Network Security Fall 2014 Dr. Faisal Kakar Office: 01, FICT Building

Slides:



Advertisements
Similar presentations
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Advertisements

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Chapter 9: Privacy, Crime, and Security
Computer Viruses.
James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
FIT3105 Security and Identity Management Lecture 1.
Bots and Botnets CS-431 Dick Steflik. DDoS ● One of the most common ways to mount a Distributed Denial of Service attacks is done via networks of zombie.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Network Intruders Masquerader: A person who is not authorized to use a computer, but gains access appearing to be someone with authorization (steals.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Henric Johnson1 Intruders and Viruses Henric Johnson Blekinge Institute of Technology, Sweden
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
Network Security by Behzad Akbari Spring 2012 In the Name of the Most High.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
29.1 Lecture 29 Security I Based on the Silberschatz & Galvin’s slides And Stallings’ slides.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Types of Electronic Infection
NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.
ECE-8843 Fall Prof. John A. Copeland fax Office:
Topic 5: Basic Security.
1 Chapter 9 Intruders. 2 Outline Intruders –Intrusion Techniques –Password Protection –Password Selection Strategies –Intrusion Detection Statistical.
Malicious Software.
1 Lecture 1: Introduction Outline course’s focus intruder’s capabilities motivation for security worms, viruses, etc. legal and patent issues.
Chapter 9 Intruders.
Security Discussion IST Retreat June IT Security Statement definition In the context of computer science, security is the prevention of, or protection.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
Understand Malware LESSON Security Fundamentals.
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
Virus Assignment JESS D. How viruses affect people and businesses  What is a virus? A computer virus is a code or a program that is loaded onto your.
Network Security and Cryptography
NETWORK SECURITY Definitions and Preventions Toby Wilson.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.
Chapter 9 Intruders.
ECE Spring also see Prof. John A. Copeland fax Office: Klaus 3362
Instructor Materials Chapter 7 Network Security
(see also Q1 and Q2 Topics)
NET 311 Information Security
Chap 10 Malicious Software.
Chapter 9 Intruders.
Faculty of Science IT Department By Raz Dara MA.
Security.
Chap 10 Malicious Software.
Network Security 4/21/2019 Raj Rajarajan.
Operating System Concepts
Chapter 9 Intruders and Viruses.
Presentation transcript:

Network Security Fall 2014 http://www.faisalakhan.com/ContentPage/Classes/ Dr. Faisal Kakar faisal.khan@gatech.edu Office: 01, FICT Building 1-9-13

Course Title: Network Security (3 hours lecture, 0 hours lab) Course Syllabus Course Title: Network Security (3 hours lecture, 0 hours lab) Instructor: Dr. Faisal Kakar (backup - Engr. Raza Ali) Course Objective: Fundamental concepts of network information security and management, including encryption, secure access methods, and vulnerabilities in network protocols, operating systems, and network applications. 2

Course Syllabus Textbook: "Network Security Essentials: Applications and Standards," Prentice Hall, William Stallings, Third Edition, 2007. http://WilliamStallings.com/Resources Grading: Quizzes 10% HW 5% NetSec Exercise 10% Midterm 25% Final 50% 3

Course Syllabus Course Outline: Introduction Secret Key and Public/Private Key Cryptography Cryptographic Hashes and Message Digests Authentication Systems (Kerberos) Digital signatures and certificates Kerberos and X.509v3 digital certificates Web security Security standards - SSL/TLS and SET Intruders and viruses PGP and S/MIME for electronic mail security Firewalls Current Network Security Publications and Web Sites 4

Attacks, Services, and Mechanisms * Security Attack: Any action that compromises the security of information (e.g., stealing information). * Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. (e.g., encryption) Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms (SSL for Web browsers and servers). Service - prevents Attacks - by using Mechanisms 5

Security Services (PI and 3 A's) * Privacy (Confidentiality) * Integrity (has not been altered or deleted) * Availability (accessibility - permanence, non-erasure) - Denial of Service Attacks - Virus that deletes files * Authentication (who created or sent the data) - Non-repudiation (the buy-order is final) [attribution] * Authorization (access control, prevent misuse of resources) Ref: ISO X.800 and IETF RFC 2424 6

Availability Privacy Integrity, Authentication Authentication, Authorization 7 7

Computer Emergency Response Team - see www.us-cert.gov also see www.sans.org 8

Not included above: Theft of Services Not included above: Theft of Services. Example, a botnet uses your computer to send spam email, or participate in a distributed denial-of-service attack (DDoS) 9

Without physical security (to critical areas), there is no security. Wiring Closet Rule 1: Without physical security (to critical areas), there is no security. 10

11

Authentication Authorization Logging 12

Security Standards Internet - Internet Engineering Task Force (IETF) De Facto (PGP email security system, Kerberos-MIT) ITU (X.509 Certificates) - not in book - National Institute of Standards and Technology (SHA) IEEE (802.3-Ethernet, 802.11 - Wireless LAN) Department of Defense, Nat. Computer Security Center Export Controls ( U.S. Dept. of Commerce) - High Performance Computers - Systems with “Hard” Encryption 13

