network security philosphy introduction
play

Network Security Philosphy & Introduction Dr. Enis Karaarslan - PowerPoint PPT Presentation

Sep 03, 2023 •346 likes •779 views

Network Security Philosphy & Introduction Dr. Enis Karaarslan Mula University Computer Engineering Department 4/30/15 Dr. Enis Karaarslan 1 4/30/15 Ar. Gr. Enis Karaaslan 2 SECURITY PHILOSPHY 4/30/15 Ar. Gr. Enis Karaaslan

  1. Network Security Philosphy & Introduction Dr. Enis Karaarslan Muğla University Computer Engineering Department 4/30/15 Dr. Enis Karaarslan 1

  2. 4/30/15 Ar. Gör. Enis Karaaslan 2

  3. SECURITY PHILOSPHY 4/30/15 Ar. Gör. Enis Karaaslan 3

  4.  Computer & Network Security has similarities with the security in normal life. 4/30/15 Ar. Gör. Enis Karaaslan 4

  5. There is no such thing as %100 Security 4/30/15 Ar. Gör. Enis Karaaslan 5

  6. Security at the gates only, is not enough 4/30/15 Ar. Gör. Enis Karaaslan 6

  7. A chain is only as strong as its weakest link 4/30/15 Ar. Gör. Enis Karaaslan 7

  8. As there is no %100 security … So give up? A possible solution: Use more than one chain 4/30/15 Ar. Gör. Enis Karaaslan 8

  9. MULTI LAYER SECURITY 4/30/15 Ar. Gör. Enis Karaaslan 9

  10. 4/30/15 Ar. Gör. Enis Karaaslan 10

  11. Security x Usability 4/30/15 Ar. Gör. Enis Karaaslan 11

  12.  Keep in mind that  When Security measures increase,  Usability decrease 4/30/15 Ar. Gör. Enis Karaaslan 12

  13. Value of Assets and Expenditures ● What is the VALUE of your asset (data, prestige …)? ● Keep in mind that ● Security expenditures should not be greater than the value of the assets 4/30/15 Ar. Gör. Enis Karaaslan 13

  14. Risk ... Smoking in the oil station … %99 percent nothing happens … %1 ... 4/30/15 Ar. Gör. Enis Karaaslan 14

  16. Risk ...

  17. It's discipline anyway … :)

  18. Mitigate (azaltmak) Risk

  19. Risk Analysis ● Risk analysis is essential ● If the risk is too low, that/some precaution(s) can be cancelled … 4/30/15 Ar. Gör. Enis Karaaslan 19

  20. False Sense of Security  A “false sense of security” is worse than “a true sense of insecurity”.  Solution: Never think your system is secure. 4/30/15 Ar. Gör. Enis Karaaslan 20

  21. No Template Which Suits All  There is no templates which suits all.  There is a different solution for different organizations • Different needs • Different assets 4/30/15 Ar. Gör. Enis Karaaslan 21

  22. To win a war, one must know the way Sun Tzu The Art of War 4/30/15 Ar. Gör. Enis Karaaslan 22

  23. Security is a process, not a product. Bruce Schneier 4/30/15 Ar. Gör. Enis Karaaslan 23

  24. MONITOR  The system should be monitored for intrusions  And immediate action should be taken at attacks 4/30/15 Ar. Gör. Enis Karaaslan 24

  25. Warn The Attacker 4/30/15 Ar. Gör. Enis Karaaslan 25

  26. Network Awareness  Know your enemy (?)  Know yourself, • know your assets • know what to protect  Know your systems more than the attacker 4/30/15 Ar. Gör. Enis Karaaslan 26

  27. Eğer bu kadar kötü yazılım güvenliğine sahip olmasaydık, Bu kadar çok ağ güvenliğine ihtiyacımız olmayacaktı Bruce Schneier

  28. (Web) Application Security ● Security by Design ● Secure coding ● And others ...

  29. FUNDAMENTALS 4/30/15 Ar. Gör. Enis Karaaslan 29

  30. Information System and Security ATTACK SECURITY ATTACKER MEASURES VULNERABILITY USERS INFORMATION SYSTEM

  31. Vulnerable Systems  The systems are vulnerable • Mainly because of bad coding • Must be patched (but can not be done rapidly as they should) • False sense of security 4/30/15 Ar. Gör. Enis Karaaslan 31

  32. A vulnerability timeline …

  33. The Attacker/Intruder  The attacker can be called as: Lamer, intruder, attacker … (wrongly used as hacker also)  Also secret organizations?  Also companies (serious antivirus/defence economy) 4/30/15 Ar. Gör. Enis Karaaslan 33

