Internet Continuous Situation Awareness
|
|
- Blaise Sherman
- 5 years ago
- Views:
Transcription
1 Internet Continuous Situation Awareness Prof. Dr. Norbert Pohlmann Institute for Internet Security - if(is) University of Applied Sciences Gelsenkirchen
2 Content Structure of the Internet Internet Situation Awareness Internet Analysis System (IAS) Global View Summary 2
3 Content Structure of the Internet Internet Situation Awareness Internet Analysis System (IAS) Global View Summary 3
4 Structure of the Internet Example: Analysis Internet Germany Most important Autonomous Systems for Germany 4
5 Data volume / month in Germany Estimation (2007) A view on data streams exchanged between the networks (AS)! AS AS PRIVATE PEERING 50 Peta Byte (33%) AS AS INTERNAL 30 Peta Byte (20 %) autonomous System (AS) AS AS TRANSIT (Global ISP) 40 Peta Byte (27%) PUBLIC PEERING 30 Peta Byte (20%) TRANSIT (Customer) 150 Peta Byte (100%) AS AS 100 Peta Byte (66 %): private user 50 Peta Byte (33 %): business customer 1 Peta Byte = Giga Byte 5
6 Structure of the Internet Conclusion Various stakeholders + =? The Internet is more or less like a black box to the various stakeholders. The Internet has become critical in some parts by now. One reason is the lack of global monitoring and controlling for the distributed infrastructure. When using the Internet today various stakeholders just need trust, that everything will be fine. Situation awareness will help the various stakeholders during their decision-making-process. 6
7 Content Structure of the Internet Internet Situation Awareness Internet Analysis System (IAS) Global View Summary 7
8 Internet Situation Awareness Definition The term Situation Awareness (SA) comes from the area of air traffic control and military command & control. Generic definition of the term Situation Awareness (SA) is: Situation Awareness is the perception of the elements in the environment within a volume of time and space, the comprehension of their meaning and the projection of their status in the near future. (Defined by Endsly) 8
9 Internet Situation Awareness Added value Situation Awareness (SA) is essential not just for the home user to strengthen the trust in using the Internet, but also for representatives of the government for Internet Governance to make strategies for the further development or for enterprises planning to use the Internet as a reliable platform for business. The understanding of the environment is crucial for process of decision making and a perfect Situation Awareness will reflect positively in the actions of the stakeholders. This will already help to reduce the potential disaster risk. 9
10 Content Structure of the Internet Internet Situation Awareness Internet Analysis System (IAS) Global View Summary 10
11 Internet Analysis System Idea Observation of the critical infrastructure Internet. Probes are placed in strategically selected spots of the internet communication infrastructure to gather the raw data, made up of counters of header information. Only header information is counted, which is not considered as data privacy relevant. The system gathers information over a long period of time! A centrally managed Evaluation System is used to analyze the raw data and to display the detailed results in an intuitive manner. Internet Evaluation System IAS 11
12 Internet Analysis System Targets Description of profiles, patterns and coherences, creation of a knowledge base. Outline of the current state of the internet. Detection of attacks and of deflections. Forecast of patterns and attacks. 12
13 Internet Analysis System Counting of header information (1/2) Number of Counters: - Max: Real-Ø:
14 Internet Analysis System Counting of header information (2/2) Counter Value All of this information is completely anonymous by design! Time 14
15 IAS: Current State of Development Result: Knowledge base Distribution of Transport Protocols Profile shaping und trend development TCP UDP ESP IGMP GRE weekend TCP 89% UDP 7% ICMP 15
16 IAS: Current State of Development Result: Knowledge base SMTP Content Type 60% text Mails 33 % attachments 4%: text/html 26%: text/plain 33%: multipart/mixed 30%: multipart/alternative 16
17 IAS: Current State of Development Result: Detection of attacks (1/2) SMTP Content Type Temporarily more s with attachments -> Mail-(Wurms/Virus)! multipart/mixed 17
18 Knowledge Base - IAS Result: Detection of attacks (2/2) PDF Spam Wave Port 25 Application/PDF 18
19 IAS: Current State of Development Result: Technology trend Distribution of browsers (Technology Trend) Diurnal profile Differences between manual use (e.g., Internet Explorer und Firefox) and automated use (e.g., wget) are detectable. Firefox Internet Explorer Firefox Internet Explorer Others Others (wget, etc) 19
