Network Security - The University of Texas at Dallas

Download Report

Transcript Network Security - The University of Texas at Dallas 

CS 6v81 - Network Security
Introduction
Course organization

Web:

Instructor:




www.utdallas.edu/~ksarac/netsec/
E-mail:
Office:
Phone:
Office Hours:
TA:



2
E-mail:
Office Hours:
Dr. Kamil Sarac
[email protected]
ECS South 4.207
972 883 2337
Monday (10am to 11am)
Monday (5:30pm to 6:30pm)
TBA
TBA
TBA
Course organization
E-Learning: I’ll use it to send e-mails, to post lectureslides,
homework announcements and grades; will also use it to
turn assignments in
Recommended textbook: Network Security, Private
Communication in a Public World, by Kaufman, Perlman,
Speciner, 2nd Edition.
Grading:





Two exams – each 30% of the grade
Homework assignments – 16% of the grade



3
Details – TBA
Programming project – 20% of the grade
Participation in hands on activities – 4% of the grade
Course organization
Topics (tentative):




Crypto tools and their use in various protocols,
Authentication,
Standards


Kerberos, PKI, IPsec, SSL/TLS,
TCP/IP security

Fundamental protocols in TCP/IP suite and related attacks
 ARP, IP, ICMP, TCP, UDP, etc.,

Protocols for network applications and their vulnerabilities






4
DNS, SMTP, Telnet, FTP, HTTP, web, e-mail
Wireless security,
Security of Internet routing (BGP security),
DoS attacks and counter measures,
Firewalls and Internet security,
…
Course organization
Hands on activities:


Hands on component of the course


A lab session where your will attack and defend


Basic attack life cycle exercises
More info later on during the semester
A 2-day long cyber game session where you will attack a server
system
Powerpoint slides:


Will post on e-Learning
Questions on course organization?

5
Network security in a nutshell
Computer networks are composed of hosts interconnected
by a communication infrastructure
The communication infrastructure’s task is to deliver traffic
between endpoints
Hosts provide services and store information
Users access services and exchange/store information
Need to assure:








Privacy/Confidentiality
Integrity/Consistency
Availability
in a distributed setting
6
Following slides modified from those of G. Vigna
The solution to network security
Strong authentication of both services and users
Reliable authorization/access control
Effective abuse control
Flawless protocols, infrastructure, operating systems, and
applications
Perfect policy
Perfect policy enforcement
…and every user is a security expert







7
The real world
Effective security protections are not deployed
Administrators do not keep up with vendor
updates/patches
Sites do not monitor or restrict access to their internal
hosts
Organizations do not devote enough staff/resources to
improve and maintain security (e.g., user education)
Sites do not implement policies (if they have one!)
Infrastructure service providers are driven by
market/service, not security
Users insist on using flawed applications (e.g., mail reader
that automatically execute attachments)







8
Goals

Understand network security issues





Networks
Network services and protocols
Applications
Learn about protection mechanisms and techniques
Learn about detection techniques
10
What is secure communication?
Alice
Message
Bob
1. Bob understands the message
2. Bob knows that message is sent by Alice and no one else
tampered it
3. Is privacy part of this?
Can others see the message?
Can we hide the fact that





11
Message is coming from Alice
Message is destined to Bob
Both of the above
What is secure communication?

What can go wrong?






Eavesdropping (passive)
Send/fabricate messages
Impersonate an address and lie in between
Replay recorded message
Modify a message in transit
Write malicious code and trick people to run it






12
Trojan horse – hidden instruction on a program
Virus – hidden instructions added on a program afterwards
Worm – a program that replaces itself by installing its copies
Trapdoor – undocumented entry point to a system
Logic bomb – malicious instructions triggered by an event
Zombie – malicious instructions remotely triggered over the network
The Internet





A network of networks
A network composed of a set of autonomous subnetworks
Open architecture
Different administrative domains with different and
possibly conflicting goals
Governments, companies, universities, organizations rely
on the Internet to perform mission-critical tasks
13
Ethics


Is hacking legal? NO!
Is it legal to discuss vulnerabilities and how they are
actually exploited? YES, provided that…



The goal is to educate and increase awareness
The goal is to teach how to build a more secure computing
environment
A full disclosure policy has been advocated by many
respected researchers provided that…


34
The information disclosed has been already distributed to the
parties that may provide a solution to the problem (e.g.,
vendors)
The ultimate goal is to prevent similar mistakes from being
repeated
UTD IR acceptable use policy

Check it out at
http://www.utdallas.edu/business/admin_manual/pdf/a51300.pdf
35