Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj

Published byCorey Lawson Modified over 9 years ago

Similar presentations

Presentation on theme: "Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj"— Presentation transcript:

1 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th

2 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Goals of Security Ensure the only authorized individuals have access to information Preventing unauthorized creation, alteration, or destruction of data Ensuring that legimate users are not denied access to information Ensuring that resources are used in legitimate way

3 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Classication of Security Communication security –signal Computer security –user permission –file sharing access control

4 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Classication of Security (secondary) Classication of Security Physical security: locks on doors, access badges, biometrics Personnel security: employee screening Administrative security: investigation of security breaches, policy Information/data security: controlling the reporduction of sensitive material Online security: controlling access to online data

5 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Classication of Security Violation Cracking Spoofing Snooping Social Engineering Denial of Service

6 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Cracking Often called as “Hacking” Break through the security by using the knowledge of –Software Engineer –Computer Network –Operating System –etc. Classification of Security Violation

7 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Cracker few real crackers (super crackers) other cracker used –asking expert –public available information (WWW) protected by –security report –patches, updates and hot fixes Classification of Security Violation: Cracking

8 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Spoofing Act as the others, e.g. –fake e-mail: e.g. sending an e-mail by pretending to be other (theoritical can be any name) –fake IP: e.g. to gain accesses to the prohibit area Classification of Security Violation http://www.data.com/roundups/images/vpn_servers_figure1.html

9 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Spoofing Starting point for other security violation False information protected by –digital signature –digital certification Classification of Security Violation

10 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Snooping Steal information during transmission Hardware: –Packet Sniffer –usually need access to the physical network Software: –capture keystroke Classification of Security Violation

11 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Snooping cont. Other: –Trashing (happened to credit card number) protected by: –encryption –security access control Classification of Security Violation

12 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Social Engineering Talking between user and cracker Serious and Common protected by: –policy –knowledge of users Classification of Security Violation

13 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Denial of Service attack the weakness of the network, e.g. –spamming e-mail (mail bomb) –spamming web request –WinNuke protected by: –hot fixes & patches –firewall –logging system Classification of Security Violation

14 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Benefit of Security Confidentiality Authentication (including access control) Message Digest (including data integrity) –protect unknown modification, e.g. virus –sampling keywords of the information and do the encryption Non-repudiation: digital signature & certification

15 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Potential Security Risk Lack of safeguards poorly configured & administered systems basic security problems with communication protocol (IP, TCP, UDP) faulty service program basic security problem with service programs (WWW, FTP)

16 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) General rules for Protection software current & update –fixed & patch & upgrade encrypt sensitive information train user & administrator –password & security –policy monitoring: 100% monitor --> 100% secure

17 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Standard Technology on Security firewall: packet filtering & proxyfirewall: Intrusion Detection Systems: Detect the attack before it happensIntrusion Detection Systems: Network Address Translation: Not design for scurity but generate a high-level of securityNetwork Address Translation: encryption –VPN (virtual private network)VPN –digital signature & certificationdigital signature & certification General rules for Protection

18 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Emerging Technology on Security encryption –SET, S-HTTP, IPSec (IP Security Protocol), SSL or TLS (Transport Layer Security), CDSA (Common Data Security Architecture), XBSS (Baseline Security Services), XDAS (Distribute Audit Service), XSSO (Single Sign On) General rules for Protection

19 Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Reference Books Developing Secure Commerce Applications by Online O’Reilly Web Development Courses (http://208.233.153.3/oreilly/security/westnet: 1999)

Download ppt "Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj"

Similar presentations

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.

E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.
Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj

Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Risks, Controls and Security Measures

Risks, Controls and Security Measures
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Chapter 19 Security.

Chapter 19 Security.

Similar presentations

Ads by Google