20 IAS: Current State of Development Result: Awareness (Crypto used TLS)!! 0.1 %: RSA / Export (40) / SHA1 and 0.01 %: RSA / NULL / SHA1!! 60%: RSA / RC4 / MD5 33%: DHE_RSA AES / SHA1 6 %: RSA AES / SHA1 20
21 IAS: Current State of Development Result: Access-Connection (1/2) Distribution of protocols (sum) P2P HTTPS HTTP 21
22 IAS: Current State of Development Result: Access-Connection (2/2) Distribution of protocols (over the time) P2P HTTP 22
23 IAS: Current State of Development Result: Technology trend (Firefox vs. IE) Firefox Internet-Explorer 23
24 IAS: Current State of Development Result: Technology trend (TCP Dst Port 25) TCP Destination Port 25 (SMTP) 24
25 IAS: Current State of Development Continuous Situation Awareness 25
26 Content Structure of the Internet Internet Situation Awareness Internet Analysis System (IAS) Global View Summary 26
27 Idea of the Global View Overview virtual probe local view local view P1 global view Generation of global view Central System global view global view local view P2 global view local view P3 local view local view probes 27
28 Idea of the Global View Relation of used protocols Global representation of the relation of different protocols (Example: Web communication) 11% Port 443 (TLS/SSL) 13% Port 443 (TLS/SSL) 89 % Port 80 (HTTP) 87 % Port 80 (HTTP) local view global view 28
29 Anomaly detection Detection of Malware Dangers on the internet (e.g.: attachment ZIP) local view global view 29
30 Internet Situation Awareness Project idea Internet Object: Internet Critical Assets This will help to: global data sensors statistics PPP partners improve the stability and trustworthiness of the Internet, raise awareness for critical processes or components, and find out more about the Internet and its users in order to better support to their needs and service demands... 30
31 Internet Situation Awareness Related work Sensor level: Log-data based Honeypot based Netflow based Analysis level: Pattern recognition Neural network models Data Mining algorithm System level: Symantec - DeepSight Theat Management System DShield.org - Internet Storm Center of the SANS MOMENT, LOBSTER - pan-european platform CarmentiS project of the German CERTs 31
32 Content Structure of the Internet Internet Situation Awareness Internet Analysis System (IAS) Global View Summary 32
33 Internet Situation Awareness Summary The internet is a critical infrastructure for our society. We need a trusted infrastructure (Internet) to protect our future. Analogical to natural disaster warning systems, like the Tsunami warning system, we need Continuous Situation Awareness and a Early Warning System for the Internet to be able to issue countermeasures before the actual threat strikes at us. If you can t measure it, you can t manage it! Let us start to measure the Internet together! 33
34 Internet Continuous Situation Awareness Thank you for your attention! Questions? Prof. Dr. Norbert Pohlmann Institute for Internet Security - if(is) University of Applied Sciences Gelsenkirchen
European Internet Situation Awareness The Global View
European Internet Situation Awareness The Global View Prof. Dr. Norbert Pohlmann Institute for Internet Security - if(is) University of Applied Sciences Gelsenkirchen http://www.internet-sicherheit.de
More informationIP Reputation Exchange security research
IP Reputation Exchange e-mail security research Prof. Dr. Norbert Pohlmann Institute for Internet Security if(is) University of Applied Sciences Gelsenkirchen http://www.internet-sicherheit.de Content
More informationThe next step in IT security after Snowden
The next step in IT security after Snowden Prof. Dr. (TU NN) Norbert Pohlmann Institute for Internet Security - if(is) Westphalian University of Applied Sciences Gelsenkirchen, Germany www.internet-sicherheit.de
More informationCyber Security in Europe
Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing
More informationDenial of Service Protection Standardize Defense or Loose the War
Denial of Service Protection Standardize Defense or Loose the War ETSI : the threats, risk and opportunities 16th and 17th - Sophia-Antipolis, France By: Emir@cw.net Arslanagic Head of Security Engineering
More information4. The transport layer
4.1 The port number One of the most important information contained in the header of a segment are the destination and the source port numbers. The port numbers are necessary to identify the application
More informationAMP-Based Flow Collection. Greg Virgin - RedJack
