network security philosphy introduction
play

Network Security Philosphy & Introduction Dr. Enis Karaarslan - PowerPoint PPT Presentation

Sep 03, 2023 •346 likes •779 views

Network Security Philosphy & Introduction Dr. Enis Karaarslan Mula University Computer Engineering Department 4/30/15 Dr. Enis Karaarslan 1 4/30/15 Ar. Gr. Enis Karaaslan 2 SECURITY PHILOSPHY 4/30/15 Ar. Gr. Enis Karaaslan

  1. Network Security Philosphy & Introduction Dr. Enis Karaarslan Muğla University Computer Engineering Department 4/30/15 Dr. Enis Karaarslan 1

  2. 4/30/15 Ar. Gör. Enis Karaaslan 2

  3. SECURITY PHILOSPHY 4/30/15 Ar. Gör. Enis Karaaslan 3

  4.  Computer & Network Security has similarities with the security in normal life. 4/30/15 Ar. Gör. Enis Karaaslan 4

  5. There is no such thing as %100 Security 4/30/15 Ar. Gör. Enis Karaaslan 5

  6. Security at the gates only, is not enough 4/30/15 Ar. Gör. Enis Karaaslan 6

  7. A chain is only as strong as its weakest link 4/30/15 Ar. Gör. Enis Karaaslan 7

  8. As there is no %100 security … So give up? A possible solution: Use more than one chain 4/30/15 Ar. Gör. Enis Karaaslan 8

  9. MULTI LAYER SECURITY 4/30/15 Ar. Gör. Enis Karaaslan 9

  10. 4/30/15 Ar. Gör. Enis Karaaslan 10

  11. Security x Usability 4/30/15 Ar. Gör. Enis Karaaslan 11

  12.  Keep in mind that  When Security measures increase,  Usability decrease 4/30/15 Ar. Gör. Enis Karaaslan 12

  13. Value of Assets and Expenditures ● What is the VALUE of your asset (data, prestige …)? ● Keep in mind that ● Security expenditures should not be greater than the value of the assets 4/30/15 Ar. Gör. Enis Karaaslan 13

  14. Risk ... Smoking in the oil station … %99 percent nothing happens … %1 ... 4/30/15 Ar. Gör. Enis Karaaslan 14

  16. Risk ...

  17. It's discipline anyway … :)

  18. Mitigate (azaltmak) Risk

  19. Risk Analysis ● Risk analysis is essential ● If the risk is too low, that/some precaution(s) can be cancelled … 4/30/15 Ar. Gör. Enis Karaaslan 19

  20. False Sense of Security  A “false sense of security” is worse than “a true sense of insecurity”.  Solution: Never think your system is secure. 4/30/15 Ar. Gör. Enis Karaaslan 20

  21. No Template Which Suits All  There is no templates which suits all.  There is a different solution for different organizations • Different needs • Different assets 4/30/15 Ar. Gör. Enis Karaaslan 21

  22. To win a war, one must know the way Sun Tzu The Art of War 4/30/15 Ar. Gör. Enis Karaaslan 22

  23. Security is a process, not a product. Bruce Schneier 4/30/15 Ar. Gör. Enis Karaaslan 23

  24. MONITOR  The system should be monitored for intrusions  And immediate action should be taken at attacks 4/30/15 Ar. Gör. Enis Karaaslan 24

  25. Warn The Attacker 4/30/15 Ar. Gör. Enis Karaaslan 25

  26. Network Awareness  Know your enemy (?)  Know yourself, • know your assets • know what to protect  Know your systems more than the attacker 4/30/15 Ar. Gör. Enis Karaaslan 26

  27. Eğer bu kadar kötü yazılım güvenliğine sahip olmasaydık, Bu kadar çok ağ güvenliğine ihtiyacımız olmayacaktı Bruce Schneier

  28. (Web) Application Security ● Security by Design ● Secure coding ● And others ...

  29. FUNDAMENTALS 4/30/15 Ar. Gör. Enis Karaaslan 29

  30. Information System and Security ATTACK SECURITY ATTACKER MEASURES VULNERABILITY USERS INFORMATION SYSTEM

  31. Vulnerable Systems  The systems are vulnerable • Mainly because of bad coding • Must be patched (but can not be done rapidly as they should) • False sense of security 4/30/15 Ar. Gör. Enis Karaaslan 31

  32. A vulnerability timeline …

  33. The Attacker/Intruder  The attacker can be called as: Lamer, intruder, attacker … (wrongly used as hacker also)  Also secret organizations?  Also companies (serious antivirus/defence economy) 4/30/15 Ar. Gör. Enis Karaaslan 33

  34. Hacker /Lamer /Attacker … Hacker is used as attacker/lamer, in the meaning: The intruder, who gets in your system and intends to use for his/her own aims. 4/30/15 Ar. Gör. Enis Karaaslan 34

  35. The Attacker  The attackers strength is Dedication • Will not stop until he/she gets in • Can use the computer for days long sleepless • Knows the vulnerabilities of systems 4/30/15 Ar. Gör. Enis Karaaslan 35

  36. 4/30/15 Ar. Gör. Enis Karaaslan 36

  37. Network Security Assets  Network Security Overall • Network Awareness • Firewall, Intrusion Detection Systems … etc • More …  Host (Computer/Server/NW Device) Security • Physical Security • OS and Application Security • User Management  Encryption 4/30/15 Ar. Gör. Enis Karaaslan 37

  38. Firewall 4/30/15 Ar. Gör. Enis Karaaslan 38

  39. Firewall Basics  Rule based access control between networks.  Software/hardware based  Architecture • Static Packet Filtering • Dynamic Packet Filtering (Statefull inspection) • Application Level Protection  Logging and alert capabilities 4/30/15 Ar. Gör. Enis Karaaslan 39

