internet discussion
play

Internet Discussion Theme: Death by TLAs Slides with * are not - PowerPoint PPT Presentation

Sep 13, 2023 •307 likes •601 views

Internet Discussion Theme: Death by TLAs Slides with * are not testable material Theme of the Day - An analysis: Well, technically most are initialisms, because we say each letter as opposed to sounding them out as one word.

  1. Internet Discussion Theme: “Death by TLAs” Slides with “*” are not testable material

  2. Theme of the Day - An analysis: Well, technically most are “initialisms”, because we say each letter as opposed to sounding them out as one word. Photo credit to xckd.com

  3. Breakdown ● Review of DNS lookup ● Priorities in Internet Communication ● Review of Information Transfer ● DDoS Attacks ● MITM (Man-In-The-Middle) Attacks

  4. What happens when we type an address into the URL bar?

  5. DNS Turn www.google.com into 74.125.239.113 ● https://www.youtube.com/watch?v=BCjUbpIzRs8 ● Like an address, DNS “zooms in” by analyzing parts of the URL before others ○ Before sending a package to the correct address, packages are first sent to the correct city ● What are the steps? ○ Send request to “.” root DNS server ○ Send request to returned “.com” DNS server ○ Send request to returned “google.com” DNS server ○ This issues the location of “www.google.com” as 74.125.239.113 ○ Save address and continue communication with the correct ip

  6. DNS Photo Credit: www.palaestratraining.com

  7. Question: What kind of vulnerabilities can you see with this system?

  8. Question: What can we do to prevent such an attack?

  9. Question: What do we care about in regards to secure communication over the internet?

  10. Aspects of Internet Communication Security ● Reliability : Ensure that information arrives uncorrupted ● Confidentiality : Ensure only the intended reader can read the message ● Integrity : Ensure that the message delivered is not manipulated or changed ● Authenticity : Ensure that you are communicating with the desired party

  11. Review of Information Transfer How does Alice send a message to Bob over the internet?

  12. Traceroute from Lab shows all the computers your information crosses before reaching the designated website “www.google.com” Question: How could more “hops” increase the vulnerability of your communication?

  13. Packets ● Akin to a letter containing an address with “delivery instructions” and some amount of information ~128 bytes total ● Used to carry pieces of your data in discrete packets. ● Statistics: ○ 3MB song file requires about 24000 packets to send! ○ Over 700 billion packets sent every single second worldwide!* *Based on ~21 Exabytes global data transfer each month

  14. From lab, Ping times how long it takes to send and receive a packet from a website.

  15. Delays ● Packets are fast ● But not instantaneous ● Delays open window for sneaky attacks ● Packet delays limit how much information can be transferred ● Question: Can this delay compromise... ○ Reliability? ○ Confidentiality? ○ Integrity? ○ Authenticity? Photo credit to xkcd.com

  16. Compromised Reliability?

  17. DDoS (Compromised Reliability) ● Goal: Cut off communication between Alice and Bob ● Packet delays limit how much information can be transferred ● Too much communication leads to a Denial of Service ○ Think of a traffic jam! ● https://www.youtube.com/watch?v=OhA9PAfkJ10 ● Attack Map: bit.ly/1b7EYDk ● Question: How can we protect against this?

  18. Use More Servers!* ● Use scalable server resources which allow you to use more servers only when you need them

  19. Compromised Confidentiality?

  20. Eavesdropping* ● Remember how many “hops” we saw in TraceRoute ● Each of these computer’s along the path sees this internet traffic ● http://www.pcworld. com/article/209333/how_to_hijack_facebook_using_fire sheep.html

  21. Firesheep allows a user to see all unprotected communication on a network. This included sending passwords and financial data!

  22. Eavesdropping* ● Remember how many “hops” we saw in TraceRoute ● Each of these computer’s along the path sees this internet traffic ● http://www.pcworld. com/article/209333/how_to_hijack_facebook_using_fire sheep.html ● Question: How can we protect against this type of attack?

  23. Encryption We can protect our information by encoding our traffic with a special key that only lets the owner of that key to read the message. Look for in the URL before entering passwords or any other information you want kept private.

  24. Compromised Integrity?

  25. Data Modification (Compromised Integrity)* ● Alice wants to make a deposit in Bob’s Bank Account by sending the amount and Bob’s bank account to the bank website ● Eve as usual has access to all communication between Alice and Bob ● Eve can intercept and change the account number from Bob’s to her own! ● http://money.cnn.com/2013/10/28/technology/barack- obama-twitter-hack/ ● Question: How can we protect against this?