AMP-Based Flow Collection Greg Virgin - RedJack AMP- Based Flow Collection AMP - Analytic Metadata Producer : Patented US Government flow / metadata producer AMP generates data including Flows Host metadata
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More information/08/$ IEEE 630
Sharing data between organization is important aspect of network protection that is not currently occurring since it is unsafe. This talk is about a suite of tools that can be used to scrub data (using
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationIntroduction to Networks
Introduction to Networks Khaled Harras School of Computer Science Carnegie Mellon University 15-349 Computer and Network Security Fall 2012 Some material borrowed from Hui Zhang and Adrian Perrig 1 Early
More informationValérie Andrianavaly European Commission DG INFSO-A3
Security and resilience in the Information Society: towards a CIIP policy in the EU Valérie Andrianavaly European Commission DG INFSO-A3 valerie.andrianavaly@ec.europa.eu Network and information security:
More informationDDoS Mitigation & Case Study Ministry of Finance
DDoS Mitigation Service @Belnet & Case Study Ministry of Finance Julien Dandoy, FODFin Technical Architect Grégory Degueldre, Belnet Network Architect Agenda DDoS : Definition and types DDoS Mitigation
More informationthis security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities
INFRASTRUCTURE SECURITY this security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities Goals * prevent or mitigate resource attacks
More informationENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationSecurity Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)
Security Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings) Lecture Outline Network Attacks Attive Attacks Passive Attacks TCP Attacks Contermeasures IPSec SSL/TLS Firewalls
More informationDDOS-GUARD Q DDoS Attack Report
DDOS-GUARD Q4 2017 DDoS Attack Report 02 12,7% Number of attacks also dropped by 12,7% in comparison with same period in 2016 4613 Total number of DDoS attacks 36,8% Number of attacks dropped by 36.8%
More informationInformation sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3
Information sharing in the EU policy on NIS & CIIP Andrea Servida European Commission DG INFSO-A3 Andrea.Servida@ec.europa.eu COM(2006) 251 - Towards a secure Information Society DIALOGUE structured and
More information3.2 COMMUNICATION AND INTERNET TECHNOLOGIES
3.2 COMMUNICATION AND INTERNET TECHNOLOGIES 3.2.1 PROTOCOLS PROTOCOL Protocol a set of rules governing the way that devices communicate with each other. With networks and the Internet, we need to allow
More informationHP Instant Support Enterprise Edition (ISEE) Security overview
HP Instant Support Enterprise Edition (ISEE) Security overview Advanced Configuration A.03.50 Mike Brandon Interex 03 / 30, 2004 2003 Hewlett-Packard Development Company, L.P. The information contained
More informationTLS 1.1 Security fixes and TLS extensions RFC4346
F5 Networks, Inc 2 SSL1 and SSL2 Created by Netscape and contained significant flaws SSL3 Created by Netscape to address SSL2 flaws TLS 1.0 Standardized SSL3 with almost no changes RFC2246 TLS 1.1 Security
More informationNational Cyber Security Strategy 2016
National Cyber Security Strategy 2016 26th of April 2017, Athens Samuel Rothenpieler, International Relations Advisor, Federal Office for Information Security (BSI) Mission Statement of the German Federal
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Security in Network Layer Implementing security in application layer provides flexibility in security
More informationComputer Science 461 Final Exam May 22, :30-3:30pm
NAME: Login name: Computer Science 461 Final Exam May 22, 2012 1:30-3:30pm This test has seven (7) questions, each worth ten points. Put your name on every page, and write out and sign the Honor Code pledge
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationIMPACT Global Response Centre. Technical Note GLOBAL RESPONSE CENTRE
Technical Note GLOBAL RESPONSE CENTRE INTRODUCTION IMPACT s Global Response (GRC) acts as the foremost cyber threat resource centre for the global. It provides emergency response to facilitate identification
More informationSecurity and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy
Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy Andrea Glorioso European Commission DG INFSO-A3 Andrea.Glorioso@ec.europa.eu Network and
More informationThe professional IT management platform
The professional IT management platform Total Control of Your IT Infrastructure Whether you are administrating your own IT, or providing services to your clients, with ITbrain you amaze with proactivity.
