Computer & Network Security

Slides:



Advertisements
Similar presentations
Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Security+ Guide to Network Security Fundamentals
System and Network Security Practices COEN 351 E-Commerce Security.
Introducing Computer and Network Security
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Web server security Dr Jim Briggs WEBP security1.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Incident Response Updated 03/20/2015
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Securing Information Systems
A First Course in Information Security
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.
CSC8320. Outline Content from the book Recent Work Future Work.
Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.
CSCD 434 Network Security Spring 2014 Lecture 1 Course Overview.
Types of Electronic Infection
Chapter 18 Technology in the Workplace Section 18.2 Internet Basics.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Protecting Students on the School Computer Network Enfield High School.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Chapter 2 Securing Network Server and User Workstations.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Module 11: Designing Security for Network Perimeters.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Introduction to Systems Security (January 12, 2015) © Abdou Illia – Spring 2015.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
13LECTURE NET301 11/23/2015Lect13 NET THE PROBLEM OF NETWORK SECURITY The Internet allows an attacker to attack from anywhere in the world from.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Computer Security By Duncan Hall.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.
Philip J. Beyer, Information Security Officer John P. Skaarup, Sr. Security Engineer Texas Education Agency Information Security.
Security in Networking
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
CSCD 434 Network Security Spring 2012 Lecture 1 Course Overview.
INFORMATION SYSTEMS SECURITY and CONTROL
Introduction to Systems Security
CSCD 434 Network Security Spring 2019 Lecture 1 Course Overview.
Chapter # 3 COMPUTER AND INTERNET CRIME
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

Computer & Network Security Course Overview

Overview What is Security Properties of Security Major Topics in Security Next Page

What is security? In information technology, security is the protection of information assets through the use of technology, processes, and training. Security is about Honest user (e.g., David, Jenny, Greg, …) Dishonest Attacker How the Attacker Disrupts honest David’s use of the system (Integrity, Availability) Learns information intended for David only (Confidentiality) Information Technology Professionals must protect users from these attackers. Next Page

Properties of Security Confidentiality Information about system or its users cannot be learned by an attacker Integrity The system continues to operate properly, only reaching states that would occur if there were no attacker Availability Actions by an attacker do not prevent users from having access to use of the system Next Page

Click on a topic (above) to view content Major Topics Application and OS Security Web Security Network Security Computer Click on a topic (above) to view content Additional Reading i

Application and OS Security Main Problem OS Attacker Controls malicious files and applications Content Vulnerabilities: control hijacking attacks, fuzzing Prevention: System design, robust coding, isolation Project Buffer overflow project Next Page

Operating system vulnerabilities Next Page

Application and OS Security Application security is the use of software, hardware, and procedural methods to protect applications from external threats. Implications for the IT Professional: Security measures built into applications Sound application security routine Use of hardware or software firewalls Return to Home Additional Reading i

Web Security Main Problem Content Project Web Attacker sets up malicious site visited by victim; no control of network Content Browser policies, session mgmt, user authentication HTTPS and web application security Project Web site attack and defenses project Next Page

Web vs. System vulnerabilities Return to Home Additional Reading i

Web Security Web security is the separation or control of threats from assets within or maintained by web-based services to protect the integrity of the service, the confidentiality of the communication, and the availability of the application. Implications for the IT professional: Security measures built into the applications Sound application security routine Use of hardware or software firewalls Security measures built into the web service

Network Security Main Problem: Content: Project: Network Attacker: Intercepts and controls network communication Content: Protocol designs, vulnerabilities, prevention Malware, botnets, DDoS, network security testing Project: Network traceroute and packet filtering project Next Page

Network Vulnerability Points Return to Home Additional Reading i

Network Security Network security is the protection of a computer network and its services from unauthorized modification, destruction, or disclosure. Implications for IT professionals: Security measures built into the network hardware and design Control the flow to data in a network Sound application security routine Use of hardware or software firewalls Security measures built into the web service

Computer Security Main Idea Content Project Hacker gains controls of a computer, installs malicious files, applications and access computer files. Content Cryptography (user perspective) digital rights management Project Seminar Next Page

Symantec Documented Vulnerability Stats Return to Home Additional Reading i

Computer Security Implications for IT professionals: Computer security is the process of preventing and detecting unauthorized use of your computer. The content of a computer is vulnerable to few risks unless the computer is connected to other computers on a network Implications for IT professionals: Use of applications such as antivirus, and firewalls Security settings on local machines Use of software firewalls Create boot disks and backup data on a regular basis

Visit these websites for more information: How Hackers Look for Bugs… http://crypto.stanford.edu/cs155/syllabus.html Return to Home End Show