  40. Encryption  Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. (Encryption x Decryption) 4/30/15 Ar. Gör. Enis Karaaslan 40

  41. Encryption  Two different methods (according to key use) • Conventional– Two keys are the same • Asymetric – ( Public Key Encryption ) – Key pair (public, private) 4/30/15 Ar. Gör. Enis Karaaslan 41

  42. Encryption  To decyrpt an encrypted data • How much time? • How much Processing (Computing power)?  The science which deals with encryption is Cryptology 4/30/15 Ar. Gör. Enis Karaaslan 42

  43. END OF THE SESSION Dr. Enis Karaaslan enis.karaarslan@mu.edu.tr 4/30/15 Ar. Gör. Enis Karaaslan 43

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

966 views • 40 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics WWW HTTP: Hyper Text Transfer Protocol HTTP Security HTML Protocol HTML Security

1.09k views • 74 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

1.01k views • 80 slides
Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Protocol Functions OSI model

743 views • 38 slides
Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics TCP Layer Responsible for reliable end-to-end transfer of application data.

632 views • 32 slides
Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics The network layer IP V4 BOOTP & DHCP IP V6 Common IP countermeasures Dr.

1.88k views • 152 slides
Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Key terms Protocol

464 views • 19 slides
Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows FTP General Countermeasures

1.48k views • 104 slides
Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows X-Windows FTP General

765 views • 52 slides
our philosphy READY TO WEAR Al w a ys focused on new trends, re- search and innov ation our

our philosphy READY TO WEAR Al w a ys focused on new trends, re- search and innov ation our

San Babila M Modern Wearing Camera Nazionale Excelsior Milano della Moda Italiana Duomo M1 M Modern Showroom Duomo M3 M SERVICES FOR BUYERS FOR COMPANIES our philosphy READY TO WEAR Al w a ys focused on new trends, re- search and

352 views • 32 slides
INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics The Internet Addressing Client Server Routing Dr. Doug Jacobson - Introduction to 2 Network

940 views • 24 slides
More advanced application techniques, using Swift about this talk Talk about project that I

More advanced application techniques, using Swift about this talk Talk about project that I

More advanced application techniques, using Swift about this talk Talk about project that I spend most of my time working on: Swift Use that to introduce some more general concepts in describing applications and in executing

1.61k views • 64 slides
Introduction to Security Course Introduction Ming Chow (mchow@cs.tufts.edu) Twitter: @0xmchow

Introduction to Security Course Introduction Ming Chow (mchow@cs.tufts.edu) Twitter: @0xmchow

Introduction to Security Course Introduction Ming Chow (mchow@cs.tufts.edu) Twitter: @0xmchow What This Course Is NOT Hack all things Be an 31337 h4x0r ( leet speek for elite hacker) Introduction to Cryptography Save

382 views • 16 slides
Neutrino physics D.Duchesneau Neutrino activities since 2013 Scientific program for

Neutrino physics D.Duchesneau Neutrino activities since 2013 Scientific program for

Neutrino physics D.Duchesneau Neutrino activities since 2013 Scientific program for 2018-2028 SuperNEMO ENIGMASS General meeting April 28 th 2017 1 Neutrinos: The neutrino properties are less well tested than for quarks and

686 views • 34 slides
KLCCP Stapled Group Financial Results 3 rd Quarter ended 30 Sep 2017 13 Nov 2017 Disclaimer

KLCCP Stapled Group Financial Results 3 rd Quarter ended 30 Sep 2017 13 Nov 2017 Disclaimer

KLCCP Stapled Group Financial Results 3 rd Quarter ended 30 Sep 2017 13 Nov 2017 Disclaimer These materials contain historical information of the Company which should not be regarded as an indication of future performance or results. These

707 views • 24 slides
IP over LAN Service (IPLS) Himanshu Shah Tenor Networks K Arvind Eric Rosen

IP over LAN Service (IPLS) Himanshu Shah Tenor Networks K Arvind Eric Rosen

IP over LAN Service (IPLS) Himanshu Shah Tenor Networks K Arvind Eric Rosen Giles Heron Francois Le Faucheur Vasile Radoaca 1 IPLS Service IPLS Service: IP-Only LAN Service Ethernet

228 views • 8 slides
Hybrid Virtual Private LAN <draft-lee-ppvpn-hybrid-vpls-00.txt> Contributors:

Hybrid Virtual Private LAN <draft-lee-ppvpn-hybrid-vpls-00.txt> Contributors:

Hybrid Virtual Private LAN <draft-lee-ppvpn-hybrid-vpls-00.txt> Contributors: Cheng-Yin.Lee@alcatel.com, Sasha.Cirkovic@alcatel.com, Jeremy.deClercq@alcatel.be Muneyoshi Suzuki suzuki.muneyoshi@lab.ntt.co.jp Siamack Ayandeh

533 views • 14 slides
LAN Measurement Carey Williamson Department of Computer Science University of Calgary LAN

LAN Measurement Carey Williamson Department of Computer Science University of Calgary LAN

CPSC 641: LAN Measurement Carey Williamson Department of Computer Science University of Calgary LAN Traffic Measurements Some of the first network traffic measurement papers were for measurements done on Ethernet local area networks

696 views • 7 slides
192620010 Mobile & Wireless Networking Lecture 7: Wireless LAN [Schiller, Section 7.3]

192620010 Mobile & Wireless Networking Lecture 7: Wireless LAN [Schiller, Section 7.3]

192620010 Mobile & Wireless Networking Lecture 7: Wireless LAN [Schiller, Section 7.3] [Reader, Part 6] [ Optional: "IEEE 802.11n Development: History, Process, and Technology", Perahia, IEEE Communications Magazine, July 2008 ]

880 views • 36 slides

More recommend