csc290a network security
play

CSC290A Network Security Hofstra University Network Security - PowerPoint PPT Presentation

Jul 03, 2023 •611 likes •1.07k views

CSC290A Network Security Hofstra University Network Security Course, CSC290A 1 01/30/06 FAQs How Do Corporations Prevent Intrusions Into There Networks? What Does SHA1 And MD5 Mean When You Download? What Is A Certificate And How

  1. CSC290A – Network Security Hofstra University – Network Security Course, CSC290A 1 01/30/06

  2. FAQs How Do Corporations Prevent Intrusions Into There Networks? What Does SHA1 And MD5 Mean When You Download? What Is A Certificate And How Does It Secure Your Internet Transaction? Do You Really Have Privacy On The Internet? These are just a few of the many questions related to Network Security , one of the most active and rewarding areas in Information Technology. These and many other questions will be examined in this topical graduate seminar. This class uses slides, the Web, and hands- on demonstrations to explore a range of topics from the foundations of cryptography to the latest research concerning security on the Internet, while maintaining a healthy balance between theory and practice. Hofstra University – Network Security Course, CSC290A 2 01/30/06

  3. Course Description Survey of current issues, techniques, software, hardware and architectures related to network security. Examination of the protocols used for Internet services, their vulnerabilities and how they can be secured. Analysis of firewall design, cryptographic techniques, intrusion detection, port scanning, viruses, trojan horses and denial of services attacks. Basic principles of secure networking and application design will be studied and discussed. Prerequisites: None Hofstra University – Network Security Course, CSC290A 3 01/30/06

  4. Text Required Text William Stallings, Network Security Essentials: Applications and Standards – 2/e , Prentice-Hall, 2003, 432 pp., ISBN 0-13-035128-8 Reference William Stallings, Business Data Communications, 5 /e, Prentice- Hall, 2005, 608 pp., ISBN 0-13-144257-0 Cheswick, W. and Bellovin, S., Firewalls and Network Security: Repelling the Wiley Hacker , Addison Wesley, 2003, 464 pp., ISBN 0-201-63466-X William Stallings, Cryptography and Network Security: Principles and Practice , 4/e, Prentice Hall, 2006, 569 pp., ISBN 0-13-187316- 4 Bruce Schneier , Applied Cryptography: Protocols, Algorithms, and Source Code in C , 2/e, Wiley, 1996, 784 pp., ISBN 047-111709-9 Hofstra University – Network Security Course, CSC290A 4 01/30/06

  5. Grading Several assignments , three count mid-term and end-term Class participation Final project or paper No make-up test or extended deadlines Hofstra University – Network Security Course, CSC290A 5 01/30/06

  6. Point Allocation Assignments 1-3: 5% each Final Project: 30% Mid-Term: 25% End-Term: 25% Participation: 5% Hofstra University – Network Security Course, CSC290A 6 01/30/06

  7. Attendance Not Mandatory , but… …you’ll probably fail! Participation is very important Let me know if you can’t make it Hofstra University – Network Security Course, CSC290A 7 01/30/06

  8. Course Schedule 1 1/30 Introduction 2 2/06 Cryptography 3 2/13 Cryptography 4 2/27 Authentication Applications 5 3/6 E-Mail Security 6 3/13 IP Security, Networking, Tools 7 3/20 IP Security, Networking, Tools - Mid-Term Exam Due 8 3/27 Firewalls 9 4/3 Web Security 10 4/19 Electronic Commerce 11 4/24 Intruder, Viruses and Denial of Service 12 5/1 Network Management Security - Final Project/Paper Due 13 5/8 Intrusion Detection / Special Topics/Review 14 5/15 End-Term Exam Due Hofstra University – Network Security Course, CSC290A 8 01/30/06

  9. Slides, Links & News www.cs.hofstra.edu/~cscvjc/Spring06 Hofstra University – Network Security Course, CSC290A 9 01/30/06

  10. Class Rules Assignments are to be completed individually Academic honesty taken very seriously Any attempt to gain unauthorized access to any system will be dealt with harshly Hofstra University – Network Security Course, CSC290A 10 01/30/06

  11. Introduction Network Security Hofstra University – Network Security Course, CSC290A 11 01/30/06

  12. Information Security Physical Administrative “Lockup the file cabinet” Hofstra University – Network Security Course, CSC290A 12 01/30/06

  13. Private Networks Isolated to individual organizations Emergence of computer security Sharing a system Protecting data Hofstra University – Network Security Course, CSC290A 13 01/30/06

  14. Networking Networks start talking to each other Gateways Arpanet TCP/IP Everywhere Vinton Cerf, “IP On Everything!” Hofstra University – Network Security Course, CSC290A 14 01/30/06

