Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science 1 CSC 774 Advanced Network Security Dr. Peng Ning

Published byGeraldine Lyons Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Science 1 CSC 774 Advanced Network Security Dr. Peng Ning"— Presentation transcript:

1 Computer Science 1 CSC 774 Advanced Network Security Dr. Peng Ning pning@ncsu.edu http://www.csc.ncsu.edu/faculty/ning

2 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security2 About Instructor Dr. Peng Ning, assistant professor of computer science –http://www.csc.ncsu.edu/faculty/ninghttp://www.csc.ncsu.edu/faculty/ning –pning(at)ncsu.edu –(919) 513-4457 –Office: 250 Venture III, centennial campus –Office hours: Mondays and Wednesdays, 3:00 pm – 4:00 pm

3 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security3 About TA Mithun Acharya –mpachary(at)ncsu.edu Office hours: –Tuesdays 9:30 am - 11:30 am –Ventures I, Suite 110, Room 102 please ring the bell

4 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security4 Course Objectives Understanding of fundamental issues, concepts, principles, and mechanisms in network security (beyond CSC 574). –Electronic payment systems –Broadcast authentication –Group key management –MANET and sensor network security Prepare for graduate research in network security –Advanced topics: MANET security, sensor network security –Will give a list of recently published papers

5 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security5 Prerequisites You must have taken –CSC 570 –CSC 574 Or convince the instructor that you have enough background knowledge

6 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security6 Text No required textbook Research papers listed on the course website

7 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security7 Course Mechanics WWW page: –For course materials, e.g., lecture slides, homework files, papers, tools, etc. –Will be updated frequently Message board at –http://courses.ncsu.edu/csc774/http://courses.ncsu.edu/csc774/ –For discussions, Q&As –TA will answer questions there regularly

8 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security8 Grading Assignments: 10%; Midterm #1: 15%; Midterm #2: 15%; Final: 30%; Research/survey paper: 20%; In-class presentation: 10% –15 minutes –On a technical paper assigned by the instructor.

9 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security9 Grading (Cont’d) The final grades are computed according to the following rules: –A+: >= 95%; A: >= 90% and = 85% and < 90%; –B+: >= 80% and = 75% and = 70% and < 75%; –C+: >= 66% and = 63% and = 60% and < 63%; –D+: >= 56% and = 53% and = 50% and < 53%; –F: < 50% Audit students: –No in-class presentation; –Grade will be adjusted by grade = grade/0.9; –Need grade >=63% to pass.

10 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security10 Course Outline Topic 1: Course Introduction –Overview of the course contents –Review basic security concepts

11 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security11 Course Outline (Cont’d) Topic 2: Review of cryptography and traditional network security techniques –Secret key cryptosystems –Public key cryptosystems –One-way hash function –Merkle hash tree –Pseudo random generator and function –Key distribution and management

12 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security12 Course Outline (Cont’d) Topic 3: Electronic Payment Systems –Electronic billing systems NetBill –Micropayments PayWords and MicroMints –Fair Exchange Protocols Optimistic fair exchange protocol

13 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security13 Course Outline (Cont’d) Topic 4: Broadcast Authentication –EMSS Based on signature amortization –TESLA Based on hash chain and delayed disclosure of symmetric keys –BiBa Based on collision of hash functions

14 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security14 Course Outline (Cont’d) Topic 5: Group Key Management –Group key agreement Group Diffie-Hellman (GDH) protocols Tree-based GDH –Group key distribution Iolus Logical Key Hierarchy (LKH) –Or key graph

15 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security15 Course Outline (Cont’d) Topic 6: Security in Mobile Ad-Hoc Networks (MANET) –Secure MANET routing protocols ARIADNE Security mechanisms for routing protocols –Detect malicious/selfish nodes WatchDog and PathRater

16 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security16 Course Outline (Cont’d) Topic 7: Security in Wireless Sensor Networks –Key pre-distribution Random key pre-distribution scheme q-composite scheme Random pairwise keys scheme Polynomial pool-based schemes –Secure and resilient data aggregation SIA –Secure and resilient location discovery Tolerate malicious data Detect malicious nodes

17 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security17 Course Outline (Cont’d) Topic 8. Misc Topics –Client puzzle Mitigate DoS attacks –Security for, and by, mobile devices

