CSC290A Network Security Hofstra University Network Security - - PowerPoint PPT Presentation

csc290a network security
SMART_READER_LITE
LIVE PREVIEW

CSC290A Network Security Hofstra University Network Security - - PowerPoint PPT Presentation

Jul 03, 2023 611 likes •1.07k views

CSC290A Network Security Hofstra University Network Security Course, CSC290A 1 01/30/06 FAQs How Do Corporations Prevent Intrusions Into There Networks? What Does SHA1 And MD5 Mean When You Download? What Is A Certificate And How

slide-1
SLIDE 1

01/30/06 Hofstra University – Network Security Course, CSC290A 1

CSC290A – Network Security

slide-2
SLIDE 2

01/30/06 Hofstra University – Network Security Course, CSC290A 2

FAQs

How Do Corporations Prevent Intrusions Into There Networks? What Does SHA1 And MD5 Mean When You Download? What Is A Certificate And How Does It Secure Your Internet Transaction? Do You Really Have Privacy On The Internet? These are just a few of the many questions related to Network Security, one of the most active and rewarding areas in Information

  • Technology. These and many other questions will be examined in this

topical graduate seminar. This class uses slides, the Web, and hands-

  • n demonstrations to explore a range of topics from the foundations
  • f cryptography to the latest research concerning security on the

Internet, while maintaining a healthy balance between theory and practice.

slide-3
SLIDE 3

01/30/06 Hofstra University – Network Security Course, CSC290A 3

Course Description

Survey of current issues, techniques, software, hardware and architectures related to network security. Examination of the protocols used for Internet services, their vulnerabilities and how they can be secured. Analysis of firewall design, cryptographic techniques, intrusion detection, port scanning, viruses, trojan horses and denial of services attacks. Basic principles of secure networking and application design will be studied and discussed. Prerequisites: None

slide-4
SLIDE 4

01/30/06 Hofstra University – Network Security Course, CSC290A 4

Text

Required Text William Stallings, Network Security Essentials: Applications and Standards – 2/e, Prentice-Hall, 2003, 432 pp., ISBN 0-13-035128-8 Reference William Stallings, Business Data Communications, 5/e, Prentice- Hall, 2005, 608 pp., ISBN 0-13-144257-0 Cheswick, W. and Bellovin, S., Firewalls and Network Security: Repelling the Wiley Hacker, Addison Wesley, 2003, 464 pp., ISBN 0-201-63466-X William Stallings, Cryptography and Network Security: Principles and Practice, 4/e, Prentice Hall, 2006, 569 pp., ISBN 0-13-187316- 4 Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2/e, Wiley, 1996, 784 pp., ISBN 047-111709-9

slide-5
SLIDE 5

01/30/06 Hofstra University – Network Security Course, CSC290A 5

Grading

Several assignments, three count mid-term and end-term Class participation Final project or paper No make-up test or extended deadlines

slide-6
SLIDE 6

01/30/06 Hofstra University – Network Security Course, CSC290A 6

Point Allocation

Assignments 1-3: 5% each Final Project: 30% Mid-Term: 25% End-Term: 25% Participation: 5%

slide-7
SLIDE 7

01/30/06 Hofstra University – Network Security Course, CSC290A 7

Attendance

Not Mandatory, but… …you’ll probably fail! Participation is very important Let me know if you can’t make it

slide-8
SLIDE 8

01/30/06 Hofstra University – Network Security Course, CSC290A 8

Course Schedule

End-Term Exam Due 5/15 14 Intrusion Detection / Special Topics/Review 5/8 13 Network Management Security - Final Project/Paper Due 5/1 12 Intruder, Viruses and Denial of Service 4/24 11 Electronic Commerce 4/19 10 Web Security 4/3 9 Firewalls 3/27 8 IP Security, Networking, Tools - Mid-Term Exam Due 3/20 7 IP Security, Networking, Tools 3/13 6 E-Mail Security 3/6 5 Authentication Applications 2/27 4 Cryptography 2/13 3 Cryptography 2/06 2 Introduction 1/30 1

