Lecture 12. Application Layer. Application Layer 1

Similar documents
Introduction to Security. Computer Networks Term A15

1-1. Switching Networks (Fall 2010) EE 586 Communication and. September Lecture 10

Web, HTTP and Web Caching

CMSC 332 Computer Networking Web and FTP

CSEE 4119 Computer Networks. Chapter 1 Introduction (4/4) Introduction 1-1

Protocol Layers, Security Sec: Application Layer: Sec 2.1 Prof Lina Battestilli Fall 2017

end systems, access networks, links circuit switching, packet switching, network structure

HyperText Transfer Protocol

Computer Networking Introduction

CSC 4900 Computer Networks:

CS 4390 Computer Networks

CSC 401 Data and Computer Communications Networks

CSEN 404 Introduction to Networks. Mervat AbuElkheir Mohamed Abdelrazik. ** Slides are attributed to J. F. Kurose

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 3

Review for Internet Introduction

Chapter 2 Application Layer

Lecture 04: Application Layer (Part 01) Principles and the World Wide Web (HTTP) Dr. Anis Koubaa

Review of Previous Lecture

Chapter 2: Application Layer. Chapter 2 Application Layer. Some network apps. Application architectures. Chapter 2: Application layer

CSC 257/457 Computer Networks. Fall 2017 MW 4:50 pm 6:05 pm CSB 601

Computer Networks. Wenzhong Li. Nanjing University

Application Layer: HTTP

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Chapter 2. Application Layer. Chapter 2: Application Layer. Application layer - Overview. Some network apps. Creating a network appication

COMP 562: Advanced Topics in Networking

Chapter 2: outline. 2.6 P2P applications 2.7 socket programming with UDP and TCP

Chapter 2: outline. 2.6 P2P applications 2.7 socket programming with UDP and TCP

Foundations of Telematics

CSC358 Week 2. Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright J.F Kurose and K.W. Ross, All Rights Reserved

Chapter 2 Application Layer

EECS 3214: Computer Network Protocols and Applications

CSCI Computer Networks Fall 2016

PLEASE READ CAREFULLY BEFORE YOU START

Chapter 2 Application Layer

Chapter 2 Application Layer

CS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.

Chapter 1: roadmap parte B

CSEN 503 Introduction to Communication Networks

Introduction to computer networking

CSEE 4119 Computer Networks. Chapter 1 Introduction (2/2) Introduction 1-1

Overview Content Delivery Computer Networking Lecture 15: The Web Peter Steenkiste. Fall 2016

Chapter 2 Application Layer. Lecture 4: principles of network applications. Computer Networking: A Top Down Approach

CC451 Computer Networks

CS 43: Computer Networks. HTTP September 10, 2018

CS4/MSc Computer Networking. Lecture 3: The Application Layer

Lecture 6 Application Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

LECTURE 1 - INTRODUCTION. Jacob Aae Mikkelsen

Course on Computer Communication and Networks. Lecture 2 Chapter 1: Introduction: Part B: Network structure, performance, security prelude

Web caches (proxy server) Applications (part 3) Applications (part 3) Caching example (1) More about Web caching

PLEASE READ CAREFULLY BEFORE YOU START

Fundamentals of Information Systems

When does it work? Packet Sniffers. INFO Lecture 8. Content 24/03/2009

Chapter 4: Networking and the Internet. Network Classifications. Network topologies. Network topologies (continued) Connecting Networks.

CSC 401 Data and Computer Communications Networks

Our Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II

COSC4377. Chapter 2: Outline

PLEASE READ CAREFULLY BEFORE YOU START

Chapter 1 Introduction

Applications & Application-Layer Protocols: The Web & HTTP

1. What is a Computer Network? interconnected collection of autonomous computers connected by a communication technology

Chapter 2: Application layer

Chapter 4: Networking and the Internet. Figure 4.1 Network topologies. Network Classifications. Protocols. (continued)

Chapter 4: Networking and the Internet

Basic Concepts in Intrusion Detection

Course on Computer Communication and Networks. Lecture 2 Chapter 1: Introduction: Part B: Network structure, performance, security prelude