More informationWAP Security. Helsinki University of Technology S Security of Communication Protocols
WAP Security Helsinki University of Technology S-38.153 Security of Communication Protocols Mikko.Kerava@iki.fi 15.4.2003 Contents 1. Introduction to WAP 2. Wireless Transport Layer Security 3. Other WAP
More informationWEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING
WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING A STRONG PARTNER COMPANY Link11 - longstanding security experience Link11 is a European IT security provider, headquartered in Frankfurt, Germany
More informationA Strategy for a secure Information Society Dialogue, Partnership and empowerment
A Strategy for a secure Information Society Dialogue, Partnership and empowerment Gerard.Galler@ec.europa.eu European Commission DG Information Society & Media Unit INFSO/A3: Internet; Network & Information
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationNetwork Security Platform 8.1
8.1.7.91-8.1.7.44 Manager-Virtual IPS Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationNetwork Security Monitoring: An Open Community Approach
Network Security Monitoring: An Open Community Approach IUP- Information Assurance Day, 2011 Greg Porter 11/10/11 Agenda Introduction Current State NSM & Open Community Options Conclusion 2 Introduction
More informationExam : Title : Security Solutions for Systems Engineers(SSSE) Version : Demo
Exam : 642-565 Title : Security Solutions for Systems Engineers(SSSE) Version : Demo 1. SomeCompany, Ltd. wants to implement the the PCI Data Security Standard to protect sensitive cardholder information.
More informationX-ARF: A Reporting and Exchange Format for the Data Exchange of Netflow and Honeypot Data
X-ARF: A Reporting and Exchange Format for the Data Exchange of Netflow and Honeypot Data Jan Kohlrausch, Sven Übelacker, GÉANT 3 JRA2 T4: Internal deliverable DFN-CERT Services GmbH Hamburg, Germany Email:
More informationWhy IPv6? Roque Gagliano LACNIC
Why IPv6? Roque Gagliano LACNIC Agenda Initial Concepts. IPv6 History. What is IPv6? Planning IPv6. Agenda Initial Concepts. IPv6 History. What is IPv6? Planning IPv6. Some initial concepts. IPv6 is the
More informationDevelopment, Analysis and Evaluation of Cyber Resilience Strategies
Development, Analysis and Evaluation of Cyber Resilience Strategies Prof. Dr. Axel Lehmann Prof. Dr. Udo Helmbrecht Institut für Technische Informatik, Universität der Bundeswehr München, Germany European
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationConfiguring Application Visibility and Control for Cisco Flexible Netflow
Configuring Application Visibility and Control for Cisco Flexible Netflow First published: July 22, 2011 This guide contains information about the Cisco Application Visibility and Control feature. It also
More informationIPSec. Overview. Overview. Levente Buttyán
IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet
More informationCSCD 433/533 Advanced Networks
CSCD 433/533 Advanced Networks Lecture 2 Network Review Winter 2017 Reading: Chapter 1 1 Topics Network Topics Some Review from CSCD330 Applications Common Services Architecture OSI Model AS and Routing
More informationWP2 Metrics of Cyber Security
WP2 Metrics of Cyber Security WP2 Athens March 2018 CYBE Presented by: Jart Armin This work is performed within the SAINT Project (Systemic Analyser in Network Threats), with the support of the European
More informationFacing the Challenges of M2M Security and Privacy Phil Hawkes Principal Engineer at Qualcomm Inc. onem2m
Facing the Challenges of M2M Security and Privacy Phil Hawkes Principal Engineer at Qualcomm Inc. phawkes@qti.qualcomm.com onem2m www.onem2m.org 1 Overview onem2m Architecture: a quick review Challenges
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationA manual for understanding and using the Impex Control Center. SYSCTL AB - version 1.5
A manual for understanding and using the Impex Control Center SYSCTL AB - version 1.5 CONTENTS Contents Introduction 4 History....................................................... 4 Components.....................................................
