Transcript Network Security and Security in Industry

Network Security and
Security in Industry
Paul Curtis
Road Map
Brief History of Network Security
 Some Significant Problems in Network
Security
 Traditional Methods of Network Security
 Methods to improve network security and
our policies
 The Future of Network Security

Some History
1960s – Students as first ‘hackers’
 1970s – Phone ‘phreaking’
 1980s – Various virus types appear
 1986 – Computer Fraud and Abuse Act
 1990s – More complex virus types
 1995 – Kevin Mitnick hacked government
 1997 – AOL hacked
 2000s – DoS Attacks, Worm viruses

Some Significant Problems

Possible Consequences of Vulnerabilities
– Webcam access
– Microphone access
– Trojan access
– Security of sensitive data
– Personal Privacy
– Theft of copyrighted material
– Theft of trade secrets
Traditional Methods

Authentication
– User names
– Passwords

Protection
– Anti-virus programs
– Firewalls
– Internet security suites
Improving Network Security
Google Chrome
 Focused on Three Key Factors

– Severity of vulnerabilities
 Improved defenses between the browser and the
OS
– Window of vulnerability
 Made updates easier and more painless to install
– Frequency of Exposure
 Increased attempts to warn users before they
access a malicious site
Improving Network Security



No One Solution
Security must be constantly strived for
Things to Consider
– Take into consideration the skill, motivation,
and opportunity of attacks


Require more skill to be hacked
Reduce the opportunity that an attacker has
– Put oneself in the shoes of an attacker
Improving Network Security
Implement Security Measures on both
network devices as well as on end-user
machines
 Use of Encryption in both the end-user
machine and network devices
 Consistent internet security advances and
updates

The Future
Psychological Profiling
 Standardizing Biometric Implementation

– Linguistic Analysis
– Fingerprint scanners
– Iris Recognition
– Facial Recognition
– Typing Rhythm
– Use of combined biometric technologies
The Future

Artificial Intelligence could provide instant
alerts about possible attacks
– Use of Gatekeepers as Monitors
– Track blocked and failed connections for
investigation
– Detect odd or unexpected behavior on a
legitimate user’s account
Review
Brief History of Network Security
 Traditional Methods of Network Security
 Methods to improve network security and
our policies
 The Future of Network Security

Sources




Lacey, David. "The future of network security." The future of
network
security. NetworkWorld.com. Web. 18 Feb. 2010.
<http://www.networkworld.com/columnists/2008/013008jericho-network-security.html>.
Mallard, Steve. "The History behind Network Security." The History
behind Network Security. Bright Hub. Web. 18 Feb. 2010.
<http://www.brighthub.com/computing/smbsecurity/articles/4779.aspx>.
Reis, Charles, Adam Barth, and Carlos Pizano. "Browser Security:
Lessons from Google Chrome." ACM Queue 7.5 (2009).
Browser Security - ACM Queue. ACM. Web. 18 Feb.
2010.<http://queue.acm.org/detail.cfm?id=1556050>.
Wadlow, Thomas. "The Answer is 42 of Course." ACM
Queue
3.5 (2005). The Answer is 42 of Course ACM Queue.
ACM.
Web. 18 Feb. 2010.
<http://queue.acm.org/detail.cfm?id=1071727>.
Questions?