Search results
Nov 10, 2018 · Network security can be divided into two major categories, based on where it is provided. Endpoint security consists of security measures implemented primarily in endpoints that wish to communicate, and do not trust the rest of the network between them. Endpoint security is always implemented with cryptography.
- Occasional optional section
- System correctness
- Security
- Security
- Confidentiality
- Integrity
- Availability
- Security is about
- Network security
- Criminal access to important devices
- Vulnerabilities "In the Wild"
- Propagation
- H oneybl og E xpermen i t
- [excerpt] ...
- We discuss vulnerabilities and attacks
- Purpose of this class
- Dmitry Sklyarov
- Malicious code in testing unit
- Software is complex
- Windows Operating System
- What code can we trust?
- b ackd oor
- d o we sove l thi s?
- Online versions
Experiment this year: Live Meeting Wh at i s securit y?
If user supplies expected input, system generates desired output
If attacker supplies unexpected input, system does not f ail certan i ways Wh at i s securit y?
Good output Bad input Bad output Wh at i s securit y?
Information about system or its users cannot be learned by an attacker
The system continues to operate properly, only reac hi ng states th at would occur if th ere were no attacker
Actions by an attacker do not prevent users from having access to use of the system General picture System Alice Attacker
Honest user (e.g., Alice, Bob, ...) Dishonest Attacker How the Attacker Disrupts h onest users ’ use of th e system ( Integrity, Avaia l bl iity ) Learns information intended for Alice only (Confidentiality)
Network Attacker S ys t em Intercepts and controls network communication Alice Web security System Web Attacker Sets up malicious site visited by victim; no control of network Alice Operating system security OS Attacker Controls malicious files and applications Alice System Alice Attacker Confidentiality: Attacker does not learn Alice’s secrets Int...
Numerous lost, stolen laptops, storage media, containing customer information Second-hand computers (hard drives) pose risk
Data from aggregator and validator of NVD-reported vulnerabilities Web vs S ystem vulne rabilities
Compromised host activity Network probe and other activity Recognizable activity on newly infected host Ho w big is the
Blog acting as potential target for spamming Hosted a real blog (dotclear) with modified TrackBack mechanism Record TrackBacks Passive fingerprinting S ampe l t h e l ure ste i
=> pics Please teacher hentai pics [blog_name] =>Please teacher hentai pics
Most vulnerabilities have been fixed Some attacks may still cause harm Do not try these at home or anyplace else
Learn to prevent malicious attacks Use knowledge for good purposes
Broke Adobe ebooks Prosecuted under DMCA fine Diffi cult probl em: i nsid er th reat Easy to hide code in large software packages Virtually impossible to detect back doors Skill level needed to hide malicious code is much lower than needed to find it Anyone with access to development environment is capable slides: Avi Rubin
when testers checked slot machines downloaded malicious code to slot machine was never detected special mode” sequence of coins activated “winning
top metric for measuring #of flaws is lines of code
tens of millions of lines of code new “critical” security bug announced every week Unintended security flaws unavoidable Intentional security flaws undetectable
Consider "login" or "su" in Unix Is RedHat binary reliable? Does it send your passwd to someone?
This is the basis of Thompson's attack Compiler looks for source code that looks like login program If found, insert login backdoor (allow special user to log in) H ow
Inspect the compiler source S oca i l engneerng i i
send trojan in email picture or movie with malicious code
- 1MB
- 60
1 2015. Contents. Preface. About the Authors. 1 Network Security Overview. 1.1 Mission and Definitions. 1.2 Common Attacks and Defense Mechanisms. 1.2.1 Eavesdropping. 1.2.2 Cryptanalysis. 1.2.3 Password Pilfering. 1.2.4 Identity Spoofing.
A threat in a communication network is any possible event or sequence of actions that might lead to a violation of one or more security goals. The actual realization of a threat is called an attack. Examples for threats: A hacker breaking into a corporate computer. Disclosure of emails in transit.
Securing outgoing network traffic and scrutinizing incoming traffic are critical as-pects of network security. Securing the edge router, which connects to the outside network, is an important first step in securing the network. Device hardening is an essential task that must never be overlooked.
- Arvind Kumar Sharma, Chattar Singh Lamba
- 2010
– Introduction to definitions and Elements of the Network Security & Cryptography Examples of the Network types for which security may have to be provided Types of Internetworks having varying security requirements Classification of Network Security problems Types of Attacks on Networks and Internetworks
People also ask
What is a security flaw?
How does a network sniffer work?
How does a packet sniffer work?
Types of Security • Computer Security – generic name for the collection of tools designed to protect data and to thwart hackers • Network Security – measures to protect data during their transmission • Internet Security – measures to protect data during their transmission over a collection of interconnected networks