slide-9
SLIDE 9

01/30/06 Hofstra University – Network Security Course, CSC290A 9

Slides, Links & News

www.cs.hofstra.edu/~cscvjc/Spring06

slide-10
SLIDE 10

01/30/06 Hofstra University – Network Security Course, CSC290A 10

Class Rules

Assignments are to be completed individually Academic honesty taken very seriously Any attempt to gain unauthorized access to any system will be dealt with harshly

slide-11
SLIDE 11

01/30/06 Hofstra University – Network Security Course, CSC290A 11

Introduction

Network Security

slide-12
SLIDE 12

01/30/06 Hofstra University – Network Security Course, CSC290A 12

Information Security

Physical Administrative “Lockup the file cabinet”

slide-13
SLIDE 13

01/30/06 Hofstra University – Network Security Course, CSC290A 13

Private Networks

Isolated to individual organizations Emergence of computer security Sharing a system Protecting data

slide-14
SLIDE 14

01/30/06 Hofstra University – Network Security Course, CSC290A 14

Networking

Networks start talking to each other Gateways Arpanet TCP/IP Everywhere Vinton Cerf, “IP On Everything!”

slide-15
SLIDE 15

01/30/06 Hofstra University – Network Security Course, CSC290A 15

Maturing of the Internet

Telephones used by 50% of worlds population Internet attains similar level of growth by 2010 – max growth Connecting computers and programmable devices More devices than people

slide-16
SLIDE 16

01/30/06 Hofstra University – Network Security Course, CSC290A 16

Early Hacking

Cap’n Crunch cereal prize Giveaway whistle produces 2600 MHz tone Blow into receiver – free phone calls “Phreaking” encouraged by Abbie Hoffman Doesn’t hurt anybody

slide-17
SLIDE 17

01/30/06 Hofstra University – Network Security Course, CSC290A 17

Captain Crunch

John Draper `71: Bluebox built by many Jobs and Wozniak were early implementers Developed “EasyWriter” for first IBM PC High-tech hobo White-hat hacker

slide-18
SLIDE 18

01/30/06 Hofstra University – Network Security Course, CSC290A 18

The Eighties

1983 – “War Games” movie Federal Computer Fraud and Abuse Act - 1986 Robert Morris – Internet worm -1988 Brings over 6000 computers to a halt $10,000 fine His Dad worked for the NSA!!!

slide-19
SLIDE 19

01/30/06 Hofstra University – Network Security Course, CSC290A 19

It Got Worse

1995 – Kevin Mitnick arrested for the 2nd time Stole 20,000 credit card numbers First hacker on FBI’s Most Wanted poster Tools: password sniffers, spoofing http://www.2600.com

slide-20
SLIDE 20

01/30/06 Hofstra University – Network Security Course, CSC290A 20

Tracking Attacks

http://www.cert.org

slide-21
SLIDE 21

01/30/06 Hofstra University – Network Security Course, CSC290A 21

Services, Mechanisms, Attacks (OSI Security Architecture)

Attack – action that compromises the security of information owned by an

  • rganization

Mechanisms – detect, prevent or recover from a security attack Services – enhance the security of data processing systems and xfers – counter security attacks

