Cybersecurity: Expanding the Front Lines of Defense Dr. George K. Kostopoulos Professor Electrical and Computer Engineering Cybersecurity New York Institute.

Slides:

Advertisements

Similar presentations

Mobile IPv6. Why study Mobility in IPv6? What is so different about Mobile IPv6 ?

Advertisements

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

William Stallings Data and Computer Communications 7 th Edition (Selected slides used for lectures at Bina Nusantara University) Internetworking.

Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

Detecting SYN-Flooding Attacks ＡａｒｏｎＢｅａｃｈＣＳ３９５ＮｅｔｗｏｒｋＳｅｃｕｒｉｔｙＳｐｒｉｎｇ２００４.

John Kristoff DePaul Security Forum Network Defenses to Denial of Service Attacks John Kristoff

Web server security Dr Jim Briggs WEBP security1.

Threats and Attacks Principles of Information Security, 2nd Edition

How to Own the Internet in your spare time Ashish Gupta Network Security April 2004.

A Guide to major network components

Defense Against DDoS Presented by Zhanxiang for [Crab] Apr. 15, 2004.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Norman SecureSurf Protect your users when surfing the Internet.

Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks Jeong Min, Lee KISA.

NW Security and Firewalls Network Security

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

LECTURE 9 CT1303 LAN. LAN DEVICES Network: Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

Seminar Presentation IP Spoofing Attack, detection and effective method of prevention. Md. Sajan Sana Ansari Id: /8/20151.

Niels Provos and Panayiotis Mavrommatis Google Google Inc. Moheeb Abu Rajab and Fabian Monrose Johns Hopkins University 17 th USENIX Security Symposium.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 12: Routing.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

Denial of Service Bryan Oemler Web Enhanced Information Management March 22 nd, 2011.

1 The Research on Analyzing Time- Series Data and Anomaly Detection in Internet Flow Yoshiaki HARADA Graduate School of Information Science and Electrical.

CSC8320. Outline Content from the book Recent Work Future Work.

--Harish Reddy Vemula Distributed Denial of Service.

NETWORKING and the INTERNET

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

Scenario: Internet Attack Eunice Huang. What is DDoS? A denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to.

NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.

05/2007ORNL Presentation Distributed Denial of Service Games by Chinar Dingankar, Student Dr. R. R. Brooks, Associate Professor Holcombe Department of.

FireProof. The Challenge Firewall - the challenge Network security devices Critical gateway to your network Constant service The Challenge.

Group 8 Distributed Denial of Service. DoS SYN Flood DDoS Proposed Algorithm Group 8 What is Denial of Service? “Attack in which the primary goal is to.

1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.

1 Introduction to Malcode, DoS Attack, Traceback, RFID Security Cliff C. Zou 03/02/06.

Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.

An Internet-Wide View of Internet-Wide Scanning.  Scanning  IPv4  Horizontal scanning – individual ports  Network telescope - darknet What is internet.

A Bandwidth Estimation Method for IP Version 6 Networks Marshall Crocker Department of Electrical and Computer Engineering Mississippi State University.

The Snippet Engine (SnEn) Servers Form an Infinitely Large Network Front End Snippet Engine Servers (located anywhere in the world) Front End Snippet Engine.

Routing Security in Wireless Ad Hoc Networks Chris Zingraf, Charisse Scott, Eileen Hindmon.

DoS/DDoS attack and defense

Autonomic Response to Distributed Denial of Service Attacks Paper by: Dan Sterne, Kelly Djahandari, Brett Wilson, Bill Babson, Dan Schnackenberg, Harley.

Rehab AlFallaj.  Network:  Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and do specific task.

Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.

An Analysis of Using Reflectors for Distributed Denial-of- Service Attacks Paper by Vern Paxson.

Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.

Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August

IT Ess I v.4x Chapter 1 Cisco Discovery Semester 1 Chapter 8 JEOPADY Q&A by SMBender, Template by K. Martin.

SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.

A Classification for Access Control List To Speed Up Packet-Filtering Firewall CHEN FAN, LONG TAN, RAWAD FELIMBAN and ABDELSHAKOUR ABUZNEID Department.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Instructor Materials Chapter 7 Network Security

Introduction to Networking

CT1303 LAN Rehab AlFallaj.

Who should be responsible for risks to basic Internet infrastructure?