  15. Maturing of the Internet Telephones used by 50% of worlds population Internet attains similar level of growth by 2010 – max growth Connecting computers and programmable devices More devices than people Hofstra University – Network Security Course, CSC290A 15 01/30/06

  16. Early Hacking Cap’n Crunch cereal prize Giveaway whistle produces 2600 MHz tone Blow into receiver – free phone calls “Phreaking” encouraged by Abbie Hoffman Doesn’t hurt anybody Hofstra University – Network Security Course, CSC290A 16 01/30/06

  17. Captain Crunch John Draper `71: Bluebox built by many Jobs and Wozniak were early implementers Developed “EasyWriter” for first IBM PC High-tech hobo White-hat hacker Hofstra University – Network Security Course, CSC290A 17 01/30/06

  18. The Eighties 1983 – “War Games” movie Federal Computer Fraud and Abuse Act - 1986 Robert Morris – Internet worm -1988 Brings over 6000 computers to a halt $10,000 fine His Dad worked for the NSA!!! Hofstra University – Network Security Course, CSC290A 18 01/30/06

  19. It Got Worse 1995 – Kevin Mitnick arrested for the 2 nd time Stole 20,000 credit card numbers First hacker on FBI’s Most Wanted poster Tools: password sniffers, spoofing http://www.2600.com Hofstra University – Network Security Course, CSC290A 19 01/30/06

  20. Tracking Attacks http://www.cert.org Hofstra University – Network Security Course, CSC290A 20 01/30/06

  21. Services, Mechanisms, Attacks (OSI Security Architecture) Attack – action that compromises the security of information owned by an organization Mechanisms – detect, prevent or recover from a security attack Services – enhance the security of data processing systems and xfers – counter security attacks Hofstra University – Network Security Course, CSC290A 21 01/30/06

  22. Security Attacks Information Information source destination Normal Flow Hofstra University – Network Security Course, CSC290A 22 01/30/06

  23. Security Attacks Information Information source destination Interruption • Attack on availability Hofstra University – Network Security Course, CSC290A 23 01/30/06

  24. Security Attacks Information Information source destination Interception • Attack on confidentiality Hofstra University – Network Security Course, CSC290A 24 01/30/06

  25. Security Attacks Information Information source destination Modification • Attack on integrity Hofstra University – Network Security Course, CSC290A 25 01/30/06

  26. Security Attacks Information Information source destination Fabrication • Attack on authenticity Hofstra University – Network Security Course, CSC290A 26 01/30/06

  27. Security Attacks Passive threats Release of message Traffic contents analysis • eavesdropping, monitoring transmissions Hofstra University – Network Security Course, CSC290A 27 01/30/06

  28. Security Attacks Active threats Masquerade Replay Modification of Denial of message contents service • some modification of the data stream Hofstra University – Network Security Course, CSC290A 28 01/30/06

  29. Security Attacks On the Internet, nobody knows you’re a dog - by Peter Steiner, New York, July 5, 1993 Hofstra University – Network Security Course, CSC290A 29 01/30/06

  30. Security Attacks Hofstra University – Network Security Course, CSC290A 30 01/30/06

  31. Security Services Confidentiality – protection from passive attacks Authentication – you are who you say you are Integrity – received as sent, no modifications, insertions, shuffling or replays Hofstra University – Network Security Course, CSC290A 31 01/30/06

  32. Security Services Nonrepudiation – can’t deny a message was sent or received Access Control – ability to limit and control access to host systems and apps Availability – attacks affecting loss or reduction on availability Hofstra University – Network Security Course, CSC290A 32 01/30/06

  33. Network Security Model Hofstra University – Network Security Course, CSC290A 33 01/30/06

  34. Network Security Model Four basic tasks in designing a security service: Design algorithm Generate secret information to be used Develop methods to distribute and share info Specify a protocol to be used by the two principals Hofstra University – Network Security Course, CSC290A 34 01/30/06

  35. Protocols – Simple To Complex Hofstra University – Network Security Course, CSC290A 35 01/30/06

  36. Network Access Security Model Hofstra University – Network Security Course, CSC290A 36 01/30/06

  37. Internet Standards and RFCs Internet Architecture Board (IAB) - overall architecture Internet Engineering Task Force (IETF) - engineering and development Internet Engineering Steering Group (IESG) - manages the IETF and standards process Hofstra University – Network Security Course, CSC290A 37 01/30/06

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

374 views • 13 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

932 views • 55 slides
Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

1.12k views • 92 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 3 Network Protocol Attacks Roadmap Network security The basic objectives: CIA

1.68k views • 39 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 3 Network Protocol Attacks Roadmap Network security The

502 views • 39 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #2 Aug 25 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Economist Survey Please read it Main points Security is a MUCH

600 views • 27 slides
TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Eike Ritter Network Security -

