1 Vulnerability of Complex Networks Prepared for: ACS Contact: Stuart S. Wagner September 20, 2012 “Only the Paranoid Survive” –

Slides:

Advertisements

Similar presentations

Multihoming and Multi-path Routing

Advertisements

Cellular Networks.

ETHICAL HACKING.

Honeypots Presented by Javier Garcia April 21, 2010.

Vulnerability of Complex System Lokaltermin des ETH-Präsidenten Mittwoch, 1. Juli 2009 Laboratory for Safety Analysis.

Wireless Security Threats and Solutions By: Shirene Turpin & Rob Waight.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.

Information Survivability Control Systems Earl Crane Security Architecture and Analysis Thursday, September 07, 2000.

PSMC Proxy Server-based Multipath Connection CS 526 Advanced Networking - Richard White.

The Way Ahead for Information Systems Security: What You Don’t Know Can Hurt You Christopher Baum Research Vice President Global Government NYSCIO Conference.

Challenge: Securing Routing Protocols Adrian Perrig

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

1 Security and Privacy in Sensor Networks: Research Challenges Radha Poovendran University of Washington

Lecture 11 Reliability and Security in IT infrastructure.

Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.

“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Web Security Demystified Justin C. Klein Keane Sr. InfoSec Specialist University of Pennsylvania School of Arts and Sciences Information Security and Unix.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.

A Comprehensive Guide to Mobile Targeted Attacks (and What Can You Do About It) Ohad Bobrov, CTO twitter.com/LacoonSecurity.

SCOTT KURODA ADVISOR: DR. FRANZ KURFESS Encouraging Secure Programming Practice in Academia.

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.

1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Happy Network Administrators  Happy Packets  Happy Users WIRED Position Statement Aman Shaikh AT&T Labs – Research October 16,

It’s Not Just You! Your Site Looks Down From Here Santo Hartono, ANZ Country Manager March 2014 Latest Trends in Cyber Security.

CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.

INFORMATION SECURITY & RISK MANAGEMENT SZABIST – Spring 2012.

Draft-ietf-v6ops-scanning-implications-00 IPv6 Implications for Network Scanning Tim Chown University of Southampton (UK) IETF 66,

The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”

Research Recommendations for the Broadband Taskforce Agenda November 23, 2009.

Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.

 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

STORMWATER UTILITY MANAGEMENT SYSTEM (SUMS) GIS Application with Web Service Data Access.

Detecting Attacks on Internet Infrastructure and Monitoring of Service Restoration in Real Time Andy Ogielski FCC Workshop on Cyber Security 30 September.

McLean HIGHER COMPUTER NETWORKING Lesson 13 Denial of Service Attacks Description of the denial of service attack: effect: disruption or denial of.

Ethical Hacking License to hack. OVERVIEW Ethical Hacking ? Why do ethical hackers hack? Ethical Hacking - Process Reporting Keeping It Legal.

SOFTWARE ENGINEERING MCS-2 LECTURE # 2. ATTRIBUTES OF GOOD S/W  Maintainability;  S/w should be written in such a way that it may evolve to meet the.

Computer Security By Duncan Hall.

Web Security Introduction to Ethical Hacking, Ethics, and Legality.

Paul Beraud, Alen Cruz, Suzanne Hassell, Juan Sandoval, Jeffrey J Wiley November 15 th, 2010 CRW’ : NETWORK MANEUVER COMMANDER – Resilient Cyber.

VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.

SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.

Routing Loop Attack Using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations (RFC 6324) Po-Kang Chen Oct 19,

Survivability in IP-over-WDM Networks. Introduction Multilayer network architecture is moving into IP-optimized two-layer architecture. ․ They have same.

Challenges and  Goal: remove critical stuff remove critical stuff but: keep enough info to stay useful but: keep enough info to stay.

Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?

If we don’t subnet and use as our subnet mask then we use all of our IP addresses on one network. This is not an efficient use of our Class.

Constraints on Automated Key Management for Routing Protocols

Jim Lockard, ENP Brian Knueppel C. A. Patrick Voigt, ENP

Enumeration The First Step.

Seminar On Ethical Hacking Submitted To: Submitted By:

Pertemuan 23 IP Routing Protocols

Software Security Testing

Cyber Security: State of the Nation

Wireless Network Security

Authors – Johannes Krupp, Michael Backes, and Christian Rossow(2016)

Challenges We Face On the Internet

Introduction to Networking

Wenjing Lou Complex Networks and Security Research (CNSR) Lab

Privacy Through Anonymous Connection and Browsing

Virtual Private Network

I UNDERSTAND CONCEPTS OF CYBERSECURITY

Resilient Aggregation in Sensor Networks

Network Traffic and Cybersecurity

IP Addresses & Ports IP Addresses – identify a device on a network

Presentation transcript:

1 Vulnerability of Complex Networks Prepared for: ACS Contact: Stuart S. Wagner September 20, 2012 “Only the Paranoid Survive” – Andy Grove

2 Problem Statement Inadvertent misconfiguration responsible for huge percentage of IP network downtime and vulnerabilities −Think what intentional, malicious misconfiguration could do Fundamentally more powerful botnets are on the horizon Black Hat Conference regularly features the latest hacks of routers, cellular networks, middleboxes, control planes,… Network standards organizations and protocol developers don’t usually address the most pernicious attack vectors Offense is generally easier and cheaper than defense, and is getting more so as networks become more complex You can’t afford infinite resilience against all possible vulnerabilities and threats

3 Challenges for Network Resilience Getting the most bang for the buck in the face of unanticipated vulnerabilities and unforeseen attacks −How do you even know when you have made a good investment? −What metric do you utilize to quantify the gain in trustworthiness and reliability for a given investment? Providing different levels of resilience for different users, organizations, and missions −When does the cost of failure out-weigh the cost of resilience? −How do assign a probability, or a cost, to an unforeseen failure or attack mode? How can we design networks to make them fundamentally less vulnerable to attack? Is this even possible?