HOME SCHOOL FOR NETWORK SECURITY James Coffey Network Security & Electronics Program Dept. of Applied Engineering & Technology Eastern Kentucky University.

Slides:

Advertisements

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

Advertisements

SECURITY AND INFORMATION SYSTEMS THE EVOLUTION OF SECURITY SYSTEMS Created By: Jamere Hill Instructor: Kyhia Bostic Section University of Houston.

Lesson 1: Introduction to IT Business and Careers

Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.

Is There a Security Problem in Computing? Network Security / G. Steffen1.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Hands-On Ethical Hacking and Network Defense

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Rochester Institute of Technology Secure IT 2007 Security Auditing Course Development Rochester Institute of Technology Yin Pan

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.

Controls for Information Security

PI : TV A PI MEDIA CENTER Michael Hoskins Network Security & Electronics Program, Dept. of Applied Engineering & Technology, Eastern Kentucky University.

OUTLINE  Motivation  Introduction  Problem Statement  Assumptions  Proposed Solution  Results  Conclusions  Future Work  References  Acknowledgements.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

General Awareness Training

 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.

MINI MEDIA CENTER Charles Hayden Network Security and Electronics Department of Applied Engineering and Technology Eastern Kentucky University.

By Justin Addison Network Security & Electronics Program Dept. of Applied Engineering & Technology, EKU.

ANTICLICK: INCREASING DESKTOP SECURITY Jason Petrey Computer Electronic Networking Dept. of Technology Eastern Kentucky University.

Challenges in Using IT for Learning and Teaching in Saudi Arabian Universities Present by : Fahad Alturise Supervisor : Dr. Paul Caldor.

Enhancing the Security of Corporate Wi-Fi Networks using DAIR PRESENTED BY SRAVANI KAMBAM 1.

Honeypot and Intrusion Detection System

CIS 450 – Network Security Chapter 16 – Covering the Tracks.

CSCD 434 Network Security Spring 2014 Lecture 1 Course Overview.

CSCD 330 Network Programming Fall/Winter/Spring 2014 Lecture 1 - Course Details.

CPT 123 Internet Skills Class Notes Internet Security Session A.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4.

SECURING YOUR HOME AND HOME NETWORK Ryan Lewis Eastern Kentucky University Network Security & Electronics Spring 2015 Capstone.

Attack Tool Repository and Player for ISEAGE May06-11 Abstract Today’s world is changing shape as it increases its dependency on computer technology. As.

Windows Server 2003 with Active Directory and Group Policies Wendy Hurst Eastern Kentucky University Department of Technology CEN/CET.

Amy Spitzberg Educ504: Special Education & Technology Research Topic Prepared July 23, 2007.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

CYBER CRIMES PREVENTIONS AND PROTECTIONS Presenters: Masroor Manzoor Chandio Hira Farooq Qureshi Submitted to SIR ABDUL MALIK ABBASI SINDH MADRESA TUL.

CENTRAL SECURED PROXY NETWORK Zachary Craig Eastern Kentucky University Dept. of Technology, NET.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.

LAN of Milk and Honey: Ensuring safe networks through virtualisation Suné von Solms.

CSCD 330 Network Programming Winter 2015 Lecture 1 - Course Details.

Critical Security Controls & Effective Cyber Defense Hasain “The Wolf”

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

ONLINE SAFETY AND SECURITY Computer Basics 1.5. INFAMOUS CYBER ATTACKS IN 2014 Sony Pictures: Attackers stole just about everything in the corporate network,

CabSec Integrated Security ANTHONY WARNER NETWORK SECURITY & ELECTRONICS PROGRAM OF AE&T AT EASTERN KENTUCKY UNIVERSITY.

Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.

Information Security tools for records managers Frank Rankin.

Raspberry Pi Garage Door Mark Barron NET 499 Eastern Kentucky University.

TECHNOLOGY RESOURCE MANAGEMENT PORTAL Casey Spires Eastern Kentucky University.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

PARSLEY PIE BOX James (Kyle) Parsley Network Security & Electronics Program.

Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.

Information Management System Ali Saeed Khan 29 th April, 2016.

LEARNBOT Matthew Williams Network Security and Electronics Program Dept. of Applied Engineering & Technology, Eastern Kentucky University.

Some Great Open Source Intrusion Detection Systems (IDSs)

King William High School. Cyber Security Curriculum 4 year high school curriculum Up to 5 technology certifications upon successful completion of each.

Seminar On Ethical Hacking Submitted To: Submitted By:

Mickey hand By: Marquise Piton Network Security & Electronics /Contact: (954)

Top 5 Open Source Firewall Software for Linux User

Associate Degree in Cyber security

Secure Software Confidentiality Integrity Data Security Authentication

Cat Litter Box Ventilation System

INF 103 Education for Service-- snaptutorial.com.

