1. HOME SCHOOL FOR NETWORK SECURITY James Coffey Network Security & Electronics Program Dept. of Applied Engineering & Technology Eastern Kentucky University

2. 2 OUTLINE Motivation Introduction Problem Statement Assumptions Proposed solution Results Video Conclusions Future Work References Acknowledgements

3. 3 MOTIVATION A strong desire to have up-to-date, hands-on skills Institutions struggle to facilitate up-to-date training in regards to defense against cyber criminals Technology is advancing at a rapid pace in today’s society Many of the quality hands on trainings sessions I have found concerning network or cyber security have been extremely out of my financial grasp

4. 4 INTRODUCTION Kentucky statutes concerning computer crime Unlawful access to a computer in the first, second, third, and fourth degree Only one is a misdemeanor the other three are felonies Misuse of computer information, also a felony Research shows to avoid negative legal repercussions and gain these skills, one must have an environment in which they are legally authorized to do so and many can not accept that liability at a reasonable cost

5. 5 PROBLEM STATEMENT Network security is a growing concern in our technologically dependent society. One that many institutions are unable to provide up-to- date training for due to ethical and legal concerns along with the pace of its needed evolution. Many of the avenues that do provide this needed, hands-on training are very costly and almost unattainable to persons with interest who have little funds or lack the support of a corporation.

6. 6 ASSUMPTIONS Assume that an individual with limited funds is interested in this field or that they are not already employed and supported in the field of network security Also assume that the user desires to stay with in the limits of the law Assume that the user has basic knowledge of network administration or access to Google or YouTube

7. 7 PROPOSED SOLUTION Research shows that the key concern is authorization The surest way one can prove authorization was to conduct these experiments on ones own personal network Search for an affordable way to have a network Several books were purchased on the needed skills for far less than one course-required text A Raspberry Pi for twenty-five dollars An inexpensive router Then on hand devices are repurposed Some devices that others wanted rid of are repaired and repurposed Become familiar with open source

8. SOLUTION CONTINUED Turn the Raspberry Pi into a penetration device Add Air Crack-ng and Motion Configure for multi-platform remote control 8

9. SOLUTION CONTINUED Combine refurbished and repurposed equipment to make a mock network with IDS & wireless access 9

10. SOLUTION CONTINUED Combine refurbished and repurposed equipment to make a learning center to access attack, defense, and research sources 10

11. SOLUTION CONTINUED Build a network you are authorized to learn in 11

12. RESULTS This environment has provided more in-depth knowledge and hands-on experience with: Logs, rules, and configurations of firewalls Logs, rules, and configuration of intrusion detection systems False positives, false negatives Network protocols and ports 12

13. RESULTS CONTINUED Auditing tools 13

14. RESULTS CONTINUED Linux Code and programing Wireless and land defense and exploits Hardening The thinking of those we protect against This environment was used for Botnet research for the group project as well 14

15. RESULTS CONTINUED After comparing what I have learned from this in a short time to my college loans, I decided Home School deserved a raise 15

16. Home School for Network Security https://youtu.be/PPD5fsuwVq0

17. 17 CONCLUSIONS This has been the most beneficial tool I have in training for network security This project has required use of all my prior knowledge of networking and allowed me to gain hands on experience with it and more new knowledge than I knew I would be able too gain I can now rapidly dedicate a virtual or physical system to the study of new exploits or products I can learn at my pace in the field of my interests

18. 18 FUTURE WORK I believe that this type of learning environment could have a significant impact on filling the void of much needed security professionals I am currently adding a database to the mock defense network to research database vulnerabilities and exiting techniques To become more familiar with SQL XSS PHP HTML JAVA

19. REFERENCES Shotts, W. (2012). The Linux Command Line a Complete Introduction. San Francisco: No Starch Press. Lrc.ky.gov,. (2015). Kentucky Legislature. Retrieved 4 May 2015, from http://www.lrc.ky.gov/http://www.lrc.ky.gov/ Szymon Machajewski. (2012, September 13). Intrusion Detection Systems – Lecture – Introduction to Security Principles CO212 [Video file]. Retrieved from https://www.youtube.com/watch?t=142&v=c6T4Dnixc0k https://www.youtube.com/watch?t=142&v=c6T4Dnixc0k 19

20. ACKNOWLEDGEMENTS Thanks to Professor Jeff Kilgore for showing me there is more than a next button and how to go find it. Professor Ray Richardson for encouraging me to seek value and knowledge everywhere. Professor Chandra Viggs for making me write more and guidance. My classmates Most of all Papa and my wife, Amanda Coffey for letting me put my hammers down. 20