Download presentation
Presentation is loading. Please wait.
1
Network Security Basics: Malware and Attacks
CHAPTER 12 SUMMARY Network Security Basics: Malware and Attacks Name: Mohammad Khalifa Aldossary ID: Major: Management Information Systems Supervised by: Prof. Mohammad Rafiq
2
Objectives of the Chapter
You will learn how to: Work with connection control and transmission control concepts Develop the planning and control techniques associated with network security Work with the various types of threats to networks
3
Outline Introduction Engineering the Network: Ensuring a Proper Design
2.1. Connection Control 2.2. Enforcing Connection Control: The Firewall 2.3. Transmission Control Defending Networks from Attacks 3.1. Threats to Information: Malicious Code 3.2. Malicious Attacks 3.3. The Role and Use of Policy Managers Cyber-Terrorism Managing and Defending a Network 5.1. Network Security Management and Planning 5.2. Network Defense in Depth: Maintaining a Cable Architecture
4
1. Introduction
5
1. Introduction The global information grid offers enormous opportunities with endless challenges In the information assurance process, the network security function guards against threats to electronic communication Network security: protects electronic communication from unauthorized: Modification Destruction Disclosure Ensures that an increasing number of diverse attacks do not harm the distributed critical information infrastructure Network security has a dual mission: It must ensure the accuracy of the data transmitted It must protect confidential information processed, stored on, and accessible from networks
6
1. Introduction The role of network security function is to ensure the components of the network: Operate correctly Satisfy design requirements The information transmitted retains its fundamental integrity We will not approach network security as a technical assurance function in this chapter Instead, we will present network security from the perspective of how it fits within the information assurance process
7
2. Engineering the Network: Ensuring a Proper Design
8
2. Engineering the Network: Ensuring a Proper Design
Physical infrastructure of networks is classified as: Network Intranet Extranet Internet Hardware-based Switches Hubs Cables Routers Software-based Connection control Transmission control To ensure security, security architects implement technological countermeasures such as firewalls, IDSs, and strong authentication
9
2. Engineering the Network: Ensuring a Proper Design
2.1. Connection Control 2.2. Enforcing Connection Control: The Firewall It establishes and regulates the relationship between a computer and a network It, also, ensures reliable transfer of messages between a sender and a receiver and performs some transmission error connection A firewall is essentially a filter dedicated to securing network connections Firewalls enforce access rights and protect the network from external systems Firewalls regulate access between trusted networks and un-trusted ones (Internet) Firewalls are high-level software that sit on the router end of the physical network Firewalls have to be able to distinguish between unsolicited traffic and inbound traffic requested by an internal user
10
2. Engineering the Network: Ensuring a Proper Design
2.3. Transmission Control It regulates the actual transmission process Transmission control ensures that the communication between two devices is flowing properly Effective transmission control supports the integrity and availability of network data
11
3. Defending Networks From Attacks
12
3. Defending Networks from Attacks
A unique security problem with networks is their level of interconnectedness There are two broad categories of networks threats: Malicious code Malicious direct attack
13
3. Defending Networks from Attacks
3.1. Threats of Information: Malicious Code Malicious code is virulent Malicious code categories transmitted through network: Viruses: pieces of code attached to a host program to propagate or replicate when the host is executed Worms: a self-contained program capable of spreading copies of itself or its segments to other computer systems via network connections or attachments Denial of Service (DoS): prevent legitimate users from using their servers and networks because of the actions of the worm Logic bombs: destructive programs installed in a system by individuals and only activated by specified parameters Trojan horses: introduce harmful things under the guise of a useful program Spyware: propagates from websites, installs itself in a PC, then monitors the user’s computing habits and personal information, and it sends data to a third party Adware: opens a computer to ads delivered from the internet
14
3. Defending Networks from Attacks
3.2. Malicious Attacks The best way to counteract a network attack is to anticipate it and have the measures in place to either stop it or mitigate the harm Network attacks fall into seven general categories: Password attacks Insider attacks Sniffing IP spoofing Denial of service Man-in-the-middle attacks Application layer attacks
15
3. Defending Networks from Attacks
Automated policy managers are effective tools for defending organizations from unauthorized access They provide the ability to filter network transactions through custom policies They provide an effective way to monitor a large number of online transactions that cross a network They control the distribution of unsuitable or offensive content and inappropriate activities They enable central control and efficient management of network access and use 3.3. The Role and Use of Policy Managers The major advantage of a policy manager is that it regulates the enterprise’s traffic
16
4. Cyber-Terrorism
17
1. Prepare and prevent 2. Detect and respond 3. Build strong foundations Security System Against cyber-terrorists 4. Cyber-Terrorism The goal of cyber-terrorism is to harm or control key computer systems or computer controls to achieve some indirect aim, such as: To destroy a power grid To take over a critical process Cyber-terrorist potential targets are: Power plants Nuclear facilities Water treatment plants Government agencies
18
5. Managing and Defending a Network
19
5. Managing and Defending a Network
Just like any other processes, good management is an essential factor in defending a network 5.1. Network Security Management and Planning Effective network management processes are: Creating Usage Policy Statements In three steps: Specifies the proper use of each network component Tailors the rules for each component Defines the acceptable use policies (AUP) 2. Conduct Risk Analysis It is executed to identify the risks to a particular network, its equipment, resources, and data There are three levels of threats: Low-risk Medium-risk High-risk Also, it identifies the types of users and their privileges 3. Establish a security team Once the network security requirements are fully understood, the organization assembles and trains people reasonable for the actual implementation. They are NETSEC management team
20
5. Managing and Defending a Network
5.2. Network Defense in Depth: Maintaining a Cable Architecture Illustrated in figure 15 – 4 below:
21
Thanks for Listening Q’s & A’s Read more about it from >>>
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.