Computer and Network Security

Similar documents
Copyleft 2005, Binnur Kurt. Objectives

Networking interview questions

Need For Protocol Architecture

Introduction to Networking

CIS 5373 Systems Security

Identify the features of network and client operating systems (Windows, NetWare, Linux, Mac OS)

Solved MCQ of Computer networking. Set-1

Defining Networks with the OSI Model. Module 2

Review of Important Networking Concepts

ก ก Information Technology II

Need For Protocol Architecture

Hands-On TCP/IP Networking

PROGRAMMING Kyriacou E. Frederick University Cyprus. Network communication examples

Introduction to Computer Security

Network Security. Thierry Sans

Introduction p. 1 The Need for Security p. 2 Public Network Threats p. 2 Private Network Threats p. 4 The Role of Routers p. 5 Other Security Devices

Chapter 8 roadmap. Network Security

Chapter 2 Network Models 2.1

ROYAL INSTITUTE OF INFORMATION & MANAGEMENT

Wired internetworking devices. Unit objectives Differentiate between basic internetworking devices Identify specialized internetworking devices

The OSI Model. Open Systems Interconnection (OSI). Developed by the International Organization for Standardization (ISO).

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

PROTECTING INFORMATION ASSETS NETWORK SECURITY

Communicating over the Network

Cisco CCNA (ICND1, ICND2) Bootcamp

Data Communication and Network. Introducing Networks

Chapter 12 Network Protocols

ELEC5616 COMPUTER & NETWORK SECURITY

CIT 380: Securing Computer Systems. Network Security Concepts

exam. Number: Passing Score: 800 Time Limit: 120 min CISCO Interconnecting Cisco Networking Devices Part 1 (ICND)

Cisco Interconnecting Cisco Networking Devices Part 1.

Mobile MOUSe ROUTING AND SWITCHING FUNDAMENTALS ONLINE COURSE OUTLINE

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

RAJIV GANDHI COLLEGE OF ENGINEERING AND TECHNOLOGY

BVRIT HYDERABAD College of Engineering for Women Department of Information Technology. Hand Out

Special expressions, phrases, abbreviations and terms of Computer Networks

Part VI. Appendixes. Appendix A OSI Model and Internet Protocols Appendix B About the CD

NETGEAR-FVX Relation. Fabrizio Celli;Fabio Papacchini;Andrea Gozzi

Chapter 09 Network Protocols

Computer Networks (Introduction to TCP/IP Protocols)

CSC 4900 Computer Networks: Security Protocols (2)

Chapter 2 Network Models 2.1

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Interconnecting Cisco Networking Devices Part1 ( ICND1) Exam.

Introduction to Networks

TCP/IP THE TCP/IP ARCHITECTURE

Lecture 6. Internet Security: How the Internet works and some basic vulnerabilities. Thursday 19/11/2015

ITEC 3800 Data Communication and Network. Introducing Networks

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

MTA_98-366_Vindicator930

Networks and Communications MS216 - Course Outline -

Lecture-4. TCP/IP-Overview:

Lecture 3 Protocol Stacks and Layering

The Internet Protocol (IP)

20-CS Cyber Defense Overview Fall, Network Basics

University of Southern California EE450: Introduction to Computer Networks

Fundamentals of Networking. OSI & TCP/IP Model. Kuldeep Sonar 1

IP Protocols. ALTTC/Oct

Networking for Data Acquisition Systems. Fabrice Le Goff - 14/02/ ISOTDAQ

Overview of TCP/IP Overview of TCP/IP protocol: TCP/IP architectural models TCP protocol layers.

Operating Systems CS 571

Fundamentals of Network Security v1.1 Scope and Sequence

SYLLABUS. osmania university CHAPTER - 3 : MEDIUM ACCESS CONTROL (MAC) SUBLAYER Standards, Bluetooth, Bridges and Routers.

CompTIA Network+ Course

5105: BHARATHIDASAN ENGINEERING COLLEGE NATTARMPALLI UNIT I FUNDAMENTALS AND LINK LAYER PART A

INFS 766 Internet Security Protocols. Lecture 1 Firewalls. Prof. Ravi Sandhu INTERNET INSECURITY

Chapter 14: Introduction to Networking

CSc 466/566. Computer Security. 18 : Network Security Introduction

Network Architecture Models

Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition. Chapter 2 Investigating Network Traffic

OSI Model. Teran Subasinghe MBCS, Bsc.(Hons) in Computer Science - University of Greenwich, UK

Chapter 7. Local Area Network Communications Protocols

Networking. Networking and Communication Trends Convergence (Accessibility) Speed Stability Simplicity* Embeddedness

Overview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter

Reti di Calcolatori I

CCNA MCQS with Answers Set-1

CCNA Exploration Network Fundamentals

Cisco Cisco Certified Network Associate (CCNA)

Introduction... xiii Chapter 1: Introduction to Computer Networks and Internet Computer Networks Uses of Computer Networks...

