Presentation is loading. Please wait.

Presentation is loading. Please wait.

Polytechnic University Introduction1 CS 393/682: Network Security Professor Keith W. Ross.

Published bySilas Stokes Modified over 8 years ago

Similar presentations

Presentation on theme: "Polytechnic University Introduction1 CS 393/682: Network Security Professor Keith W. Ross."— Presentation transcript:

1 Polytechnic University Introduction1 CS 393/682: Network Security Professor Keith W. Ross

2 Polytechnic University Introduction2 Networks under attack r What can wrong? r How are computer networks vulnerable? r What are some of the more prevalent attacks today?

3 Polytechnic University Introduction3 The bad guys can put malware into your host via the Internet r We connect our hosts to the Internet to get good stuff: m E-mail, web pages, mp3s, video clips, search results, etc. r But along with the good stuff, comes the malware, which can: m Delete files m Install spyware that collects private info m Enroll our compromised host in a botnet thousands of similarly compromised devices which can be leveraged for DDoS attacks and spam distribution

4 Polytechnic University Introduction4 Malware: self-replicating r Once it infects one host: m seeks entry into other hosts m and then into yet more hosts r Virus m Requires some form of human interaction to spread m Classic example: E-mail viruses r Worms m No user interaction needed m Worm in infected host scans IP addresses and port numbers, looking for vulnerable processes to infect r Trojan horse m Hidden, devious part of some otherwise useful software

5 Polytechnic University Introduction5 The bad guys can attack servers & network infrastructure Denial of Service (DoS): Diminishes usability of network host, network, or network infrastructure. r Vulnerability attack: Attacker sends well-crafted messages to a vulnerable app or OS, crashing service or host. r Bandwidth flooding: Attacker sends a deluge of packets to the targeted host. Target’s access link becomes clogged.. r Connection flooding: The attacker establishes large number of half- or fully-open TCP connections at the target host. Target becomes incapable of accepting legitimate connections.

6 Polytechnic University Introduction6 The bad guys can sniff packets r Passive sniffers near wireless transmitters r Wired environments too. m Many LANs broadcast m Residential cable access systems broadcast m Bad guys with access to internal network infrastructure can install sniffers. r Packet sniffers are passive m and therefore difficult to detect.

7 Polytechnic University Introduction7 The bad guys can masquerade as someone you trust r Easy to create packet w/ arbitrary source address, packet content & dest address m then transmit packet into the Internet m which forwards the packet to its destination. The bad guys can modify or delete messages r Man-in-the-middle: bad guy inserted in path between two communicating entities r Sniff, inject, modify, delete packets r Compromise integrity of data sent btwn 2 entities

8 Polytechnic University Introduction8 How did the Internet get to be such an insecure place? r Originally for a group of mutually trusting users attached to a transparent network. m By definition, no need for security r Mutual trust m By default, can send a packet to any other user m IP source address taken by default to be true r Today, communication between trusted users is the exception rather than the rule

9 Polytechnic University Introduction9 Course Goals r Become expert in Internet protocols r Understand the types of problems m Survey some attacks m Become familiar with some attack tools r Understand the basic network security tools to counter the attacks m Become familiar with firewall, IDS, VPN configuration r Focus on principles rather than technology trends, current events r Examine some advanced research topics

10 Polytechnic University Introduction10 Topics covered r Network attacks m reconnaissance, sniffing, port scanning, DDoS, TCP hijacking r Firewalls and intrusion detection r Cryptography m Symmetric key, public key, integrity r Secure protocols m PGP, SSL, IPsec, secure Wi-Fi r Advanced topics m IP source traceback m Reputation systems m VoIP security m P2P security

11 Polytechnic University Labs r 1) Wireshark: TCP/IP review r 2) Wireshark: SSL r 3) IPsec and VPNs r 4) IKE (key negotiation for IPsec) r 5) IPmodules (firewalls) r 6) Network mapping with nmap Introduction 11

12 Polytechnic University Introduction12 Prerequisites r CS 684 or equivalent course on computer networking m with a heavy dose of TCP/IP r Proficiency in Linux r CS 392/681 are NOT prerequisites

13 Polytechnic University Introduction13 Recommended Books r Course PowerPoint slides r Network Security Essentials, William Stallings, 1992, Prentice Hall; decent introduction to cryptography and secure protocols. r Computer Networking, 4 th Edition, Kurose and Ross, 2007: for networking and TCP/IP background material, cryptography and secure protocols r Counter Hack, 2nd Edition, Ed Skoudis, 2005, for material in first few lectures on attacks r Network Security, Private Communication in a Public World, C. Kaufman, R. Perlman, M. Speciner, Prentice Hall, 1995; more advanced.

Download ppt "Polytechnic University Introduction1 CS 393/682: Network Security Professor Keith W. Ross."

Similar presentations

Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 5 Omar Meqdadi Department of Computer Science and Software Engineering University of.

Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 5 Omar Meqdadi Department of Computer Science and Software Engineering University of.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
CS 325 Computer Networks Sami Rollins Fall 2003.

CS 325 Computer Networks Sami Rollins Fall 2003.
Lecture 3 Introduction 1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit.

Lecture 3 Introduction 1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit.
1-1 Internet Overview: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit switching, packet.

1-1 Internet Overview: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit switching, packet.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –

Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
University of Calgary – CPSC 441.  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against.

University of Calgary – CPSC 441.  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Similar presentations

Ads by Google