james cannady, ph.d. assistant professor
DESCRIPTION
Got Security? Information Assurance Considerations for Your Research, Course Projects, and Everyday Life. James Cannady, Ph.D. Assistant Professor. Information Security. - PowerPoint PPT PresentationTRANSCRIPT
Got Security? Information Assurance Considerations for Your
Research, Course Projects, and Everyday Life
James Cannady, Ph.D.Assistant Professor
Information Security Those measures, procedures, or controls which provide an
acceptable degree of safety of information resources from accidental or unauthorized intentional disclosure, modification, or destruction.
Based on the assumption that others either want your data or want to prevent you from having it.
Insecurity is the result of flaws, improper configurations, errors and bad design.
Patches and security add-ons merely address the symptoms, not the cause.
Information Security Problem
A large, rapidly growing international issue
Key to growth of digital environments Critical infrastructure at risk True magnitude of the problem unknown
Why bother with Information Security?? Some of our information needs to be protected against
unauthorized disclosure for legal and competitive reasons All of the information we store and refer to must be
protected against accidental or deliberate modification Information must be available in a timely fashion. We must also establish and maintain the authenticity
(correct attribution) of documents we create, send and receive
If poor security practices allow damage to our systems, we may be subject to criminal or civil legal proceedings
Good security can be seen as part of the market development strategy
The Changing Security Environment
The landscape for information security is changing: From closed systems and networks to Internet connectivity From manual to automated processes Increased emphasis of information security as core/critical requirement
EvidenceEvidence 90%: businesses detected computer security breaches within the last
twelve months 70%: reported a variety of serious computer security breaches (e.g.,
theft of proprietary information, financial fraud, system penetration from outsiders, denial of service attacks and sabotage of data or networks)
74%: acknowledged financial losses due to computer breaches 19%: reported ten or more incidents
Source: Computer Security Institute 2000 Computer Crime and Security Survey
The Four Big Issues: Authentication: Validation of transmissions,
messages, and users Confidentiality: Assurance that information is
not disclosed to unauthorized entities or processes Integrity: Assurance that information is not
modified by unauthorized entities or processes Reliability & Availability: Assurance that
information systems will function when required
Specific Security Issues & Solutions
Validation of transmissions, messages, and users IP Spoofing:
– Filtering routers Fake Web Sites:
– Web Site Certification– DNS certification
Unauthorized Users:– IP authentication– Identification devices– Intrusion Detection Systems
Authentication
Assurance that information is not disclosed to unauthorized entities or processes
Sniffing:– Encryption– Intrusion Detection
Unauthorized File Access:– Firewalls– Intrusion Detection Systems
Confidentiality
Assurance that data or processes have not been altered or corrupted by chance or by malice
Corrupted Web Sites:– Web Site Certification– Intrusion Detection
Corrupted Data Bases: – Encryption– Intrusion Detection
Integrity
Assurance that information systems will function when required
Denial of Service Attacks (e.g. SYN flooding):– Bandwidth– Attack Detection– Redundancy
Reliability & Availability
The Threat Environment Information technology is more vulnerable
than ever:– Open– Distributed– Complex– Highly Dynamic
Attacks are becoming more sophisticated Tools to exploit system vulnerabilities are
readily available and require minimal expertise
Typical Threats Eavesdropping and “sniffing” System Penetration Authorization Violation Spoofing/Masquerading Tampering Repudiation Trojan Horse Denial of Service
Common Security Mechanisms Obscurity Firewalls Intrusion Detection Vulnerability/Security Assessment Tools Virus Detection Host Security Authentication Systems Cryptography
1999 INFOSEC Research Council
Defines nine particularly difficult security problems impacting all aspects of IT.
InfoSec Hard ProblemsInfoSec Hard Problems
1. Intrusion Detection– The timely and accurate detection
of network attacks– Extremely important– No shortage of COTS– Limited effectiveness and reliability
InfoSec Hard ProblemsInfoSec Hard Problems
2. Intrusion Response– What do you do after an attack is
detected?– What do you do when you’re
wrong?
InfoSec Hard ProblemsInfoSec Hard Problems
3. Malicious Code Detection– Trojan horses, “dead” code, etc.– Example: Windows 98
InfoSec Hard ProblemsInfoSec Hard Problems
4. Controlled Sharing of Sensitive Information
– Sharing information from a variety of sources to different recipients.
– Classified information in an Open Environment
InfoSec Hard ProblemsInfoSec Hard Problems
5. Application Security– How do the applications enforce their own
requirements?– How does it effect the rest of the network?
InfoSec Hard ProblemsInfoSec Hard Problems
6. Denial of Service– Simple and effective– “Unfortunately there is currently no method
available of identifying and responding to a denial of service attack in an efficient and autonomous manner”
(National Research Council, 1998).
InfoSec Hard ProblemsInfoSec Hard Problems
7. Communications Security– Protecting information in transit
from unauthorized disclosure, and providing support for anonymity in networked environments.
InfoSec Hard ProblemsInfoSec Hard Problems
8. Security Management Infrastructure– Providing tools and techniques for managing
the security services in very large networks that are subject to hostile attack.
InfoSec Hard ProblemsInfoSec Hard Problems
9. Information Security for Mobile Warfare– Developing information security techniques and
systems that are responsive to the special needs of mobile tactical environments.
– Wireless security
InfoSec Hard ProblemsInfoSec Hard Problems
Advantages of InfoSec Research Important problem
– Touches all aspects of IT Little research has been done
– Large variety of potential dissertation topics– Can be incorporated into other IT topics
Opportunities for publications– Growing number of publications– Can add InfoSec to more traditional topic to increase
opportunities Huge job market for those with experience
– Job openings for network security professionals have increased 200 percent in the past six months
In Review• Security is a complex and growing area of information technology
•There are numerous opportunities for InfoSec research
•Demonstrated security experience can be a key discriminator in any IT career
Ongoing Research at NSU Benedict Eu – Dynamic Computer
Defense in Depth Dennis Bauer – Intrusion detection
using evolution strategies Jim Dollens – Intrusion detection using
computer system DNA Al Fundaburk – Developing an
information security curriculum