Polytechnic University Introduction1 CS 393/682: Network Security Professor Keith W. Ross.

Slides:

Advertisements

Similar presentations

Chapter 1  Introduction 1 Chapter 1: Introduction.

Advertisements

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 5 Omar Meqdadi Department of Computer Science and Software Engineering University of.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

(4.4) Internet Protocols Layered approach to Internet Software 1.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Firewalls and Intrusion Detection Systems

Introduction to Security Computer Networks Computer Networks Term B10.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

IS Network and Telecommunications Risks

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World

CS 325 Computer Networks Sami Rollins Fall 2003.

Lecture 3 Introduction 1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit.

1-1 Internet Overview: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit switching, packet.

Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

University of Calgary – CPSC 441.  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Chapter Threats in Networks Network Security / G. Steffen.

CPSC 441 TUTORIAL TA: FANG WANG NETWORK SECURITY.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 

Firewalls A note on the use of these ppt slides:

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

CERN’s Computer Security Challenge

Introduction to Network Security J. H. Wang Feb. 24, 2011.

Honeypot and Intrusion Detection System

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Network Security by Behzad Akbari Spring 2012 In the Name of the Most High.

Introduction of Internet security Sui Wang IS300.

@Yuan Xue CS 285 Network Security Fall 2008.

--Harish Reddy Vemula Distributed Denial of Service.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

The Internet TexPREP Summer Camp Computer Science.

Network Security CSC332. Dr. Munam Ali Shah PhD: University of Bedfordshire MS: University of Surrey M.Sc: University of Peshawar Serving COMSATS since.

CS 3830 Day 5 Introduction 1-1. Announcements  Program 1 due today at 3pm  Program 2 posted by tonight (due next Friday at 3pm)  Quiz 1 at the end.

CSC 382: Computer SecuritySlide #1 Firewalls. CSC 382: Computer SecuritySlide #2 Single Host Firewall Simplest type of firewall—one host acts as a gateway.

Another perspective on Network Security Network Security Essentials: Applications and Standards, 4/E William Stallings ISBN-10: ISBN-13:

University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department INTRODUCTION TO COMPUTER NETWORKS Dr. Abdelhamid.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 4: Securing IP.

Introduction1-1 Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 1 Omar Meqdadi Department of Computer Science and Software Engineering.

1 Introduction to Malcode, DoS Attack, Traceback, RFID Security Cliff C. Zou 03/02/06.

Introduction 1-1 Chapter 1 Introduction Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.

CPSC441 Computer Communications Aniket Mahanti Introduction 1-1.

CPSC 441 TUTORIAL – APRIL 4, 2012 TA: MARYAM ELAHI NETWORK SECURITY.

Network Security Introduction

science/internet-intro

Firewalls Fighting Spyware, Viruses, and Malware Ch 5.

1 NES554: Computer Networks Defense Course Overview.

Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis  Match the technologies used with the security need  Spend time and resources covering the most.

Introduction1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit switching,

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.

@Yuan Xue CS 285 Network Security Fall 2013 Yuan Xue.

@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.

SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.

Network System Security - Task 2. Russell Johnston.

Instructor Materials Chapter 7 Network Security

EN Lecture Notes Spring 2016

* Essential Network Security Book Slides.

Introduction to the course

Firewalls Routers, Switches, Hubs VPNs

CNT 4704 Analysis of Computer Communication Networks

Presentation transcript:

Polytechnic University Introduction1 CS 393/682: Network Security Professor Keith W. Ross

Polytechnic University Introduction2 Networks under attack r What can wrong? r How are computer networks vulnerable? r What are some of the more prevalent attacks today?

Polytechnic University Introduction3 The bad guys can put malware into your host via the Internet r We connect our hosts to the Internet to get good stuff: m , web pages, mp3s, video clips, search results, etc. r But along with the good stuff, comes the malware, which can: m Delete files m Install spyware that collects private info m Enroll our compromised host in a botnet thousands of similarly compromised devices which can be leveraged for DDoS attacks and spam distribution

Polytechnic University Introduction4 Malware: self-replicating r Once it infects one host: m seeks entry into other hosts m and then into yet more hosts r Virus m Requires some form of human interaction to spread m Classic example: viruses r Worms m No user interaction needed m Worm in infected host scans IP addresses and port numbers, looking for vulnerable processes to infect r Trojan horse m Hidden, devious part of some otherwise useful software

Polytechnic University Introduction5 The bad guys can attack servers & network infrastructure Denial of Service (DoS): Diminishes usability of network host, network, or network infrastructure. r Vulnerability attack: Attacker sends well-crafted messages to a vulnerable app or OS, crashing service or host. r Bandwidth flooding: Attacker sends a deluge of packets to the targeted host. Target’s access link becomes clogged.. r Connection flooding: The attacker establishes large number of half- or fully-open TCP connections at the target host. Target becomes incapable of accepting legitimate connections.

Polytechnic University Introduction6 The bad guys can sniff packets r Passive sniffers near wireless transmitters r Wired environments too. m Many LANs broadcast m Residential cable access systems broadcast m Bad guys with access to internal network infrastructure can install sniffers. r Packet sniffers are passive m and therefore difficult to detect.

Polytechnic University Introduction7 The bad guys can masquerade as someone you trust r Easy to create packet w/ arbitrary source address, packet content & dest address m then transmit packet into the Internet m which forwards the packet to its destination. The bad guys can modify or delete messages r Man-in-the-middle: bad guy inserted in path between two communicating entities r Sniff, inject, modify, delete packets r Compromise integrity of data sent btwn 2 entities

Polytechnic University Introduction8 How did the Internet get to be such an insecure place? r Originally for a group of mutually trusting users attached to a transparent network. m By definition, no need for security r Mutual trust m By default, can send a packet to any other user m IP source address taken by default to be true r Today, communication between trusted users is the exception rather than the rule

Polytechnic University Introduction9 Course Goals r Become expert in Internet protocols r Understand the types of problems m Survey some attacks m Become familiar with some attack tools r Understand the basic network security tools to counter the attacks m Become familiar with firewall, IDS, VPN configuration r Focus on principles rather than technology trends, current events r Examine some advanced research topics

Polytechnic University Introduction10 Topics covered r Network attacks m reconnaissance, sniffing, port scanning, DDoS, TCP hijacking r Firewalls and intrusion detection r Cryptography m Symmetric key, public key, integrity r Secure protocols m PGP, SSL, IPsec, secure Wi-Fi r Advanced topics m IP source traceback m Reputation systems m VoIP security m P2P security

Polytechnic University Labs r 1) Wireshark: TCP/IP review r 2) Wireshark: SSL r 3) IPsec and VPNs r 4) IKE (key negotiation for IPsec) r 5) IPmodules (firewalls) r 6) Network mapping with nmap Introduction 11

Polytechnic University Introduction12 Prerequisites r CS 684 or equivalent course on computer networking m with a heavy dose of TCP/IP r Proficiency in Linux r CS 392/681 are NOT prerequisites

Polytechnic University Introduction13 Recommended Books r Course PowerPoint slides r Network Security Essentials, William Stallings, 1992, Prentice Hall; decent introduction to cryptography and secure protocols. r Computer Networking, 4 th Edition, Kurose and Ross, 2007: for networking and TCP/IP background material, cryptography and secure protocols r Counter Hack, 2nd Edition, Ed Skoudis, 2005, for material in first few lectures on attacks r Network Security, Private Communication in a Public World, C. Kaufman, R. Perlman, M. Speciner, Prentice Hall, 1995; more advanced.