Ethical Hacking and Prevention

this security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities

CS 43: Computer Networks. Layering & HTTP September 7, 2018

CSC 170 Fall 2017 Dr. R. M. Siegfried. Study Guide for Final Exam

Electronic Mail. Three Components: SMTP SMTP. SMTP mail server. 1. User Agents. 2. Mail Servers. 3. SMTP protocol

Firewalls, Tunnels, and Network Intrusion Detection

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

CIT 380: Securing Computer Systems. Network Security Concepts

Application Layer: The Web and HTTP Sec 2.2 Prof Lina Battestilli Fall 2017

Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition. Chapter 2 Investigating Network Traffic

Δίκτυα Μετάδοσης Δεδομένων Data Networks. Introduction 1-1

DATA COMMUNICATOIN NETWORKING

Chapter 1 Introduction

Internet Security: Firewall

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Chapter 4 The Internet

Computer Networking: A Top Down Approach

Chapter 2 Application Layer

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 4

CSE 565 Computer Security Fall 2018

e-commerce Study Guide Test 2. Security Chapter 10

Application Protocols and HTTP

Introduction to Computer Networks. CS 166: Introduction to Computer Systems Security

Technology in Action

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Last time. Trusted Operating System Design. Security in Networks. Security Features Trusted Computing Base Least Privilege in Popular OSs Assurance

Chapter 9. Firewalls

70 CHAPTER 1 COMPUTER NETWORKS AND THE INTERNET

Hackveda Training - Ethical Hacking, Networking & Security

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:

Security+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks

Chapter 8 roadmap. Network Security

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Broadband Internet Access Disclosure

Chapter 10: Denial-of-Services

Transcription:

Lecture 12 Application Layer Application Layer 1

Agenda The Application Layer (continue) Web and HTTP HTTP Cookies Web Caches Simple Introduction to Network Security Various actions by network attackers Application Layer 2

The Application Layer (recall) Network programs/services that run on (different) end systems communicate over network e.g., web server software communicates with browser software No need to write software for network-core devices Network-core devices do not run user applications applications on end systems allows for rapid app development, propagation application transport network data link physical application transport network data link physical application transport network data link physical Application Layer 3

Web and HTTP Web page consists of objects Object can be HTML file, JPEG image, Java applet, audio file, Web page consists of base HTML-file which includes several referenced objects Each object is addressable by a URL Example URL: www.someschool.edu/somedept/pic.gif host name path name Application Layer 4

HTTP overview HTTP: hypertext transfer protocol Web s application layer protocol client/server model client: browser that requests, receives, displays Web objects server: Web server sends objects in response to requests PC running Explorer Mac running Navigator Server running Apache Web server Application Layer 5

HTTP connections Nonpersistent HTTP At most one object is sent over a TCP connection. Persistent HTTP Multiple objects can be sent over single TCP connection between client and server. Application Layer 6

Non-Persistent HTTP: Response time Definition of RTT: time for a small packet to travel from client to server and back. Response time: one RTT to initiate TCP connection one RTT for HTTP request and first few bytes of HTTP response to return file transmission time total = 2RTT+transmit time initiate TCP connection RTT request file RTT file received time time time to transmit file Application Layer 7

Persistent HTTP Nonpersistent HTTP issues: requires 2 RTTs per object Overhead for each TCP connection browsers often open parallel TCP connections to fetch referenced objects Persistent HTTP server leaves connection open after sending response subsequent HTTP messages between same client/server sent over open connection client sends requests as soon as it encounters a referenced object as little as one RTT for all the referenced objects Application Layer 8

HTTP Cookies What cookies can bring: authorization shopping carts recommendations user session state (Web e-mail) aside Cookies and privacy: cookies permit sites to learn a lot about you you may supply name and e-mail to sites How to keep state : protocol endpoints: maintain state at sender/receiver over multiple transactions cookies: http messages carry state Application Layer 9

Web Caches (Proxy Server) Goal: satisfy client request without involving origin server user sets browser: Web accesses via cache browser sends all HTTP requests to cache client Proxy server origin server object in cache: cache returns object else cache requests object from origin server, then returns object to client client origin server Application Layer 10

