internet and cybersecurity
play

Internet and CyberSecurity 101 U.S. National Cybersecurity, - PowerPoint PPT Presentation

Apr 14, 2023 •480 likes •957 views

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado Network vs. Internet a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL), cable,

  1. Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

  2. Network vs. Internet ● a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL), cable, fiber etc. ● the Internet is a global network owned and operated by many different groups with often conflicting interests, ideals, goals, agendas, and policies

  3. Today ... ● What makes up the Internet ● How the Internet works ● How the Internet doesn't work .. and remember ... the information presented here is a GROSS oversimplification.

  4. Core vs. Edge ● The Internet can be roughly broken into the “Core” and the “Edge” ● The Internet “Edge” is composed of computers used by people to send or receive content ● The “Core” are all the computers that move traffic between computers on the “Edge”

  5. “Edge” Computers ● home computers ● computers that host web pages ● educational computers ● business computers ● governmental computers

  6. “Core” computers ● Routers : try to figure out how traffic goes from point A to point B (on the Internet)

  7. Core vs. Edge Edge Edge Core End Host router

  8. Who Owns the Core? ● Mostly owned by private companies (ISPs) ● Can think of Internet as an aggregation of smaller networks ● Companies are often multi-national (what might be the implications of this?) ● Many names you've heard of, AT&T, MCI, Sprint

  9. IP Addresses ● Any computer on the Internet can talk to any other (mostly) (yeeks! Once you plug in, everyone is your neighbor!) ● Computers “find” each other through virtual addresses” called “IP addresses” ● If someone knows the IP address of your computer, can talk to you

  10. What are IP Addresses? ● Just numbers (with dots in them) 123.114.23.4 10.15.46.32 ● Really just a value from 1 to (2^32 - 1) represented in octets (chunks of 2^8)

  11. IP Addresses Cont ... Note: Since so many computers are on the Internet; a person, or computer program, can choose an IP at random (just a number remember!) and it will likely be assigned to a computer - this process of iterating through lots of IP Addressess looking for a target is called “SCANNING”

  12. How Computers Talk ● Send “packets” of information (called IP packets or IP datagrams) ● Packets contain IP address of recipient and send plus data ip src | ip dst data Packet “header”

  13. Packets in the Core ● Packets are moved or “routed” from the sender to the receiver based on the destination IP address ● Note that, routers (computers in the core) ONLY look at the destination ● Sources can lie about who they are: “source spoofing”

  14. IP Packets Cannot be Used for Reliable Services ● If a computer (router, sender, end-host) is too busy, will drop packets ● If the header gets corrupted, packet gets dropped ● Data can get corrupted ● If a router dies, packets will get lost

  15. Transmission Control Protocol (TCP) ● Almost all communications on the Internet use higher-level mechanism (TCP) ● TCP uses IP packets plus black magic to ensure... – Data will not be corrupted – Data will not be lost – Data will arrive in the order it was sent ● Plus! TCP black magic makes source forging REALLY hard!

  16. User Datagram Protocol (UDP) ● Sometimes want to send data quickly, and don't need so much magic ● Who cares if you loose a bullet or two in quake? ● Who cares if bullets come out of order? ● Not used very often (except for DNS)

  17. Servers ● Some computers are only used to house services such as web pages or email ● Typically only offer services and aren't used like home computers ● Often located as close to the core as possible (in some basement downtown)

  18. Servers cont ... ● When connecting to a website, connecting to a server ● When getting your email, connecting to a server

  19. Clients ● Programs that connect to services on servers (used by you me and Aunt Bev) ● Web browsers (mozilla, ie, safari etc.) ● Email clients (outlook, Eudora, ... )

  20. Domain Name System (DNS) ● IP addresses are hard to remember (and boring) ... why not use names instead? ● Computers in the core map names to IP addresses – www.google.com – www.stanford.edu ● Called DNS servers ● “root” name servers most important! – Heavily guarded in unmarked buildings

  21. Checking News on the Web (putting it all together) ● Sit down at computer and load web browser ● Type in “news.google.com” ● My computer asks DNS server to map news.google.com to IP address ● DNS server responds with “64.233.167.99” (what could happen if server lies?!) ● Computer then asks Google's web server for news ● Google's web server responds ● procrastinate

  22. Ports ● A server can host multiple services (e.g. Web and email) ● Each service has a unique “port” (just another number) that clients connect to ● Ports are standardized on the Internet (80 www, 25 sending email, 21 ftp) ● Hackers see look to see what services are on a host by “port scanning”

  23. The Layered Model (another way to look at things) Application Web, email, ICQ TCP/UDP Transport Network IP Physical Analogue modem, ethernet, fiber etc.

