Network security Cs634 IS 605 1.  Course Content  Materials  Assessment 2 Agenda.

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Cryptography and Network Security Chapter 1
Lecture 1: Overview modified from slides of Lawrie Brown.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction
CSA 223 network and web security Chapter one
Security+ Guide to Network Security Fundamentals
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
CPE 5002 Network security. Look at the surroundings before you leap.
Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Introduction (Based on Lecture slides by J. H. Wang)
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
BUSINESS B1 Information Security.
Network Security Essentials Chapter 1
What does “secure” mean? Protecting Valuables
Network Security Essentials Chapter 1 Fourth Edition by William Stallings (Based on Lecture slides by Lawrie Brown)
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
29.1 Lecture 29 Security I Based on the Silberschatz & Galvin’s slides And Stallings’ slides.
1 Introduction to Network Security Spring Outline Introduction Attacks, services and mechanisms Security threats and attacks Security services.
1 Introduction to Information Security Spring 2012.
PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.
Network security Network security. Look at the surroundings before you leap.
Welcome to Introduction to Computer Security. Why Computer Security The past decade has seen an explosion in the concern for the security of information.
Cryptography and Network Security (CS435) Part One (Introduction)
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Information Security in Distributed Systems Distributed Systems1.
Chap1: Is there a Security Problem in Computing?.
Network Security Introduction
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Network security Cs634 IS  Course Content  Materials  Assessment Agenda 2.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
Cryptography and Network Security
Information Security.
Information and Network Security
Cryptography and Network Security
Mohammad Alauthman Computer Security Mohammad Alauthman
Cryptography and Network Security
Presentation transcript:

Network security Cs634 IS 605 1

 Course Content  Materials  Assessment 2 Agenda

 Introduction of computer security  Cryptology  Public key infrastructure  Authentication and Authorization  Search Topics 3 Course Content

 Lecture note :  Research Documents  Book1 :  Jie Wang, “Computer Network Security -Theory and Higher Education Press  Book2  S.K.PARMAR, Cst,“INFORMATION RESOURCE GUIDE- Computer, Internet and Network Systems Security”,  Book3  William Stallings, “ Cryptography and Network Security - principles and practice”, 5 th edition 4 Materials

 Mid term Exam 20 %  Research Assignment 10 %  Final- Term Examination70 %  Or  Research Assignment 20 %  Final- Term Examination80 % 5 Assessment

Let’s start Introduction 6

 Attacks, services and mechanisms  Security attacks  Security services  Methods of Defense  A model for Internetwork Security 7

 Security Attack: Any action that compromises the security of information.  Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.  Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms 8 Attacks, Services and Mechanisms

Definition:  Any action that compromises the security of information owned by an organization  Information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems 9 Security Attack

 Threats تهديد mean anything that can interrupt the operation, functioning, integrity, or availability of a network or system, these can take any forms.  Vulnerabilities ثغره are inherent weakness in the design, configuration, implementation, or management of the network or the system that renders it to be susceptible to threats.  Attacks هجوم are a specific technique used to exploit the vulnerabilities 10 Security Attack

 Sometimes the damage is done on purpose  Malicious attacks from disgruntled people (e.g. ex-employees)  Snoop attacks from nosey co-workers  Acts of vandalism  Espionage تجسس 11 Purpose of attacking?

 What do they hope to gain?  bragging rights, simply to say “I did it!”  theft of information  theft of service  theft of real assets/money  defacement/vandalism  destruction of data  corruption of data 12 Purpose of attacking?

 corruption of operational systems controlled by computers (phone system, TV systems, etc.)  denial of service  plant ‘bots which can be remotely activated and controlled to accomplish any of the attacks listed above using your machine as the host 13 Purpose of attacking?

14 General Attacks

 ™ Insider attack  The insider is already an authorized user  Insider acquires privileged access  exploiting bugs in privileged system programs  Install backdoors/Trojan horses to facilitate subsequent acquisition of privileged access  Outsider attack  ™ Acquire access to an authorized account  ™ Perpetrate an insider attack 15 Insider and ousider

 Passive Attack: when the attacked entity is unaware of the attack, hence called PASSIVE e.g. the attacker is just trying to listen or observer you.  Active attack: is an attack which the attacked entity gets aware of when attacked. That is the interruption from the attacker is of such kind that he gets aware of the attack, hence called active attack. For example trying to steal some info 16 Passive and Active Attack

17 Passive Attacks

18 Example: Release of message contents

 Release of message contents A telephone conversation, an messages, and file transfer can be easily accessed without effecting the message.  Traffic analysis To observe pattern of messages from sender and receiver. 19 Passive Attacks

20 Active Attacks

 Replay Attack: A hacker executes a replay attack by intercepting and storing a legitimate transmission between two systems and retransmitting it at a later time.  Denial-of-Service (DoS) Attacks: attempt to exhaust the network or server resources in order to render it useless for legitimate hosts and users.  Masquerading server attack in which an attacker pretends to be as a legal server by creating a valid responding message from an eavesdropped communication between the remote server S and a user A 21 Active Attacks

 Interception هجوم التصنت على الرسائل : An unauthorized party gains access to an asset. This is an attack that violates confidentiality. The unauthorized party could be a person, a program, or a computer. Examples include wiretapping to capture data in a network, and the illicit copying of files or programs  Interruption هجوم الإيقاف : An asset of the system is destroyed or becomes unavailable. This is an attack that violates availability. Examples include destruction of a piece of hardware, such as a hard disk, or cutting off a communication line. 22 Functionality of attacks

 Modification هجوم يعدل على محتوى الرسالة : An unauthorized party does not only gain access to the asset, but also tampers it. This is an attack that violates integrity. Examples include value manipulation in the date file, and modifying the content of messages being transmitted in a network.  Fabrication لهجوم المزور أو المفبرك : An unauthorized party installing a malicious object or program on the system. This is an attack that violates authenticity. Examples include the insertion of spurious messages in a network or the addition of records to a file. 23 Active Attacks

24 Security Attacks

 Denial of Service (DoS) attacks  DoS attacks have one goal – to knock your service off the net.  Crash your host  Flood your host  Flood the network connecting to your host 25 What are the kinds of attacks?

