High Performance Computing Lab.

Slides:

Advertisements

Similar presentations

Network Security Essentials Chapter 11

Advertisements

Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

IBM Security Network Protection (XGS)

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

Department Of Computer Engineering

Intrusion Detection System Marmagna Desai [ 520 Presentation]

1 Enabling Secure Internet Access with ISA Server.

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

S E C U R E C O M P U T I N G Intrusion Tolerant Server Infrastructure Dick O’Brien, Tammy Kappel, Clint Bitzer OASIS PI Meeting March 14, 2002.

IDS – Intrusion Detection Systems. Overview  Concept  Concept : “An Intrusion Detection System is required to detect all types of malicious network.

What is FORENSICS? Why do we need Network Forensics?

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.

Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Module 11: Remote Access Fundamentals

CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.

Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.

Module 9: Fundamentals of Securing Network Communication.

Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.

Module 8: Planning and Troubleshooting IPSec. Overview Understanding Default Policy Rules Planning an IPSec Deployment Troubleshooting IPSec Communications.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Module 7: Advanced Application and Web Filtering.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

IS3220 Information Technology Infrastructure Security

IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Some Great Open Source Intrusion Detection Systems (IDSs)

11 SECURING NETWORK TRAFFIC WITH IPSEC Chapter 6.

Module 3: Enabling Access to Internet Resources

Working at a Small-to-Medium Business or ISP – Chapter 8

(A CORPORATE NETWORK APPROACH)

Module Overview Installing and Configuring a Network Policy Server

Security of Grid Computing Environments

Secure Software Confidentiality Integrity Data Security Authentication

SECURING NETWORK TRAFFIC WITH IPSEC

Computer Data Security & Privacy

Securing the Network Perimeter with ISA 2004

High Performance Computing

EA C451 Vishal Gupta.

Module 8: Securing Network Traffic by Using IPSec and Certificates

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

IS4550 Security Policies and Implementation

NETWORK SECURITY LAB Lab 9. IDS and IPS.

What is IPTV? Internet Protocol television (IPTV)

ISMS Information Security Management System

Firewalls Purpose of a Firewall Characteristic of a firewall

Goals Introduce the Windows Server 2003 family of operating systems

Module 8: Securing Network Traffic by Using IPSec and Certificates

Intrusion Detection system

Introduction to Network Security

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

High Performance Computing Lab. Computer Science and Engineering Pohang University of Science and Technology Home Page : http://hpc.postech.ac.kr E-MAIL : contact@hpc.postech.ac.kr

Introduction HPC Research Area People Ongoing Projects High Performance Computing People Professor : Sung Je Hong, Jong Kim Ph. D. Students : 6 M.S. Students : 13 (CSE), 4 (EEE) Researchers : 2 Research Area Information Security Internet Worm Peer-to-Peer Mobile Computing VLSI Design Ongoing Projects ESM HackSim XKMS ITS Home Network

Information Security Goals Research Items Applications Research Area (1/5) Information Security Goals To deal with security issues in information technology Research Items Secure workflow model related on Web Services Trust management in distributed systems Digital right management and copyrights protection Authorization and authentication in Grid Applications Business process on Web Services Cooperative modification of contents in Wiki and Blog

Internet Worm Goals Research Items Applications Research Area (2/5) To analyze worm traffic pattern and study worm detection mechanisms Research Items Worm propagation model Detecting worms Preventing worm propagation Worm monitoring Applications Worm alarm systems Internet worm detection/prevention systems

Peer-to-Peer Goals Research Items Applications Research Area (3/5) To study peer-to-peer technology including range query, lookup, and reputation Research Items Range query in structured P2P Hierarchical P2P systems for an efficient Lookup service P2P reputation management based on DHT (Distributed Hash Table) Applications Directory services in the Grid computing P2P file sharing application E-commerce such as E-bay and Auction

Mobile Computing Goals Research Items Applications Research Area (4/5) To investigate IP mobility and QoS in mobile environments Research Items Mobile QoS routing protocol Mobile multicast routing protocol Location management for micro mobility in Mobile IP Applications Mobile internet Mobile multimedia services Mobile TV & Radio

VLSI Design Goals Research Items Applications Research Area (5/5) To design VLSI chips for specific applications To develop high-speed VLSI design methods Research Items Testing circuit design Design for test Low power chip design Applications SoC (System on Chip) VLSI chip design

Enterprise Security Management Ongoing Projects (1/5) Enterprise Security Management Goal To analyze log information collected from diverse security systems System architecture Log Collection Part Log & Response Log Management Part GUI Management Part 메모리 사용률 IDS FIREWALL … CPU 사용률 External Network Firewall Log IDS Log Agent Part Normalization Viewer Rule Editing Vulnerability Test Policy Configuration Vaccine Log Network Info Event log Syslog SNMP Unsecure Network SNMP Trapd IDS Log Analysis (Correlation & Filtering) Meta Alert Attack Sequence Detection Multi Log Analysis

Automation of Penetration Testing Ongoing Projects (2/5) Automation of Penetration Testing Goal To develop penetration testing tool for window vulnerability System architecture

register revoke reissue b-register b-revoke Ongoing Projects (3/5) XML Key Management Goal To develop a Web service for XML key management that makes a conventional PKI operation simple System architecture Trust Service Client X509 Agent CA Service DB LDAP OCSP SPKI Agent PGP Agent XKMS locate validate register revoke reissue b-register b-revoke CMP Agent Layer recover

Intrusion Tolerant System Ongoing Projects (4/5) Intrusion Tolerant System Goal To construct a system that can tolerate systems/network infrastructure against malicious behavior Plan Intrusion Response Detection/Recovery Reducing delay Design methodology of S/W Effective replication mechanism Intrusion tolerance of structured P2P Distributed system based on p2p Service model of intrusion tolerance Practical Intrusion Tolerance Distributed service model /prototype of System

Access Control in Home Network Ongoing Projects (5/5) Access Control in Home Network Goal To present an access control policy model that can coordinate each middleware of home network without any standard System architecture Home Server Authentication Module User 1. Request Authentication & Service 2. Map User to role 5. Provide Service Role based Access Control Module Service device 4. Permit service 3. Check user (role) permission