Cybersecurity Lecture Notes PDF
Document Details
Uploaded by PortableAgate944
Hofstra University
Rabie A. Ramadan
Tags
Summary
These lecture notes provide a course description and overview of cybersecurity. They cover topics like network security, protocols, and different types of attacks. The document includes references to important texts and provides useful links for further study.
Full Transcript
CYBERSECURITY Rabie A. Ramadan CYBERSECURITY 2 COURSE DESCRIPTION Survey of current issues, techniques, software, hardware and architectures related to network security. Examination of the protocols used for Internet services, their vulnerabilities and how the...
CYBERSECURITY Rabie A. Ramadan CYBERSECURITY 2 COURSE DESCRIPTION Survey of current issues, techniques, software, hardware and architectures related to network security. Examination of the protocols used for Internet services, their vulnerabilities and how they can be secured. Analysis of firewall design, cryptographic techniques, intrusion detection, port scanning, viruses, trojan horses and denial of services attacks. Basic principles of secure networking and3 TEXT Required Text William Stallings, Network Security Essentials: Applications and Standards – 2/e, Prentice-Hall, 2003, 432 pp., ISBN 0-13- 035128-8 Reference William Stallings, Business Data Communications, 5/e, Prentice-Hall, 2005, 608 pp., ISBN 0-13-144257-0 Cheswick, W. and Bellovin, S., Firewalls and Network Security: Repelling the Wiley Hacker, Addison Wesley, 2003, 464 pp., ISBN 0-201-63466-X William Stallings, Cryptography and Network Security: Principles and Practice, 4/e, Prentice Hall, 2006, 569 pp., ISBN 0-13-187316-4 Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2/e, Wiley, 1996, 784 pp., ISBN 047- 111709-9 4 CLASS RULES Assignments are to be completed individually Academic honesty taken very seriously Any attempt to gain unauthorized access to any system will be dealt with harshly 5 INFORMATION SECURITY Physical Administrative “Lockup the file cabinet” 6 PRIVATE NETWORKS Isolated to individual organizations Emergence of computer security Sharing a system Protecting data 7 MATURING OF THE INTERNET Telephones used by 50% of worlds population Internet attains similar level of growth by 2010 – max growth Connecting computers and programmable devices More devices than people 8 TRACKING ATTACKS http://www.cert.org 9 SERVICES, MECHANISMS, ATTACKS (OSI SECURITY ARCHITECTURE) Attack – an action that compromises the security of information owned by an organization Mechanisms – detect, prevent an/or recover from a security attack Services – enhance the security of data processing systems – counter security attacks 10 SECURITY ATTACKS Information Information source destination Normal Flow 11 SECURITY ATTACKS Information Information source destination Interruption Attack on availability 02/06/06 HOFSTRA UNIVERSITY – NETWORK SECURITY COURSE, CSC290A 12 SECURITY ATTACKS Information Information source destination Interception Attack on confidentiality 13 SECURITY ATTACKS Information Information source destination Modification Attack on integrity 14 SECURITY ATTACKS Information Information source destination Fabrication Attack on authenticity 15 SECURITY ATTACKS Passive threats Release of Traffic message analysis contents eavesdropping, monitoring transmissions 16 SECURITY ATTACKS Active threats Masquerade Replay Modification of Denial of message contents service some modification of the data stream 17 SECURITY ATTACKS On the Internet, nobody knows you’re a dog - by Peter Steiner, New York, July 5, 1993 18 SECURITY SERVICES Confidentiality – protection from passive attacks Authentication – you are who you say you are Integrity – received as sent, no modifications, insertions, shuffling or replays 19 SECURITY SERVICES Nonrepudiation – can’t deny a message was sent or received Access Control – ability to limit and control access to host systems and apps Availability – attacks affecting loss or reduction on availability 20 NETWORK SECURITY MODEL 21 NETWORK SECURITY MODEL Four basic tasks in designing a security service: Design algorithm Generate secret information to be used Develop methods to distribute and share info Specify a protocol to be used by the two principals 22 PROTOCOLS – SIMPLE TO COMPLEX 23 NETWORK ACCESS SECURITY MODEL 24 INTERNET STANDARDS AND RFCS Internet Architecture Board (IAB) - overall architecture Internet Engineering Task Force (IETF) - engineering and development Internet Engineering Steering 25 REQUEST FOR COMMENTS (RFC) RFCs are the working notes of the Internet research and development community 26 STANDARDIZATION PROCESS Stable and well understood Technically competent Substantial operational experience Significant public support Useful in some or all parts of Internet Key difference from ISO: operational experience 27 RFC PUBLICATION PROCESS IE T F In te rn e t < 6 m o n th s d ra ft IE S G P ro p o s e d > 6 m o n th s E x p e rim e n ta l In fo rm a tio n a l s ta n d a rd tw o in d e p e n d e n t im p le m e n ta tio n s D ra ft > 4 m o n th s s ta n d a rd In te rn e t s ta n d a rd H is to ric 28 SOME CURRENT TOPICS http://www.aclu.org/pizza/images/screen.swf Eavesdropping Leaps Into 21st Century – Matthew Fordahl, NY Times, 1/22/2006 Privacy for People Who Don't Show Their Navels – Jonathan D. Glater, NY Times, 1/25/2006 Why We Listen – Philip Bobbitt, NY Times, 1/30/2006 29 USEFUL WEBSITES http://www.williamstallings.com/NetS ec2e.html Some recommended sites by the text author http://www.rfc-editor.org/rfcsearch.ht ml Search RFCs http://www.cert.org Center for Internet security http://www.counterpane.com/alerts.ht ml 30 HAVE A NICE DAY!!! 31