  26. Encryption! ● Again encryption can help by making it impossible for Eve to know what part of the message to modify

  27. Compromised Authenticity?

  28. Spoof!* ● As an attacker, we can alter communication to act as someone else ● http://www.csmonitor.com/World/Middle- East/2011/1215/Exclusive-Iran-hijacked-US-drone-says- Iranian-engineer-Video ● How can we ever know that the person we are communicating with is really them? ● Question: How could you try to protect against an attack like this?

  29. Key Signing Parties! (Extreme example) * ● Authenticity is a very difficult aspect to ensure and some go to great lengths to achieve it ● At key signing parties participants exchange encryption information in person.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

+ Internet and Ethics for School Psychologists: A Discussion of the Issues + Learning

+ Internet and Ethics for School Psychologists: A Discussion of the Issues + Learning

+ Internet and Ethics for School Psychologists: A Discussion of the Issues + Learning Objectives - Participants will apply the APA General Principles and Ethical Standards to the use of the Internet. Participants will apply the

366 views • 25 slides
No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your favourite team? Do you use the internet to watch music videos? Do you use the Internet to read the news? Do you use the Internet to play games? Shared

997 views • 51 slides
Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet Server Client Attack vectors MAN DNS LAN Client Internet Back Bone Router Networking WWW overview MITM (Man In The Middle) 3 2 4 5 LAN

244 views • 23 slides
Mobile Apps Often Need to Talk to a Remote server Internet Internet Saving resources (e.g.,

Mobile Apps Often Need to Talk to a Remote server Internet Internet Saving resources (e.g.,

Introduction Overview Detailed Design Evaluation Discussion Related Work Summary References Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services Chaoshun Zuo , Wubing Wang

347 views • 34 slides
How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

5/15/2012 How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been tremendously successful From Architecture to Network Has sustained tremendous growth g Supports very diverse set of applications

484 views • 10 slides
Internet Area IPv6 Multi-Addressing, Locators and Paths Objective To facilitate an Internet

Internet Area IPv6 Multi-Addressing, Locators and Paths Objective To facilitate an Internet

Internet Area IPv6 Multi-Addressing, Locators and Paths Objective To facilitate an Internet Area discussion in the next 45 (or so) minutes on IPv6, Multi- Addressing and Path Maintenance approaches Goals: Raise awareness of the

466 views • 15 slides
Discussion Researchers use the discussion to examine their work in the larger context of

Discussion Researchers use the discussion to examine their work in the larger context of

Providence University Discussion College of Management Discussion is usually the last major section of the report, followed by the list of references. In the discussion you step back and take a broad look at your findings and your

397 views • 4 slides
IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites Robert Bjekovic, University of applied sciences Ravensburg Weingarten, Weingarten, Germany Michael Elwert, University of applied

351 views • 32 slides
Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of

Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of

Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of Networking and Computing, Where Everything Is Intelligently Connected Family device layout. Think weve done in past. Add in printer, electric meter,

397 views • 22 slides
Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet

Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet

Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet Internet is international scope with users on every continent Asians make up 40% of Internet population Europeans about 20% North America

1.01k views • 56 slides
Internet Voting and Ranked Ballots 2018 Municipal Election Special Committee of the Whole

Internet Voting and Ranked Ballots 2018 Municipal Election Special Committee of the Whole

Internet Voting and Ranked Ballots 2018 Municipal Election Special Committee of the Whole January 30, 2017 Purpose Continuation of discussion of internet voting from October 5, 2015 Outline recommended voting method options for 2018

792 views • 32 slides
Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement

Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement

Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement Systems Workshop (AIMS) February 6-8, 2013 Ram Durairajan Computer Sciences University of Wisconsin Motivation rkrish@cs.wisc.edu 2

505 views • 33 slides
History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet timeline from 1970s until today The Internet today 2 Origins of the Internet J.C.R. Licklider of MIT in August 1962 wrote about the

562 views • 13 slides
Deferred Peerings as Obstacles on the Internet Thomas Rieder HTTPS://PEERING.RIEDER.IO

Deferred Peerings as Obstacles on the Internet Thomas Rieder HTTPS://PEERING.RIEDER.IO

Deferred Peerings as Obstacles on the Internet Thomas Rieder HTTPS://PEERING.RIEDER.IO Discussion Motivation Fundamentals Design Methodology Conclusion Motivation Pe Peering : Direct connection between two networks on the Internet

419 views • 40 slides
Internet routing is based on routing protocols that collect the input data No off-line route

