cse 484 cse m 584 computer security ios wireless security
play

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & - PowerPoint PPT Presentation

Nov 04, 2022 •194 likes •318 views

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham adrsham@cs With material from Franzi and Bens slides Logistics / Reminders Tomorrow Ian will introduce more tools you will need for Lab #3

  1. CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham adrsham@cs With material from Franzi and Ben’s slides

  2. Logistics / Reminders • Tomorrow Ian will introduce more tools you will need for Lab #3 • Lab #3 out soon, more info in a bit • Homework #3 due 5/29, 5pm • Office hour: – Michael and Adrian: 9:30-10:30am, CSE 218 • Today – iOS security – Networking basics – Wireless security – Wireshark

  3. Apple iOS Security • Device Security – Prevent unauthorized use of the device • Data Security – Protect data at rest; device may be lost or stolen • Network security – Networking protocols and encryption of data in transmission • App security – Secure platform foundation From : http://courses.cs.washington.edu/courses/cse484/14au/slides/LEC16.pdf

  4. iOS Sandbox From : http://courses.cs.washington.edu/courses/cse484/14au/slides/LEC16.pdf

  5. Quick review of networking http://www.howtogeek.com/66214/how-to-forward-ports-on-your-router/

  6. Encapsulation

  7. Terminology • MAC address: A unique identifier assigned to network interfaces for communications on the physical network segment • IP address: A numerical label assigned to each device in the network • FTP: A standard network protocol used to transfer computer files from one host to another over TCP • Port: A software construct serving as communications endpoint in a computer’s host operating system (SSH is port 22)

  8. Broadcast Nature of WiFi • Anyone can eavesdrop on wireless communications. – Even on some secured networks (e.g., secured with WEP) if eavesdropper is also on network. • Firesheep: one-click session hijacking – http://codebutler.github.com/firesheep/ • Solution: end-to-end encryption (SSL/TLS)

  9. Lab #3: Network Security Lab 1. Exploring Network Traces – Study network traffic using Wireshark, answer questions 2. Anomaly Detection – Write a program to identify port scanning 3. Network Attacks (Extra Credit) – Crack WEP – Decrypt HTTPS connection – Recover simulated victim’s username and PW

  10. Wireshark • Free & open-source network packet analyzer. • http://www.wireshark.org/ • Documentation http://www.wireshark.org/docs • Demo – Capturing packets – Filtering packets – Inspecting packets • HTTP vs. HTTPS • Security/Privacy – Wireshark allows you to monitor other people’s traffic – Do NOT use wireshark to violate privacy or security! • Great slides from CSE 461 here • A lot of resources online for Wireshark

  11. Wireshark tips • Linux install do ‘ sudo usermod – a – G wireshark <username>’, re -login • Color coding – Green: TCP – Dark Blue: DNS – Light Blue: UDP – Black: TCP with error • Filtering packets – Capture filter • udp • Tcp • Udp port 53 • Dst host www.cs.washington.edu – Display filter • ip.dst == 192.168.1.1 • http • http || arp • http && ip.src == 10.0.2.3 • tcp.port eq 80

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ECE590 Computer and Information Security Fall 2018 Wireless and Mobile Security Tyler Bletsch

ECE590 Computer and Information Security Fall 2018 Wireless and Mobile Security Tyler Bletsch

ECE590 Computer and Information Security Fall 2018 Wireless and Mobile Security Tyler Bletsch Duke University Adapted from Chapter 24: Wireless Network Security by Dr. Hossein Saiedian at Univ. Kansas, which in turn was adapted from

452 views • 27 slides
Information Security in a Wireless World Dennis D. Steinauer Computer Security Division

Information Security in a Wireless World Dennis D. Steinauer Computer Security Division

Information Security in a Wireless World Dennis D. Steinauer Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD Information Security in a Wireless World Basic

554 views • 30 slides
Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006

Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006

Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006 Ray Hunt, Associate Professor Dept. of Computer Science and Software Engineering University of Canterbury, New Zealand 1 Security Issues in Wireless

1.52k views • 131 slides
Writing a book on wireless security available online is like writing a book on safe Internet

Writing a book on wireless security available online is like writing a book on safe Internet

Agenda The purpose of this presentation is to: FIRST Technical Colloquium Uppsala, Sweden Give an overview of Wireless technology Highlight the security issues Securing Your associated with IEEE 802.11b Wireless LAN wireless LANs Suggest

413 views • 16 slides
Wireless Network Security and Mobile Commerce Dr. Gordon B. Agnew Electrical and Computer

Wireless Network Security and Mobile Commerce Dr. Gordon B. Agnew Electrical and Computer

Wireless Network Security and Mobile Commerce Dr. Gordon B. Agnew Electrical and Computer Engineering University of Waterloo gbagnew@engmail.uwaterloo.ca Overview Wireless LANS 1. WLAN Standards and Characteristics Overview of

899 views • 72 slides
ddurkee@connectingpoint.biz Security Policies Who has them? Do we need them? Wireless

ddurkee@connectingpoint.biz Security Policies Who has them? Do we need them? Wireless

Dan Durkee, Executive VP\Partner\Network Engineer Connecting Point Computer Center 303 S Third St, Bismarck, ND 58504 ddurkee@connectingpoint.biz Security Policies Who has them? Do we need them? Wireless Encryption Where have we

