FYE Cybersecurity Chasing Ghosts in the Wires

Slides:



Advertisements
Similar presentations
Principles of Information Security, Fourth Edition
Advertisements

Computer Security Workshops Security Introduction, Central Principles and Concepts.
Security Controls – What Works
1 An Overview of Computer Security computer security.
Introduction to Information Security Chapter 1
Introducing Computer and Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Introduction to Information Security
Risk Management Vs Risk avoidance William Gillette.
Learning Objectives Upon completion of this material, you should be able to:
Principles of Information Security, 2nd Edition1 Introduction.
SEC835 Database and Web application security Information Security Architecture.
CS 450 MODELING AND SIMULATION Instructor: Dr. Xenia Mountrouidou (Dr. X)
G53SEC Computer Security Introduction to G53SEC 1.
Information Systems Security Computer System Life Cycle Security.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Security Architecture
COSC 235: Programming and Problem Solving Instructor: Dr. Xenia Mountrouidou 1.
COSC 150: Science Using Computation Instructor: Dr. Xenia Mountrouidou 1.
Information Security What is Information Security?
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Topic 5: Basic Security.
INFORMATION SECURITY MANAGEMENT I NTRODUCTION TO THE M GT OF I NFORMATION S ECURITY.
SecSDLC Chapter 2.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
INFORMATION SECURITY MANAGEMENT MIS534. Course Outline – Topics Covered  Planning for Security and Contingencies  Information Security Policy  Developing.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Introduction to Information Security Chapter 1 Do not figure on opponents not attacking; worry about your own lack of preparation. -- Book of the Five.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
MANAGEMENT of INFORMATION SECURITY Third Edition C HAPTER 1 I NTRODUCTION TO THE M ANAGEMENT OF I NFORMATION S ECURITY If this is the information superhighway,
Principles of Information Security, Fourth Edition Chapter 1 Introduction to Information Security Part II.
Principles of Information Security, Fourth Edition Chapter 1 Introduction to Information Security Part I.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.
Database Principles: Fundamentals of Design, Implementation, and Management Chapter 1 The Database Approach.
Slide 1 MANAGEMENT OF INFORMATION SECURITY  “ If this is the information superhighway, it is going through a bad, bad neighborhoods” Dorian Berger, 1997.
CS457 Introduction to Information Security Systems
CSCI 360: Software Architecture & Design
GENI, Pen Testing, & other stories
Seminar On Ethical Hacking Submitted To: Submitted By:
CSIS 641: Advanced Cybersecurity
Security Testing Methods
Chapter 1: Introduction
TOPIC 1 INTRODUCTION TO INFORMATION SECURITY
Topic 1: Introduction to Information Security.
CSCI 392: Seminar in Computing and Society
Introduction to Information Security
Outline Introduction Characteristics of intrusion detection systems
Forensics Week 11.
Security in Networking
CyberPaths Interdisciplinary Modules
Privacy Through Anonymous Connection and Browsing
IS4680 Security Auditing for Compliance
INFORMATION SYSTEMS SECURITY and CONTROL
Chapter 27 Security Engineering
Introduction Principles of Information Security, 2nd Edition
Introduction Principles of Information Security, 2nd Edition
CSCI 392: Seminar in Computing and Society
Faculty of Science IT Department By Raz Dara MA.
Topic 5: Communication and the Internet
Cyber security and Computer Misuse
Chapter 1 Key Security Terms.
CSCI 360: Software Architecture and Design
Introduction to Networking Security
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

FYE Cybersecurity Chasing Ghosts in the Wires Dr. X

Who am I? Dr. X – Computer Scientist PhD at North Carolina State University – Optical networks performance Worked at IBM – Software Performance Engineer Post doc at College of William and Mary – research on performance and power savings for hard disk drives Assistant professor at Jacksonville University, Wofford College Assistant professor at CofC Scuba diver, manga comics collector, science fiction reader, hacker

Who am I?

Introductions Exercise Introduce yourself to class. Give your: Name Major What you hope to learn from this class

What is wrong with this picture?

What is wrong with this picture?

Syllabus Exercise Part 1 Part 2 Get into groups of three and introduce yourselves. Each group will need to generate a list of five to eight questions you have about the class. Part 2 Go over the syllabus together as a group to answer your questions. Upon completion, we will reconvene and then your group will ask any questions that were not addressed in the syllabus.

Syllabus Assignments Midterm Research Project Participation Lab reports – 2 students Reading reports – individual Midterm Research Project Participation Public website: http://mountrouidoux.people.cofc.edu/CSIS641/index.html Office hours

Security mindset, Attacks, Defenses

Outline The Security “mindset” Attacks Defenses Information security

The Security “mindset”

The Security “mindset” Think critically Challenge assumptions Be curious Think about weaknesses

The Security “mindset”  “That new product X sounds awesome, I can’t wait to use it!” versus...  “That new product X sounds cool, but I wonder what would happen if someone did Y with it...”

