Presentation is loading. Please wait.

Presentation is loading. Please wait.

CPE 5002 Network security. Look at the surroundings before you leap.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "CPE 5002 Network security. Look at the surroundings before you leap."— Presentation transcript:

1 CPE 5002 Network security

2 Look at the surroundings before you leap

3 CPE5002 Network Security/  Srini 3 Lecturers Prof B Srinivasan – 990 32333, C4.47 srini@monash.edu.au srini@monash.edu.au Mr Pravin Shetty – 990 31945, B3.35 parvin.shetty@csse.monash.edu.au parvin.shetty@csse.monash.edu.au Guest Lecturers – Dr Le and Mr C Wilson

4 CPE5002 Network Security/  Srini 4 Topics Basic principles (Access Control /Authentication/Models of threat & Practical Countermeasures). Security issues over LANS & WANS[Earlier Models & Current Solutions]. Public key encryptions/ PKI/Digital signatures/Kerberos Unix security [Internet=TCP/IP Security— VPNs/Firewalls. Intrusion detection systems. Security in E-Commerce and banking, Including WWW, EDI, EFT,ATM.

5 CPE5002 Network Security/  Srini 5 Rules of the game (1) 11 weeks of lectures Assignment – written and a presentation of 15- 20 mts – Weightage: 40% –Presentation: during weeks 12 and 13 Examination: –Week 14, –Weightage: 60% –Assignment presentation topics are included in the examination assessment.

6 CPE5002 Network Security/  Srini 6 Rules of the game (2) References: – Computer Security—Dieter Gollman –Network and Internetwork Security---William Stallings. –Open Systems Networking—David M Piscitello/ A Lyman Chapin. No Formal Tutorial for this subject.

7 CPE5002 Network Security/  Srini 7 Where to look for notes materials? http://beast.csse.monash.edu.au/cpe5002 Username: cpe5002 Password: srini

8 CPE5002 Network Security/  Srini 8 Today’s lecture is Domain of network security Taxonomy of security attacks Aims or services of security Model of internetwork security Methods of defence

9 CPE5002 Network Security/  Srini 9 Security Human nature – physical, financial, mental,…, data and information security

10 CPE5002 Network Security/  Srini 10 Information Security computer security 1. Shift from the physical security to the protection of data and to thwart hackers (by means of automated software tools) – called computer security

11 CPE5002 Network Security/  Srini 11 Network Security 2. With the widespread use of distributed systems and the use of networks and communications require protection of data during transmission – called network security

12 CPE5002 Network Security/  Srini 12 Internetwork security The term Network Security may be misleading, because virtually all business, govt, and academic organisations interconnect their data processing equipment with a collection of interconnected networks – probably we should call it as internetwork security

13 CPE5002 Network Security/  Srini 13 Aspects of information security Security attack – any action that compromises the security of information. Security mechanism – to detect, prevent, or recover from a security attack. Security service – service that enhances and counters security attacks.

14 CPE5002 Network Security/  Srini 14 Security mechanisms No single mechanism that can provide the services mentioned in the previous slide. However one particular aspect that underlines most (if not all) of the security mechanism is the cryptographic techniques. Encryption or encryption-like transformation of information are the most common means of providing security.

15 CPE5002 Network Security/  Srini 15 Why Internetwork Security? Internetwork security is not simple as it might first appear. In developing a particular security measure one has to consider potential countermeasures. Because of the countermeasures the problem itself becomes complex. Once you have designed the security measure, it is necessary to decide where to use them. Security mechanisms usually involve more than a particular algorithm or protocol.

16 CPE5002 Network Security/  Srini 16 Security Attacks - Taxonomy Interruption – attack on availability Interception – attack on confidentiality Modification – attack on integrity Fabrication – attack on authenticity Property that is compromised

17 CPE5002 Network Security/  Srini 17 Interruption also known as denial of services. Information resources (hardware, software and data) are deliberately made unavailable, lost or unusable, usually through malicious destruction. e.g: cutting a communication line, disabling a file management system, etc.

18 CPE5002 Network Security/  Srini 18 Interception also known as un-authorised access. Difficult to trace as no traces of intrusion might be left. E.g: illegal eavesdropping or wiretapping or sniffing, illegal copying.

19 CPE5002 Network Security/  Srini 19 Modification also known as tampering a resource. Resources can be data, programs, hardware devices, etc.

20 CPE5002 Network Security/  Srini 20 Fabrication also known as counterfeiting. Allows to by pass the authenticity checks. e.g: insertion of spurious messages in a network, adding a record to a file, counterfeit bank notes, fake cheques,…

21 CPE5002 Network Security/  Srini 21 Security Attacks - Taxonomy Information Source Information Destination Normal Information Source Information Destination Interruption Information Source Information Destination Interception Information Source Information Destination Modification Information Source Information Destination Fabrication

22 CPE5002 Network Security/  Srini 22 Attacks – Passive types Passive (interception) – eavesdropping on, monitoring of, transmissions. The goal is to obtain information that is being transmitted. Types here are: release of message contents and traffic analysis.

23 CPE5002 Network Security/  Srini 23 Attacks – Active types Involve modification of the data stream or creation of a false stream and can be subdivided into – masquerade, replay, modification of messages and denial of service.

24 CPE5002 Network Security/  Srini 24 Attacks Passive Interception (confidentiality) Release of Message contents Traffic analysis Active Modification (integrity) Fabrication (integrity) Interruption (availability)

25 CPE5002 Network Security/  Srini 25 Security services Confidentiality Authentication Integrity Nonrepudiation Access control Availability

26 CPE5002 Network Security/  Srini 26 Model for internetwork security Information channel Message Secret information Secret information Principal Opponent Trusted Third party Gate Keeper

27 CPE5002 Network Security/  Srini 27 Methods of defence (1) Modern cryptology –Encryption, authentication code, digital signature,etc. Software controls –Standard development tools (design, code, test, maintain,etc) –Operating systems controls –Internal program controls (e.g: access controls to data in a database) –Fire walls

28 CPE5002 Network Security/  Srini 28 Methods of defence (2) Hardware controls –Security devices, smart cards, … Physical controls –Lock, guards, backup of data and software, thick walls, …. Security polices and procedures User education Law

Download ppt "CPE 5002 Network security. Look at the surroundings before you leap."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.

Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
CSE2500 System Security and Privacy. CSE2500 System Security and Privacy  Nandita&Srini 2 Lecturers Prof B Srinivasan Phone: 990 31333 Room No: C4.47.

CSE2500 System Security and Privacy. CSE2500 System Security and Privacy  Nandita&Srini 2 Lecturers Prof B Srinivasan Phone: Room No: C4.47.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.

Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)

“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Similar presentations

Ads by Google