DISS 740 Presentation

1
DISS 740 Presentation
TopicNetwork Security
Presentation ByPius OlehDave KumtaMike
BryantMaurice OkaguaPhlimore McCartyBrook
HeatonVictor Cheng
2
Network Security
Agenda

• Overview

• Cookies Pius Oleh

• Biometrics Dave Kumta

• Smart Cards Mike Bryant

• Firewalls Maurice Okagua

• Intrusion Detection Phlimore McCarthy

• Public Key Infrastructure (PKI) Brook Heaton

• Virtual Private Network (VPN) Victor Cheng

• QA

• Team Mystery Game

3
Network Security
Overview

• What is Network Security?
• There is no set definition of network
  security, but the fundamental definition is the
  protection of files and directories in a network
  from unauthorized access.

4
Network Security
Cookies

• A cookie is a text file sent by a web server to a
  client browser that enables the server to
  identify Web users subsequent site visit.
  
• Types of cookies First party cookie and Third
  party cookie.

5
Network Security
Cookies (Contd)

• Cookie Usage
• According to Peng and Cisna (2000), cookies
  can be used to tailor advertisement to a specific
  user on the web.
  
• Persistent cookie or cookie sessionization.

6
Network Security
Cookies (Contd)

• According to Jana and Chatterjee (2004), many web
  sites use cookies to track unique visitors. They
  argued that using cookies to track unique
  visitors is problematic because consumers can
  reject the cookie or delete the cookie (Jana
  Chatterjee, 2004).
• Privacy concern Online consumers are deleting
  cookies to protect their privacy. Miyazaki and
  Fernandez (2000) highlighted privacy as one of
  the major issues for online consumers.

7
Network Security
Cookies (Contd)

• Bennett (2001) added that online consumers might
  not be willing to share their personal
  information due to privacy.
  
• According to Sit and Fu (2001), web cookies
  cannot be trusted because some web sites do not
  encrypt them they argued that even the cookies
  that are encrypted can be circumvented with
  little effort.

8
Network Security
Cookies (Contd)

• Lee and Pasternack (2005) identified two major
  problems facing web analytics (metrics tracking).
  They summed it up in technical (cookie deletion)
  and creative (instinct) challenges.

9
Network Security
Cookies (Contd)

• According to recent Jupiter Research, 28 percent
  of online users are deleting their third-party
  cookies from their computers (Peterson, 2005).
  
• Consequently, WebTrends Inc. (2005) conducted a
  similar research and found that 12 percent of
  online users are deleting their third-party
  cookies.

10
Network Security
Cookies (Contd)

• According to Whitman, Perez, and Beise (2001),
  cookies encompass privacy, data security, and
  computer monitoring. Web cookies are used in
  covert data gathering, tracking user's browsing
  habits, as well as for profiling online consumers
  in marketing clickstream data to provide targeted
  advertisements (Whitman, Perez, Beise, 2001).

11
Network Security
Cookies (Contd)

• Szewczak (2002) concurs that this invasion of
  privacy prompted the Electronic Privacy
  Information Center (EPIC) to file a complaint
  with the FTC regarding the online tracking
  practice of DoubleClick, Inc. for unlawfully
  tracking online users activity through cookies in
  conjunction with Abacus Direct national database
  of online user profiles (Szewczak, 2002).

12
Network Security
Reference List

• Bennett, C. J. (2001). Cookies, web bugs, webcams
  and cue cats Patterns of surveillance on the
  world wide web. Ethics and Information
  Technology, 3(3), 195- 210.
• Jana, S., Chatterjee, S. (2004). Quantifying
  web-site visits using web statistics an
  extended cybermetrics study. Online
  Information Review, 28(3), 191-199.
• Lee, K., Pasternack, D. (2005). Make the
  numbers work. Target Marketing, 28(8), 45-46.

13
Network Security
Reference List

• Miyazaki, A. D., Fernandez, A. (2000). Internet
  privacy and security An examination of
  online retailer disclosures. Journal of
  Public Policy Marketing, 19(1), 54-61.
• Peng, W., Cisna, J. (2000). Http cookies - a
  promising technology. Online Information
  Review, 24(2), 150-153.
  
• Peterson, E. T. (2005, March 9). Measuring Unique
  Visitors Addressing the dramatic decline in
  accuracy of cookie-based measurement.
  Retrieved October 10, 2005, from
  http//www.jupiterresearch.com.
• Sit, E., Fu, K. (2001). Web cookies Not just a
  privacy risk. Association for Computing
  Machinery. Communications of the ACM, 44(9),
  120-120.

14
Network Security
Reference List

• Szewczak, E. (2002). Beware of the Cookie
  Monster. Information Resources Management
  Journal, 15(1), 3-4.
  
• WebTrends (2005). Best Practices for accurate Web
  Analytics Avoiding third-party cookie
  rejection and deletion. Retrieved July 6,
  2005, from http//www.webtrends.com/upload/BB_
  1st_Party_Cookies_FI NAL.pdf.
• Whitman, M. E., Perez, J., Beise, C. (2001). A
  study of user attitudes toward persistent
  cookies. The Journal of Computer Information
  Systems, 41(3), 1-7.

15
Network Security
Biometrics
Dave Kumta
16
Biometric Authentication
Network Security

• Not a network authentication mechanism per se but
  rather biometrics can be used to authenticate
  network users
  
• Biometrics are generally employed as part of a
  multifactor authentication scheme
  
• Biometrics can be more user friendly when
  frequent re-authentication required
  
• Biometrics have a large signature, with large
  storage requirements.

17
Biometric Approaches
Network Security

• Fingerprints
• Retina and Iris Scans
• Face recognition
• Footprints
• Voice identification
• Signature recognition
• Keystroke recognition

18
Biometric Challenges
Network Security

• Privacy and user acceptance
• Legal precedence
• Enrollment
• Rigor
• Reliability of electro-mechanical devices
• Intensive processing requirements
• Complex algorithms

19
Network Security
Smart Cards
Mike Bryant
20
One Definition of a Smart Card
Network Security
Smart Cards

• A smart card, chip card, or integrated circuit(s)
  card (ICC), is defined as any pocket-sized card
  with embedded integrated circuits. There are two
  broad categories of Smart Cards.
• Memory cards contain only non-volatile memory
  storage components, and perhaps some specific
  security logic. Microprocessor cards contain
  memory and microprocessor components.

21
Smart Card Literature
Network Security
Smart Cards

• Chan, A. (2005). Mobile cookies management on a
  smart card, COMMUNICATIONS OF THE ACM, November
  2005/Vol. 48, No. 11
  
• Bourlai, T., Messer, K., Kittler, J. (2004).
  Face Verification System Architecture Using Smart
  Cards, Proceedings of the 17th International
  Conference on Pattern Recognition (ICPR04)
• Wu, X., Dandash, O., Le, P. (2006). The Design
  and Implementation of a Smartphone Payment
  System based on Limited-used Key Generation
  Scheme, Proceedings of the Third International
  Conference on Information Technology New
  Generations (ITNG'06)

22
Uses of the Smart Card Technology
Network Security
Smart Cards

• Smart Card Internet Cookie Management
• Face Verification System Architecture Using Smart
  Cards
  
• Smartphone Payment System

23
Mobile Cookies Management on a Smart Card
Network Security
Smart Cards

• Cookies are small bits of textual information a
  Web site might send to Web browsers to be stored
  within the client machine and returned unchanged
  in subsequent visits to the site.
• Ability to store cookies on the machine enables
  Web servers to track state information while
  interacting with a browser across a session. The
  cookies can be kept past a session, so when users
  power off their machines the state information is
  retained and can be used again the next time they
  visit the site that first created it.
• Many Web applications (such as banking, online
  shopping, and e-auctions) use cookies as a basis
  for identifying user preferences and
  identification. As the user moves to different
  machines to access the same site, the information
  previously recorded is lost.

24
Mobile Cookies Management on a Smart Card (Contd)
Network Security
Smart Cards

• The author presents a novel solution to making
  the cookies mobile by leveraging smart cards
  with the benefit of mobility in the users
  pocket.
• The CookiesCard framework uses a smart card as
  a secure, mobile storage medium for managing
  personalized cookies.
  
• The CookiesCard proxy interacts directly with
  the card to provide cookies management while
  functioning as an intermediary between the client
  browser and a Web server.

25
Face Verification System Architecture Using Smart
Cards
Network Security
Smart Cards

• The authors contend that automatic personal
  identity verification systems based on facial
  images have many promising applications in the
  field of security.
• In any face verification system the user must
  make an identity claim, usually by use of a
  token, in this case the token was stored on a
  smart card.
• To make a claim, the user presents
  himself/herself to a camera and places his/her
  card in the card reader. The token is read off
  the card and the relevant biometric template
  retrieved. A match between the template and the
  acquired image is then made.
• Prior to this the user would have had to have
  gone through an enrollment process where their
  facial biometric template was created and stored
  in a database.

26
The Design and Implementation of a Smartphone
Payment System based on Limited-use Key
Generation Scheme
Network Security
Smart Cards

• Nostalgia The expected use for smart phones in
  2003 was approximately 11.6 million users and in
  year 2007, smart phones are likely to be used
  more than laptops and PDAs together, by more than
  324 million users.
• Smart phones allow users to access the Internet
  using a wireless connection, to store contacts in
  databases and to perform payments over the
  Internet
• Many mobile payment systems lack protection for
  sensitive information probably due to cost
  constraints, design limitations or resource
  limitations where strong encryption requires
  substantial processing, memory, and power.

27
The Design and Implementation of a Smartphone
Payment System based on Limited-use Key
Generation Scheme (Concluded)
Network Security
Smart Cards

• The proposed Wireless Smart cards Payment System
  (WSPS) is derived from the KSL Protocol as a more
  secure way for Wireless Internet Payment.
  
• A client using a Wireless Smart Card can perform
  transactions over a wireless LAN which is
  connected to the Internet via a wired network.
  
• The Smart Card deploys hashing algorithm (SHA1),
  using 1024 shared key. SHA-1 is considered to be
  the successor to MD5, an earlier, widely-used
  hash function. The SHA algorithms were designed
  by the National Security Agency (NSA) and
  published as a US government standard. A hash
  function (or hash algorithm) is a way of creating
  a small digital "fingerprint" from any kind of
  data
• Its believed that the use of a Smart Card for
  making the Internet Payment is more secure
  because a Smart Card can be charged and used
  without revealing client information.

28
Other Smart Card Implementations
Network Security
Smart Cards

• The IEEE and ACM Journals have many other
  research projects dealing with the use of Smart
  Cards.

29
Network Security
Firewalls
Maurice Okaqua
30
WHAT IS A FIREWALL
Network Security
Firewalls

• Organizations use internet connectivity to
  provide services, share information and
  collaborate with customers both internally and
  externally. The internet connectivity also expose
  the organization network to security attacks
  namely viruses, worms, cookies, Trojans, and
  denial of service attacks.
• A firewall is a hardware or software security
  tool designed to prevent outside intrusions.
  
• The first level of defense in the organizational
  security tool is generally the firewall. It acts
  as a security gate between the organization
  intranet and the internet.
• Firewalls monitors and controls all data traffic
  that passes through the organization network into
  the computer.

31
Network Security
Firewalls
A view of an organizational Firewall
Firewall
32
Types of Firewalls
Network Security
Firewalls

• There are two common types of firewalls namely
• Packet Filtering and Proxy Server Firewall
• Packet filtering firewall
• The software uses predefined rules to reject or
  accept packages or data that passes through it.
  
• Proxy Server firewall
• The proxy server prevents outsides from accessing
  in formation from the network.
  
• It also acts as a middleman or gateway that
  coordinated data between the network and the
  outside world.

33
Common Organizational Firewall Security Policies
Network Security
Firewalls

• Service controls
• Determines the services that are externally
  accessable
  
• Behavior control
• Enforces organizational policy (not allow
  employees to use yahoo in a control environment)
  
  
• User Control
• What software can be downloaded by employees
• IP Packet filtering
• Monitors service request by examine individual
  packets.

34
Network Security
Firewalls
Benefits of using Firewall Protection

• Enables virtual participation
• Enables sharing of sensitive data with meeting
  participants inside/outside the company.
  
• Video Enables visual participation in virtual
  meetings.
  
• Streamed medias Enables 7x24 viewing of
  meetings, training via web
  

Streaming media or video conference
Desktop Video conferencing
WebEx for internal external secure data
conferencing
Streaming Media
Company external web site
NetMeeting client to client
Company Perimeter
35
Network Security
Intrusion Detection
Phlimore McCarthy
36
Principles Assume that the network will be
attack
Network Security
Intrusion Detection

• Security Assessment
• Detection Standards
• Models of Intrusions
• Implementations
• Intrusion responses
• Conclusion

37
Network Security
Intrusion Detection
Security Assessment

• Analysis of Threats
• Analysis of Vulnerabilities
• Application of Counte measures

