internet security -justina ekundayo
Post on 14-Apr-2018
230 Views
Preview:
TRANSCRIPT
-
7/30/2019 Internet Security -Justina Ekundayo
1/28
NETWORK SECURITY
Justina Ekundayo
-
7/30/2019 Internet Security -Justina Ekundayo
2/28
2
PRESENTATION OBJECTIVES
Understand information security services
Be aware of vulnerabilities and threats
Realize why network security is necessary
What are the elements of a comprehensivesecurity program
-
7/30/2019 Internet Security -Justina Ekundayo
3/28
3
What is Network Security?Network security consists of the provisions
and policies adopted by a networkadministrator to prevent and monitorunauthorized access, misuse, modification,or denial of a computer network and
network-accessible resources.
It addresses the vulnerabilities to which your
organization is exposed as a consequence ofbeing connectedto a network.
-
7/30/2019 Internet Security -Justina Ekundayo
4/28
4
Whos vulnerable?
Everyone in your organization who uses computers ornetworks in the process of doing their job. Everyone in your organization who is affected by the
information stored in computers. Outsiders who rely on your organization your
customers, the public. Both Servers and End-Users are subject to attack.
Web servers, E-mail servers, File servers, Communications servers,Network devices
End-users receiving e-mail, visiting web sites, downloading files,
participating in online servicesYou are exposed to network security threats by:
Using e-mail (e.g. viruses, worms) Using web-browsers (e.g. malicious applets and scripts) Simply being connected to the network (protocol hacks, breaking
and entering)
-
7/30/2019 Internet Security -Justina Ekundayo
5/28
5
Whos vulnerable?From 2000 CSI/FBI Computer Crime and Security Survey of 643
US Organizations
90% of respondents detected computer security breaches
w/in last 12 months
74% acknowledged financial losses due to computer
breaches 70% reported a variety of serious computer security
breaches other than viruses, laptop theft, or net abuse
Quantified financial losses from 273 respondents totaled
$265,589,940
-
7/30/2019 Internet Security -Justina Ekundayo
6/28
6
Whos vulnerable?
20-year-old man arrested for breaking into two computers of
NASAs Jet Propulsion Laboratory.
Hacking started in 1998
One computer was used to host chat room devoted to hackingThousands of usernames and passwords were stolen
Reuters News, July 12, 2000
Hacker boosted stock price by posting fake merger pressreleaseA hacker boosted the stock of Aastrom Biosciences by 6.5% by
posting a fake press release on the company's Web siteannouncing a merger with California biopharmaceuticalcompany Geron.
Reuters News, Feb. 17, 2000
-
7/30/2019 Internet Security -Justina Ekundayo
7/28
7
Information Security Services
Confidentiality
Integrity
Authentication
Nonrepudiation
Access Control
Availability
-
7/30/2019 Internet Security -Justina Ekundayo
8/28
8
Information Security Services
Confidentiality Maintaining the privacy of data
Integrity Detecting that the data is not tampered with
Authentication Establishing proof of identity
Nonrepudiation Ability to prove that the sender actually sent the data
Access Control Access to information resources are regulated
Availability Computer assets are available to authorized parties when needed
-
7/30/2019 Internet Security -Justina Ekundayo
9/28
9
Collection of networks that communicatewith a common set of protocols (TCP/IP)
Collection of networks with
no central control no central authority
no common legal oversight orregulations
no standard acceptable use policy
wild west atmosphere
What Is The Internet?
-
7/30/2019 Internet Security -Justina Ekundayo
10/28
10
Why Is Internet Security a
Problem? Security not a designconsideration
Implementing change isdifficult
Openness makes
machines easy targets Increasing complexity
-
7/30/2019 Internet Security -Justina Ekundayo
11/28
11
Security Incidents are Increasing
Sophisticationof Hacker Tools
19901980
TechnicalKnowledgeRequired
High
Low 2000 -from Cisco Systems
-
7/30/2019 Internet Security -Justina Ekundayo
12/28
12
Common Network Security
Problems Network eavesdropping
Malicious Data Modification
Address spoofing (impersonation)
Man in the Middle (interception)
Denial of Service attacks
Application layer attacks
-
7/30/2019 Internet Security -Justina Ekundayo
13/28
13
Internet Security?
Spoofing
Replay Attack
-
7/30/2019 Internet Security -Justina Ekundayo
14/28
14
Problem is Worsening
60000
50000
40000
30000
20000
10000
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
Jerusalem
Tequila
Michelangelo
Good Times
Melissa &ILOVEYOU
Anna Kournikova
Code Red
Nimba
Badtrans
Source: CERT
Coordination Center
Carnegie Mellon
-
7/30/2019 Internet Security -Justina Ekundayo
15/28
15
VIRUSES
Risk Threat Discovered Protection
TROJ_SIRCAM.A New !! Latest DAT
W32.Navidad 11/03/2000 11/06/2000W95.MTX 8/17/2000 8/28/2000W32.HLLW.QAZ.A 7/16/2000 7/18/2000VBS.Stages.A 6/16/2000 6/16/2000VBS.LoveLetter 5/04/2000 5/05/2000VBS.Network 2/18/2000 2/18/2000
Wscript.KakWorm 12/27/1999 12/27/1999W32.Funlove.4099 11/08/1999 11/11/1999PrettyPark.Worm 6/04/1999 6/04/1999Happy99.Worm 1/28/1999 1/28/1999
http://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.htmlhttp://www.symantec.com/avcenter/threat.severity.html -
7/30/2019 Internet Security -Justina Ekundayo
16/28
16
Consider that
90% of companies detected computersecurity breaches in the last 12 months
59% cited the Internet as the most
frequent origin of attack
74% acknowledged financial lossesdue to computer breaches
85% detected computer virusesSource: Computer Security Institute
-
7/30/2019 Internet Security -Justina Ekundayo
17/28
17
WHO ARE THE OPPONENTS?
49% are inside employees onthe internal network
17% come from dial-up (stillinside people)
34% are from Internet or anexternal connection to anothercompany of some sort
HACKERS
-
7/30/2019 Internet Security -Justina Ekundayo
18/28
The Need for Web Security 18
HACKER MOTIVATIONS
Money, profit Access to additional resources
Experimentation and desire tolearn
Gang mentality
Psychological needs
Self-gratification
Personal vengeance Emotional issues
Desire to embarrass the target
-
7/30/2019 Internet Security -Justina Ekundayo
19/28
19
SANS Five Worst Security MistakesEnd Users Make
1. Opening unsolicited e-mail attachments withoutverifying their source and checking their contentfirst.
2. Failing to install security patches-especially for
Microsoft Office, Microsoft Internet Explorer, andNetscape.
3. Installing screen savers or games from unknownsources.
4. Not making and testing backups.5. Using a modem while connected through a localarea network.
-
7/30/2019 Internet Security -Justina Ekundayo
20/28
20
SECURITY COUNTERMEASURES
THREE PHASE APPROACH
PROTECTION
DETECTION
RESPONSE
-
7/30/2019 Internet Security -Justina Ekundayo
21/28
The Need for Web Security 21
How do we protect ourselves?
VPN technologies
Access Control Who can talk to us through the network?
Authentication
How do we know you're who you say you are?
Integrity How can we guarantee that what we receive is
what you sent?
Confidentiality
How can we guarantee that no one else can readthis information?
-
7/30/2019 Internet Security -Justina Ekundayo
22/28
22
Intrusion Detection Systems Suspicious Pattern Detection
Looks for known patterns of types of trafficthat are common to electronically "casing thejoint"
Bit Pattern Signature Detection Looks for known signatures of attacks
Anomaly Detection - the AI approach Monitors network for a period of time to
establish a statistical norm for traffic on the
network. Generates alarms when abnormaltraffic occurs
How do we protect ourselves?
-
7/30/2019 Internet Security -Justina Ekundayo
23/28
23
ELEMENTS OF A COMPREHENSIVESECURITY PROGRAM
Have Good Passwords
Use Good Antiviral Products
Use Good Cryptography
Have Good Firewalls
Have a Backup System
Audit and Monitor Systems and Networks
Have Training and Awareness Programs
Test Your Security Frequently
-
7/30/2019 Internet Security -Justina Ekundayo
24/28
24
Firewall
Visible
IP
Address
Internal
Network
PC Servers
Host
A system or group of systems that enforces an access control
policy between two networks.
-
7/30/2019 Internet Security -Justina Ekundayo
25/28
25
CRYPTOGRAPHY
Necessity is the mother of invention, andcomputer networks are the mother of moderncryptography.
Ronald L. Rivest
Symmetric Key Cryptography
Public Key Cryptography
Digital Signatures
-
7/30/2019 Internet Security -Justina Ekundayo
26/28
The Need for Web Security 26
-
7/30/2019 Internet Security -Justina Ekundayo
27/28
27
References
Reputable sites
www.hackingexposed.com
www.securityfocus.com
Questionable sites
www.because-we-can.com
www.digicrime.com
www.insecure.org
http://www.hackingexposed.com/http://www.securityfocus.com/http://www.because-we-can.com/http://www.digicrime.com/http://www.insecure.org/http://www.insecure.org/http://www.digicrime.com/http://www.because-we-can.com/http://www.because-we-can.com/http://www.because-we-can.com/http://www.because-we-can.com/http://www.because-we-can.com/http://www.securityfocus.com/http://www.hackingexposed.com/ -
7/30/2019 Internet Security -Justina Ekundayo
28/28
28
THANK YOU
I have questions
top related