  24. Each Layer Has its Own Vulnerabilities ● Physical – I chop your wires or bomb your building ● Network – I forge my source address ● Transport – I send too many TCP connection requests and freeze your computer ● Application – I send a web request to your server to make it croak

  25. Oh ... and Don't Forget the Weakest Layer of All Humans Application Transport Network Physical

  26. Humans are Vulnerable! ● Susceptible to beer, chocolate and the opposite sex ● Not experts (and shouldn't be!) ● Often don't care

  27. Attack Classifications (not mutually exclusive)

  28. Vulnerabilities & Attacks The nature of the network technologies, protocols, and operators are the basis for attacks. Attacks can (and will) come at vulnerabilities in every layer. Big Question: What is it about the Internet architecture that causes these vulnerabilities to exist? Humans Application Attacks Transport Network Physical

  29. Scanning & Fingerprinting What is it? Reconnaissance technique to explore networks, classify + analyze connected hosts, and identify potential vulnerabilities. Example: nmap security scanner

  30. Exploits What is it? The use of vulnerabilities in or misconfiguration of software or hardware to gain access to information or resources on a system. Exploits may be manual or automated. worms/viruses are exploits with code to facilitate propagation. example: Blaster worm exploits RPC bug

  31. Trojaned Software What is it? Software/Hardware with hidden functionality that its use allows an attacker an avenue to access a system or its information. This is sometimes also referred to as a “backdoor”. Example: A free copy of MSWord downloaded off of Kazaa may have been modified to include a trojan leading to a compromise.

  32. Denial of Service What is it? The malicious consumption of resources in order to make a system incapable of fulfilling its designed role. Attacks are often “distributed” to increase resource consumption (zombies or botnets). example: SYN flood against Yahoo

  33. Social Engineering Attack What is it? Any attempt that employs non-technical means to attack a system. Often the attacker uses information gleaned from outside sources to produce false credentials (dumpster diving). Attacks are often hybrid, relying on human and technical factors. example: Beagle virus used email domain name to pose as a message from the user’s ISP.

  34. Access Control Failures What is it? Failure to set up adequate access control – Default configurations – Privilege revocation Example: default administrator password for windows

  35. Authentication Failures What is it? Some authentication schemes are better than others: – Passwords – Public Key Crypto Example: phishing schemes that steal passwords break the authentication model.

  36. Infrastructure Attack What is it? An attack against the core systems that operate as the Internet infrastructure. Attacks can be either physical or virtual, often focusing on central points of failure. example: Attack on root DNS servers.

  37. Insider Threats What is it? Attacks that exploit an existing trust relationship to harm the overall security of a system. example: former employee uses knowledge of a company’s network systems and passwords to steal customer information entrusted to the company

  38. Traffic Sniffing/Modification What is it? Using access to a link or infrastructure system to examine or modify the contents of Internet traffic. Similar to a phone tap, with ability to change contents. example: ISP’s potential for information gathering

  39. Don’t Forget Attacks are only one of the reasons systems can fail. There are many other, perhaps less exciting, ways systems are vulnerable.

  40. Internet Security Mechanisms

  41. What is Cryptography A critical TOOL in securing information systems and their communications. ● You may have heard of: – SSL – Trusted Computing – Public Key Cryptography – Tripwire

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Regulating Information: Cybersecurity, Internet of Things, & Exploding Rules David

Regulating Information: Cybersecurity, Internet of Things, & Exploding Rules David

Regulating Information: Cybersecurity, Internet of Things, & Exploding Rules David Bodenheimer Evan Wolff Kate Growley Regulating Information The Internet of Things: Peering into the Future Cybersecurity & New Regulations

627 views • 28 slides
Understanding the Understanding the Bios/Photos Internet Internet Law School Event

Understanding the Understanding the Bios/Photos Internet Internet Law School Event

5/3/2004 Announcements U.S. National Cybersecurity Axess U.S. National Cybersecurity Forum Understanding the Understanding the Bios/Photos Internet Internet Law School Event William J. Perry Martin Casado Keith

240 views • 10 slides
Internet 101 U.S. National Cybersecurity, Technical Breakout #1 10/5/04 presented by: Martin

Internet 101 U.S. National Cybersecurity, Technical Breakout #1 10/5/04 presented by: Martin

Internet 101 U.S. National Cybersecurity, Technical Breakout #1 10/5/04 presented by: Martin Casado Network vs. Internet a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL),

748 views • 30 slides
Personal CyberSecurity Protecting Yourself from the Evils of the Internet Steve McEvoy March 6 th

Personal CyberSecurity Protecting Yourself from the Evils of the Internet Steve McEvoy March 6 th

Personal CyberSecurity Protecting Yourself from the Evils of the Internet Steve McEvoy March 6 th , 2020 Austin, TX The Internet has some scary s**t going on This is a self defense course Goals What is the #1 Security Risk to your

786 views • 60 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
SAME Presentation on Cybersecurity Andy Knauf CIO Mead & Hunt INTERNET SECURITY TESTING

SAME Presentation on Cybersecurity Andy Knauf CIO Mead & Hunt INTERNET SECURITY TESTING

SAME Presentation on Cybersecurity Andy Knauf CIO Mead & Hunt INTERNET SECURITY TESTING The engineers will scan Internet-visible hosts, identify services running on the hosts, and conduct testing for vulnerabilities to known exploits.