  34. Hacker /Lamer /Attacker … Hacker is used as attacker/lamer, in the meaning: The intruder, who gets in your system and intends to use for his/her own aims. 4/30/15 Ar. Gör. Enis Karaaslan 34

  35. The Attacker  The attackers strength is Dedication • Will not stop until he/she gets in • Can use the computer for days long sleepless • Knows the vulnerabilities of systems 4/30/15 Ar. Gör. Enis Karaaslan 35

  36. 4/30/15 Ar. Gör. Enis Karaaslan 36

  37. Network Security Assets  Network Security Overall • Network Awareness • Firewall, Intrusion Detection Systems … etc • More …  Host (Computer/Server/NW Device) Security • Physical Security • OS and Application Security • User Management  Encryption 4/30/15 Ar. Gör. Enis Karaaslan 37

  38. Firewall 4/30/15 Ar. Gör. Enis Karaaslan 38

  39. Firewall Basics  Rule based access control between networks.  Software/hardware based  Architecture • Static Packet Filtering • Dynamic Packet Filtering (Statefull inspection) • Application Level Protection  Logging and alert capabilities 4/30/15 Ar. Gör. Enis Karaaslan 39

  40. Encryption  Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. (Encryption x Decryption) 4/30/15 Ar. Gör. Enis Karaaslan 40

  41. Encryption  Two different methods (according to key use) • Conventional– Two keys are the same • Asymetric – ( Public Key Encryption ) – Key pair (public, private) 4/30/15 Ar. Gör. Enis Karaaslan 41

  42. Encryption  To decyrpt an encrypted data • How much time? • How much Processing (Computing power)?  The science which deals with encryption is Cryptology 4/30/15 Ar. Gör. Enis Karaaslan 42

  43. END OF THE SESSION Dr. Enis Karaaslan enis.karaarslan@mu.edu.tr 4/30/15 Ar. Gör. Enis Karaaslan 43

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

966 views • 40 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics WWW HTTP: Hyper Text Transfer Protocol HTTP Security HTML Protocol HTML Security

1.09k views • 74 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

1.01k views • 80 slides
Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Protocol Functions OSI model

743 views • 38 slides
Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics TCP Layer Responsible for reliable end-to-end transfer of application data.

632 views • 32 slides
Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics The network layer IP V4 BOOTP & DHCP IP V6 Common IP countermeasures Dr.

1.88k views • 152 slides
Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Key terms Protocol

464 views • 19 slides
Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows FTP General Countermeasures

1.48k views • 104 slides
Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows X-Windows FTP General

765 views • 52 slides
our philosphy READY TO WEAR Al w a ys focused on new trends, re- search and innov ation our

our philosphy READY TO WEAR Al w a ys focused on new trends, re- search and innov ation our

San Babila M Modern Wearing Camera Nazionale Excelsior Milano della Moda Italiana Duomo M1 M Modern Showroom Duomo M3 M SERVICES FOR BUYERS FOR COMPANIES our philosphy READY TO WEAR Al w a ys focused on new trends, re- search and

352 views • 32 slides
INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics The Internet Addressing Client Server Routing Dr. Doug Jacobson - Introduction to 2 Network

940 views • 24 slides
Introduction CMSC 414: Computer and Network Security Spring 2016 What is computer & network

Introduction CMSC 414: Computer and Network Security Spring 2016 What is computer & network

Introduction CMSC 414: Computer and Network Security Spring 2016 What is computer & network security? Normally, we are concerned with correctness Does the software achieve the desired behavior? Security is a form of correctness

682 views • 47 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Cryptography & Network Security Introduction Introduction Chester Rebeiro IIT Madras CR

Cryptography & Network Security Introduction Introduction Chester Rebeiro IIT Madras CR

Cryptography & Network Security Introduction Introduction Chester Rebeiro IIT Madras CR The Connected World CR 2 Information Storage CR 3 Increased Security Breaches 81% more in 2015 CR

1.46k views • 29 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Introduction Introduction Welcome to the course! Instructor: Dr.

678 views • 10 slides
Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security Announcements intermission Day 13: Network, etc., security overview Some classic network attacks Stephen McCamant University of Minnesota, Computer Science

504 views • 5 slides
Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5

Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5

Introduction Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5 March 2007 Ido Rosen Wireless Network Security Introduction Introduction 1 Overview Wireless LANs Ido Rosen Wireless Network

399 views • 8 slides
Introduction to Network Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics TCP Layer Responsible for reliable end-to-end transfer of application data. TCP

912 views • 64 slides

More recommend