Viruses, Worms, and Trojan Horses Virus - code that copies itself into other programs (usually riding on email messages or attached documents (e.g., macro viruses). Payload - harmful things it does, after it has had time to spread. Worm - a program that replicates itself across the network (e.g., Saphire worm) Trojan Horse - instructions in an otherwise good program that cause bad things to happen (sending your data or password to an attacker over the net). Logic Bomb - malicious code that activates on an event (e.g., date). Trap Door (or Back Door) - undocumented entry point written into code for debugging that can allow unwanted users. Bot (robot) - a compromised host that is controlled remotely. Bot Net (botnet) - many bots controlled by the same organization. 14

Virus Protection Have a well-known virus protection program, configured to scan disks and downloads automatically for known viruses. Monthly (if not weekly) database updates are necessary. Do not execute programs (or "macro's") from unknown sources (e.g., PS, JPEG, MS Office documents, Java, ...), if you can help it. Lately, downloaded image files can compromise your PC. Avoid the most common operating systems and email programs, if possible (I use MacOS, Ubuntu Linux, thunderbird and Apple mail). If you use Web Mail (integrated mail and browser programs) then turn off "automatically download from Web,” and use safe servers. 15

Password Gathering (Physical Security) Look under keyboard, telephone etc. Look in the Rolodex under “X” and “Z” Call up pretending to be from “micro-support,” and ask for it. “Snoop” a network and watch for plaintext passwords that go by. Tap a phone line - but this requires a very special modem. Use a “Trojan Horse” or “Bot” program, with a “key catcher”to record key stokes. Social Engineering - phone or email and pretend to be “PC support.” 16

The 5 Stages of a Classical Network Intrusion 1. Scan the network to: • locate which IP addresses are in use, • what operating system is in use, • what TCP or UDP ports are “open” (being listened to by Servers). 2. Run “Exploit” scripts against open ports 3. Get access to Shell program which is “suid” (has “root” privileges). 4. Download from Hacker Web site special versions of systems files that will let Cracker have free access in the future without his cpu time or disk storage space being noticed by auditing programs. 5. Use IRC (Internet Relay Chat) to invite friends to the feast, or join the host to a botnet. 17

Clicking on the Wrong Button can Compromise your PC <- Example 18

From: insurance\@fdic. gov actually from 118. 223. 217. 179 =. @hanaro From: insurance\@fdic.gov actually from 118.223.217.179 = ?@hanaro.com (Seoul, KR) To: xxx-ece.gatech.edu Subject: FDIC Insurance Date: Sat, 8 Jan 2011 16:46:02 -0500 (EST) To whom it may concern, In cooperation with the Department Of Homeland Security, Federal, State and Local Governments your account has been denied insurance from the Federal Deposit Insurance Corporation due to suspected violations of the Patriot Act. While we have only a limited amount of evidence gathered on your account at this time it is enough to suspect that currency violations may have occurred in your account and due to this activity we have withdrawn Federal Deposit Insurance on your account until we verify that your account has not been used in a violation of the Patriot Act. As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on your account until such time as we can verify your identity and your account information. Please verify through our IDVerify below. This information will be checked against a federal government database for identity verification. This only takes up to a minute and when we have verified your identity you will be notified of said verification and all suspensions of insurance on your account will be lifted. http://fdic.gov Failure to use IDVerify below will cause all insurance for your account to be terminated and all records of your account history will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials. Donald E. Powell Chairman Emeritus FDIC link goes to: <http://haptered.com/fe45q2/index.php?027ed7c0a5cebf916dd3a0d05> 19

PGP (Pretty Good Privacy) -> GPG From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc., www.pgp.com 20

Access Control Yesterday almost all systems were protected only by a simple password that is typed in, or sent over a network in the clear. Techniques for guessing passwords (the common ones): 1. Try default passwords. 2. Try all short words, 1 to 3 characters long. 3. Try all the words in an electronic dictionary(60,000). 4. Collect information about the user’s hobbies, family names, birthday, etc. 5. Try user’s phone number, social security number, street address, etc. 6. Try all license plate numbers (123XYZ). These can be automated and run off-line if the password hash file is obtained. Prevention: Enforce good password selection (e.g., “c0p31an6-liKe5=Alvakad05” or “3Bm1ce-c-htr”) 21

Computer Infection Today Today many system compromises start by the hacker getting a user to load and run a program that installs a network backdoor and automated software, which in turn loads additional software, making the computer into a "bot" (robot). These bots join a peer-to-peer network, and can infect other computers directly over the network. They also can be commanded by the "bot master" to setup phony Web sites and send HTML emails that download exploit software into other computers. We'll discuss different attacks that are used to steal password and other identity information, and to misdirect Web browsers to phony Web sites. 22

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.