The Security “mindset” Why it’s important Technology changes, so learning to think like a security person is more important than learning specifics of today Will help you design better systems/solutions Interactions with broader context: law, policy, ethics, etc.

Social Systems are Systems too! Social Engineering Lying Being nice to people Acting like you belong

Attacks (OWASP) Abuse of Functionality Data Structure Attacks Embedded Malicious Code Exploitation of Authentication Injection Path traversal Probabilistic techniques Protocol Manipulation Resource Depletion Resource Manipulation Sniffing Spoofing

Defenses Information security: a “well-informed sense of assurance that the information risks and controls are in balance.” — Jim Anderson, Inovant (2002) Cybersecurity: is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. whatis.techtarget.com/definition/cybersecurity

What is Security? “The quality or state of being secure—to be free from danger” A successful organization should have multiple layers of security in place: Physical security Personal security Operations security Communications security Network security Information security What Is Security? In general, security is “the quality or state of being secure--to be free from danger.” It means to be protected from adversaries--from those who would do harm, intentionally or otherwise. A successful organization should have the following multiple layers of security in place for the protection of its operations: Physical security – To protect the physical items, objects, or areas of an organization from unauthorized access and misuse. Personal security – To protect the individual or group of individuals who are authorized to access the organization and its operations. Operations security – To protect the details of a particular operation or series of activities. Communications security – To protect an organization’s communications media, technology, and content. Network security – To protect networking components, connections, and contents.

What is Security? (cont’d.)‏ The protection of information and its critical elements, including systems and hardware that use, store, and transmit that information Necessary tools: policy, awareness, training, education, technology C.I.A.N.A What Is Information Security? Information security, therefore, is the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information. But to protect the information and its related systems from danger, tools, such as policy, awareness, training, education, and technology are necessary. The C.I.A. triangle has been considered the industry standard for computer security since the development of the mainframe. It was solely based on three characteristics that described the utility of information: confidentiality, integrity, and availability. The C.I.A. triangle has expanded into a list of critical characteristics of information.

Security as Art No hard and fast rules nor many universally accepted complete solutions No manual for implementing security through entire system Security as Art There are no hard and fast rules regulating the installation of various security mechanisms. Nor are there many universally accepted complete solutions. While there are many manuals to support individual systems, once these systems are interconnected, there is no magic user’s manual for the security of the entire system. This is especially true with the complex levels of interaction between users, policy, and technology controls.

Security as Science Dealing with technology designed to operate at high levels of performance Specific conditions cause virtually all actions that occur in computer systems Nearly every fault, security hole, and systems malfunction are a result of interaction of specific hardware and software If developers had sufficient time, they could resolve and eliminate faults Security as Science We are dealing with technology developed by computer scientists and engineers—technology designed to perform at rigorous levels of performance. Even with the complexity of the technology, most scientists would agree that specific scientific conditions cause virtually all actions that occur in computer systems. Almost every fault, security hole, and systems malfunction is a result of the interaction of specific hardware and software. If the developers had sufficient time, they could resolve and eliminate these faults.

Security as a Social Science Social science examines the behavior of individuals interacting with systems Security begins and ends with the people that interact with the system Security administrators can greatly reduce levels of risk caused by end users, and create more acceptable and supportable security profiles Security as a Social Science There is a third view: security as a social science. Social science examines the behavior of individuals as they interact with systems, whether societal systems or in our case information systems. Security begins and ends with the people inside the organization and the people that interact with the system planned or otherwise. End users that need the very information the security personnel are trying to protect may be the weakest link in the security chain. By understanding some of the behavioral aspects of organizational science and change management, security administrators can greatly reduce the levels of risk caused by end users and create more acceptable and supportable security profiles.

Penetration Testing Legal and authorized attempt to locate and successfully exploit computer systems for the purpose of making those systems more secure

Differences Between attacks and vulnerabilities? Between pen testing and vulnerability assessment? Attacks are the techniques that attackers use to exploit the vulnerabilities in applications. Attacks are often confused with vulnerabilities, so please try to be sure that the attack you are describing is something that an attacker would do, rather than a weakness in an application.

Black vs white hat

Black vs white hat Authorization Motivation Intent

Summary Categories of attacks that represent most known attacks today Information security is part of the defense Security development lifecycle: as in software engineering lifecycle we can design security in phases Pen testing is part of the defense and it is not just about tools!

For next class Read binary tutorial! You will need this to complete the in class lab Prepare your active participation: write a question on the binary tutorial or the slides Prepare your active participation: find a new technology product, something that you would like to buy or something you just got on Christmas. Think like an attacker: what can go wrong with your new gadget? Read the Syllabus

Sources Principles of Information Security, Fourth Edition OWASP CSE 484 UWA, Ada Lerner