nete0519 & itec4614 computer network security
DESCRIPTION
NETE0519 & ITEC4614 Computer Network Security. Asst.Prof.Supakorn Kungpisdan, Ph.D. [email protected]. Supakorn Kungpisdan, Ph.D. Assistant Professor of Information Technology Education PhD (Computer Science and Software Engineering), Monash University, Australia - PowerPoint PPT PresentationTRANSCRIPT
![Page 2: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/2.jpg)
NETE0519-ITEC4614 2
Supakorn Kungpisdan, Ph.D.
Assistant Professor of Information Technology Education
PhD (Computer Science and Software Engineering), Monash University, Australia
M.Eng. (Computer Engineering), KMUTT Specializations
Information and Network Security, Electronic Commerce, Formal Methods, Computer Networking
![Page 3: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/3.jpg)
NETE0519-ITEC4614 3
Course Descriptions Textbook
W. Stallings: Cryptography and Network Security, 4th Edition, Pearson Prentice Hall, ISBN 0-13-202322-9 or later
Supplementary materials M. E. Whitman and H. J. Mattord, Principles of Information
Security, 3rd Edition, Thomson, ISBN 1-4239-0177-0 G. De Laet and G. Schauwers: Network Security Fundamentals,
Cisco Press, ISBN 1-58705-167-2
http://www.msit.mut.ac.th/media
![Page 4: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/4.jpg)
NETE0519-ITEC4614 4
Evaluation Criteria
Quizzes 10% Lab 30% Midterm exam 20% Final exam 40%
![Page 5: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/5.jpg)
Course Outlines
Network Security Overview Information Security
Symmetric Cryptography, Public-key Cryptography, Hash Functions and MAC
Network Security IP Security, Web Security, Email Security, Firewalls, Intrusion Detection
Systems
Security Management Security Standards and Policy
NETE0519-ITEC4614 5
![Page 7: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/7.jpg)
NETE0519-ITEC4614 7
What is Security?
“The quality or state of being secure—to be free from danger”
A successful organization should have multiple layers of security in place: Information Security Systems Security Network Security Security Management Physical security
![Page 8: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/8.jpg)
NETE0519-ITEC4614 8
Source: http://www.technewsworld.com/story/76109.html
![Page 9: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/9.jpg)
NETE0519-ITEC4614 9
Source:http://www.networkworld.com/research/2012/100812-security-manager39s-journal-i-hired-263130.html?source=nww_rss
![Page 10: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/10.jpg)
NETE0519-ITEC4614 10
Security Trends
![Page 11: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/11.jpg)
NETE0519-ITEC4614 11
C.I.A Triangle
Confidentiality Integrity Availability
![Page 12: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/12.jpg)
NETE0519-ITEC4614 12
Vulnerabilities, Threats, and Attacks
Vulnerability Threat Attack
![Page 13: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/13.jpg)
NETE0519-ITEC4614 13
![Page 14: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/14.jpg)
NETE0519-ITEC4614 14
![Page 15: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/15.jpg)
NETE0519-ITEC4614 15
How Hackers Exploit Weaknesses
![Page 16: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/16.jpg)
NETE0519-ITEC4614 16
Types of Attacks
Interruption Attack on Availability
Interception Attack on Confidentiality
![Page 17: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/17.jpg)
NETE0519-ITEC4614 17
Types of Attacks (cont.)
Modification Attack on Integrity Tampering a resource
Fabrication Attack on Authenticity Impersonation,
masquerading
![Page 18: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/18.jpg)
Passive VS Active Attacks
Passive Attacks To obtain information that is
being transmitted. E.g. Release of confidential
information and Traffic analysis Difficult to detect Initiative to launch an active
attack Interception Relieved by using encryption
Active Attacks Involve modification of the data
stream or creation of a false stream
E.g. Masquerade, replay, message modification, denial of services
Potentially detected by security mechanisms
Interruption, Modification, Fabrication
NETE0519-ITEC4614 18
![Page 19: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/19.jpg)
NETE0519-ITEC4614 19
Hackers White Hat Hackers Grey Hat Hackers Script Kiddies Hacktivists Crackers or Black Hat Hackers
![Page 20: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/20.jpg)
Malicious Codes
Viruses A destructive program code
that attaches itself to a host and copies itself and spreads to other hosts
Viruses replicates and remains undetected until being activated.
Worms Unlike viruses, worms is
independent of other programs or files. No trigger is needed.
Trojans Externally harmless program
but contains malicious code
Spyware Software installed on a target
machine sending information back to an owning server
NETE0519-ITEC4614 20
![Page 21: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/21.jpg)
NETE0519-ITEC4614 21
Security at Each Layer
![Page 22: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/22.jpg)
NETE0519-ITEC4614 22
A Model for Network Security
![Page 23: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/23.jpg)
NETE0519-ITEC4614 23
A Model for Network Access Security
![Page 24: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/24.jpg)
NETE0519-ITEC4614 24
Security Controls
![Page 25: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/25.jpg)
NETE0519-ITEC4614 25
![Page 26: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/26.jpg)
NETE0519-ITEC4614 26
NSTISSC Security Model
The National Security Telecommunications and Information Systems Security Committee
![Page 27: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/27.jpg)
NETE0519-ITEC4614 27
Balancing Information Security and Access
![Page 28: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/28.jpg)
NETE0519-ITEC4614 28
Approaches to Information Security Implementation
![Page 29: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/29.jpg)
NETE0519-ITEC4614 29
Approaches to Information Security Implementation: Bottom-Up Approach
Grassroots effort: systems administrators attempt to improve security of their systems
Key advantage: technical expertise of individual administrators
Seldom works, as it lacks a number of critical features:
Participant support
Organizational staying power
![Page 30: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/30.jpg)
NETE0519-ITEC4614 30
Approaches to Information Security Implementation: Top-Down Approach
Initiated by upper management
Issue policy, procedures, and processes
Dictate goals and expected outcomes of project
Determine accountability for each required action
The most successful also involve formal development strategy referred to as systems development life cycle
![Page 31: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/31.jpg)
NETE0519-ITEC4614 31
Security as a Social Science
Social science examines the behavior of individuals interacting with systems
Security begins and ends with the people that interact with the system
Security administrators can greatly reduce levels of risk caused by end users, and create more acceptable and supportable security profiles
![Page 32: NETE0519 & ITEC4614 Computer Network Security](https://reader035.vdocument.in/reader035/viewer/2022062423/5681449e550346895db153f5/html5/thumbnails/32.jpg)
Questions?
Next weekSymmetric Cryptography and
Applications