1.68k views • 56 slides
Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Wireless Security Confidentiality Integrity Wireless Architecture Access Points Which AP? The Evil Twin Attack Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion Battery

785 views • 41 slides
The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs Bluetooth Security and Cooperation in Wireless Networks Georg-August University Gttingen Security in Wireless Networks Wireless networks are

519 views • 48 slides
Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About

Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About

Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About It) Wade Trappe Agenda Agenda Tales from the Dark Side of Security Wireless in Particular Decomposing the Problem into Problems

697 views • 40 slides
Wireless Security for Hotspots &amp; Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &amp;

Wireless Security for Hotspots &amp; Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &amp;

Wireless Security for Hotspots &amp; Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &amp; Outdoor Wireless Security for Home Provides all-in-one DSL modem with Wi-Fi capability to residential customers Simplify setup to the

354 views • 21 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday &amp; Friday, 9:00 10:30 William Stallings

670 views • 19 slides
Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

412 views • 38 slides
Security Security as term, Possible Security violations Authentication Criteria for

Security Security as term, Possible Security violations Authentication Criteria for

BS1 WS19/20 topic-based slides Security Security as term, Possible Security violations Authentication Criteria for Trust in Computer Systems Three hearts of Windows Security DACLs A Look at Security System is secure if

988 views • 20 slides
CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human

CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human

Overview CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human Security 3.Program Security Security Computer security threats Unintentional: - Coding faults - Operational faults -

238 views • 8 slides
Nmap/Zenmap/Metasploit/Armitage website: http://nmap.org/ http://www.metasploit.com April 20 th

Nmap/Zenmap/Metasploit/Armitage website: http://nmap.org/ http://www.metasploit.com April 20 th

Nmap/Zenmap/Metasploit/Armitage website: http://nmap.org/ http://www.metasploit.com April 20 th 2015 Only perform scans and exploitations after receiving permission from the owner of the machine/device. Nmap Purpose Scan a

671 views • 30 slides
Trinity uses nmap in the film The Matrix Reloaded to hack the city power grid Benjamin

Trinity uses nmap in the film The Matrix Reloaded to hack the city power grid Benjamin

Trinity uses nmap in the film The Matrix Reloaded to hack the city power grid Benjamin uses nmap in Who Am I - No System is Safe to compromise the local power company, causing a brief blackout Lisbeth uses nmap in the film The

710 views • 26 slides
New School Onboarding (2020-21 School Year) Information for School Administrators 1 NCSEAA

New School Onboarding (2020-21 School Year) Information for School Administrators 1 NCSEAA

New School Onboarding (2020-21 School Year) Information for School Administrators 1 NCSEAA Website Information for Nonpublic Schools: Forms and Processes Webinars and MyPortal Instructions Nonpublic School Portal MyPortal

353 views • 8 slides
VOParis Data Centre Pierre Le Sidaner Observatoire de Paris COSADI Heidelberg, June 2013 1

VOParis Data Centre Pierre Le Sidaner Observatoire de Paris COSADI Heidelberg, June 2013 1

VOParis Data Centre Pierre Le Sidaner Observatoire de Paris COSADI Heidelberg, June 2013 1 VOParis Organisation Started 10 years ago to develop Virtual Observatory knowledge for data distribution at Observatoire de Paris Now a

407 views • 17 slides
R can be easily obtained by a WiFi-integrated mobile device, ECENT advances in smartphones have

R can be easily obtained by a WiFi-integrated mobile device, ECENT advances in smartphones have

IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 11, NO. 12, DECEMBER 2012 1983 Received-Signal-Strength-Based Indoor Positioning Using Compressive Sensing Chen Feng, Student Member , IEEE , Wain Sy Anthea Au, Shahrokh Valaee, Senior Member , IEEE

425 views • 11 slides
(Indoor) Localization of Sensors Motivation Astonishing growth of wireless systems in last

(Indoor) Localization of Sensors Motivation Astonishing growth of wireless systems in last

(Indoor) Localization of Sensors Motivation Astonishing growth of wireless systems in last years Wireless system used in large number of applications Wireless information access has become ubiquitous Gave rise to location-based

432 views • 42 slides
T HE ability to locate people and assets, to navigate beyond exhaustive search over subsets of

T HE ability to locate people and assets, to navigate beyond exhaustive search over subsets of

1 A Machine Learning Approach to Ranging Error Mitigation for UWB Localization Henk Wymeersch, Member, IEEE , Stefano Maran, Student Member, IEEE , Wesley M. Gifford, Student Member, IEEE , Moe Z. Win, Fellow, IEEE Abstract Location-awareness

429 views • 9 slides
Layouts Dynamic layout Swing and Layout Managers Layout strategies 1 CS 349 - Layouts 2 CS

Layouts Dynamic layout Swing and Layout Managers Layout strategies 1 CS 349 - Layouts 2 CS

Layouts Dynamic layout Swing and Layout Managers Layout strategies 1 CS 349 - Layouts 2 CS 349 - Layouts Two Interface Layout Tasks 1. Designing a spatial layout of widgets in a container 2. Adjusting that spatial layout when container

921 views • 27 slides

More recommend