pptx

decisioncrunchΔίκτυα και Επικοινωνίες

20 Νοε 2013 (πριν από 3 χρόνια και 6 μήνες)

57 εμφανίσεις

Introduction

IT443


Network Security Administration

Instructor: Bo Sheng

1

Basic Information


Location and time


S
-
3
-
143,


Tuesdays and Thursdays 7~8:15pm


Instructor (Bo
Sheng)


shengbo@cs.umb.edu


617
-
287
-
6468


Office: S
-
3
-
075


Office hours:
Tu

&
Th
, 2~4pm

2

Course Outline


Network Basics


Cryptography Basics


Authentication


Public Key Infrastructure


IPsec


SSL/TLS


Firewall / Intrusion Detection


Email Security


Wireless security / Worm
(backup)

3

Course Work


6~7 lab assignments (70%)


Team of 2 students


Lab report



Final exam (30%)

4

Lab Outline


Understanding network packets


Encryption/decryption


Password cracking


Intrusion detection


System monitoring


Implementing certificate


Implementing VPN


Configuring a firewall


Wireless security / Worm
(backup
)


5

Other Info


Course web page


http://www.cs.umb.edu/~
shengbo/teaching/it443.html



Prerequisite


IT341


If you take IT341 later, you will lose the credits
of this course.




6

Policies


Lab reports


Partial points will be given, but no later
submissions are accepted.


Honor code


No makeup exam


Accommodations


Ross Center
for Disability
Service


Campus
Center Room
211


617
-
287
-
7430

7

Information


Door code
:
459414*


Login: Your windows account



Install Ubuntu Desktop on a VM


Vmware

key:
5H6AK
-
J809N
-
683Y4
-
AJ8H4
-
0EWJ2


http://
wes.cs.umb.edu/it443/ubuntu
-
10.04.4
-
desktop
-
i386.iso



Virtualbox

8

Introduction to Network Security



Trend
Micro Threat
Tracker


http://apac.trendmicro.com/apac/core
-
technologies/threat
-
tracker
/




Symantec
Threat
Explorer


http://us.norton.com/security_response/threatexplorer/index.jsp

9

Introduction to Network Security


Security threats


Malware: Virus, worm, spyware


Spam


Botnet


DDoS

attacks


Phishing


Cross
-
site scripting (XSS)




10

Introduction to Network Security


Security breaches in 2011


Sony's PlayStation
Network (77M clients)


Epsilon (
60M clients)


Fidelity National ($13M loss
)


Sega's online gaming network (1.3M
clients)


Citigroup (210K clients)


MA Executive Office of Labor and Workforce
Development (210K records
)


SF Subway
, Health
Net, …

11

Contributing Factors


Lack of awareness of threats and risks of information
systems


Security measures are often not considered until an Enterprise
has been penetrated by malicious users


Wide
-
open network policies


Many Internet sites allow wide
-
open Internet
access


Lack of security in TCP/IP protocol suite


Most TCP/IP protocols not built with security in
mind


Complexity of security management and
administration


Software vulnerabilities


Example: buffer overflow vulnerabilities


Cracker skills keep
improving




12

Security Objectives (CIA)


13

Security Objectives (CIA)


C
onfidentiality


Prevent/detect/deter
improper disclosure of information



I
ntegrity


Prevent/detect/deter improper
modification of information



A
vailability


Prevent/detect/deter
improper denial of access to services
provided by the system


14

OSI Security Architecture


ITU
-
T X.800 “Security Architecture for OSI”



Defines a systematic way of defining and
providing security requirements



It provides a useful, if abstract, overview of
concepts we will study

15

Aspects of Security


3 aspects of security:


security attack


Any action that compromises the security of
information owned by an organization


security mechanism


A process
that
is designed to detect, prevent, or
recover from a security attack


security service


Counter
security
attacks: make
use of one or more
security mechanisms to provide the service


16

Threat Model and Attack Model


Threat model and attack model need to be
clarified before any security mechanism is
developed



Threat model


Assumptions about potential attackers


Describes the attacker’s capabilities


Attack model


Assumptions about the attacks


Describe how attacks are launched

17

Passive Attacks

18

Active Attacks

19

Security Mechanism (X.800)


Specific security mechanisms:


encipherment
, digital signatures, access
controls, data integrity, authentication
exchange, traffic padding, routing control,
notarization



Pervasive security mechanisms:


trusted functionality, security labels, event
detection, security audit trails, security
recovery


20

Security
Service


Enhance
security of data processing systems
and information transfers of an organization


Intended
to counter security attacks


Using
one or more security mechanisms



Often
replicates functions normally associated
with physical documents


For example
, have signatures, dates; need protection
from disclosure, tampering, or destruction; be
notarized or witnessed; be recorded or
licensed

21

Security
Service


Authentication

-

assurance that communicating entity is the
one claimed



Access
Control

-

prevention of the unauthorized use of a
resource



Data
Confidentiality


protection of data from unauthorized
disclosure



Data
Integrity

-

assurance that data received is as sent by an
authorized entity



Non
-
Repudiation

-

protection against denial by one of the
parties in a communication



Availability



resource
accessible/usable

22



Check
network connection


ping google.com



Log out

23