18 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security18 Course Outline (Cont’d) Advanced Topics: –MANET security –Sensor network security Every student is responsible for presenting one technical paper in class, and managing a discussion forum in the message board –Will be graded. Instructions and grading policy is posted on the course website –Content will be included in the final exam –Students are encouraged to write research papers related to these topics

19 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security19 What’s behind these Topics Efficient use of cryptography –Public key cryptography –Symmetric cryptography One-way hash chains Merkle hash trees Cryptographic puzzles Non-crypto techniques

20 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security20 In-class Presentation 15 minutes Will be graded –See the grading sheet on course website

21 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security21 Research/Survey Paper Small team -- one to three students Proposal, work, and final write-up Both the proposal and the final submission will be graded –Proposal due: 10/05/05 –Final submission due: 12/02/05 Grading policy is posted on the course website The instructor will be available to discuss your topic during the office hours You should start thinking about your team and topic now

22 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security22 Check the website for details!

23 Computer Science 23 Review of Basic Security Concepts

24 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security24 Security Objectives Secrecy (Confidentiality) Integrity Availability (Denial of Service)

25 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security25 Security Objectives Secrecy — Prevent/detect/deter improper disclosure of information Integrity — Prevent/detect/deter improper modification of information Availability — Prevent/detect/deter improper denial of access to services provided by the system

26 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security26 Commercial Example Secrecy — An employee should not come to know the salary of his manager Integrity — An employee should not be able to modify the employee's own salary Availability — Paychecks should be printed on time as stipulated by law

27 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security27 Military Example Secrecy — The target coordinates of a missile should not be improperly disclosed Integrity — The target coordinates of a missile should not be improperly modified Availability — When the proper command is issued the missile should fire

28 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security28 A Fourth Objective Securing computing resources — Prevent/detect/deter improper use of computing resources including –Hardware Resources –Software resources –Data resources –Network resources

29 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security29 Achieving Security Security policy — What? Security mechanism — How? Security assurance — How well?

30 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security30 Security Policy Organizational Policy Automated Information System Policy

31 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security31 Compusec + Comsec = Infosec Compsec Comsec Infosec Security Computers Communications

32 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security32 Security Mechanism Prevention — Access control Detection — Auditing and intrusion detection Tolerance — Practicality Good prevention and detection both require good authentication as a foundation

33 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security33 Security Mechanism Security mechanisms implement functions that help prevent, detect, and respond to security attacks Prevention is more fundamental –Detection seeks to prevent by threat of punitive action –Detection requires that the audit trail be protected from alteration Sometime detection is the only option, e.g., –Accountability in proper use of authorized privileges –Modification of messages in a network Security functions are typically made available to users as a set of security services through APIs or integrated interfaces Cryptography underlies (almost) all security mechanisms

34 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security34 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content. –Parties involved. –Where they are, how they communicate, how often, etc. Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from Integrity: assurance that the information has not been tampered with

35 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security35 Security Services - Cont’d Non-repudiation: offer of evidence that a party is indeed the sender or a receiver of certain information Access control: facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections Monitor & response: facilities for monitoring security attacks, generating indications, surviving (tolerating) and recovering from attacks

36 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security36 Security Services - Cont’d Security management: facilities for coordinating users’ service requirements and mechanism implementations throughout the enterprise network and across the internet –Trust model –Trust communication protocol –Trust management infrastructure

37 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security37 Security Assurance How well your security mechanisms guarantee your security policy Everyone wants high assurance High assurance implies high cost –May not be possible Trade-off is needed.

38 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security38 Security Tradeoffs SecurityFunctionality Ease of Use COST

39 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security39 Threat-Vulnerability-Risk Threats — Possible attacks on the system Vulnerabilities — Weaknesses that may be exploited to cause loss or harm Risk — A measure of the possibility of security breaches and severity of the ensuing damage Requires assessment of threats and vulnerabilities

40 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security40

Download ppt "Computer Science 1 CSC 774 Advanced Network Security Dr. Peng Ning"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.
Slide 01-1COMP 7370, Auburn University COMP 7370 Advanced Computer and Network Security Dr. Xiao Qin Auburn University

Slide 01-1COMP 7370, Auburn University COMP 7370 Advanced Computer and Network Security Dr. Xiao Qin Auburn University
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Preparation for In-class Presentations.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Preparation for In-class Presentations.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Computer and Information Security Jen-Chang Liu, 2004

Computer and Information Security Jen-Chang Liu, 2004
Applied Cryptography for Network Security

Applied Cryptography for Network Security
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Similar presentations

Ads by Google