INF 103 Teaching Effectively-- snaptutorial.com

INF 103 Education for Service-- tutorialrank.com

Internet Service Provider Attack Scenario

CSCD 434 Network Security Spring 2012 Lecture 1 Course Overview.

CSCD 434 Network Security Spring 2019 Lecture 1 Course Overview.

Ubuntu MYSQL Database Server

Presentation transcript:

HOME SCHOOL FOR NETWORK SECURITY James Coffey Network Security & Electronics Program Dept. of Applied Engineering & Technology Eastern Kentucky University

2 OUTLINE Motivation Introduction Problem Statement Assumptions Proposed solution Results Video Conclusions Future Work References Acknowledgements

3 MOTIVATION A strong desire to have up-to-date, hands-on skills Institutions struggle to facilitate up-to-date training in regards to defense against cyber criminals Technology is advancing at a rapid pace in today’s society Many of the quality hands on trainings sessions I have found concerning network or cyber security have been extremely out of my financial grasp

4 INTRODUCTION Kentucky statutes concerning computer crime Unlawful access to a computer in the first, second, third, and fourth degree Only one is a misdemeanor the other three are felonies Misuse of computer information, also a felony Research shows to avoid negative legal repercussions and gain these skills, one must have an environment in which they are legally authorized to do so and many can not accept that liability at a reasonable cost

5 PROBLEM STATEMENT Network security is a growing concern in our technologically dependent society. One that many institutions are unable to provide up-to- date training for due to ethical and legal concerns along with the pace of its needed evolution. Many of the avenues that do provide this needed, hands-on training are very costly and almost unattainable to persons with interest who have little funds or lack the support of a corporation.

6 ASSUMPTIONS Assume that an individual with limited funds is interested in this field or that they are not already employed and supported in the field of network security Also assume that the user desires to stay with in the limits of the law Assume that the user has basic knowledge of network administration or access to Google or YouTube

7 PROPOSED SOLUTION Research shows that the key concern is authorization The surest way one can prove authorization was to conduct these experiments on ones own personal network Search for an affordable way to have a network Several books were purchased on the needed skills for far less than one course-required text A Raspberry Pi for twenty-five dollars An inexpensive router Then on hand devices are repurposed Some devices that others wanted rid of are repaired and repurposed Become familiar with open source

SOLUTION CONTINUED Turn the Raspberry Pi into a penetration device Add Air Crack-ng and Motion Configure for multi-platform remote control 8

SOLUTION CONTINUED Combine refurbished and repurposed equipment to make a mock network with IDS & wireless access 9

SOLUTION CONTINUED Combine refurbished and repurposed equipment to make a learning center to access attack, defense, and research sources 10

SOLUTION CONTINUED Build a network you are authorized to learn in 11

RESULTS This environment has provided more in-depth knowledge and hands-on experience with: Logs, rules, and configurations of firewalls Logs, rules, and configuration of intrusion detection systems False positives, false negatives Network protocols and ports 12

RESULTS CONTINUED Auditing tools 13

RESULTS CONTINUED Linux Code and programing Wireless and land defense and exploits Hardening The thinking of those we protect against This environment was used for Botnet research for the group project as well 14

RESULTS CONTINUED After comparing what I have learned from this in a short time to my college loans, I decided Home School deserved a raise 15

Home School for Network Security

17 CONCLUSIONS This has been the most beneficial tool I have in training for network security This project has required use of all my prior knowledge of networking and allowed me to gain hands on experience with it and more new knowledge than I knew I would be able too gain I can now rapidly dedicate a virtual or physical system to the study of new exploits or products I can learn at my pace in the field of my interests

18 FUTURE WORK I believe that this type of learning environment could have a significant impact on filling the void of much needed security professionals I am currently adding a database to the mock defense network to research database vulnerabilities and exiting techniques To become more familiar with SQL XSS PHP HTML JAVA

REFERENCES Shotts, W. (2012). The Linux Command Line a Complete Introduction. San Francisco: No Starch Press. Lrc.ky.gov,. (2015). Kentucky Legislature. Retrieved 4 May 2015, from Szymon Machajewski. (2012, September 13). Intrusion Detection Systems – Lecture – Introduction to Security Principles CO212 [Video file]. Retrieved from

ACKNOWLEDGEMENTS Thanks to Professor Jeff Kilgore for showing me there is more than a next button and how to go find it. Professor Ray Richardson for encouraging me to seek value and knowledge everywhere. Professor Chandra Viggs for making me write more and guidance. My classmates Most of all Papa and my wife, Amanda Coffey for letting me put my hammers down. 20