CS 393/682: Network Security - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

CS 393/682: Network Security

Description:

CS 393/682: Network Security Professor Keith W. Ross Introduction * Introduction * Networks under attack What can wrong? How are computer networks vulnerable? – PowerPoint PPT presentation

Number of Views:128
Avg rating:3.0/5.0
Slides: 14
Provided by: Kei7156
Category:

less

Transcript and Presenter's Notes

Title: CS 393/682: Network Security


1
CS 393/682 Network Security
  • Professor Keith W. Ross

2
Networks under attack
  • What can wrong?
  • How are computer networks vulnerable?
  • What are some of the more prevalent attacks today?

3
The bad guys can put malware into your host via
the Internet
  • We connect our hosts to the Internet to get good
    stuff
  • E-mail, web pages, mp3s, video clips, search
    results, etc.
  • But along with the good stuff, comes the malware,
    which can
  • Delete files
  • Install spyware that collects private info
  • Enroll our compromised host in a botnet
  • thousands of similarly compromised devices which
    can be leveraged for DDoS attacks and spam
    distribution

4
Malware self-replicating
  • Once it infects one host
  • seeks entry into other hosts
  • and then into yet more hosts
  • Virus
  • Requires some form of human interaction to spread
  • Classic example E-mail viruses
  • Worms
  • No user interaction needed
  • Worm in infected host scans IP addresses and port
    numbers, looking for vulnerable processes to
    infect
  • Trojan horse
  • Hidden, devious part of some otherwise useful
    software

5
The bad guys can attack servers network
infrastructure
  • Denial of Service (DoS)
  • Diminishes usability of network host, network, or
    network infrastructure.
  • Vulnerability attack Attacker sends well-crafted
    messages to a vulnerable app or OS, crashing
    service or host.
  • Bandwidth flooding Attacker sends a deluge of
    packets to the targeted host. Targets access
    link becomes clogged..
  • Connection flooding The attacker establishes
    large number of half- or fully-open TCP
    connections at the target host. Target becomes
    incapable of accepting legitimate connections.

6
The bad guys can sniff packets
  • Passive sniffers near wireless transmitters
  • Wired environments too.
  • Many LANs broadcast
  • Residential cable access systems broadcast
  • Bad guys with access to internal network
    infrastructure can install sniffers.
  • Packet sniffers are passive
  • and therefore difficult to detect.

7
The bad guys can masquerade as someone you trust
  • Easy to create packet w/ arbitrary source
    address, packet content dest address
  • then transmit packet into the Internet
  • which forwards the packet to its destination.

The bad guys can modify or delete messages
  • Man-in-the-middle bad guy inserted in path
    between two communicating entities
  • Sniff, inject, modify, delete packets
  • Compromise integrity of data sent btwn 2 entities

8
How did the Internet get to be such an insecure
place?
  • Originally for a group of mutually trusting users
    attached to a transparent network.
  • By definition, no need for security
  • Mutual trust
  • By default, can send a packet to any other user
  • IP source address taken by default to be true
  • Today, communication between trusted users is the
    exception rather than the rule

9
Course Goals
  • Become expert in Internet protocols
  • Understand the types of problems
  • Survey some attacks
  • Become familiar with some attack tools
  • Understand the basic network security tools to
    counter the attacks
  • Become familiar with firewall, IDS, VPN
    configuration
  • Focus on principles rather than technology
    trends, current events
  • Examine some advanced research topics

10
Topics covered
  • Network attacks
  • reconnaissance, sniffing, port scanning, DDoS,
    TCP hijacking
  • Firewalls and intrusion detection
  • Cryptography
  • Symmetric key, public key, integrity
  • Secure protocols
  • PGP, SSL, IPsec, secure Wi-Fi
  • Advanced topics
  • IP source traceback
  • Reputation systems
  • VoIP security
  • P2P security

11
Labs
  • 1) Wireshark TCP/IP review
  • 2) Wireshark SSL
  • 3) IPsec and VPNs
  • 4) IKE (key negotiation for IPsec)
  • 5) IPmodules (firewalls)
  • 6) Network mapping with nmap

12
Prerequisites
  • CS 684 or equivalent course on computer
    networking
  • with a heavy dose of TCP/IP
  • Proficiency in Linux
  • CS 392/681 are NOT prerequisites

13
Recommended Books
  • Course PowerPoint slides
  • Network Security Essentials, William Stallings,
    1992, Prentice Hall decent introduction to
    cryptography and secure protocols.
  • Computer Networking, 4th Edition, Kurose and
    Ross, 2007 for networking and TCP/IP background
    material, cryptography and secure protocols
  • Counter Hack, 2nd Edition, Ed Skoudis, 2005, for
    material in first few lectures on attacks
  • Network Security, Private Communication in a
    Public World, C. Kaufman, R. Perlman, M.
    Speciner, Prentice Hall, 1995 more advanced.
Write a Comment
User Comments (0)
About PowerShow.com