881 views • 38 slides
13 - Computer Security Network Security 1 Context

13 - Computer Security Network Security 1 Context

13 - Computer Security Network Security 1 Context Computers connected in a network - but also: smartphones, fridges, IoT devices, Each device has an IP address Packets are routed via

771 views • 51 slides
Re Re-thinking Ne Network Security in the Presence of Unknown Ne Network Elements Soo-Jin Moon

Re Re-thinking Ne Network Security in the Presence of Unknown Ne Network Elements Soo-Jin Moon

Re Re-thinking Ne Network Security in the Presence of Unknown Ne Network Elements Soo-Jin Moon 4 th year Ph.D. Student Carnegie Mellon University Advisor: Vyas Sekar Research Area: Network Security A Vulnerable Network! Networks: explosion

583 views • 7 slides
CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall 2015 Southeastern Security for Enterprise and Infrastructure (SENSEI) Center Reminders Poster showcase next Monday For final project: turn

533 views • 34 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #13 Oct 11 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Quiz #2 later today Allocate last 30 mins No Class

488 views • 30 slides
APNA 29th Annual Conference Session 2033.1: Thursday, October 29, 2015 The Transformation of

APNA 29th Annual Conference Session 2033.1: Thursday, October 29, 2015 The Transformation of

APNA 29th Annual Conference Session 2033.1: Thursday, October 29, 2015 The Transformation of Pediatric Psychiatric Nursing Practice to Enhance Therapeutic Outcomes Thomas Houston, RN, BSN Maria Tietcheu, RN, MSN, PMHNP Bruce Steakley, RN, BSN

53 views • 4 slides
An Introduction to the Identifier-Locator Network Protocol (ILNP) Presented by Joel Halpern

An Introduction to the Identifier-Locator Network Protocol (ILNP) Presented by Joel Halpern

An Introduction to the Identifier-Locator Network Protocol (ILNP) Presented by Joel Halpern Material prepared by Saleem N. Bhatti & Ran Atkinson https://ilnp.cs.st-andrews.ac.uk/ IETF102, Montreal, CA. (C) Saleem Bhatti, 21 June 2018. 1

779 views • 67 slides
Kill-Safe Synchronization Abstractions Matthew Flatt Robert Bruce Findler University of Utah

Kill-Safe Synchronization Abstractions Matthew Flatt Robert Bruce Findler University of Utah

Kill-Safe Synchronization Abstractions Matthew Flatt Robert Bruce Findler University of Utah University of Chicago 1 Sibling Food-Sharing Protocol 2 Sibling Food-Sharing Protocol 3 Sibling Food-Sharing Protocol 4 Sibling Food-Sharing

840 views • 67 slides
The Real-Time Channel Administration Protocol Bruce A. Mah The Tenet Group University of

The Real-Time Channel Administration Protocol Bruce A. Mah The Tenet Group University of

The Real-Time Channel Administration Protocol Bruce A. Mah The Tenet Group University of California, Berkeley and International Computer Science Institute Berkeley, California Hitachi-Tenet Meeting May 28-29, 1991 Bruce A. Mah The

498 views • 18 slides
Computer Communication Networks Transport ICEN/ICSI 416 Fall 2016 Prof. Dola Saha 1 Where

Computer Communication Networks Transport ICEN/ICSI 416 Fall 2016 Prof. Dola Saha 1 Where

Computer Communication Networks Transport ICEN/ICSI 416 Fall 2016 Prof. Dola Saha 1 Where to find in book? Materials covered in this section are in Chapter 5 and 6 of "Computer Networks: A Systems Approach", Larry Peterson

1.5k views • 123 slides
Alice and Bob in Love: Cryptographic Communication Using Natural Entropy Joseph Bonneau

Alice and Bob in Love: Cryptographic Communication Using Natural Entropy Joseph Bonneau

Natural Entropy Protocol Experimental Results Discussion Questions Alice and Bob in Love: Cryptographic Communication Using Natural Entropy Joseph Bonneau University of Cambridge Computer Laboratory 17 th International Workshop on Security

1.2k views • 40 slides
Building High Performance Microservices with Apache Thrift Rethinking service APIs in a Cloud

Building High Performance Microservices with Apache Thrift Rethinking service APIs in a Cloud

Building High Performance Microservices with Apache Thrift Rethinking service APIs in a Cloud Native environment Presenters Randy Abernethy ra@apache.org, randy.abernethy@rx-m.com Apache Thrift PMC CNCF member RX-M Cloud

206 views • 16 slides
Mobile Apps Often Need to Talk to a Remote server Internet Internet Saving resources (e.g.,

Mobile Apps Often Need to Talk to a Remote server Internet Internet Saving resources (e.g.,

Introduction Overview Detailed Design Evaluation Discussion Related Work Summary References Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services Chaoshun Zuo , Wubing Wang

347 views • 34 slides

More recommend