description This course builds on Operating Systems Network and System Administration 1 Lectures
More informationHackers: Detection and Prevention
Computer Networks & Computer Security SE 4C03 Project Report Hackers: Detection and Prevention Due Date: March 29 th, 2005 Modified: March 28 th, 2005 Student Name: Arnold Sebastian Professor: Dr. Kartik
More informationHow Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER
WHITE PAPER CHALLENGES Protecting company systems and data from costly hacker intrusions Finding tools and training to affordably and effectively enhance IT security Building More Secure Companies (and
More informationINTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA
INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA OVERVIEW Introduction Overview The IDS Puzzle Current State of IDS Threats I have a good firewall, why do I need an IDS? Expectations
More informationComputer Networks & Computer Security
Computer Networks & Computer Security Software Engineering 4C03 Project Report Hackers: Detection and Prevention Prof.: Dr. Kartik Krishnan Due Date: March 29 th, 2004 Modified: April 7 th, 2004 Std Name:
More informationE-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.
Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter
More informationWeighted Total Mark. Weighted Exam Mark
CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU
More informationGetting a Secure Intranet
61-04-69 Getting a Secure Intranet Stewart S. Miller The Internet and World Wide Web are storehouses of information for many new and legitimate purposes. Unfortunately, they also appeal to people who like
More informationContact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:
Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for
More informationDepartment of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus
Department of Computer & Information Sciences INFO-450: Information Systems Security Syllabus Course Description This course provides a deep and comprehensive study of the security principles and practices
More informationDesktop and Laptop Security Policy
Desktop and Laptop Security Policy Appendix A Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious
More informationIY2760/CS3760: Part 6. IY2760: Part 6
IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily
More informationInformation Security. CS526 Topic 1
Information Security CS 526 Topic 1 Overview of the Course 1 Today s Security News Today: 220 million records stolen, 16 arrested in massive South Korean data breach A number of online gaming & movie ticket
More informationThreats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1
Threats and Attacks Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to:
More informationSecurity Defense Strategy Basics
Security Defense Strategy Basics Joseph E. Cannon, PhD Professor of Computer and Information Sciences Harrisburg University of Science and Technology Only two things in the water after dark. Gators and
More informationPenetration Testing Service. By Comsec Information Security Consulting
Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your
More informationYALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is
More informationDepartment of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus
Department of Computer & Information Sciences CSCI-445: Computer and Network Security Syllabus Course Description This course provides detailed, in depth overview of pressing network security problems
More informationTHE LITTLE BIG BOOK OF BADNESS
THE LITTLE BIG BOOK OF BADNESS How to stay safe on the Internet a guidebook for students and parents USE THIS BOOK TO FIND OUT HOW YOU AND YOUR COMPUTER CAN STAY AWAY FROM BAD THINGS 2 CONTENTS Why you
More informationTELE 301 Network Management. Lecture 18: Network Security
TELE 301 Network Management Lecture 18: Network Security Haibo Zhang Computer Science, University of Otago TELE301 Lecture 18: Network Security 1 Security of Networks Security is something that is not
More informationCNT5412/CNT4406 Network Security. Course Introduction. Zhenhai Duan
CNT5412/CNT4406 Network Security Course Introduction Zhenhai Duan 1 Instructor Professor Zhenhai Duan (duan@cs.fsu.edu) Office: 162 LOV Office hours: 1:00PM to 2:00PM, T/Th Or by appointment Email: duan@cs.fsu.edu
More informationCOB 302 Management Information System (Lesson 8)
COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this
More informationCHAPTER 10: COMPUTER SECURITY AND RISKS
CHAPTER 10: COMPUTER SECURITY AND RISKS Multiple Choice: 1. In a survey of more than 500 companies and government agencies, percent detected computer security breaches. A. 20 B. 75 C. 85 D. 99 Answer:
More informationFirewalls for small business
By James Thomas DTEC 6823 Summer 2004 What is a firewall? Firewalls for small business A firewall is either hardware, software or a combination of both that is used to prevent, block or should I say try
More informationNetwork Security. Text. Administrative. My Information. Course Focus. Evaluation CEN 5542-01
Network Security CEN 5542-01 formerly CIS 5357 Administrative TR, 8:00-9:15 am 103 James Jay Love Building www.cs.fsu.edu/~yasinsac/ns03/main.html Will establish and use a class mailing list 1 2 My Information
More informationBoston University Security Awareness. What you need to know to keep information safe and secure
What you need to know to keep information safe and secure Introduction Welcome to Boston University s Security Awareness training. Depending on your reading speed, this presentation will take approximately
More informationE-Commerce: Attacks and Preventative Strategies. The majority of not only our nation, but most of the world, is performing and conducting
Benjamin DiYanni E-Commerce: Attacks and Preventative Strategies Abstract: The majority of not only our nation, but most of the world, is performing and conducting business over the internet. For the most
More informationIntroduction to Information Security
Introduction to Information Security Chapter 1 Information Security Basics Winter 2015/2016 Stefan Mangard, www.iaik.tugraz.at What is Information Security? 2 Security vs. Safety The German word Sicherheit
More informationCS 391-950 Ethical Hacking Spring 2016
CS 391-950 Ethical Hacking Spring 2016 Instructor: Shahriar Nick Rahimi Office: Faner 2136 Office Hours: MW 8:30 am-11 am Friday 10 am- 11 am E-Mail: nick@cs.siu.edu Course Web Site: https://online.siu.edu/
More informationNetwork Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶
Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course
More informationNEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Division: Applied Science (AS) Liberal Arts (LA) Workforce Development (WD)
NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS COURSE IDENTIFICATION Course Code/Number: ETEC 275 Course Title: Computer and Network Security Division: Applied Science (AS) Liberal Arts (LA) Workforce
More informationNetwork Security - ISA 656 Review
Network Security - ISA 656 Review Angelos Stavrou December 4, 2007 Material Test Conditions 7:20pm - 9:30pm, Thursday, Dec 11th, in the Lab (STI-128) Same style of questions as the midterm I m not asking
More informationEvaluating the Perceptions of People towards Online Security
Section 2 Information Systems Security & Web Technologies and Security Evaluating the Perceptions of People towards Online Security Abstract N.K.Jayakumar and A.D.Phippen Network Research Group, University
More informationNetwork Security. Chapter 12. Learning Objectives. Chapter Outline. After reading this chapter, you should be able to:
Network Security Chapter 12 Learning Objectives After reading this chapter, you should be able to: Recognize the basic forms of system attacks Recognize the concepts underlying physical protection measures
More informationChap. 1: Introduction
Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed
More informationIntroduction to Security
2 Introduction to Security : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l01, Steve/Courses/2013/s2/its335/lectures/intro.tex,
More informationCSE331: Introduction to Networks and Security. Lecture 1 Fall 2006
CSE331: Introduction to Networks and Security Lecture 1 Fall 2006 Basic Course Information Steve Zdancewic lecturer Web: http://www.cis.upenn.edu/~stevez E-mail: stevez@cis.upenn.edu Office hours: Tues.
More informationTCOM 562 Network Security Fundamentals
TCOM 562 Network Security Fundamentals George Mason University Fall 2009 Jerry Martin Fairfax Campus Tel: (703) 993-3810 Email: gmartin@gmu.edu Office Hours: by appointment only 1. Announcements The class
More informationSAFE ONLINE BANKING. Online Banking, Data Security You. Your Partnership for Safe Online Banking
SAFE ONLINE BANKING Online Banking, Data Security You & Your Partnership for Safe Online Banking Partnering for Online Security O Online banking has grown rapidly from a niche service to a major new way
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC
More informationNetwork Security: Introduction
Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationITSC Training Courses Student IT Competence Programme SIIS1 Information Security
ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know
More informationComputer Security (EDA263 / DIT 641)
Computer Security (EDA263 / DIT 641) Lecture 1: Course introduction Magnus Almgren (Erland Jonsson) Department of Computer Science and Engineering Chalmers University of Technology Sweden Motivation Course
More informationViruses, Worms, and Trojan Horses
Viruses, Worms, and Trojan Horses Be a Power Reader Make Personal Connections As you read this article, think to yourself, How can I apply this knowledge? How will what I m learning be useful to me? You
More informationApplication Intrusion Detection
Application Intrusion Detection Drew Miller Black Hat Consulting Application Intrusion Detection Introduction Mitigating Exposures Monitoring Exposures Response Times Proactive Risk Analysis Summary Introduction
More informationSecurity Issues with Integrated Smart Buildings
Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern
More information9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500
INFO 1500 9. Information Assurance and Security, Protecting Information Resources 11. ecommerce and ebusiness Janeela Maraj Tutorial 9 21/11/2014 9. Information Assurance and Security, Protecting Information
More informationSyllabus COMP 517 Computer Security Penn State Harrisburg Fall 2009
Syllabus COMP 517 Computer Security Penn State Harrisburg Fall 2009 Instructor Dr. Jeremy Blum Office Location: Email (preferred contact method 1): Office hours (preferred contact method 2): 255W Olmsted
More informationChapter 14 Computer Threats
Contents: Chapter 14 Computer Threats 1 Introduction(Viruses,Bombs,Worms) 2 Categories of Viruses 3 Types of Viruses 4 Characteristics of Viruses 5 Computer Security i. Antivirus Software ii. Password,
More informationCracking and Computer Security
Cracking and Computer Security Ethics and Computing Chapter 4 Summer 2001 CSE 4317: Computer Security 1 Motivation Computer security is crucial for trust Cracking activity is harmful, costly and unethical
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationCIS433/533 - Computer and Network Security Introduction
CIS433/533 - Computer and Network Security Introduction Professor Kevin Butler Winter 2011 Computer and Information Science Some bedtime stories 2 This course We are going to explore why these events are
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationWhitepaper on AuthShield Two Factor Authentication and Access integration with Microsoft outlook using any Mail Exchange Servers
Whitepaper on AuthShield Two Factor Authentication and Access integration with Microsoft outlook using any Mail Exchange Servers By INNEFU Labs Pvt. Ltd Table of Contents 1. Overview... 3 2. Threats to
More informationSecurity and Operating Systems It s the Application
What is Security? Internal Roles Protecting Whom? Operating Systems 1 / 38 What is Security? Internal Roles Protecting Whom? What is operating system security? How do operating systems contribute to system
More informationNetwork Security Survey of Small Businesses
Network Security Survey of Small Businesses July 2006 Copyright All Covered Inc. www.allcovered.com Executive Summary Most small businesses now make use of a network of PCs and servers to run their operations.