38
Detection Standards
Network Security
Intrusion Detection

• Develop by Internet Engineering Task Force (IETF)
  Intrusion Detection Working Group
  
• Intrusion Alert Protocol (IAP)
• Intrusion Detection Message Exchange Format
  (IDMEF)
  
• Distribution Denial of Service (DDOS)
• Remote Monitoring ((RMON)

39
Models of Intrusions
Network Security
Intrusion Detection

• Sequence of a states or actions as good (no
  intrusion) or bad (possible intrusion)
  
• Anomaly Detection
• Misuse Detection
• Specification-based Detection

40
Implementations IDSs
Network Security
Intrusion Detection

• Architecture
• Agent
• Host-Based Information Gathering
• Network-Based information Gathering
• Combining Sources
• Director
• Notifier

41
Intrusion Responses
Network Security
Intrusion Detection

• Incident Prevention
• Intrusion Handling
• Preparation
• Identification
• Containment
• Eradication
• Recovery
• Follow up

42
Intrusion Responses IDSsbe proactive
Network Security
Intrusion Detection

• Requires counter measures for combinations of
  intrusion models
  
• Disconnect user sessions
• Disable user account for unauthorized network
  entry
  
• Protect network resources

43
Conclusionnot able to detect all types of
intrusions
Network Security
Intrusion Detection

• Further research is required to develop IDSs
• Methodologies
• Improved Network Security Operational Polices
• WAN Architecture Design Deployment
• Privacy Issues
• Legal frame

44
Network Security
Public Key Infrastructure (PKI)
Brook Heaton
45
Purpose
Network Security
Public Key Infrastructure (PKI)

• Conduct secure communications over the network
• Encryption (contents cant be viewed)
• Integrity (contents havent been changed)
• Authentication (you are who you say you are)
• Authorization (you are allowed to do X)

46
PKI Components and Terminology
Network Security
Public Key Infrastructure (PKI)

• Certificate Authority
• Certificates
• Key Pairs (Public / Private)
• Certificate Revocation Lists (CRL)
• Keystore

47
Standards and Organizations
Network Security
Public Key Infrastructure (PKI)

• X.509 (ITU-T)
• IETF PKIX Working Group
• NIST MISPC
• Federal PKI Steering Committee
• Vendors
• Verisign
• Entrust
• Etc.

48
Applications
Network Security
Public Key Infrastructure (PKI)

• Email signing and encryption
• Web authentication, authorization, encryption
• Network access (login)

49
Key Challenges
Network Security
Public Key Infrastructure (PKI)

• Certificate Management
• Managing revoked certificates
• Renewing expired certificates
• Distributing certificates
• User errors
• Hardware / Software Implementation
• Performance

50
Network Security
Virtual Private Network (VPN)
Victor Cheng
51
Virtual Private Network (IP-based)
Network Security
Virtual Private Network (VPN)

• Prevent eavesdropping and tampering in a public
  network.
  
• Data in the TCP/IP network stack is encapsulated
  into a secure network packet.
  
• Typical IP-based VPN PPTP, SSL, IPsec
• Point to Point Tunneling Protocol (PPTP)
• Implemented by Microsoft since Win95.
• Can be password or certificate based. Weak
  password leads to security problems.
  
• Often barred by firewalls.

52
Network Security
Virtual Private Network (VPN)

• IP Security (IPsec)
• Standard in IPv6, optional in IPv4.
• Provides security at the network layer.
• Internet Key Exchange (IKE) protocol
• Tunnel Mode - supports portal-to-portal
• Transport Mode - supports end-to-end
• Secure Socket Layer (SSL)
• Above TCP transport protocol, commonly used
  (https).
  
• OpenVPN - encrypt the entire TCP/IP network
  stack
  
• SSL VPN secure web access
• Support all common cryptographic algorithms
• Asymmetric ciphers RSA, Diffie-Hellman
• Symmetric ciphers DES, Triple DES, AES
• Hash Functions MD5, SHA-1
• Public key for authentication and key exchange,
  symmetric key for encryption of data.

53
Research Issues
Network Security
Virtual Private Network (VPN)

• IPSec/VPN Security Policy Correctness, Conflict
  Detection, and Resolution (Zhi Fu et al., 2001)
  
• Management structure for ISPs (Braun et al.
  2004)
  
• Implementation at Gigabit level (Friend, 2004)

54
Network Security
QA
55
Network Security
Team Mystery Game