BLM6196 COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS

Chapter 2 Layer Architecture of Network Protocols. School of Info. Sci. & Eng. Shandong Univ.

Computer Networking. Introduction. Quintin jean-noël Grenoble university

Computer Network Addressing. The TCP/IP Layers and Addresses. Topics. The Internet Communication. The TCP/IP Layers and Addresses IP Address

Software Engineering 4C03 Answer Key

Use of the TCP/IP Protocols and the OSI Model in Packet Tracer

10 Defense Mechanisms

CCNA. Course Catalog

NETWORK SECURITY ITEC 435

Network Layers. Standardization Cruelty 2009/08/12. (C) Herbert Haas

and Networks Data Communications Second Edition Tata McGraw Hill Education Private Limited Managing Director SoftExcel Services Limited, Mumbai

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1

SYSTEMS ADMINISTRATION USING CISCO (315)

The Client Server Model and Software Design

TCPIP Protocol Suite & Utilities. Revision no.: PPT/2K403/02

Data & Computer Communication

Advanced Computer Networks

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

ENEE 457: Computer Systems Security 11/07/16. Lecture 18 Computer Networking Basics

ISO/OSI Model and Collision Domain NETWORK INFRASTRUCTURES NETKIT - LECTURE 1 MANUEL CAMPO, MARCO SPAZIANI

Connecting to the Network

Transcription:

Computer and Network Security c Copyright 2000 R. E. Newman Computer & Information Sciences & Engineering University Of Florida Gainesville, Florida 32611-6120 nemo@cise.ufl.edu

Network Security (Pfleeger Ch. 9, KPS Ch. 12, 13, 17) 1 Network Basics 1.1 Network Types 1.1.1 LANs Bus Tree Star Ring Dual Bus 1.1.2 CWANs 1.1.3 MANs 1.1.4 WANs Circuit-Switched Virtual Circuit Packet-Switched Datagram Packet-Switched 1.1.5 internets 1.1.6 VPNs 1.1.7 Wireless 1.1.8 Satellite 1.2 ISO OSI Reference Network Architecture 1.2.1 General Reference Architecture Layered - Layer i only gets service from layer i 1 Peer layers International standard 1

HUB bus star CG CG ring dual bus Figure 1: LAN topologies layer i+1 layer i provides services obtains services layer i-1 Figure 2: Layered architecture 1.2.2 Layers 1. Physical 2. DataLink 3. Network 4. Transport 2

5. Session 6. Presentation 7. Application 8. Financial 9. Political 10. Religious OSI Reference Architecture Layers 7 - Application 6- Presentation 5 - Session 4 - Transport 3 - Network - underlying OS security - interoperation - multiple applications - common formatting, utilities - session managment - end-to-end, process-to-process - host identification only - per-packet OH if datagram service - higher level entities are treated same 2 - Link - only useful for immediate neighbors 1 - Physical - electrical, mechanical modulation/detection Figure 3: OSI layers Chained layers End-to-end layers PDUs encapsulation 3

protocol A protocol B protocol C Figure 4: Hierarchical architecture application presentation session transport network datalink physical PH NH DH NH DH NH TH TH TH TH SH SH SH SH SH DT DT PT Figure 5: Encapsulation 1.3 TCP/IP 1.3.1 IP 1.3.2 ICMP 1.3.3 Routing 1.3.4 UDP 1.3.5 TCP 1.4 Addressing 1.4.1 Types of addressing 1. TSAPs 4

application presentation session transport network datalink physical relay p p relay dl dl p p n relay n dl dl p p application presentation session transport network datalink physical end-to-end chained host repeater bridge router host Figure 6: OSI network FTP MIME BGP telnet SMTP SNMP TCP UDP IGMP ICMP RIP OSPF IP ARP RARP DHCP medium access Figure 7: TCP/IP 2. NSAPs 3. LSAPs 4. PSAPs 5. Logical names 5

