1

IT443 – Network Security AdministrationWeek 1 – Introduction

Instructor: Alfred J Bird, Ph.D., NBCTabird@cs.umb.edu

http://it443-s14-bird.wikispaces.umb.edu/

Door Key: 643478*

Office – McCormick 3rd floor 607 (617.287.3827)Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm

2

Basic Information

• Textbook:– Network Security: Private Communications in a Public World– by Charlie Kaufman, Radia Perlman and Mike Speciner– 2nd Edition, Prentice Hall, ISBN 0-13-046019-2

• Location and time of classes– Section 1

• Web Lab S-3-028• Monday and Wednesday 4:00pm to 5:15pm

– Section 2• IT Lab S-3-143• Tuesday and Thursday 5:30 to 6:45pm

3

Course Outline

• Network Basics• Cryptography Basics• Authentication• Public Key Infrastructure• IPsec• SSL/TLS• Firewall / Intrusion Detection• Email Security• Wireless security / Worm (backup)

4

Course Work

• 6~7 Lab Assignments (50%)– Team of 2 students– Lab Notebook (Individual)– Lab report (Individual)

• Written Projects (25%)• Final Exam (25%)

5

Potential Labs

• Understanding network packets• Encryption/decryption• Password cracking• Intrusion detection• System monitoring• Implementing certificate• Implementing VPN• Configuring a firewall• Wireless security / Worm (backup)

6

Policies

• Lab reports– Partial points will be given for incomplete work – Late submissions will be accepted for reduced

credit.

• Honor code• No makeup exam without prior permission• Accommodations

– Ross Center for Disability Service• Campus Center Room 211, 617.287.7430

7

Some Network Security Websites

• CERT @ Carnegie Mellon University– http://www.cert.org/

• Trend Micro Threat Tracker– http://apac.trendmicro.com/apac/

• CERT @ Dept of Homeland Security– http://www.us-cert.gov/

• Symantec Threat Explorer– http://us.norton.com/security_response/threatexplorer/index.jsp

8

Some Postulates about Network Security

• You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking!

• If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) (p41 in the text)

• Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide. (p245 in the text)

9

Introduction to Network Security

• Security threats– Malware: Virus, worm, spyware– Spam– Botnet– DDoS attacks– Phishing– Cross-site scripting (XSS)– Theft and/or Whistleblowers– …

10

Introduction to Network Security

• Security breaches in 2011– Sony's PlayStation Network (77M clients)– Epsilon (60M clients)– Fidelity National ($13M loss)– Sega's online gaming network (1.3M clients)– Citigroup (210K clients)– MA Executive Office of Labor and Workforce

Development (210K records)– SF Subway, Health Net, …

11

Contributing Factors• Lack of awareness of threats and risks of information

systems– Security measures are often not considered until an Enterprise

has been penetrated by malicious users

• Wide-open network policies– Many Internet sites allow wide-open Internet access

• Lack of security in TCP/IP protocol suite– Most TCP/IP protocols not built with security in mind

• Complexity of security management and administration• Software vulnerabilities

– Example: buffer overflow vulnerabilities

• Cracker skills keep improving

12

Security Objectives (CIA)

13

Security Objectives (CIA)

• Confidentiality — Prevent/detect/deter improper disclosure of information

• Integrity — Prevent/detect/deter improper modification of information

• Availability — Prevent/detect/deter improper denial of access to services provided by the system

14

OSI Security Architecture

• ITU-T X.800 “Security Architecture for OSI”

• Defines a systematic way of defining and providing security requirements

• It provides a useful, if abstract, overview of concepts we will study

15

Aspects of Security

• 3 aspects of security:– security attack

• Any action that compromises the security of information owned by an organization

– security mechanism• A process that is designed to detect, prevent, or

recover from a security attack

– security service• Counter security attacks: make use of one or more

security mechanisms to provide the service

16

Threat Model and Attack Model

• Threat model and attack model need to be clarified before any security mechanism is developed

• Threat model– Assumptions about potential attackers– Describes the attacker’s capabilities

• Attack model– Assumptions about the attacks– Describe how attacks are launched

17

Passive Attacks

18

Active Attacks

19

Security Mechanism (X.800)

• Specific security mechanisms:– encipherment, digital signatures, access controls,

data integrity, authentication exchange, traffic padding, routing control, notarization

• Pervasive security mechanisms:– trusted functionality, security labels, event

detection, security audit trails, security recovery

20

Security Service

• Enhance security of data processing systems and information transfers of an organization

• Intended to counter security attacks• Using one or more security mechanisms

• Often replicates functions normally associated with physical documents– For example, have signatures, dates; need protection

from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed

21

Security Service• Authentication - assurance that communicating entity is the one

claimed

• Access Control - prevention of the unauthorized use of a resource

• Data Confidentiality –protection of data from unauthorized disclosure

• Data Integrity - assurance that data received is as sent by an authorized entity

• Non-Repudiation - protection against denial by one of the parties in a communication

• Availability – resource accessible/usable

22

For Next Time

• Prepare a 500 word essay on the topic:– In your view what is meant by the term “Network

Security”?– An essay is not a research paper but is a written work

expressing and defending your views! – What do you think about the topic and why!

• Be prepared to discuss the topic on Wednesday. We will be having a class discussion and you (each and every one) will be expected to participate!