More about Web caching cache acts as both client and server typically cache is installed by ISP (university, company, residential ISP) Why Web caching? reduce response time for client request reduce traffic on, for example, an institution s access link. Internet dense with caches: enables content providers to effectively deliver content Application Layer 11

Caching Example Assumptions average object size = 100,000 bits avg. request rate from institution s browsers to origin servers = 15/sec delay from institutional router to any origin server and back to router = 2 sec Consequences utilization on LAN = 15% utilization on access link = 100% total delay = Internet delay + access delay + LAN delay = 2 sec + minutes + milliseconds institutional network public Internet 1.5 Mbps access link 10 Mbps LAN origin servers institutional cache Application Layer 12

Caching Example (cont d) possible solution increase bandwidth of access link to, say, 10 Mbps consequence utilization on LAN = 15% utilization on access link = 15% Total delay = Internet delay + access delay + LAN delay = 0.3 sec + msecs + msecs often a costly upgrade institutional network public Internet 10 Mbps access link 10 Mbps LAN origin servers institutional cache Application Layer 13

Caching Example (cont d) possible solution: install cache suppose hit rate is 0.4 consequence 40% requests will be satisfied almost immediately 60% requests satisfied by origin server utilization of access link reduced to 60%, resulting in negligible delays (say 10 msec) total avg delay = Internet delay + access delay + LAN delay =.6*(2.01) secs +.4*milliseconds < 1.4 secs institutional network public Internet 1.5 Mbps access link 10 Mbps LAN origin servers institutional cache Application Layer 14

Computer Network Security The field of network security is about: how network attackers can attack computer networks how we can defend networks against attacks how to design architectures that are immune to attacks Internet not originally designed with (much) security in mind original vision: a group of mutually trusting users attached to a transparent network Internet protocol designers playing catch-up Security considerations in all layers! Application Layer 15

Various Actions by Network Attackers Attackers can put malicious software (malware) into hosts via Internet Malware can get in host from a virus, worm, or trojan horse. Spyware malware can record keystrokes, web sites visited, upload info to collection site. Infected host can be enrolled in a botnet, used for spam and Distributed Denial of Service (DDoS) attacks. Malware is often self-replicating: from an infected host, seeks entry into other hosts Application Layer 16

Various Actions by Network Attackers Trojan horse hidden part of some otherwise useful software generally non-self-replicating type of malware program Virus infection by receiving object (e.g., e-mail attachment), actively executing with harmful effects generally, code attaching itself to an application self-replicating: propagate itself to other hosts, users Worm: infection by passively receiving object that gets itself executed Generally, a code replicating itself to consume resources (e.g., network bandwidth, servers buffers, etc.) self-replicating: propagates to other hosts, users via networks Application Layer 17

Various Actions by Network Attackers Bad guys can attack servers and network infrastructure Denial of service (DoS): attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic 1. select target 2. break into hosts around the network (see botnet) 3. send packets toward target from compromised hosts target Application Layer 18

Various Actions by Network Attackers Packet sniffing: broadcast media (shared Ethernet, wireless) promiscuous network interface reads/records all packets (e.g., including passwords!) passing by A C src:b dest:a payload Wireshark and Snort software can be used as (free) packet-sniffers B Application Layer 19

Various Actions by Network Attackers IP spoofing: send packet with false source address (false identification) A C src:b dest:a payload B Application Layer 20

Various Actions by Network Attackers record-and-playback: sniff sensitive info (e.g., password), and use later password holder is that user from system point of view A C src:b dest:a user: B; password: foo B Application Layer 21

Intrusion Detection Approaches Signature based approach Searching for known identity or signature Comparing with known patterns Databases of signatures Anomaly based approach Detection based heuristics and analysis (statistics) Learning new patterns Traffic classification (normal/abnormal) Artificial intelligence techniques (e.g., neural networks) Application Layer 22

Lecture Summary Covered material The Application Layer (continue) Web and HTTP HTTP Cookies Web Caches Simple Introduction to Network Security Various actions by network attackers Application Layer 23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback