network security philosophy &...

2/24/15 Dr. Enis Karaarslan 1

Network SecurityPhilosophy & Introduction

Dr. Enis Karaarslan

Muğla University

Computer Engineering

Department

Netseclab.mu.edu.tr

2/24/15 Ar. Gör. Enis Karaaslan 2

SECURITYPHILOSPHY

2/24/15 Ar. Gör. Enis Karaaslan 3

Computer & Network Security has similarities with the security in normal life.

2/24/15 Ar. Gör. Enis Karaaslan 4

There is no such thing as %100 Security

2/24/15 Ar. Gör. Enis Karaaslan 5

Security at the gates only, is not enough

2/24/15 Ar. Gör. Enis Karaaslan 6

2/24/15 Ar. Gör. Enis Karaaslan 7

A chain is only as strong as its weakest link

As there is no %100 security …So give up?

A possible solution:Use more than one chain

2/24/15 Ar. Gör. Enis Karaaslan 8

MULTI LAYER SECURITY

2/24/15 Ar. Gör. Enis Karaaslan 9

2/24/15 Ar. Gör. Enis Karaaslan 10

Security x Usability

2/24/15 Ar. Gör. Enis Karaaslan 11

Value of Assets and Expenditures

What is the VALUE of your asset (data, prestige …)?

Keep in mind that Security expenditures should not be

greater than the value of the assets

2/24/15 Ar. Gör. Enis Karaaslan 12

Risk Analysis

Risk analysis is essential If the risk is too low, that/some

precaution(s) can be cancelled …

2/24/15 Ar. Gör. Enis Karaaslan 13

False Sense of Security

A “false sense of security” is worse than “a true sense of insecurity”.

Solution:Never think your system is secure.

2/24/15 Ar. Gör. Enis Karaaslan 14

No Template Which Suits All

There is no templates which suits all. There is a different solution for

different organizations• Different needs• Different assets

2/24/15 Ar. Gör. Enis Karaaslan 15

2/24/15 Ar. Gör. Enis Karaaslan 16

To win a war,one must know the way

Sun TzuThe Art of War

Security is a process, not a product.Bruce Schneier

2/24/15 Ar. Gör. Enis Karaaslan 17

MONITOR

The system should be monitored for intrusions

And immediate action should be taken at attacks

2/24/15 Ar. Gör. Enis Karaaslan 18

Warn The Attacker

2/24/15 Ar. Gör. Enis Karaaslan 19

Try to Buy time for …

Make attacking difficult for … • Discovery of the attack• Take measures

Make decryption difficult so that• The data is not valid or valuable any

more.

2/24/15 Ar. Gör. Enis Karaaslan 20

Network Awareness

Know your enemy (?) Know yourself,

• know your assets• know what to protect

Know your systems more than the attacker

2/24/15 Ar. Gör. Enis Karaaslan 21

FUNDAMENTALS

2/24/15 Ar. Gör. Enis Karaaslan 22

INFORMATION SYSTEM

Information System and Security

ATTACKER

VULNERABILITY

ATTACK

USERS

SECURITYMEASURES

Vulnerable Systems

The systems are vulnerable• Mainly because of bad coding• Must be patched (but can not be done

rapidly as they should)• False sense of security

2/24/15 Ar. Gör. Enis Karaaslan 24

A vulnerability timeline …

The Attacker/Intruder

The attacker can be called as:Lamer, intruder, attacker … (wrongly used as hacker also)

Also secret organizations? Also companies(serious antivirus/defence economy)

2/24/15 Ar. Gör. Enis Karaaslan 26

2/24/15 Ar. Gör. Enis Karaaslan 27

Hacker /Lamer /Attacker …

Hacker is used as attacker/lamer, in the meaning:

The intruder, who gets in your system and intends to use for his/her own aims.

2/24/15 Ar. Gör. Enis Karaaslan 28

The Attacker

The attackers strength is Dedication• Will not stop until he/she gets in• Can use the computer for days long sleepless• Knows the vulnerabilities of systems

2/24/15 Ar. Gör. Enis Karaaslan 29

2/24/15 Ar. Gör. Enis Karaaslan 30

Network Security Assets

Network Security Overall• Network Awareness• Firewall, Intrusion Detection Systems … etc• More …

Host (Computer/Server/NW Device) Security• Physical Security

• OS and Application Security• User Management

Encryption

2/24/15 Ar. Gör. Enis Karaaslan 31

Firewall

2/24/15 Ar. Gör. Enis Karaaslan 32

Firewall Basics

Rule based access control between networks.

Software/hardware based Architecture

• Static Packet Filtering• Dynamic Packet Filtering (Statefull

inspection)• Application Level Protection

Logging and alert capabilities

2/24/15 Ar. Gör. Enis Karaaslan 33

Encryption

Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people.

(Encryption x Decryption)

2/24/15 Ar. Gör. Enis Karaaslan 34

Encryption Two different methods (according to key use)

• Conventional– Two keys are the same• Asymetric – (Public Key Encryption) –

Key pair (public, private)

2/24/15 Ar. Gör. Enis Karaaslan 35

Encryption

To decyrpt an encrypted data• How much time?• How much Processing (Computing power)?

The science which deals with encryption is Cryptology

2/24/15 Ar. Gör. Enis Karaaslan 36

END OF THE SESSION

Dr. Enis Karaaslanenis.karaarslan@mu.edu.tr