More information1. Any email requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.
Your identity is one of the most valuable things you own. It s important to keep your identity from being stolen by someone who can potentially harm your good name and financial well-being. Identity theft
More informationFootprinting and Reconnaissance Tools
Footprinting and Reconnaissance Tools Topic 1: Common Port Scanning Techniques Do some research on computer ports that are most often scanned by hackers. Identify a port scanning exploit that is interesting
More informationNotes on Network Security - Introduction
Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network
More informationThis chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How
This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How Network Security Is Breached Network Security Policy
More informationSoftware Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS
Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005
More informationNetwork Security Course Specifications2011-2012
Assiut University Faculty of Computers & Information Department of Information Technology Quality Assurance Unit Network Security Course Specifications2011-2012 Relevant program B.Sc. in Computers and
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 1 September 2, 2015 CPSC 467, Lecture 1 1/13 Protecting Information Information security Security principles Crypto as a security
More informationCS 450/650 Fundamentals of Integrated Computer Security
CS 450/650 Fundamentals of Integrated Computer Security Course Information Department of Computer Science & Engineering UNR, Fall 2014 Class hours Tuesday & Thursday, 1:00 2:15am @ PE 101 Instructor E
More informationA Structured Approach to Computer Security *
1 A Structured Approach to Computer Security * Tomas Olovsson Department of Computer Engineering Chalmers University of Technology S-412 96 Gothenburg SWEDEN Technical Report No 122, 1992 ABSTRACT Security
More informationProject 25 Security Services Overview
Project 25 Security Services Overview Bill Janky Director, System Design Harris Corporation 1 Agenda Overview of P25 Security Services What s new; What s coming Other topics 2 If you re in Public Safety...
More informationNetwork Security and Surveillance
G. Sivakumar Computer Science and Engineering IIT Bombay siva@iitb.ac.in October 29, 2004 1 Internet Security Overview Some Puzzles 2 3 Internet s Growth and Charter Some Puzzles Information AnyTime, AnyWhere,
More informationGovernment Worker Privacy Survey. Improper Exposure of Official Use, Sensitive, and Classified Materials
Government Worker Privacy Survey Improper Exposure of Official Use, Sensitive, and Classified Materials 1 Introduction Data privacy is a growing concern for the US government as employees conduct business
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationComputer Forensics Preparation
Computer Forensics Preparation This lesson covers Chapters 1 and 2 in Computer Forensics JumpStart, Second Edition. OBJECTIVES When you complete this lesson, you ll be able to Discuss computer forensics
More informationManaged Security Services
Managed Security Services 1 Table of Contents Possible Security Threats 3 ZSL s Security Services Model 4 Managed Security 4 Monitored Security 5 Self- Service Security 5 Professional Services 5 ZSL s
More informationNetwork Security. Mobin Javed. October 5, 2011
Network Security Mobin Javed October 5, 2011 In this class, we mainly had discussion on threat models w.r.t the class reading, BGP security and defenses against TCP connection hijacking attacks. 1 Takeaways
More informationCS 464/564 Networked Systems Security SYLLABUS
CS 464/564 Networked Systems Security SYLLABUS College: College of Science Department: Department of Computer Science Syllabus Title: CS 464/564 Networked Systems Security Call Number: 1. Meet the Professor
More informationCS549: Cryptography and Network Security
CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared
More informationSecurity Basics: A Whitepaper
Security Basics: A Whitepaper Todd Feinman, David Goldman, Ricky Wong and Neil Cooper PricewaterhouseCoopers LLP Resource Protection Services Introduction This paper will provide the reader with an overview
More informationDSL and Cable Modems: The Dangers of Having a Static IP Address
DSL and Cable Modems: The Dangers of Having a Static IP Address By Joe Edwards ECE 478 Spring 2000 1.0 Introduction As computer technology continues to rapidly progress, more and more people are abandoning
More informationThe monsters under the bed are real... 2004 World Tour
Web Hacking LIVE! The monsters under the bed are real... 2004 World Tour Agenda Wichita ISSA August 6 th, 2004 The Application Security Dilemma How Bad is it, Really? Overview of Application Architectures
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More information