More informationHow can the Future Internet
How can the Future Internet enable Smart Energy? Presented by Werner Mohr (Coordinator), Nokia Siemens Networks on behalf of the FINSENY project Smart Energy enabled by Future Internet Workshop FINSENY
More informationSecure management using HP Network Node Manager SPI for SNMPv3
IT Operations Network Management Secure management using HP Network Node Manager SPI for SNMPv3 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without
More informationCritical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016
Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange Dennis Denham Ssempereza - CISA, CISM, CRISC August 16, 2016 About me! Involved in Risk Management and Security
More informationLecture 10 Internet. ECE 197SA Systems Appreciation. Internet
Lecture 10 Internet ECE 197SA Systems Appreciation Internet Computer networks Infrastructure for large-scale distributed application Global data exchange between computers Essential for today s society
More informationEXAMINATION [The sum of points equals to 100]
Student name and surname: Student ID: EXAMINATION [The sum of points equals to 100] PART I: Meeting Scheduling example Description: Electronic meeting Scheduling system helps meeting initiator to schedule
More informationNetwork Forensics Prefix Hijacking Theory Prefix Hijacking Forensics Concluding Remarks. Network Forensics:
Network Forensics: Network OS Fingerprinting Prefix Hijacking Analysis Scott Hand September 30 th, 2011 Outline 1 Network Forensics Introduction OS Fingerprinting 2 Prefix Hijacking Theory BGP Background
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationSecurity and networks
Security and networks Creating a secure business in a hyper connected world SHIV K. BAKHSHI, PH.D. VP, INDUSTRY RELATIONS, GROUP FUNCTION TECHNOLOGY ITU Regional workshop, Algiers, Algeria, FeBruary 12,
More informationAccess Control. Access Control Overview. Access Control Rules and the Default Action
The following topics explain access control rules. These rules control which traffic is allowed to pass through the device, and apply advanced services to the traffic, such as intrusion inspection. Overview,
More informationSymantec Security.cloud
Data Sheet: Messaging Security filters unwanted messages and protects mailboxes from targeted attacks. The service has selflearning capabilities and Symantec intelligence to deliver highly effective and
More informationERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016
Abstract The Mirai botnet struck the security industry in three massive attacks that shook traditional DDoS protection paradigms, proving that the Internet of Things (IoT) threat is real and the grounds
More informationCyber Attack Information System CAIS. DI Thomas Bleier, MSc, CISSP, CEH
Cyber Attack Information System CAIS Cyber Attack Information System DI Thomas Bleier, MSc, CISSP, CEH 09.11.2012 AIT Austrian Institute of Technology Bundeskanzleramt Österreich Bundesministerium für
More informationNetworking Basics. EC512 Spring /15/2015 EC512 - Prof. Thomas Skinner 1
Networking Basics EC512 Spring 2015 2/15/2015 EC512 - Prof. Thomas Skinner 1 Protocols Protocols are required in order to allow information to be extracted from the stream of bits flowing from one point
More informationManaging the Emerging Semantic Risks
The New Information Security Agenda: Managing the Emerging Semantic Risks Dr Robert Garigue Vice President for information integrity and Chief Security Executive Bell Canada Page 1 Abstract Today all modern
More informationObjectives CINS/F1-01
Email Security (1) Objectives Understand how e-mail systems operate over networks. Classify the threats to the security of e-mail. Study how S/MIME and PGP can be used to add security to e-mail systems.
