Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Slides:

Advertisements

Similar presentations

IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.

Advertisements

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Thank you to IT Training at Indiana University Computer Malware.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Introduction to Security Computer Networks Computer Networks Term B10.

Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

ECOMMERCE TECHNOLOGY SPRING 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Network Security.

Web server security Dr Jim Briggs WEBP security1.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

ECOMMERCE TECHNOLOGY SPRING 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Access Security.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Enterprise Network Security Accessing the WAN Lecture week 4.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Network and Internet Security SYSTEM SECURITY. Virus Countermeasures Antivirus approach ◦Ideal solution: Prevention ◦Not allowing the virus to infect.

1 Guide to Network Defense and Countermeasures Chapter 2.

Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.

Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.

INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.

Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.

Types of Electronic Infection

Made by : Mohamed kullab DR. Sanaa el sayegh.  Most personal computers are now connected to the Internet and to local area networks, facilitating the.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Topic 5: Basic Security.

Malicious Software.

1 Lecture 1: Introduction Outline course’s focus intruder’s capabilities motivation for security worms, viruses, etc. legal and patent issues.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.

Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.

Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

NETWORK SECURITY Definitions and Preventions Toby Wilson.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

MUHAMMAD GHAZI AIMAN BIN MOHD AIDI. DEFINITION  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly.

CIW Lesson 8 Part B. Malicious Software application that installs hidden services on systems term for software whose specific intent is to harm computer.

1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.

Week-2 (Lecture-1) An electronic message sent from one computer to another. contains account i.e. How does.

Important of Firewall Security in LAN Presented by: Guo Chean Ooi.

Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.

Chapter 40 Internet Security.

Network Security Basics: Malware and Attacks

Instructor Materials Chapter 7 Network Security

What Makes a Network Vulnerable?

CHAPTER 2: OPERATING SYSTEMS (Part 2) COMPUTER SKILLS.

Presentation transcript:

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS

Reading list For current lecture: Required: Pfleeger Chapters 7.1, 7.2, 7.3 Recommended:

Internet Connectivity  Advantage: private networks able to reach and communicate with the outside word  Disadvantage: outside world can also reach and interact with the private network

Advantages of Networks Resource sharing Distributed workload Increased reliability Expandability

Security in Networks  Sharing: increased number of users  System complexity: heterogeneous operating and control systems  Unknown perimeter: shared nodes, new nodes  Many points of attack: hosts and communications as a unit  Anonymity: location and identity of attacker  Unknown routing: delivery path of messages

Security Threat Analysis Local threats Network related threats

Local Threats Local nodes Local communications Local storage Local devices

Network Threats Network gateways Network communications Network control resources Network routers Network resources

Specific Security Threats Interception of data in transit Access to programs or date at remote hosts Modification of programs or data at remote hosts Modification of data in transit Insertion of communications impersonating a user Insertion of a repeat of a previous communication Blocking a selected traffic Running a program on a remote host

Client Side What can the server do to the client? Fool it Install or run unauthorized software, inspect/alter files COPYRIGHT © 2003 MICHAEL I. SHAMOS

Server Side What can the client do to the server? Bring it down (denial of service) Gain access (break-in) COPYRIGHT © 2003 MICHAEL I. SHAMOS

Network Perspective Is anyone listening? (Sniffing) Is the information genuine? Are the parties genuine? COPYRIGHT © 2003 MICHAEL I. SHAMOS

Early 1990’s Internet social engineering attacks Sniffers Packet spoofing Hijacking sessions Automated probes/scans COPYRIGHT © 2003 MICHAEL I. SHAMOS

Middle 1990’s Automated widespread attacks Executable code attacks (against browsers) Widespread denial-of-service attacks Techniques to analyze code for vulnerabilities without the source GUI intruder tools COPYRIGHT © 2003 MICHAEL I. SHAMOS

Late 1990’s Widespread attacks using NNTP to distribute attack “Stealth”/Advanced scanning techniques Widespread attacks on DNS infrastructure Windows-based remote controllable Trojans (back orifice) COPYRIGHT © 2003 MICHAEL I. SHAMOS

Even Later 1990’s propagation of malicious code Increase in wide-scale Trojan horse distribution Distributed attack tools Distributed denial-of-service tools COPYRIGHT © 2003 MICHAEL I. SHAMOS

What is a Firewall? A device placed between two networks or machines All traffic in and out must pass through the firewall Only authorized traffic is allowed to pass The firewall itself is immune to penetration COPYRIGHT © 2003 MICHAEL I. SHAMOS

Denial-of-Service Attacks Attack to disable a machine (server) by making it unable to respond to requests Use up resources Bandwidth, swap space, RAM, hard disk Some attacks yield millions of service requests per second COPYRIGHT © 2003 MICHAEL I. SHAMOS

Rate Limiting  Allows network managers to set bandwidth limits for users and by traffic type.  Prevents deliberate or accidental flooding of the network SOURCE: CISCO COPYRIGHT © 2003 MICHAEL I. SHAMOS

Code Attacks: Viruses Virus executable code that attaches itself to other executable code (infection) to reproduce itself (spread) replicator + concealer + payload COPYRIGHT © 2003 MICHAEL I. SHAMOS

Code Attacks: Others Rabbit, Worm program that makes many copies of itself and spreads them. Each copy makes copies, etc. Worm spreads via networks. Trojan Horse performs unauthorized activity while pretending to be another program. Example: fake login program COPYRIGHT © 2003 MICHAEL I. SHAMOS

Virus Characteristics Some virus families have common characteristics Presence or absence of particular strings File virus Compare size with known backup copy. Presence of strings, like “.EXE” COPYRIGHT © 2003 MICHAEL I. SHAMOS

Virus Detection Antiviral software Only detects what it know how to detect. Must be upgraded regularly for new viruses. Symantec encyclopedia Retrovirus Attacks or disables antivirus software COPYRIGHT © 2003 MICHAEL I. SHAMOS