Internet routing is based on routing protocols that collect the input data No off-line route

Introduction to Routing in Internet Internet basics IPv4 and ICMP Internet Addressing ARP - Address Resolution Protocol Routing Information (Distance Vector ) Protocol Principles 3-1 S-38.121 S-02 Rka, NB Internet routing is based on

214 views • 18 slides
1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

Background of Chapter Software Infrastructure of the Commercializing Internet Not finished Mostly journalistic Recounting of basic events from secondary sources Focus on interplay between technology and business models Thomas

463 views • 3 slides
Goals for Today Learning Objective: Understand why secure systems fail Announcements,

Goals for Today Learning Objective: Understand why secure systems fail Announcements,

Goals for Today Learning Objective: Understand why secure systems fail Announcements, etc: MP3 is now available for download on Compass! DUE APRIL 15th (5 days from now) MP2.5 enrollment now closed! MP4 Release Date

297 views • 19 slides
CS333 Intro to Operating Systems Jonathan Walpole Security Overview Different aspects of

CS333 Intro to Operating Systems Jonathan Walpole Security Overview Different aspects of

CS333 Intro to Operating Systems Jonathan Walpole Security Overview Different aspects of security User authentication Protection mechanisms Attacks: - trojan horses, spoofing, logic bombs, trap doors, buffer overflow attacks, viruses,

1.2k views • 59 slides
Security III: Availability, DDoS, sli.do time and Routing Security 15-441 Spring 2019 (yell

Security III: Availability, DDoS, sli.do time and Routing Security 15-441 Spring 2019 (yell

3/28/19 Security III: Availability, DDoS, sli.do time and Routing Security 15-441 Spring 2019 (yell at me if I dont notice?) Profs Peter Steenkiste & Justine Sherry & (Guest Lecturer) Sannan Slides almost entirely copied from

288 views • 18 slides
Yang Models for I2NSF Capabilities draft-hares-i2nsf-capabilities-yang Susan Hares Co-author:

Yang Models for I2NSF Capabilities draft-hares-i2nsf-capabilities-yang Susan Hares Co-author:

Yang Models for I2NSF Capabilities draft-hares-i2nsf-capabilities-yang Susan Hares Co-author: Robert Moskowitz` Capability Model (Xia, et al.) External Meta External ECA Model Model Capability sub-model Attack Mitigation Network Security

258 views • 15 slides
Is Software Malfunction an Oxymoron? Jesse Hughes July 25, 2007 Hughes Is Software Malfunction

Is Software Malfunction an Oxymoron? Jesse Hughes July 25, 2007 Hughes Is Software Malfunction

An introduction to malfunction Token and type malfunction Misfunction Is Software Malfunction an Oxymoron? Jesse Hughes July 25, 2007 Hughes Is Software Malfunction an Oxymoron? An introduction to malfunction Token and type malfunction

1.03k views • 81 slides
The war on error James Chapman University of Tartu Practicalities 4 weeks of 4 sessions per

The war on error James Chapman University of Tartu Practicalities 4 weeks of 4 sessions per

The war on error James Chapman University of Tartu Practicalities 4 weeks of 4 sessions per week Monday, 12.15-14.00 Tuesday, 16.15-18.00 Wednesday, 12.15-14.00 Thursday, 10.15-12.00 It will be assessed by 4 pieces of

1.01k views • 55 slides
Availability models Dr. Jnos Tapolcai tapolcai@tmit.bme.hu http://opti.tmit.bme.hu/~tapolcai/

Availability models Dr. Jnos Tapolcai tapolcai@tmit.bme.hu http://opti.tmit.bme.hu/~tapolcai/

Availability models Dr. Jnos Tapolcai tapolcai@tmit.bme.hu http://opti.tmit.bme.hu/~tapolcai/ / 1 Failure sources HW failures Network element failures Type failures Manufacturing or design failures Turns out at the testing

553 views • 31 slides
Operating System Vulnerabilities Erez Zadok ezk@cs.columbia.edu April 8, 1998 (version 4) 1 of

Operating System Vulnerabilities Erez Zadok ezk@cs.columbia.edu April 8, 1998 (version 4) 1 of

C S W 4 1 8 0 N e t w o r k S e c u r i t y Operating System Vulnerabilities Erez Zadok ezk@cs.columbia.edu April 8, 1998 (version 4) 1 of 30 COLUMBIA UNIVERSITY COMPUTER SCIENCE DEPARTMENT C S W 4 1 8 0 N e t w o r k S e c u r i t

830 views • 30 slides

More recommend