Firewalls and Security

Slides:

Advertisements

Similar presentations

FIREWALLS Chapter 11.

Advertisements

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Chapter 11 Firewalls.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Business Data Communications, Fourth Edition Chapter 10: Network Security.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Discovering Computers 2010

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

1 Guide to Network Defense and Countermeasures Chapter 2.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 Pertemuan 13 IDS dan Firewall Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

What is FORENSICS? Why do we need Network Forensics?

C8- Securing Information Systems

FIREWALLS Prepared By: Hilal TORGAY Uğurcan SOYLU.

Today’s Lecture Covers < Chapter 6 - IS Security

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

1 Utilizing fuzzy logic and trend analysis for effective intrusion detection Author: Martin Botha and Rossouw von Solms Source: Computers & Security Vol.

NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

Note1 (Admi1) Overview of administering security.

Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.

Module 11: Designing Security for Network Perimeters.

Network Security & Accounting

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Securing Information Systems

Securing Information Systems

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

Network Security (the Internet Security)

CAN A DATABASE REALLY BE SECURE?

NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.

Computer Data Security & Privacy

A Wireless LAN Security Protocol

Security Fundamentals

Server Concepts Dr. Charles W. Kann.

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Answer the questions to reveal the blocks and guess the picture.

Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Security of a Local Area Network

Securing Information Systems

Tool Server Workstation Router Universal

COMPUTER PRIVACY.

Network Security: IP Spoofing and Firewall

Firewalls Purpose of a Firewall Characteristic of a firewall

Faculty of Science IT Department By Raz Dara MA.

ONLINE SECURE DATA SERVICE

Computer Security By: Muhammed Anwar.

Unit 32 Every class minute counts! 2 assignments 3 tasks/assignment

Test 3 review FTP & Cybersecurity

Protection Mechanisms in Security Management

Introduction to Course

Presentation transcript:

Firewalls and Security Ngoc Nguyen

Facts of Internet System’s vulnerability Recent denial-of-service attacks on Amazon, eBay, Yahoo, etc. 31% of key Internet hosts were wide open to potential attackers. 65% of companies reported security breaches in three year from 1997 to 1999.

Typical security approaches Access Control Cryptography Intrusion detection systems Firewalls

Traditional firewalls consist of 3 main architectures Screening routers. Proxy servers. Stateful inspectors.

Screening Routers Router screens the information, allowing only approved information to pass through. Requirements of continually change with more addresses required to be added to the “allowable” address lists. Don’t have user-level authentication protection. As a result, spoofing which means a packet looks like an authorized and legal one breaches the firewall.

Proxy Servers Employ user-level authentication. Provide logging and accounting information ( good for detecting intrusions and intrusion attempts).

Stateful Inspectors Inspect packets to verify application, user, and transportation method to investigate the possibility of harmful viruses hiding in audio or video packets. Application must be continually updated to recognize new viruses or intrusive applets.

Two approaches to enhance Internet security Encryption and Firewalls. Proactive Identification Model (PAIM).

Encryption can provide firewall protection in several ways: By encrypting passwords and authentication procedures, eavesdroppers are not able to copy passwords for later use in spoofing the system. Without the correct key, any encrypted data sent by an intruder would translate into unintelligible random characters and therefore have no meaning to the receiving system, i.e., no harmful viruses or programs can be inserted into the host system. Any intruder reading corporate data being on an open network would not be able to gather any intelligence.

Proactive Identification Model (PAIM) “As long as the hacker is not creating any hazardous situation or destroying anything, seasoned investigators will tell you that it is much more beneficial to watch the hacker over time and collect as much data as possible to develop a good case for the arrest and prosecution of the hacker in the courts.” (Hancock 2002)

PAIM consists of 3 components Firewall: has an audit log used to log both authorized and unauthorized accessing of the network. Operating system: has user profiles and audit logs. User profiles and audit logs are “controls” which will provide information on the user’s or hacker’s action. These controls will be used to construct two graphs. Fuzzy engine: process information obtained from the firewall and the operating system in real-time.

PAIM (cont.) The fuzzy engine will compute two graphs, template and user action. Then template graph represents typical actions of a user (hacker) when carrying out eight steps of generic hacking methodology. User action graph represents actual actions of the user (hacker) on the system.

PAIM’s operations Maps two template and user action graphs to determine whether a user (hacker) is performing a hacking attempt if there is a match between two graphs. Sends alert message on hacking attempt to the information security officer at the security working station. Collects data from the hacker’s action for later use in court prosecution.