1.5 Network Devices 1.5.1 Repeater 1.5.2 Bridge 1.5.3 Router 1.5.4 Protocol Translator 1.5.5 Gateway 1.5.6 Address translation 1. ARP 2. RARP 3. DNS 4. portmapper 2 Network Security Issues 2.1 Sharing 2.2 Complexity 2.3 Perimeter 2.4 Points of Attack 2.5 Anonymity 2.6 Unknown Path 3 Network Threats 3.1 Eavesdropping 3.1.1 Cable 3.1.2 Microwave 3.1.3 Satellite 3.1.4 Optic Fiber 3.2 Other Message Confidentiality Violations 3.2.1 Misdelivery 3.2.2 Transient Exposure 3.2.3 Traffic Analysis Source and Destination port host network interface network Quantities load load changes window issues 6

3.3 Message Integrity Violations 3.3.1 Noise 3.3.2 Fabrication 3.3.3 Replay 3.3.4 Cut & Paste 3.3.5 Modification 3.3.6 Replacement 3.3.7 Redirection 3.3.8 Delay 3.3.9 Destruction 3.4 Spoofing 3.4.1 no authentication (lunacy) 3.4.2 authentication by source address (trust relationships) 3.4.3 guessed authentication information (weak passwords) 3.4.4 sniffed authentication information (weak authentication) 3.4.5 well-known authentication (trapdoor) 3.5 Other Message Authenticity Violations 3.5.1 repudiation 3.5.2 denial of receipt 3.6 Mobile Code 3.6.1 Java 3.6.2 Active-X 3.6.3 web browsers 3.6.4 AOL 3.7 Denial of Service 3.7.1 connectivity 3.7.2 network flooding 3.7.3 spamming 3.7.4 redirection 3.7.5 port hammering 3.7.6 syn attack 3.7.7 memory exhaustion 3.7.8 disk exhaustion 3.7.9 service exhaustion 3.7.10 winnuke 3.7.11 buffer overflow/crash 4 Network Controls 4.1 Encryption 4.1.1 Protocol Layer 1. application 2. transport/network 7

3. link 4.2 Access Control 4.2.1 policy routing 4.2.2 port protection 4.2.3 auto callback 4.2.4 differential access rights 4.2.5 group membership 4.2.6 CORBA 4.3 Authentication 4.3.1 DEC authentication architecture 4.3.2 Kerberos 4.3.3 DCE 4.3.4 Sesame 4.3.5 CORBA 4.4 Traffic Control 4.4.1 Routing 1. Policy routing 2. Dynamic routing 3. Rerouting 4. Onion routing 5. Chaum mixes 4.4.2 Padding 4.4.3 Delay 4.5 Data Integrity 4.5.1 Protocols 4.5.2 Error Handling 1. Forward Error Correction 2. Error Correction Codes 3. Backward Error Correction 4. Error Detection Codes 5. MACs and MICs 6. Notarization 8

4.6 Intrusion Detection 4.6.1 Detector Source Information 1. Packets 2. Host events 3. N/W state 4. Host state 4.6.2 Anomaly Detection 1. Statistical 2. AI 3. Neural Nets 4. Formal Languages 4.6.3 Misuse Detection 1. signatures 2. expert systems 4.6.4 Response 1. notify security team 2. log events 3. reconfigure controls 4. reconfigure system 5 Multilevel Networks 5.1 Trusted Network Interpretation (Red Book) Interprets TCSEC for networks 5.2 Trusted Network Interface 5.2.1 Trusted Hosts (MLS) 5.2.2 Untrusted Hosts (MSL) 5.2.3 Labeled output 5.2.4 classification check before release 5.2.5 data integrity 5.2.6 label integrity 5.2.7 confinement 5.2.8 protection from link compromise 5.3 Secure Communiciation 5.3.1 write down for ACKs 5.3.2 Waller - TNI + Trusted host 5.3.3 NRL pump 9

Learning Event Space Trace data E1 E2 E3 E4 E5 E6... Feature Selection and Mapping Symbols Reduced trace s1 s2 s3 s4 s5 s6... observed actual future Normal Behaviors Monitoring Trace Data Behavior Space Reduced Trace Known Attacks Word Length Normal Behaviors Anomalies FSM Generation FSM Trace Anomaly Signal: 01100000010000000100000101000 # Anomalies in last M behaviors:...44333444556665 Window Size, M Thresholds Alarm Levels: 11000111112221 Key: Selected Parameters Derived sets, data, operations Figure 8: A Formal Language-based Anomaly Detection Model 10

Number of distinct behaviors observed Time of observation Learning what is normal Figure 9: Learning Normal Number of anomalies in last K events Normal behavior T2 T1 Attack 1... Attack N Time of monitoring Figure 10: Setting Thresholds 11

Number of anomalies in last K events T2 T1 Attack Time of monitoring Figure 11: Running the anomaly detector 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback