The

1
Chapter 4 The Internet And Security www.pearso
ned.ca/jessup
Robert Riordan, Carleton University
2
Learning Objectives

1. Describe the Internet and how it works
2. Describe the basic Internet services and the use
   of the World Wide Web
3. Explain what is meant by the term information
   systems security and describe various approaches
   for ensuring information systems security

3
History of the Internet

• ARPANET (Advanced Research Project Agency
  Network)
• Created in the 1960s by DARPA (Defense Advance
  Research Projects Agency)
• Used by government and universities as a means to
  communice for research purposes
• NSFNET (National Science Foundation Network)
• Created in 1986 by the National Science
  Foundation for connecting research institutions
• Connected to ARPANET and many others (BITNET,
  CSNET, etc) to become a major component of the
  Internet
• Internet Support
• Ongoing support comes from many universities,
  federal and state governments, and national
  international research institutions and industry

4
Visions of the Internet in the 1960s
5
How the Internet Works Connecting to the
Internet

• Modem (stands for Modulate/Demodulate)
• A modem converts signals back and forth from
  digital to analog for transmission and receipt
  between computers
• A computer requires a modem to get access to the
  Internet

• Internet Service Provider (ISP)
• These companies provides access to the Internet
  for a fee
• A computer is connected to an ISP through a modem
  to allow Internet access

• Network Access Points (NAPs)
• NAPs connect ISPs together
• They serve as Internet access points for the ISPs
  and serve as exchange points for Internet traffic

• Internet Backbone
• Collection of main network connections and
  telecommunications lines that make up the Internet

6
How the Internet Works Connecting Multiple
Networks

• Backbone Network
• Manages bulk of the network
• Typically a higher speed protocol than individual
  LAN segments (e.g. uses fiber-optic cable which
  transfers data at 2 gigabits/second vs. LAN speed
  at 10 megabits/second)

7
How the Internet Works Shows the Internet
Backbone
8
How the Internet Works Packet Switching

• Packet Switching
• Allows millions of users to send large and small
  chucks of data across the Internet concurrently
• Based on the concept of turn taking, packets from
  each user are alternated in the shared network
  (below)
• Networks connected to the Internet use this
  concept

9
How the Internet Works TCP/IP Routers
TCP/IP Approach

• TCP Transmission Control Protocol
• Breaks information into small chucks called data
  packets
• Manages the transfer of the packets from computer
  to computer
• Reassembles data packets into a message at the
  destination

• IP Internet Protocol
• Controls how data packets are formed
• Addresses each packet with the source and
  destination address
• A data packet conforming to the IP spec is called
  an IP datagram

• Routers
• Connect one network to another
• Identify each device on a network as unique using
  IP protocol
• Serve as the Traffic Cop directing packets to
  their destination

10
How the Internet Works Connecting Networks
Example Sending a message from Computer A to D
2
(Router) Reads IP Address of packet,
routes message to Network 2 and Computer D
1
3
(Computer A) TCP - Breaks message into
data packets IP - Adds address of destination
Computer D
(Computer D) TCP - Checks for missing
packets, reassembles message, discards
duplicate packets
11
How the Internet Works Web Addresses Domains

• Domain
• Identifies the Website (host)
• Comes in many suffixes such as
• .edu (educational institutions)
• .org (organizations non-profit)
• .mil (military)
• .net (network organizations)
• Example microsoft.com

• IP Address
• Each domain is associated with one or more IP
  addresses
• Format a 32-bit address written as 4 numbers
  (from 0-255) separated by periods
• Example 1.160.10.240

• (URL) Uniform Resource Locator
• Identifies particular Web pages within a domain
• Example http//www.microsoft.com/security/defaul
  t.mspx

12
How the Internet Works Managing the Internet

• Internet Registry
• Central repository of all Internet-related
  information
• Provides central allocation of all network system
  identifiers
• Managed by Internet Assigned Numbers Authority
  (IANA)

• Domain Name System (DNS)
• Maintained by the Internet Registry
• Used to associates hosts or domains with IP
  addresses
• Root DNS database is replicated across the
  Internet

• InterNic Registration Service
• Canadian Internet Registration Authority (CIRA)
• Assigns Internet Domains and IP addresses
• Internet Corp. for Assigned Names and Number
  (ICANN) has responsibility for managing IP
  addresses, domain names, and root server system
  management

13
World Wide Web

• Hypertext
• A Web page stored on a Web server
• Contains information and links to other related
  information (hyperlinks)
• HTML (Hypertext Markup Language)
• A standard method used to specify the format of
  Web pages
• Uses codes/tags which stipulate how the content
  should appear to the user
• Web Browser
• A software program used to locate and display Web
  pages
• Includes text, graphics, and multimedia content

Web Browser
14
World Wide Web

• HTTP (Hypertext Transfer Protocol)
• A protocol used to process user requests for
  displaying Web pages from a Web server
• Web Servers
• A special computer that is specifically designed
  to store and serve up Web pages
• This machine contains special hardware and
  software to perform its many specialized functions

15
World Wide Web - Architecture
16
Current State of the Internet
Internet hosts per 1000 inhabitants
Internet hosts 1991-2007Numbers in millions
17
Internet2
Internet Research User Frustration After 1995,
increases in personal and business traffic began
congesting the network primarily used for research
Internet2 University Corporation for Advanced
Internet Development (UCAID) was formed to lead
the design and development of an private
high-speed alternative to the public Internet
Abilene network backbone A new network has been
developed connecting IS researchers by use of
GigaPop (Gigabit Point of Presence) network
access points to a high-speed private network
(currently operating at 10Gbps with a goal of
100Gbps)
18
Internet2

• Mission Internet2 is a not-for-profit
  consortium, led by over 200 US universities,
  developing and deploying advanced network
  applications and technology, accelerating the
  creation of tomorrow's Internet.
• Facilitate and coordinate the development,
  deployment, operation, and technology transfer of
  advanced, network-based applications and network
  services to further US leadership in research and
  higher education and accelerate the availability
  of new services and applications on the Internet.

19
Internet2

• Abilene Internet2 backbone network (IP over
  SONET)
• A project of the University Corporation for
  Advanced Internet Development (UCAID) in
  collaboration with various corporate partners
• Link Capacity 13,000 miles of fiber optic cable,
  with over 8,000 miles of interior circuits and
  another 5,000 miles of access circuits
• Operates at OC-192 (9.6 gigabits per second) or
  about 354,000 times faster than a typical
  computer modem.

20
Internet2
21
Internet2

• Examples of Applications
• Grid computing
• Telemedicine
• Astronomy
• Tele-immersion
• Music
• Digital Video
• Tele-Operation of Remote Equipment
• Tele-Presence (Magic)

22
Changes to the Internet

• Privacy?
• Increased government access to personal
  information in the name of security / anti
  terrorism measures.
• Paying for bandwidth?
• Big sites Vs personal home pages
• Already exists in the world of cell phones, why
  not?

23
State of IS Security - Security Threats
Technologies

• Security Threats
• Today we hear about many security breaches that
  affect organizations and individuals. Some
  recently in the news
• Identity Theft gaining access to someones
  personal information allowing them to imitate
  you (stolen laptop)
• Denial of Service attacks on websites using
  zombie computers that overwhelm the site and
  shut it down
• Others Spyware, Spam, Wireless Access, Viruses

• Security Technologies
• Companies and research organizations continue to
  develop and refine technologies to prevent
  security breaches. Some Include
• Firewalls
• Biometrics
• VPN and Encryption

24
Security Threat Spyware, Spam, and Cookies

• Spyware
• Any software that covertly gathers information
  about a user through an Internet connection
  without the users knowledge
• Problems uses memory resources, uses bandwidth,
  and can cause system instability
• Prevention Firewalls and Anti-spyware software

• Spam
• Electronic junk mail or junk newsgroup postings
  usually for purpose of advertising some product
  and/or service
• Problems nuisance, wastes time deleting, uses
  storage
• Prevention Spam Blocker software

• Cookies
• A message passed to a browser from a Web server.
  Used by legitimate programs to store state and
  user information
• Problems can be used to track user activities
• Prevention browser settings, firewall

25
Information System Security Managerial
Techniques

• Organizational Policies and Procedures
• Acceptable Use Policies formally document how
  systems should be used, for what, and penalties
  for non-compliance

• Backups and Disaster Recovery
• Backups taking periodic snapshots of critical
  systems data and storing in a safe place or
  system (e.g. backup tape)
• Disaster Recovery Plans spell out detailed
  procedures to be used by the organization to
  restore access to critical business systems (e.g.
  viruses or fire)
• Disaster Recovery executing Disaster Recovery
  procedures using backups to restore the system to
  the last backup if it was totally lost

26
IS Security Technology
Firewalls A system of software, hardware or both
designed to detect intrusion and prevent
unauthorized access to or from a private network

• Firewall Techniques
• Packet Filter examine each packet entering and
  leaving network and accept/reject based on rules
• Application Level Control Performs certain
  security measures based on a specific application
  (e.g. file transfer)
• Circuit Level Control detects certain types of
  connections or circuits on either side of the
  firewall
• Proxy Server acts as, or appears as, an
  alternative server that hides the true network
  addresses

27
Security Technology Biometrics

• Biometrics
• A sophisticated authentication technique used to
  restrict access to systems, data and/or
  facilities
• Uses biological characteristics to identify
  individuals such as fingerprints, retinal
  patterns in the eye, etc. that are not easily
  counterfeited
• Has great promise in providing high security

28
Security Threat Viruses
Viruses Programs that can attack a computer
and/or a network and delete information, disable
software, use up system resources, etc.
Prevention Steps AntiVirus software Install
this software which is designed to block all
known viruses and offers automatic or manual
updates to virus patterns to block future
viruses No Disk Sharing Viruses can be
transferred to clean computers by inserting disks
containing infected files Delete Suspicious Email
Messages Do not open suspicious e-mail
messagesDelete Only! Report Viruses If you get
a virus, report it to you network administrator
immediately!
29
Computer Crimes

• Computer Crime
• The act of using a computer to commit an illegal
  act. The broad definition of computer crime can
  include the following
• Targeting a computer while committing an offense
  (e.g gaining entry to a computer system in order
  to cause damage to the computer or the data it
  contains)
• Using a computer to commit and offense
• (e.g. stealing credit card numbers from a
  company database)
• Using computers to support criminal activity
• (e.g. drug dealer using computers to store
  records of illegal transactions)

30
Computer Crimes and the Impact on Organizations
31
Computer Crime Unauthorized Access
Unauthorized Access A person gaining entry to a
computer system for which they have no authority
to use such access THIS IS A COMPUTER CRIME!
32
Computer Crime Unauthorized Access Trends
33
Computer Crimes Who Commits Them?
Unauthorized Access 1998 Survey of 1600
companies by PricewaterhouseCoopers 82 come
from inside the organization (employees)
34
Computer Crimes Who Commits Them?
Unauthorized Access 2004 Survey by Computer
Security Institute
35
Computer Crime Various Types 1st Half
36
Computer Crime Various Types 2nd Half
37
Computer Crimes - Hacking and Cracking
Hackers A term to describe unauthorized access to
computers based entirely on a curiosity to learn
as much as possible about computers. It was
originally used to describe MIT students in the
1960s that gained access to mainframes. It was
later used universally used for gaining
unauthorized access for any reason
Crackers A term to describe those who break into
computer systems with the intention of doing
damage or committing crimes. This term was
created because of protests by true hackers
38
Computer Crimes Cracker (Humorous)
39
Computer Crime Software Piracy
Software Piracy This practice of buying one copy
and making multiple copies for personal and
commercial use, or for resale is illegal in most
countries while others offer weak or nonexistent
protections. This has become and international
problem as shown below
40
Destructive Code that Replicates

• Viruses
• These programs disrupt the normal function of a
  computer system through harmless pranks or by
  destroying files on the infected computer. They
  come in several types
• Boot Sector attaches to the section of a hard
  disk or floppy disk that boots a computer.
• File Infector attach themselves to certain file
  types such as .doc, .exe, etc.
• Combination viruses can change types between
  boot sector and file infector to fool antivirus
  programs
• Attachment released from an e-mail when an
  attachment is launched. Can also send themselves
  your address book

Worms This destructive code also replicates and
spreads through networked computers but does
damage by clogging up memory to slow the computer
versus destroying files
41
Computer Crimes Destructive Code
42
Destructive Code that Doesnt Replicates
Trojan Horses These programs do not replicate but
can do damage as they run hidden programs on the
infected computer that appears to be running
normally (i.e. a game program that creates an
account on the unsuspecting users computer for
unauthorized access)

• Logic or Time Bombs
• A variation of a Trojan Horse that also do not
  replicate and are hidden but are designed to lie
  in wait for a triggering operation. (i.e. a
  disgruntled employee that sets a program to go
  off after they leave the company)
• Time Bombs are set off by dates (e.g. a
  birthday)
• Logic Bombs are set off by certain operations
  (e.g. a certain password)

43
Cyberwar and Cyberterrorism

• Cyberwar
• An organized attempt by a countrys military to
  disrupt or destroy the information and
  communications systems of another country. Common
  targets include
• Command and control systems
• Intelligence collection and distribution systems
• Information processing and distribution systems
• Tactical communication systems
• Troop and weapon positioning systems
• Friend-or-Foe identification systems
• Smart weapons systems

44
Cyberwar and Cyberterrorism

• A denial-of-service attack (DoS attack) or
  distributed denial-of-service attack (DDoS
  attack)
• an attempt to make a computer resource
  unavailable to its intended users.
• motives for, and targets of a DoS attack may vary
• generally consists of the concerted efforts of a
  person or people to prevent an Internet site or
  service from functioning efficiently or at all,
  temporarily or indefinitely.
• perpetrators of DoS attacks typically target
  sites or services hosted on high-profile web
  servers such as banks, credit card payment
  gateways, and even root nameservers.

45
Cyberwar and Cyberterrorism
Cyber Terrorism The use of computer and
networking technologies against persons or
property to intimidate or coerce governments,
civilians, or any segment of society in order to
attain political, religious, or ideological goals

• Responses to the Threat
• At greatest risk are those that depend highly on
  computers and networking infrastructure (i.e.
  governments, utilities, transportation providers,
  etc.) Responses include
• Improved intelligence gathering techniques
• Improved cross-government cooperation
• Providing incentives for industry security
  investment