slide-22
SLIDE 22

01/30/06 Hofstra University – Network Security Course, CSC290A 22

Security Attacks

Information source Information destination

Normal Flow

slide-23
SLIDE 23

01/30/06 Hofstra University – Network Security Course, CSC290A 23

Security Attacks

Information source Information destination

Interruption

  • Attack on availability
slide-24
SLIDE 24

01/30/06 Hofstra University – Network Security Course, CSC290A 24

Security Attacks

Information source Information destination

Interception

  • Attack on confidentiality
slide-25
SLIDE 25

01/30/06 Hofstra University – Network Security Course, CSC290A 25

Security Attacks

Information source Information destination

Modification

  • Attack on integrity
slide-26
SLIDE 26

01/30/06 Hofstra University – Network Security Course, CSC290A 26

Security Attacks

Information source Information destination

Fabrication

  • Attack on authenticity
slide-27
SLIDE 27

01/30/06 Hofstra University – Network Security Course, CSC290A 27

Security Attacks

Release of message contents Traffic analysis

  • eavesdropping, monitoring transmissions

Passive threats

slide-28
SLIDE 28

01/30/06 Hofstra University – Network Security Course, CSC290A 28

Security Attacks

Masquerade Denial of service

  • some modification of the data stream

Active threats

Replay Modification of message contents

slide-29
SLIDE 29

01/30/06 Hofstra University – Network Security Course, CSC290A 29

Security Attacks

On the Internet, nobody knows you’re a dog

  • by Peter Steiner, New York, July 5, 1993
slide-30
SLIDE 30

01/30/06 Hofstra University – Network Security Course, CSC290A 30

Security Attacks

slide-31
SLIDE 31

01/30/06 Hofstra University – Network Security Course, CSC290A 31

Security Services

Confidentiality – protection from passive attacks Authentication – you are who you say you are Integrity – received as sent, no modifications, insertions, shuffling or replays

slide-32
SLIDE 32

01/30/06 Hofstra University – Network Security Course, CSC290A 32

Security Services

Nonrepudiation – can’t deny a message was sent or received Access Control – ability to limit and control access to host systems and apps Availability – attacks affecting loss or reduction on availability

slide-33
SLIDE 33

01/30/06 Hofstra University – Network Security Course, CSC290A 33

Network Security Model

slide-34
SLIDE 34

01/30/06 Hofstra University – Network Security Course, CSC290A 34

Network Security Model

Design algorithm Generate secret information to be used Develop methods to distribute and share info Specify a protocol to be used by the two principals Four basic tasks in designing a security service:

slide-35
SLIDE 35

01/30/06 Hofstra University – Network Security Course, CSC290A 35

Protocols – Simple To Complex

slide-36
SLIDE 36

01/30/06 Hofstra University – Network Security Course, CSC290A 36

Network Access Security Model

slide-37
SLIDE 37

01/30/06 Hofstra University – Network Security Course, CSC290A 37

Internet Standards and RFCs

Internet Architecture Board (IAB)

  • overall architecture

Internet Engineering Task Force (IETF)

  • engineering and development

Internet Engineering Steering Group (IESG)

  • manages the IETF and standards process
slide-38
SLIDE 38

01/30/06 Hofstra University – Network Security Course, CSC290A 38

Request For Comments (RFC)

RFCs are the working notes of the Internet research and development community

slide-39
SLIDE 39

01/30/06 Hofstra University – Network Security Course, CSC290A 39

Standardization Process

Stable and well understood Technically competent Substantial operational experience Significant public support Useful in some or all parts of Internet

Key difference from ISO: operational experience

slide-40
SLIDE 40

01/30/06 Hofstra University – Network Security Course, CSC290A 40

RFC Publication Process

I n t e r n e t d r a f t E x p e r i m e n t a l I n f o r m a t i o n a l P r o p o s e d s t a n d a r d D r a f t s t a n d a r d I n t e r n e t s t a n d a r d H i s t o r i c I E T F I E S G < 6 m o n t h s > 6 m o n t h s > 4 m o n t h s t w o i n d e p e n d e n t i m p l e m e n t a t i o n s

slide-41
SLIDE 41

01/30/06 Hofstra University – Network Security Course, CSC290A 41

Some Current Topics

http://www.aclu.org/pizza/images/screen.swf Eavesdropping Leaps Into 21st Century – Matthew Fordahl, NY Times, 1/22/2006 Privacy for People Who Don't Show Their Navels – Jonathan D. Glater, NY Times, 1/25/2006 Why We Listen – Philip Bobbitt, NY Times, 1/30/2006

slide-42
SLIDE 42

01/30/06 Hofstra University – Network Security Course, CSC290A 42

Useful Websites

http://www.williamstallings.com/NetSec2e.html Some recommended sites by the text author http://www.rfc-editor.org/rfcsearch.html Search RFCs http://www.cert.org Center for Internet security http://www.counterpane.com/alerts.html Some recent alerts

slide-43
SLIDE 43

01/30/06 Hofstra University – Network Security Course, CSC290A 43

Homework

Read Chapter One Read NYTimes Articles Under “Documents” http://www.cs.hofstra.edu/~cscvjc/Spring06 Be Ready To Discuss

slide-44
SLIDE 44

01/30/06 Hofstra University – Network Security Course, CSC290A 44

Have A Nice Week!!!