Embed Size (px)
Citation preview
CYBERSECURITYSPECIAL INTEREST GROUP3RD MEETINGMAY 27, 2021
5:30 PM – 6:30 PM
WWW.SPSNET.COM WWW.SPSNET.COM/SPINNLABS [email protected]
AGENDA
1. Opening Remarks – Dr. Arshad Ali – 10 Min2. Security Management at University – Dr. Saad A. Malik, Namal – 15 Min3. Setting up a SOC in University – Mr. Rizwan Ali, SPS – 25 Min4. General Discussion – 10 Min
WWW.SPSNET.COM WWW.SPSNET.COM/SPINNLABS [email protected]
AGENDA
1. Opening Remarks – Dr. Arshad Ali – 10 Min2. Security Management at University – Dr. Saad A. Malik, Namal – 15 Min3. Setting up a SOC in University – Mr. Rizwan Ali, SPS – 25 Min4. General Discussion – 10 Min
WWW.SPSNET.COM WWW.SPSNET.COM/SPINNLABS [email protected]
Security Management at a University
Part-IIby
Saad A. Malik*
SPS/SPINN Lab Special Interest Group on Cyber Security Weekly Talks
Dated: 27 May 2021*Saad A. Malik (Ph.D., Engr.)Asst. Prof. CS Department,Head ITSC & SDC,Namal Institute Mianwali, Pakistan.Email: [email protected]; [email protected]: +92 (0) 332 860 7168
Outline of the talk
Review a campus network for a Denial of Service Attack.
Example Campus NW
Networkof
Networks
What needs to be secured?
Internet
The Information residing in
Server
What needs to be secured?
Internet
The Information residing in: Smart phones,
Laptops,Desktops,
PDA
What needs to be secured?
Internet
The Information residing in: NW devicesNW devices
Internet
User #1Waiting for server
To get free
DOS Attack?
Internet
LMS is constantlyServicing User #2
RepeatedlySends requests
To LMS
User #1Waiting for server
To get free
DOS Attack?
Back to the Basics:- how information is accessed over the network?– – How information is stored in a computer?– – How it is made available on the network?– – how DOS attacks work!
Computers are Everywhere!
An internal Computer keeps each of the devices operational!
- processes information from data.- executes actions, based on commands.- e.g desktops, laptops, routers, smart phones.
CPU
Building blocks of a Computer!
MemoryRAM
MemoryCD / DVD
MemoryHDD
I/O Bus
Peripherals Peripheral 2 Peripheral 3 ...
CPU
Building blocks of a Computer
A LU
R3R4R5R2
R1R0
Path ControlLogic
Cache
CacheR3R4R5R2
R1R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
CPU
How does code execute?
I/OCNTRLA LU
R3R4R5R2
R1R0
ControlLogicUnit
CacheCacheR3
R4R5R2
R1R0
MemoryRAM
Memory controller
+1
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
Application CodeE.g. ask computer to find the sum of two numbers say a + b.A code which can sum two variable, is written in either Assembly, C, Java, Python etc.
The Code resides in HDD, till the time it is executed.
Code stored in HDD
CPU
How does a code execute?
I/OCNTRLA LU
R3R4R5R2
R1R0
ControlLogicUnit
CacheCacheR3
R4R5R2
R1R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
Application Code
Step 1Step 2
E.g. ask computer to find the sum of two numbers say a + b.A code which can sum two variable, is written in either Assembly, C, Java, Python etc.
The Code resides in HDD, till the time it is executed.
STEP 1, 2: On execution, it is fetched into RAM, then to CPU cache, and then into internal registers.
Code in CPU
CPU
How does a code execute?
I/OCNTRLA LU
R3R4R5R2
R1R0
ControlLogicUnit
CacheCacheR3
R4R5R2
R1R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
E.g. ask computer to find the sum of two numbers say a + b.A code which can sum two variable, is written in either Assembly, C, Java, Python etc.
The Code resides in HDD, till the time it is executed.
On execution, it is fetched into RAM, then to CPU cache, and then into internal registers.
