Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction IT443 – Network Security Administration Instructor: Bo Sheng 1.

Similar presentations


Presentation on theme: "Introduction IT443 – Network Security Administration Instructor: Bo Sheng 1."— Presentation transcript:

1 Introduction IT443 – Network Security Administration Instructor: Bo Sheng 1

2 Basic Information Location and time –S-3-028, –Mondays and Wednesdays 7:00~8:15pm Instructor (Bo Sheng) –Bo.sheng@umb.edu, shengbo@cs.umb.eduBo.sheng@umb.edu, shengbo@cs.umb.edu –617-287-6468 –Office: S-3-167 –Office hours: Mon & Wed, 2~4pm 2

3 Course Outline Network Basics –Network layers, headers, services, … –TCP/IP, MAC, DNS, ARP, … Cryptography Basics –Secret key encryption, Public key encryption, Hash function –Doesn’t cover theoretical foundation Authentication –Password, challenge/response, mutual authentication, … 3

4 Course Outline Public Key Infrastructure –PKI architecture, certificates, … IPsec –Secure IP layer protocol SSL/TLS –Secure transport layer protocol Firewall –Prevent attacks, iptables, … 4

5 Course Outline Intrusion Detection System –Host-based IDS and network-based IDS Email Security Wireless security / Worm (backup) –Rouge AP attacks, WEP crack, Worm propagation/detection, … 5

6 Course Work 6~7 lab assignments (70%) –Team of 2 students –Lab report Follow the instructions Observe the output Understand the results (may need more tests to confirm) 6

7 Course Work Final exam (30%) –Last time this course was taught 8 “true or false” 6 “multiple choices” 3 “descriptive questions” Lecture + Lab –Virtual machines 7

8 Lab Outline Understanding network packets –IP prefix, DNS service Encryption/decryption –Conduct file encryption (openssl) –Distinguish cryptographic algorithms Password cracking –Dictionary attack, john-the-ripper Network attacks –SYN flood, ARP poisoning 8

9 Lab Outline Implementing certificate –Set up https service Configuring a firewall –iptables System monitoring –Remote logging Intrusion detection –Aide and Snort SQL injection (backup) 9

10 Other Info Course web page –http://www.cs.umb.edu/~shengbo/teaching/it443.htmlhttp://www.cs.umb.edu/~shengbo/teaching/it443.html Prerequisite –IT341 –If you take IT341 later, you will lose the credits of this course. 10

11 Policies Lab reports –Partial points will be given, but no later submissions are accepted. Honor code No makeup exam Accommodations –Ross Center for Disability Service Campus Center Room 211 617-287-7430 11

12 Information Door code: 434598* Login: Your windows account If you use your own laptop, install –Vmware workstation 10.0 –Virtualbox Install Ubuntu Desktop on a VM –Vmware 10.0: NM21L-LK05L-N8864-0J0K0-28X25 –http://wes.cs.umb.edu/it443/ubuntu-10.04.4-desktop-i386.isohttp://wes.cs.umb.edu/it443/ubuntu-10.04.4-desktop-i386.iso 12

13 Introduction to Network Security Security Breaches –http://www.informationisbeautiful.net/visualizations/worlds-biggest-data- breaches-hacks/http://www.informationisbeautiful.net/visualizations/worlds-biggest-data- breaches-hacks/ Symantec Threat Explorer –http://us.norton.com/security_response/threatexplorer/index.jsphttp://us.norton.com/security_response/threatexplorer/index.jsp Email Spam 13

14 Introduction to Network Security Security threats –Malware: Virus, worm, spyware –Spam –Botnet –DDoS attacks –Phishing –Cross-site scripting (XSS) –… 14

15 Contributing Factors Lack of awareness of threats and risks of information systems –Security measures are often not considered until an Enterprise has been penetrated by malicious users Wide-open network policies –Many Internet sites allow wide-open Internet access Lack of security in TCP/IP protocol suite –Most TCP/IP protocols not built with security in mind Complexity of security management and administration Software vulnerabilities –Example: buffer overflow vulnerabilities Cracker skills keep improving 15

16 Security Objectives (CIA) 16

17 Security Objectives (CIA) Confidentiality — Prevent/detect/deter improper disclosure of information Integrity — Prevent/detect/deter improper modification of information Availability — Prevent/detect/deter improper denial of access to services provided by the system 17

18 OSI Security Architecture ITU-T X.800 “Security Architecture for OSI” Defines a systematic way of defining and providing security requirements It provides a useful, if abstract, overview of concepts we will study 18

19 Aspects of Security 3 aspects of security: –security attack Any action that compromises the security of information owned by an organization –security mechanism A process that is designed to detect, prevent, or recover from a security attack –security service Counter security attacks: make use of one or more security mechanisms to provide the service 19

20 Threat Model and Attack Model Threat model and attack model need to be clarified before any security mechanism is developed Threat model –Assumptions about potential attackers –Describes the attacker’s capabilities Attack model –Assumptions about the attacks –Describe how attacks are launched 20

21 Passive Attacks 21

22 Active Attacks 22

23 Security Mechanism (X.800) Specific security mechanisms: –encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization Pervasive security mechanisms: –trusted functionality, security labels, event detection, security audit trails, security recovery 23

24 Security Service Enhance security of data processing systems and information transfers of an organization Intended to counter security attacks Using one or more security mechanisms Often replicates functions normally associated with physical documents –For example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed 24

25 Security Service Authentication - assurance that communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality –protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication Availability – resource accessible/usable 25

26 Check network connection – ping google.com Log out 26


Download ppt "Introduction IT443 – Network Security Administration Instructor: Bo Sheng 1."

Similar presentations


Ads by Google