 Viruses  A computer virus attaches itself to files on the target machine  Master Boot Sector/Boot Sector viruses  File viruses, Macro viruses  Stealth viruses, Polymorphic viruses  Hoax Viruses 26 What are the kinds of attacks?

 Trojans, Worms and Backdoors  Trojans are programs that appear to perform a desirable and necessary function that perform functions unknown to (and probably unwanted by) the user.  Worms are memory resident viruses. Unlike a virus, which seeds itself in the computer's hard disk or file system, a worm will only maintain a functional copy of itself in active memory. 27 What are the kinds of attacks?

 Worms frequently “sleep” until some event triggers their activity - send password file to hacker, send copy of registry to hacker.  Worms and Trojans are frequently methods by which Backdoors are enabled on a system.  Backdoors allow hidden access and control of a system (e.g. Back Orifice, BO2K, SubSeven). 28 What are the kinds of attacks?

 Scanners  Programs that automatically detect security weaknesses in remote or local hosts.  Tells the hacker:  What services are currently running  What users own those services  Whether anonymous logins are supported  Whether certain network services require authentication 29 What are the kinds of attacks?

 Password Crackers  Some actually try to decrypt....  Most simply try “brute force” or intelligent “brute force”  Dictionary words, days of year, initials 30 What are the kinds of attacks?

 Sniffers  Sniffers monitor network data.  Devices that capture network packets  Extremely difficult to detect because they are passive 31 What are the kinds of attacks?

32 Security Goals

 Enhance security of data processing systems and information transfers of an organization  Intended to counter security attacks  Using one or more security mechanisms  Often replicates functions normally associated with physical documents  Which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed 33 Security Service

 Authentication  Concerned with assuring that a communication is authentic.  Confidentiality : ◦ Preventing the sensitive information from unauthorized user.  Integrity : ◦ Preventing the information from modification by unauthorized users.  Availability: ◦ Assuring that the authorized users have timely access to the information in the system and to the network.  Access Control: ◦ Ability to limit and control the access to the host systems and applications via communication links.  Non-repudiation: ◦ Preventing either sender or receiver from denying a transmitted message. 34 Security Services:

 A process that is designed to detect, prevent or recover from a security attack  No single mechanism that will support all services required  However one particular element underlies many of the security mechanisms in use:  cryptographic techniques 35 Security Mechanism

 Encryption  Software Controls (access limitations in a data base, in operating system protect each user from other users)  Hardware Controls (smartcard)  Policies (frequent changes of passwords)  Physical Controls 36 Methods of Defense

 1. Encryption is the formal name for the scrambling process. We take data in their normal, unscrambled state, called cleartext, and transform them so that they are unintelligible to the outside observer; the transformed data are called enciphered text or ciphertext. Using encryption, security professionals can virtually nullify the value of an interception and the possibility of effective modification or fabrication. 37 Methods of Defense

 2. Software Controls  If encryption is the primary way of protecting valuables, programs themselves are the second facet of computer security. Programs must be secure enough to prevent outside attack. They must also be developed and maintained so that we can be confident of the programs' dependability. 38 Methods of Defense

Program controls include the following:  internal program controls: parts of the program that enforce security restrictions, such as access limitations in a database management program  operating system and network system controls: limitations enforced by the operating system or network to protect each user from all other users  independent control programs: application programs, such as password checkers, intrusion detection utilities, or virus scanners, that protect against certain types of vulnerabilities  development controls: quality standards under which a program is designed, coded, tested, and maintained to prevent software faults from becoming exploitable vulnerabilities. 39 Methods of Defense

 3. Hardware Controls Numerous hardware devices have been created to assist in providing computer security. These devices include a variety of means, such as  hardware or smart card implementations of encryption  locks or cables limiting access or deterring theft  devices to verify users' identities  firewalls  intrusion detection systems 40 Methods of Defense

 4. Policies and Procedures  Sometimes, we can rely on agreed-on procedures or policies among users rather than enforcing security through hardware or software means.  In fact, some of the simplest controls, such as frequent changes of passwords, can be achieved at essentially no cost but with tremendous effect. Training and administration follow immediately after establishment of policies, to reinforce the importance of security policy and to ensure their proper use. 41 Methods of Defense

 5. Physical Controls  Some of the easiest, most effective, and least expensive controls are physical controls. Physical controls include locks on doors, guards at entry points, backup copies of important software and data, and physical site planning that reduces the risk of natural disasters. Often the simple physical controls are overlooked while we seek more sophisticated approaches. 42 Methods of Defense

43 Model for Network Security

 Using this model requires us to: 1.design a suitable algorithm for the security transformation 2.generate the secret information (keys) used by the algorithm 3.develop methods to distribute and share the secret information 4.specify a protocol enabling the principals to use the transformation and secret information for a security service 44 Model for Network Security

45 Model for Network Access Security

 Using this model requires us to: 1.select appropriate gatekeeper functions to identify users 2.implement security controls to ensure only authorised users access designated information or resources  trusted computer systems may be useful to help implement this model 46 Model for Network Access Security

 Summary of the first Lecture First Assignment