Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewalls and Security

Published byHelena Auvinen Modified over 5 years ago

Similar presentations

Presentation on theme: "Firewalls and Security"— Presentation transcript:

1 Firewalls and Security
Ngoc Nguyen

2 Facts of Internet System’s vulnerability
Recent denial-of-service attacks on Amazon, eBay, Yahoo, etc. 31% of key Internet hosts were wide open to potential attackers. 65% of companies reported security breaches in three year from 1997 to 1999.

3 Typical security approaches
Access Control Cryptography Intrusion detection systems Firewalls

4 Traditional firewalls consist of 3 main architectures
Screening routers. Proxy servers. Stateful inspectors.

5 Screening Routers Router screens the information, allowing only approved information to pass through. Requirements of continually change with more addresses required to be added to the “allowable” address lists. Don’t have user-level authentication protection. As a result, spoofing which means a packet looks like an authorized and legal one breaches the firewall.

6 Proxy Servers Employ user-level authentication.
Provide logging and accounting information ( good for detecting intrusions and intrusion attempts).

7 Stateful Inspectors Inspect packets to verify application, user, and transportation method to investigate the possibility of harmful viruses hiding in audio or video packets. Application must be continually updated to recognize new viruses or intrusive applets.

8 Two approaches to enhance Internet security
Encryption and Firewalls. Proactive Identification Model (PAIM).

9 Encryption can provide firewall protection in several ways:
By encrypting passwords and authentication procedures, eavesdroppers are not able to copy passwords for later use in spoofing the system. Without the correct key, any encrypted data sent by an intruder would translate into unintelligible random characters and therefore have no meaning to the receiving system, i.e., no harmful viruses or programs can be inserted into the host system. Any intruder reading corporate data being on an open network would not be able to gather any intelligence.

10

11 Proactive Identification Model (PAIM)
“As long as the hacker is not creating any hazardous situation or destroying anything, seasoned investigators will tell you that it is much more beneficial to watch the hacker over time and collect as much data as possible to develop a good case for the arrest and prosecution of the hacker in the courts.” (Hancock 2002)

12 PAIM consists of 3 components
Firewall: has an audit log used to log both authorized and unauthorized accessing of the network. Operating system: has user profiles and audit logs. User profiles and audit logs are “controls” which will provide information on the user’s or hacker’s action. These controls will be used to construct two graphs. Fuzzy engine: process information obtained from the firewall and the operating system in real-time.

13 PAIM (cont.) The fuzzy engine will compute two graphs, template and user action. Then template graph represents typical actions of a user (hacker) when carrying out eight steps of generic hacking methodology. User action graph represents actual actions of the user (hacker) on the system.

14

15 PAIM’s operations Maps two template and user action graphs to determine whether a user (hacker) is performing a hacking attempt if there is a match between two graphs. Sends alert message on hacking attempt to the information security officer at the security working station. Collects data from the hacker’s action for later use in court prosecution.

16

Download ppt "Firewalls and Security"

Similar presentations

FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Chapter 11 Firewalls.

Chapter 11 Firewalls.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Discovering Computers 2010

Discovering Computers 2010
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj

Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
1 Guide to Network Defense and Countermeasures Chapter 2.

1 Guide to Network Defense and Countermeasures Chapter 2.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

Similar presentations

Ads by Google