Network Security: IP Spoofing and Firewall

DDoS Attack Detection under SDN Context

Firewalls Routers, Switches, Hubs VPNs

Presentation transcript:

Cybersecurity: Expanding the Front Lines of Defense Dr. George K. Kostopoulos Professor Electrical and Computer Engineering Cybersecurity New York Institute of Technology Information Assurance Nanjing University of Posts and Telecomm University of Maryland, USA

Importance of Cyberspace to Society 1990 – Cyberspace was just a novelty with uncertain future – Cyberspace is the Operational Level of practically every aspect of human interaction. Dependence of Society on Cyberspace 1990 – 0% 2011 – 100% Level of Cyberspace Security 1990 – 0% 2011 – 0% to ? ? No one knows Cybersecurity: Expanding the Front Lines of Defense

Cyberspace Security Threat #2 – Malware With a six month delay effective anti-malware are being continuously developed. Every three months a new malware infects the Cyberspace. We are not winning the war against malware, but at least we are not losing it. Cybersecurity: Expanding the Front Lines of Defense

Cyberspace Security Threat #2 – Malware An Example January 25, 2003 Cybersecurity: Expanding the Front Lines of Defense

Cyberspace Security Threat #1 – Distributed Denial of Service Attacker “enslaves” computers with in diverse parts of the world using them as “handlers”. Over time, the “handlers “ install code in “agent” computers. That code makes repeated requests for service out of the targeted website. Collectively, the requests exceed the capacity of the website's server. Bona fide visitors to the targeted website are denied service. Cybersecurity: Expanding the Front Lines of Defense

Cyberspace Security Threat #1 – Distributed Denial of Service Cybersecurity: Expanding the Front Lines of Defense

Cyberspace Security Threat #1 – Denial of Service Volume of attack on the increase. Cybersecurity: Expanding the Front Lines of Defense

Cyberspace Security Threat #1 – Denial of Service E-Crime using Denial of Service attacks: Bookie reveals $100,000 cost of denial-of-service extortion attacks. attacks / New anti-DoS strategies: Downtime caused by DDoS attacks can cost your business tens, hundreds of thousands, or even millions of dollars. Due to the complex nature of these attacks, it is extremely difficult and expensive to stop... “. Brute force solution using servers of vast capacity Consequences “... denial of service attacks reduce future visits... changing surfer preferences...” Cybersecurity: Expanding the Front Lines of Defense

The Proposal Routers throughout the Internet to have embedded a Suprvisory Control And Data Acquisition, SCADA, software with 1. Artificial Intelligence that monitors the volume of traffic destined to websites. 2. Maintains a database and creates “ceilings” for expected traffic taking into account statically and dynamically established parameters. a. Static parameters are provided by the destination server. b. Dynamic parameters are calculated by the Traffic Control Algorithm. 3. Communicates with surounding routers – horizontally and vertically – optimizing the performance of the SCADA. 4. Communicates with the destination server, reports traffic and receives updated traffic controlparameters. Cybersecurity: Expanding the Front Lines of Defense

Server hosting the website of interest Internet routers Hardware viewpoint of the Internet: Cybersecurity: Expanding the Front Lines of Defense

Server hosting the website of interest connected to the first Internet node. Hardware viewpoint of the Internet: Internet routers To other nodes Cybersecurity: Expanding the Front Lines of Defense

Traffic Flow on the Internet Typical Histogram of Router Traffic for 100 URL Destinations. Requests Entering a Router. Assuming Uniform Traffic. Cybersecurity: Expanding the Front Lines of Defense

Flow Analysis Algorithm: Basic Functions Monitors Traffic Rate - Increases are Expected to Be Gradual. Maintains Records of Traffic to Each Destination. Cybersecurity: Expanding the Front Lines of Defense

Router Traffic Normalized to the Respective Average Flow Showing the Level of the Potential Threat. Cybersecurity: Expanding the Front Lines of Defense

Conclusion The Internet Routers located throughout the world are custodians of very valuable raw data. Namely, packet origin IP, destination IP, traveled path, timing, etc This wealth of information when cross correlated can create valuable information that can absolutely block and document Denial-of-Service attacks. Cybersecurity: Expanding the Front Lines of Defense

Current Research Modeling and simulation of Internet router traffic control algorithms. Use of artificial intelligence aiming at the detection and prevention Denial of Service attacks. Cybersecurity: Expanding the Front Lines of Defense