kittiphan techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) network...
TRANSCRIPT
![Page 1: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/1.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Network Security(the Internet Security)
Kittiphan Techakittiroj
![Page 2: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/2.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Goals of Security
• Ensure the only authorized individuals have ac
cess to information
• Preventing unauthorized creation, alteration, or
destruction of data
• Ensuring that legimate users are not denied acc
ess to information
• Ensuring that resources are used in legitimate
way
![Page 3: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/3.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Classication of Security
• Communication security
– signal
• Computer security
– user permission
– file sharing access control
![Page 4: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/4.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Classication of Security (secondary)Classication of Security
• Physical security: locks on doors, access badges, b
iometrics
• Personnel security: employee screening
• Administrative security: investigation of security b
reaches, policy
• Information/data security: controlling the reporduc
tion of sensitive material
• Online security: controlling access to online data
![Page 5: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/5.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Classication of Security Violation
• Cracking
• Spoofing
• Snooping
• Social Engineering
• Denial of Service
![Page 6: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/6.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Cracking
• Often called as “Hacking”
• Break through the security by using the
knowledge of
– Software Engineer
– Computer Network
– Operating System
– etc.
Classification of Security Violation
![Page 7: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/7.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Cracker
• few real crackers (super crackers)
• other cracker used
– asking expert
– public available information (WWW)
• protected by
– security report
– patches, updates and hot fixes
Classification of Security Violation: Cracking
![Page 8: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/8.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Spoofing• Act as the others, e.g.
– fake e-mail: e.g. sending an e-mail by pretending to b
e other (theoritical can be any name)
– fake IP: e.g. to gain accesses to the prohibit area
Classification of Security Violation
http://www.data.com/roundups/images/vpn_servers_figure1.html
![Page 9: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/9.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Spoofing
• Starting point for other security violation
• False information
• protected by
– digital signature
– digital certification
Classification of Security Violation
![Page 10: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/10.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Snooping
• Steal information during transmission
• Hardware:
– Packet Sniffer
– usually need access to the physical network
• Software:
– capture keystroke
Classification of Security Violation
![Page 11: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/11.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Snooping cont.
• Other:
– Trashing (happened to credit card number)
• protected by:
– encryption
– security access control
Classification of Security Violation
![Page 12: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/12.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Social Engineering
• Talking between user and cracker
• Serious and Common
• protected by:
– policy
– knowledge of users
Classification of Security Violation
![Page 13: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/13.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Denial of Service
• attack the weakness of the network, e.g.
– spamming e-mail (mail bomb)
– spamming web request
– WinNuke
• protected by:
– hot fixes & patches
– firewall
– logging system
Classification of Security Violation
![Page 14: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/14.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Benefit of Security
• Confidentiality
• Authentication (including access control)
• Message Digest (including data integrity)
– protect unknown modification, e.g. virus
– sampling keywords of the information and do the
encryption
• Non-repudiation: digital signature & certification
![Page 15: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/15.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Potential Security Risk
• Lack of safeguards
• poorly configured & administered systems
• basic security problems with communication
protocol (IP, TCP, UDP)
• faulty service program
• basic security problem with service programs
(WWW, FTP)
![Page 16: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/16.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
General rules for Protection
• software current & update
– fixed & patch & upgrade
• encrypt sensitive information
• train user & administrator
– password & security
– policy
• monitoring: 100% monitor --> 100% secure
![Page 17: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/17.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Standard Technology on Security
• firewall: packet filtering & proxy
• Intrusion Detection Systems:
Detect the attack before it happens
• Network Address Translation:
Not design for scurity but generate a high-level o
f security
• encryption
– VPN (virtual private network)
– digital signature & certification
General rules for Protection
![Page 18: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/18.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Emerging Technology on Security
• encryption
– SET, S-HTTP, IPSec (IP Security Protocol), S
SL or TLS (Transport Layer Security), CDSA
(Common Data Security Architecture), XBSS
(Baseline Security Services), XDAS (Distribut
e Audit Service), XSSO (Single Sign On)
General rules for Protection
![Page 19: Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th](https://reader036.vdocuments.net/reader036/viewer/2022072011/56649e155503460f94aff79b/html5/thumbnails/19.jpg)
Kittiphan Techakittiroj (19 . . 2566เม ย )
Reference Books
Developing Secure Commerce Applications by Onli
ne O’Reilly Web Development Courses (http://20
8.233.153.3/oreilly/security/westnet: 1999)