CS 8803 Advanced System and Network Security - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

CS 8803 Advanced System and Network Security

Description:

Authenticity is the identification and assurance of the origin of information. ... Taxonomy a way to classify and refer to threats (and attacks) by names/categories ... – PowerPoint PPT presentation

Number of Views:42
Avg rating:3.0/5.0
Slides: 19
Provided by: fengmi5
Category:

less

Transcript and Presenter's Notes

Title: CS 8803 Advanced System and Network Security


1
CS 8803 Advanced System and Network Security
  • Dr. Wenke Lee
  • wenke_at_cc.gatech.edu

2
Course Objectives
  • Understand system and network security threats
    and countermeasures
  • Gain hands-on experience in design and
    implementation of security mechanisms
  • Obtain background for original research in system
    and network security

3
Course Styles
  • Descriptive what is out there
  • Critical what is wrong with ...
  • Skill oriented papers and projects
  • Explore!
  • Interactive discussion and questions encouraged
    and considered in grade
  • Students are encouraged to present their findings
  • Information sharing home page and message
    board/email list

4
Course Outline
  • Background
  • Basics of system and network security
  • Trustworthy computing
  • Definition and components
  • Intrusion detection and network monitoring
  • Static and dynamic checking of programs
  • Anomaly detection
  • Adaptation
  • Large-scale (Internet-wide) distributed intrusion
    detection
  • Early sensing,
  • Complex attack scenario analysis
  • Automated response

5
Course Outline (contd)
  • Intrusion tolerance
  • Survivable systems and networks
  • Worms and viruses
  • Models of worm spreading, detection and response
  • Distributed Denial-of-Service and traceback
  • Routing security
  • Wireless security
  • Vulnerabilities of protocols
  • Security measures in managed networks, ad-hoc
    networks, and sensor networks

6
Prerequisites
  • Networking, operating systems, discrete
    mathematics, and programming (C or C, Java).
  • The right motivations.

7
Course Materials
  • Recent papers in academic conferences and
    journals
  • In the first half of the semester, for each
    topic, the instructor will provide a list of
    papers and give an overview of the research
    problems
  • Students are required to research for more papers
    and share their reports
  • Listed on course Web site

8
Course Mechanics
  • WWW page http//www.cc.gatech.edu/classes/AY2003/
    cs8803k_spring/
  • For course materials, e.g., lecture slides,
    papers, tools, etc.
  • Grading 65 project, 20 final, 15 course
    participation.

9
Course Project
  • Topics
  • One of the topic areas covered in this course
  • But you can define your own with my approval.
  • Can be (a combination of)
  • Design of new algorithms and protocols.
  • Or new attacks!
  • Analysis/evaluation of existing algorithms,
    protocols, and systems.
  • Vulnerabilities, efficiency, etc.
  • Implementation and experimentation.
  • Small team - one to three persons.
  • Proposal, work, and final demo/write-up.

10
Motivating Examples
11
Secure Me
  • Many organizations have heterogeneous and
    distributed networks
  • What does security mean? What are the challenges?

Firewall/IDS/VPN
Untrusted Networks Servers
Trusted Networks
Untrusted Users
Internet
Router
Intranet
Public Accessible Servers Networks
Trusted Users
12
Information Security
  • Security is a state of well-being of information
    and infrastructures in which the possibility of
    successful yet undetected theft, tampering, and
    disruption of information and services is kept
    low or tolerable
  • Security rests on confidentiality, authenticity,
    integrity, and availability

13
The Basic Components
  • Confidentiality is the concealment of information
    or resources.
  • Authenticity is the identification and assurance
    of the origin of information.
  • Integrity refers to the trustworthiness of data
    or resources in terms of preventing improper and
    unauthorized changes.
  • Availability refers to the ability to use the
    information or resource desired.

14
Security Policy and Mechanism
  • Policy a statement of what is, and is not
    allowed.
  • Mechanism a procedure, tool, or method of
    enforcing a policy.
  • Security mechanisms implement functions that help
    prevent, detect, and respond to recovery from
    security attacks.
  • Security functions are typically made available
    to users as a set of security services through
    APIs or integrated interfaces.

15
Close-Knit Attack Family
Active Attacks
Passive attacks
jam/cut it
sniff for content
capture modify
traffic analysis - who is talking
pretend
who to impersonate
I need to be Bill
16
Defense-in-Depth
Security principles layered mechanisms
17
Taxonomy of Threats
  • Taxonomy a way to classify and refer to threats
    (and attacks) by names/categories
  • Benefits avoid confusion
  • Focus/coordinate development efforts of security
    mechanisms
  • No standard yet
  • One possibility by results/intentions first,
    then by techniques, then further by targets, etc.
  • Associate severity/cost to each threat

18
A Taxonomy Example
  • By results then by (high-level) techniques
  • Illegal root
  • Remote, e.g., buffer-overflow a daemon
  • Local, e.g., buffer-overflow a root program
  • Illegal user
  • Single, e.g., guess password
  • Multiple, e.g., via previously installed
    back-door
  • Denial-of-Service
  • Crashing, e.g., teardrop, ping-of-death, land
  • Resource consumption, e.g., syn-flood
  • Probe
  • Simple, e.g., fast/regular port-scan
  • Stealth, e.g., slow/random port-scan
Write a Comment
User Comments (0)
About PowerShow.com