Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIS 3360 Security in Computing

Published byMarkus Kyllönen Modified over 5 years ago

Similar presentations

Presentation on theme: "CIS 3360 Security in Computing"— Presentation transcript:

1 CIS 3360 Security in Computing
Ratan K Guha Fall 2006

2 Security in Computing Ratan Guha guha@cs.ucf.edu, (407) 823 - 2956
Office Hours: MW 10 – 11 am, 3-4 pm Course Web Page:

3 Course and Class Information
Class Days and Times: MWF 12:30-1:20pm Classroom: Eng-II-203 Required Textbook: Introduction to Computer Security by Matt Bishop Addison Wesley, 2005, (ISBN: ) Reference Book: Computer Networking by James Kurose and Keith Ross, 3rd Edition, Addison Wesley, 2005, (ISBN: ) Teaching Assistants & s: Shahabuddin Muhammad - (CSB 108) Zeeshan Furqan – (CSB 108)

4 Office Hours Guha: (CSB 209) MW 10- 11 am, 3-4 pm Furqan: (CSB 108)
M 1:30 – 3:00 pm,TF 2:30 – 4:30 pm Muhammad: (CSB 108) W 1:30 – 3:00 pm, Th 10 – 12 noon

5 Multi-Disciplinary Minor in Secure Computing and Networks (SCAN)
Core Courses (9 hours) Elective Courses (9 hours)

6 Tentative Topics 1. Introduction to Security in Computing 1
2. Computer Networks and the Internet - Notes and Reference Book 3. Some Applications Notes and Reference Book 4. Use of Cryptography for Secure Communication 8, 9,10,11 5. Introduction to Assurance 17 6. Malicious Logic 7. Vulnerability Analysis and Auditing 20, 21 8. Intrusion Detection 9. Security , 24, 25, 26

7 Information Security Measures adopted to prevent the unauthorized use, misuse, modification, or denial of use of knowledge Important Goal: For any network centric corporation maintaining uptimes (availability) maintaining network security (confidentiality and integrity) of information providing QoS while mitigating risks

8 Hackers An individual who breaks into a computer (attacks a networked centric system) Motivation Challenge Greed Malicious intent

9 Types of Attacks Access (snooping, eavesdropping, interception)
Modification (changes, insertion, deletion) Denial of Service (Denial of access to information, applications, systems, communications) Repudiation (masquerading-impersonating, denying an event)

10 Access Attack Attempt to gain information that the attacker is not authorized to see. Attack can occur wherever the information resides or may exist during transmission Snooping: looking through information files Eavesdropping: positioning himself at a location where information of interest is likely to pass by Interception: inserting himself in the path of the information and capturing it before it reaches its destination

11 Modification Attack Attempt to modify information that an attacker not supposed to modify. This attack is against the integrity of the information Change: attempts to change existing information Insertion: attempts to insert new information Deletion: attempts to remove some existing information

12 Denial of Service (DoS) Attacks
DoS attacks attempt to deny the use of resources to legitimate users of the system, information, or capabilities Information: attempts that cause denial of access to information Applications: attempts that cause denial of access to applications Systems: attempts that cause denial of access to systems Communications: This type of attack can range from cutting a wire to jamming radio communications or flooding networks with excessive traffic

13 Repudiation Attack Repudiation attack attempts to give false information or to deny that a real event or transaction should have occurred Masquerading: attempts to act like someone else or some other systems (in personal communication, in transactions, system-to-system communications) Denying an event: disavows that the action was taken as it was logged

14 Whitman & Mattord’s Methodolgy
Employing six layers of security to protect the operations of an organization. The physical security layer addresses the protection of physical items, objects or areas from unauthorized access and misuse. The personal security layer addresses the protection of the individual or a group of individuals who are authorized to access the organization and its operation. The operations security layer focuses on the protection of detail of a particular operation or series of activities. The communications security layer encompasses the protection of the organization’s communication media, content and technology. The network security layer protects the network components, connections and contents. The information security layer is concerned with protecting the information, the systems and hardware that use, store and transmit that information.

Download ppt "CIS 3360 Security in Computing"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security

Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
Computer & Network Security

Computer & Network Security
Dimensions of E – Commerce Security

Dimensions of E – Commerce Security
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
NETWORK SECURITY. TextBook William Stallings, Cryptography and Network Security: Principles and Practice, ? Edition.

NETWORK SECURITY. TextBook William Stallings, Cryptography and Network Security: Principles and Practice, ? Edition.

Similar presentations

Ads by Google