STEP 3: ALU then computes the sum, stores it in one of the registers.
Application Code
Step 1Step 2
Step 3Step 4
Results
CPU
Files the containers of information!
I/OCNTRLA LU
R3R4R5R2
R1R0
ControlLogicUnit
CacheCacheR3
R4R5R2
R1R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
Application Code
Results
The application code, and the results are stored as files.
The operating system manages the storage format of files. It also manages the resources.
Unix philosophy is behind stable OS’s e.g. Red Hat Linux, SystemV, MAC OS, Android.
Code FilesResult files
CPU
Send Results over the NW!
I/OCNTRLA LU
R3
R4
R5R2
R1
R0
ControlLogicUnit
CacheCacheR3
R4
R5R2
R1
R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
Application Code
Results
ScenarioAssuming the results need to be sent to another computer connected over the network, then how the file named “Results” is transferred via the network.
CPU
I/OCNTRLA LU
R3
R4
R5R2
R1
R0
ControlLogicUnit
CacheCacheR3
R4
R5R2
R1
R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
Application Code
Results
Another application will transform the file into another file, suitable for sending on the internet, called packet.
Note:The parcel may be sent directly from RAM, or could be stored in HDD.
Networking CodeParcel containing Results
CPU
I/OCNTRLA LU
R3
R4
R5R2
R1
R0
ControlLogicUnit
CacheCacheR3
R4
R5R2
R1
R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
Application Code
Results
Parcel is sent to the NIC. NIC converts the digital data into electrical signals and sends them on a wire or wireless.
Networking Code
Parcel containing Results
CPU
The role of Operating System!
I/OCNTRLA LU
R3
R4
R5R2
R1
R0
ControlLogicUnit
CacheCacheR3
R4
R5R2
R1
R0
MemoryRAM
Memory controller
MemoryCD / DVD
MemoryHDD
Input / Output Interface
Keyboard Display Network InterfaceCard
Other Peripherals
Application Code
ResultsIn modern OS’s like Unix, and Windows, the networking code is embedded in the OS kernel.
OS supports multi-tasking i.e. it can run multiple applications simultaneously.
An application is considered a process, therefore each process is identified uniquely.
A popular API used for networking applications is Sockets
OS
Networking Code
MultiTasking Operating System
Process #1
Operating System
Process #2 Process #3
App #1 App #2
CPU Time Memory Network I/O Standard I/O
Simplified Linux Arch.Process #1 Process #2 Process #n
Apps
CPU Time Memory Network I/O Standard I/O
System Call Interface
Kernel
Architecture Dependent Kernel Code
GNU C Library (glibC)
User Space
Kernel Space
Simplified Kernel Sub-Systems
System Call Interface
Process Management Virtual File System
Memory Management Network Stack
Architecture Dependent Device Drivers
Socket API
System Call Interface
Process Management Virtual File System
Memory Management Network Stack
Architecture Dependent Device Drivers
CPU Time Memory Network I/O Standard I/O
Socket BindListen Accept
Socket Application ProgrammerInterface
Misc Functions
System Call Interface
Process Management Virtual File System
Memory Management Network Stack
Architecture Dependent Device Drivers
CPU Time Memory Network I/O Standard I/O
Socket BindListen Accept
Socket API
Misc Functions
read writegetpidfork exec
getppid
System Calls
Networking APPsUse these APIs
To send message Over the network
Lets delve in to coding.
Internet
LMS is constantlyServicing User #2
RepeatedlySends requests
To LMS
User #1Waiting for server
To get free
Thank you !
Questions, queries etc.
AGENDA
1. Opening Remarks – Dr. Arshad Ali – 10 Min2. Security Management at University – Dr. Saad A. Malik, Namal – 15 Min3. Setting up a SOC in University – Mr. Rizwan Ali, SPS – 25 Min4. General Discussion – 10 Min
WWW.SPSNET.COM WWW.SPSNET.COM/SPINNLABS [email protected]
BACK UP SLIDES
