network security
play

Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor - PowerPoint PPT Presentation

Nov 29, 2023 •215 likes •447 views

Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor Institute of Information Technology (IIT), University of Dhaka (DU) shafiul@du.ac.bd December 10, 2017 M S A Khan (IIT, DU) Network Security December 10, 2017 1 / 23

  1. Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor Institute of Information Technology (IIT), University of Dhaka (DU) shafiul@du.ac.bd December 10, 2017 M S A Khan (IIT, DU) Network Security December 10, 2017 1 / 23

  2. Outline Goal of Network Security 1 Secure Socket Layer (SSL) 2 Public Key Infrastructure (PKI) 3 Browser Security 4 Different Network Attacks 5 Conclusion 6 M S A Khan (IIT, DU) Network Security December 10, 2017 2 / 23

  3. Goal of Network Security Outline Goal of Network Security 1 Secure Socket Layer (SSL) 2 Public Key Infrastructure (PKI) 3 Browser Security 4 Different Network Attacks 5 Conclusion 6 M S A Khan (IIT, DU) Network Security December 10, 2017 3 / 23

  4. Goal of Network Security Goal of Network Security Properties Confidentiality Integrity Availability OR Authentication protecting the information from disclosure to unauthorized parties protecting information from being modified by unauthorized parties ensuring that authorized parties are able to access the information when needed The CIA triad is a very fundamental concept in security. However, it has been suggested that the CIA triad is not enough. M S A Khan (IIT, DU) Network Security December 10, 2017 4 / 23

  5. Secure Socket Layer (SSL) Outline Goal of Network Security 1 Secure Socket Layer (SSL) 2 Public Key Infrastructure (PKI) 3 Browser Security 4 Different Network Attacks 5 Conclusion 6 M S A Khan (IIT, DU) Network Security December 10, 2017 5 / 23

  6. Secure Socket Layer (SSL) Secure Socket Layer (SSL) Widely deployed security protocol Variation: TLS— transport layer security (RFC 2246) Provide confidentiality,integrity, and authentication Available to all TCP applications M S A Khan (IIT, DU) Network Security December 10, 2017 6 / 23

  7. Secure Socket Layer (SSL) SSL/TLS M S A Khan (IIT, DU) Network Security December 10, 2017 7 / 23

  8. Secure Socket Layer (SSL) How SSL Works Handshake: Alice and Bob use their certificates, private keys to authenticate each other and exchange shared secret Key derivation: Alice and Bob use shared secret to derive set of keys Data transfer: data to be transferred is broken up into series of records Connection closure: special messages to securely close connection M S A Khan (IIT, DU) Network Security December 10, 2017 8 / 23

  9. Secure Socket Layer (SSL) SSL Cipher Suite Cipher suite contains – Public-key algorithm, for example, RSA Symmetric encryption algorithm, for example, 3DES, AES, RC4, RC5 MAC algorithm SSL supports several cipher suites Negotiation: client, server agree on cipher suite. For example, client offers choice server picks one M S A Khan (IIT, DU) Network Security December 10, 2017 9 / 23

  10. Public Key Infrastructure (PKI) Outline Goal of Network Security 1 Secure Socket Layer (SSL) 2 Public Key Infrastructure (PKI) 3 Browser Security 4 Different Network Attacks 5 Conclusion 6 M S A Khan (IIT, DU) Network Security December 10, 2017 10 / 23

  11. Public Key Infrastructure (PKI) Public Key Infrastructure (PKI) Features Provides a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates Manage public-key encryption M S A Khan (IIT, DU) Network Security December 10, 2017 11 / 23

  12. Public Key Infrastructure (PKI) Public Key Infrastructure (PKI) Application In network, PKI allows for the centralization of network authentication Authentication of client systems using SSL (Secure Socket Layer) signatures or encryption in web browser. Other applications include the transmission of authenticated email messages using S/MIME (Secure/Multi-purpose Internet Mail Extensions), OpenPGP (Open Pretty Good Privacy) and other technologies M S A Khan (IIT, DU) Network Security December 10, 2017 12 / 23

  13. Browser Security Outline Goal of Network Security 1 Secure Socket Layer (SSL) 2 Public Key Infrastructure (PKI) 3 Browser Security 4 Different Network Attacks 5 Conclusion 6 M S A Khan (IIT, DU) Network Security December 10, 2017 13 / 23

  14. Browser Security Browser Finger Printing Browser Finger Printing Discuss a recent paper M S A Khan (IIT, DU) Network Security December 10, 2017 14 / 23

  15. Browser Security Integrated Java Script Power of Java Script to Do Nasty Staffs Group Discussion M S A Khan (IIT, DU) Network Security December 10, 2017 15 / 23

  16. Different Network Attacks Outline Goal of Network Security 1 Secure Socket Layer (SSL) 2 Public Key Infrastructure (PKI) 3 Browser Security 4 Different Network Attacks 5 Conclusion 6 M S A Khan (IIT, DU) Network Security December 10, 2017 16 / 23

  17. Different Network Attacks Spoofing Spoofing A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data, thereby gaining an illegitimate advantage What are the possible ways to implement this attack? M S A Khan (IIT, DU) Network Security December 10, 2017 17 / 23

  18. Different Network Attacks Reflection Attack Reflection Attack A reflection attack is a method of attacking a challenge-response authentication system that uses the same protocol in both directions. That is, the same challenge-response protocol is used by each side to authenticate the other side. How to prevent such attack? For example, use of nonce or time-stamp M S A Khan (IIT, DU) Network Security December 10, 2017 18 / 23

  19. Different Network Attacks Distributed Denial of Service Attack (DDOS) DDOS DOS attack in distributed nature How to prevent such attack? For example, Monitoring M S A Khan (IIT, DU) Network Security December 10, 2017 19 / 23

  20. Different Network Attacks Botnet Botnet A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allow the attacker access to the device and its connection. M S A Khan (IIT, DU) Network Security December 10, 2017 20 / 23

  21. Conclusion Outline Goal of Network Security 1 Secure Socket Layer (SSL) 2 Public Key Infrastructure (PKI) 3 Browser Security 4 Different Network Attacks 5 Conclusion 6 M S A Khan (IIT, DU) Network Security December 10, 2017 21 / 23

  22. Conclusion Conclusion Discuss the required security service in a network Discuss TLS/SSL Discuss Browser security issues Discuss different network attacks M S A Khan (IIT, DU) Network Security December 10, 2017 22 / 23

  23. M S A Khan (IIT, DU) Network Security December 10, 2017 23 / 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

374 views • 13 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

932 views • 55 slides
Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

1.12k views • 92 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 3 Network Protocol Attacks Roadmap Network security The basic objectives: CIA

1.68k views • 39 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 3 Network Protocol Attacks Roadmap Network security The

502 views • 39 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #2 Aug 25 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Economist Survey Please read it Main points Security is a MUCH

600 views • 27 slides
TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Eike Ritter Network Security -

881 views • 38 slides
13 - Computer Security Network Security 1 Context

13 - Computer Security Network Security 1 Context

13 - Computer Security Network Security 1 Context Computers connected in a network - but also: smartphones, fridges, IoT devices, Each device has an IP address Packets are routed via

771 views • 51 slides
Re Re-thinking Ne Network Security in the Presence of Unknown Ne Network Elements Soo-Jin Moon

Re Re-thinking Ne Network Security in the Presence of Unknown Ne Network Elements Soo-Jin Moon

Re Re-thinking Ne Network Security in the Presence of Unknown Ne Network Elements Soo-Jin Moon 4 th year Ph.D. Student Carnegie Mellon University Advisor: Vyas Sekar Research Area: Network Security A Vulnerable Network! Networks: explosion

583 views • 7 slides
CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall 2015 Southeastern Security for Enterprise and Infrastructure (SENSEI) Center Reminders Poster showcase next Monday For final project: turn

533 views • 34 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #13 Oct 11 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Quiz #2 later today Allocate last 30 mins No Class

488 views • 30 slides
Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of Theoretical Computer Science ETH Zrich on joint work with R. Knzler, J. Mller-Quade, C. Lucas, U. Maurer, M. Fitzi Metaguse, 2009/10/04 Multi-Party

1.04k views • 83 slides
Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem Frank Cangialosi, Taejoong

Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem Frank Cangialosi, Taejoong

Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem Frank Cangialosi, Taejoong Chung, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, Christo Wilson How do we know with whom we are communicating? How do we know

1.21k views • 119 slides
M M 4. PKIX 7. peer 2 peer 8. Identity 5. Cross Certification 2. Ingredients 6. Trust

M M 4. PKIX 7. peer 2 peer 8. Identity 5. Cross Certification 2. Ingredients 6. Trust

Rglements LDAPS europens Services de X.509 Rseau de con fi ance Direc ves X.509 lemployeur PKI architectures: references X.509 eIDAS AC AC @ Prestataires e-gouv Commerant X.509 X.509 en ligne FOUNDATIONS RGS

438 views • 16 slides
MQ Signatures for PKI June 2017 Alan Szepieniec , Ward Beullens, Bart Preneel 1/17 New Hope Key

MQ Signatures for PKI June 2017 Alan Szepieniec , Ward Beullens, Bart Preneel 1/17 New Hope Key

MQ Signatures for PKI June 2017 Alan Szepieniec , Ward Beullens, Bart Preneel 1/17 New Hope Key Exchange Post-Quantum KX based on RLWE USENIX 2016 2/17 New Hope Key Exchange Post-Quantum KX based on RLWE USENIX 2016

586 views • 54 slides
Enterprise Storage Architecture Fall 2018 Storage Efficiency Tyler Bletsch Duke University Two

Enterprise Storage Architecture Fall 2018 Storage Efficiency Tyler Bletsch Duke University Two

ECE590-03 Enterprise Storage Architecture Fall 2018 Storage Efficiency Tyler Bletsch Duke University Two views of file system usage User data view: How large are my files? (bytes -used metric) or How much capacity am I

485 views • 35 slides
Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa)

Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa)

Lecture 14 Review Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa) November 28, 2017 1 / 27 Lecture 14 Overview This time Method of types Universal source coding Large deviation theory S. Cheng

1.66k views • 133 slides
From Sorting to Heaps to Compression Data Compression video on demand/set top box jpeg

From Sorting to Heaps to Compression Data Compression video on demand/set top box jpeg

From Sorting to Heaps to Compression Data Compression video on demand/set top box jpeg in browsers gzip, pkzip, compress, zip, ... for files (stacker?) Lossy compression, Lossless compression Huffman coding possible to

275 views • 6 slides
Finite-State Methods in Natural-Language Processing: 1Motivation Ronald M. Kaplan and

Finite-State Methods in Natural-Language Processing: 1Motivation Ronald M. Kaplan and

Finite-State Methods in Natural-Language Processing: 1Motivation Ronald M. Kaplan and Martin Kay Motivation 1 Finite-State Methods in Language Processing The Application of a branch of mathematics The regular branch of automata

818 views • 43 slides

More recommend