More informationSECURE INFORMATION EXCHANGE: REFERENCE ARCHITECTURE
SECURE INFORMATION EXCHANGE: REFERENCE ARCHITECTURE MAY 2017 A NEXOR WHITE PAPER NEXOR 2017 ALL RIGHTS RESERVED CONTENTS 3 4 5 6 8 9 10 11 12 14 15 16 INTRODUCTION THREATS RISK MITIGATION REFERENCE ARCHITECTURE
More informationWireless Networks (CSC-7602) Lecture 1 (27 Aug 2007)
Wireless Networks (CSC-7602) Lecture 1 (27 Aug 2007) Seung-Jong Park (Jay) http://www.csc.lsu.edu/~sjpark 1 Handouts Class information Schedule (check online frequently) 2 1 Goals Principles on Wireless
More informationProgressively Securing RIOT-OS!
+ Progressively Securing RIOT-OS! USABILITY AND NECESSITY OF SSL / TLS Slide 1 / 33 We re going to talk about: 1. Why is security important? 2. What is SSL? 3. Where is SSL being used? 4. Features: What
More informationState of Cloud Survey GERMANY FINDINGS
2011 State of Cloud Survey GERMANY FINDINGS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Cloud security is top goal and top concern.................................. 8 Finding 2: IT staff
More informationConfiguring OpenVPN on pfsense
Configuring OpenVPN on pfsense Configuring OpenVPN on pfsense Posted by Glenn on Dec 29, 2013 in Networking 0 comments In this article I will go through the configuration of OpenVPN on the pfsense platform.
More informationIt s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security
It s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security Pavel Minařík, Chief Technology Officer Neutral Peering Days 2018, The Hague Your customers depend on your
More informationDOWNLOAD PDF CISCO IRONPORT CONFIGURATION GUIDE
Chapter 1 : Cisco IronPort E-mail Security Appliance Best Practices : Part 3 - emtunc's Blog Cisco IronPort AsyncOS for Email Security Advanced Configuration Guide (PDF - 9 MB) Cisco IronPort AsyncOS for
More informationGrandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide
Grandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide Table of Contents SUPPORTED DEVICES... 5 INTRODUCTION... 6 GWN7000 VPN FEATURE... 7 OPENVPN CONFIGURATION... 8 OpenVPN
More informationIMF 2006, October 18 19, 2006 Torsten Voss & Klaus-Peter Kossakowski
Detecting New Patterns of Attacks Results and Applications of Large Scale Sensoring Networks IMF 26, October 18 19, 26 Torsten Voss & Klaus-Peter Kossakowski Contents Background and Motivation Algorithm
More informationSAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity
SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity 1. We, APEC Ministers responsible for the Telecommunications and Information Industry,
More informationSubscriber Data Correlation
Subscriber Data Correlation Application of Cisco Stealthwatch to Service Provider mobility environment Introduction With the prevalence of smart mobile devices and the increase of application usage, Service
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationAEGIS Advanced Big Data Value Chains for Public Safety and Personal Security
AEGIS Advanced Big Data Value Chains for Public Safety and Personal Security Dr. Yury Glikman AEGIS Project Manager Fraunhofer FOKUS 17 January 2017 Information and Networking Day ICT 14, 15, 16, 17 -
More informationCritical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.
Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach. By Christopher Ganizani Banda ICT Development Manager Malawi Communications Regulatory Authority 24-26th July,2016 Khartoum,
More informationNetwork Security and Cryptography. 2 September Marking Scheme
Network Security and Cryptography 2 September 2015 Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers to the questions,
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationACS / Computer Security And Privacy. Fall 2018 Mid-Term Review
ACS-3921-001/4921-001 Computer Security And Privacy Fall 2018 Mid-Term Review ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted and/or modified
More informationSTRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government
ATIONAL STRATEGY National Strategy for Critical Infrastructure Government Her Majesty the Queen in Right of Canada, 2009 Cat. No.: PS4-65/2009E-PDF ISBN: 978-1-100-11248-0 Printed in Canada Table of contents
More informationM AY 1 8, M E DA N, S U M AT E R A U TA R A
SECURE COMMUNICATIONS AND SECURITY AWARENESS 101 BY: DIMAS FEBRIAWAN, MTI, CEH M AY 1 8, 2 0 1 7 M E DA N, S U M AT E R A U TA R A 'The methods that will most effectively minimize the ability of intruders
More informationJunos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services
Junos Security Chapter 8: IPsec VPNs 2012 Juniper Networks, Inc. All rights reserved. www.juniper.net Worldwide Education Services Chapter Objectives After successfully completing this chapter, you will
More informationChapter 4: Securing TCP connections
Managing and Securing Computer Networks Guy Leduc Chapter 5: Securing TCP connections Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section
More informationARAKIS An Early Warning and Attack Identification System
ARAKIS An Early Warning and Attack Identification System Piotr Kijewski Piotr.Kijewski@cert.pl 16th Annual FIRST Conference June 13-18, Budapest, Hungary Presentation outline Trends in large scale malicious
More informationInternet Security: Firewall
Internet Security: Firewall What is a Firewall firewall = wall to protect against fire propagation More like a moat around a medieval castle restricts entry to carefully controlled points restricts exits
More informationAccess Control. Access Control Overview. Access Control Rules and the Default Action
The following topics explain access control rules. These rules control which traffic is allowed to pass through the device, and apply advanced services to the traffic, such as intrusion inspection. Overview,
More informationContents. Introduction. Prerequisites. Background Information
Contents Introduction Prerequisites Background Information Limitation Configure Network Diagram Initial configuration R2 R3 IPSec configuration R2 EzPM configuration Workaround Verify Troubleshooting Related
More informationVirtual Private Network
VPN and IPsec Virtual Private Network Creates a secure tunnel over a public network Client to firewall Router to router Firewall to firewall Uses the Internet as the public backbone to access a secure
More informationSpecial Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)
Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation) December 15, 2000 1. Goals of the Special Action Plan The goal of this action plan is to protect
More informationSecuring Internet Communication
Securing Internet Communication CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationComprehensive Setup Guide for TLS on ESA
Comprehensive Setup Guide for TLS on ESA Contents Introduction Prerequisites Requirements Components Used Background Information Functional Overview and Requirements Bring Your Own Certificate Update a
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationKlaus-Michael KOCH TECHNIKON Forschungsgesellschaft mbh DRS-workshop Vienna
This project has received funding from the European Union s Seventh Framework Programme for research, technological development and demonstration under grant agreement no 607577. Presented by: Klaus-Michael
More informationW is a Firewall. Internet Security: Firewall. W a Firewall can Do. firewall = wall to protect against fire propagation
W is a Firewall firewall = wall to protect against fire propagation Internet Security: Firewall More like a moat around a medieval castle restricts entry to carefully controlled points restricts exits
More informationTrisul Network Analytics - Traffic Analyzer
Trisul Network Analytics - Traffic Analyzer Using this information the Trisul Network Analytics Netfllow for ISP solution provides information to assist the following operation groups: Network Operations
More informationMonitoring network bandwidth on routers and interfaces; Monitoring custom traffic on IP subnets and IP subnets groups; Monitoring end user traffic;
NetVizura NetFlow Analyzer enables you to collect, store and analyze network traffic data by utilizing Cisco NetFlow, IPFIX, NSEL, sflow and compatible netflow-like protocols. It allows you to visualize
More information2015 Online Trust Audit & Honor Roll Methodology
2015 Online Trust Audit & Honor Roll Methodology Jeff Wilbur VP Marketing, Iconix Craig Spiezle Executive Director & President, OTA 2015 All rights reserved. Online Trust Alliance (OTA) Slide 1 Who Is
More informationGDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ
GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool Contact Ashley House, Ashley Road London N17 9LZ 0333 234 4288 info@networkiq.co.uk The General Data Privacy Regulation
More information