CS 6v81 - Network Security

Introduction

Course organization Web: www.utdallas.edu/~ksarac/netsec/

Instructor: Dr. Kamil Sarac E-mail: ksarac@utdallas.edu Office: ECS South 4.207 Phone: 972 883 2337 Office Hours: Monday (10am to 11am)

Monday (5:30pm to 6:30pm)

TA: TBA E-mail: TBA Office Hours: TBA

2

Course organization E-Learning: I’ll use it to send e-mails, to post

lectureslides, homework announcements and grades; will also use it to turn assignments in

Recommended textbook: Network Security, Private Communication in a Public World, by Kaufman, Perlman, Speciner, 2nd Edition.

Grading: Two exams – each 30% of the grade Homework assignments – 16% of the grade

Details – TBA Programming project – 20% of the grade Participation in hands on activities – 4% of the grade

3

Course organization Topics (tentative):

Crypto tools and their use in various protocols, Authentication, Standards

Kerberos, PKI, IPsec, SSL/TLS, TCP/IP security

Fundamental protocols in TCP/IP suite and related attacks ARP, IP, ICMP, TCP, UDP, etc.,

Protocols for network applications and their vulnerabilities DNS, SMTP, Telnet, FTP, HTTP, web, e-mail

Wireless security, Security of Internet routing (BGP security), DoS attacks and counter measures, Firewalls and Internet security, …

4

Course organization Hands on activities:

Hands on component of the course Basic attack life cycle exercises

A lab session where your will attack and defend More info later on during the semester

A 2-day long cyber game session where you will attack a server system

Powerpoint slides: Will post on e-Learning

Questions on course organization?

5

Network security in a nutshell Computer networks are composed of hosts

interconnected by a communication infrastructure

The communication infrastructure’s task is to deliver traffic between endpoints

Hosts provide services and store information Users access services and exchange/store

information Need to assure:

Privacy/Confidentiality Integrity/Consistency Availability

in a distributed setting6 Following slides modified from those of G. Vigna

The solution to network security

7

Strong authentication of both services and users

Reliable authorization/access control Effective abuse control Flawless protocols, infrastructure, operating

systems, and applications Perfect policy Perfect policy enforcement …and every user is a security expert

The real world

8

Effective security protections are not deployed Administrators do not keep up with vendor

updates/patches Sites do not monitor or restrict access to their

internal hosts Organizations do not devote enough

staff/resources to improve and maintain security (e.g., user education)

Sites do not implement policies (if they have one!) Infrastructure service providers are driven by

market/service, not security Users insist on using flawed applications (e.g., mail

reader that automatically execute attachments)

Goals

10

Understand network security issues Networks Network services and protocols Applications

Learn about protection mechanisms and techniques

Learn about detection techniques

What is secure communication?

1. Bob understands the message 2. Bob knows that message is sent by Alice and

no one else tampered it

3. Is privacy part of this? Can others see the message? Can we hide the fact that

Message is coming from Alice Message is destined to Bob Both of the above

11

MessageAlice Bob

What is secure communication? What can go wrong?

Eavesdropping (passive) Send/fabricate messages Impersonate an address and lie in between Replay recorded message Modify a message in transit Write malicious code and trick people to run it

Trojan horse – hidden instruction on a program Virus – hidden instructions added on a program afterwards Worm – a program that replaces itself by installing its copies Trapdoor – undocumented entry point to a system Logic bomb – malicious instructions triggered by an event Zombie – malicious instructions remotely triggered over the

network

12

The Internet

13

A network of networks A network composed of a set of autonomous

subnetworks Open architecture Different administrative domains with

different and possibly conflicting goals Governments, companies, universities,

organizations rely on the Internet to perform mission-critical tasks

Ethics

34

Is hacking legal? NO! Is it legal to discuss vulnerabilities and how

they are actually exploited? YES, provided that… The goal is to educate and increase awareness The goal is to teach how to build a more secure

computing environment A full disclosure policy has been advocated by

many respected researchers provided that… The information disclosed has been already

distributed to the parties that may provide a solution to the problem (e.g., vendors)

The ultimate goal is to prevent similar mistakes from being repeated

UTD IR acceptable use policy

35

Check it out at http://www.utdallas.edu/business/admin_manual/pdf/a51300.pdf