671 views • 15 slides
Cybersecurity and the Internet of Things Week 9 Frank Chen | Spring 2017 Frank Chen | Spring

Cybersecurity and the Internet of Things Week 9 Frank Chen | Spring 2017 Frank Chen | Spring

Many of the appliances that we use today are connected to the Internet CS 88S Cybersecurity and the Internet of Things Week 9 Frank Chen | Spring 2017 Frank Chen | Spring 2017 Agenda Review week 7's material Smart Transportation

737 views • 45 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Protecting Information: Cybersecurity and Risk Management Peter Miller Jennifer Romano

Protecting Information: Cybersecurity and Risk Management Peter Miller Jennifer Romano

Protecting Information: Cybersecurity and Risk Management Peter Miller Jennifer Romano Nathanial Wood Overview Cybersecurity and Risk, Generally Internet of Things New FAR Safeguarding Clause and Old DFARS Safeguarding

397 views • 25 slides
Data Privacy/Cybersecurity 2019-2020 How do we ensure protection of f student and staff data?

Data Privacy/Cybersecurity 2019-2020 How do we ensure protection of f student and staff data?

Data Privacy/Cybersecurity 2019-2020 How do we ensure protection of f student and staff data? What is Cybersecurity? The protection of Internet-connected systems and data from accidental damage, intentional attacks, or unauthorized access.

463 views • 19 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
How .CO ccTLD handles cybersecurity matters Agenda 1. About us 2. .CO Security Motivation

How .CO ccTLD handles cybersecurity matters Agenda 1. About us 2. .CO Security Motivation

How .CO ccTLD handles cybersecurity matters Agenda 1. About us 2. .CO Security Motivation Relationship Strategy Policies Process 3. .COllaboration Efforts in Colombia 4. Q&A 2 About us . CO Internet Started

529 views • 26 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2018 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

325 views • 18 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2019 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

212 views • 19 slides
Personal CyberSecurity How to Better Protect Yourself Online Steve McEvoy September 14 th , 2019

Personal CyberSecurity How to Better Protect Yourself Online Steve McEvoy September 14 th , 2019

Personal CyberSecurity How to Better Protect Yourself Online Steve McEvoy September 14 th , 2019 Fort Lauderdale, FL The Internet has some scary s**t going on This is a self defense course Poll Results - Ransomware Title The Dental Record

1.06k views • 89 slides
Measuring the Deployment of DNSSEC over the Internet System & Network Engineering Research

Measuring the Deployment of DNSSEC over the Internet System & Network Engineering Research

Introduction Methodology Results Measuring the Deployment of DNSSEC over the Internet System & Network Engineering Research Project Nicolas Canceill RIPE68 May 14, 2014 1/20 Introduction Methodology Results Introduction 1

673 views • 20 slides
Applications! Where we are in the Course Application layer protocols are often part of

Applications! Where we are in the Course Application layer protocols are often part of

Applications! Where we are in the Course Application layer protocols are often part of app But dont need a GUI, e.g., DNS Application Transport Network Link Physical CSE 461 University of Washington 2 Recall Application

1.65k views • 122 slides
ICANN & Internet Security (DNS) Security Albert Daniels Albert.daniels@icann.og Internet

ICANN & Internet Security (DNS) Security Albert Daniels Albert.daniels@icann.og Internet

ICANN & Internet Security (DNS) Security Albert Daniels Albert.daniels@icann.og Internet Week Guyana 11 th October 2017 | 1 What Does ICANN Mean for the End User? POLIC Y The Domain Name System Policy Development is an L-Root is one

636 views • 32 slides
ECE590 Computer and Information Security Fall 2018 Networking Overview Tyler Bletsch Duke

ECE590 Computer and Information Security Fall 2018 Networking Overview Tyler Bletsch Duke

ECE590 Computer and Information Security Fall 2018 Networking Overview Tyler Bletsch Duke University Some slides adapted from Brian Rogers (Duke) Network fundamentals This course isnt a networking course, so well just hit the highlights

682 views • 65 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #25 Dec 1 st 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Remainder of the semester: Quiz #3 is Today 40 mins

414 views • 20 slides
A new stub resolver Willem Toorop willem@nlnetlabs.nl API is: A DNS API specification (for

A new stub resolver Willem Toorop willem@nlnetlabs.nl API is: A DNS API specification (for

A new stub resolver Willem Toorop willem@nlnetlabs.nl API is: A DNS API specification (for resolving) by and for application developers (for application) First implementation by LABS and From Verisign: From NLnet Labs: Theogene Bucuti,

1.63k views • 113 slides
Ofcoms role in cyber security UKNOF Edinburgh Huw Saunders Director, Network Infrastructure

Ofcoms role in cyber security UKNOF Edinburgh Huw Saunders Director, Network Infrastructure

Ofcoms role in cyber security UKNOF Edinburgh Huw Saunders Director, Network Infrastructure PROMOTING CHOICE SECURING STANDARDS PREVENTING HARM Ofcom and cyber security Area of growing importance across all sectors, with

216 views • 7 slides
Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly

Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly

Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly internal problem Protection: mechanism for controlling the access of programs, processes, or users to the resources defined by a computer

499 views • 16 slides

More recommend