4-1 Chapter 4 The Internet And Security Robert Riordan, Carleton University.

4-1

Chapter 4

The Internet

AndSecurity

www.pearsoned.ca/jessup

Robert Riordan, Carleton University

4-2Information Systems Today, 2/C/e ©2008 Pearson Education Canada

Learning Objectives

1. Describe the Internet and how it works

2. Describe the basic Internet services and the use of the World Wide Web

3. Explain what is meant by the term “information systems security” and describe various approaches for ensuring information systems security


History of the Internet

ARPANET (Advanced Research Project Agency Network)• Created in the 1960s by DARPA (Defense Advance

Research Projects Agency)• Used by government and universities as a means to

communice for research purposes

NSFNET (National Science Foundation Network)• Created in 1986 by the National Science Foundation for

connecting research institutions• Connected to ARPANET and many others (BITNET,

CSNET, etc) to become a major component of the Internet

Internet Support• Ongoing support comes from many universities, federal

and state governments, and national international research institutions and industry


Visions of the Internet in the 1960’s


How the Internet Works – Connecting to the Internet

Modem (stands for Modulate/Demodulate)• A modem converts signals back and forth from digital to

analog for transmission and receipt between computers• A computer requires a modem to get access to the Internet

Internet Service Provider (ISP)• These companies provides access to the Internet for a fee• A computer is connected to an ISP through a modem to

allow Internet access

Network Access Points (NAPs)• NAP’s connect ISPs together• They serve as Internet access points for the ISPs and serve

as exchange points for Internet traffic

Internet Backbone• Collection of main network connections and

telecommunications lines that make up the Internet


How the Internet Works – Shows the Internet Backbone


How the Internet Works – TCP/IP & Routers

TCP – Transmission Control Protocol• Breaks information into small chucks called data packets• Manages the transfer of the packets from computer to computer• Reassembles data packets into a message at the destination

IP – Internet Protocol• Controls how data packets are formed• Addresses each packet with the source and destination address• A data packet conforming to the IP spec is called an IP datagram

Routers• Connect one network to another• Identify each device on a network as unique using IP protocol• Serve as the “Traffic Cop” directing packets to their destination

TCP/IP Approach


How the Internet Works – Connecting Networks

(Computer A) TCP - Breaks message into data packetsIP - Adds address of destination Computer D

Example: Sending a message from Computer A to D

(Computer D) TCP - Checks for missing packets, reassembles message,discards duplicatepackets

(Router) Reads IP Address of packet, routes message to Network 2 and Computer D

1 3

2


How the Internet Works – Web Addresses & Domains

Domain• Identifies the Website (host)• Comes in many suffixes

such as:.edu (educational

institutions).org (organizations; non-

profit).mil (military).net (network

organizations)

Example: microsoft.com(URL) Uniform Resource Locator• Identifies particular Web pages within a domain

Example: http://www.microsoft.com/security/default.mspx

IP Address• Each domain is associated

with one or more IP addresses

• Format: a 32-bit address written as 4 numbers (from 0-255) separated by periods

Example: 1.160.10.240


How the Internet Works – Managing the Internet

Internet Registry• Central repository of all Internet-related information• Provides central allocation of all network system identifiers• Managed by Internet Assigned Numbers Authority (IANA)

Domain Name System (DNS)• Maintained by the Internet Registry• Used to associates hosts or domains with IP addresses• Root DNS database is replicated across the Internet

InterNic Registration Service• Canadian Internet Registration Authority (CIRA)• Assigns Internet Domains and IP addresses• Internet Corp. for Assigned Names and Number (ICANN) has

responsibility for managing IP addresses, domain names, and root server system management


World Wide Web

Web Browser

Hypertext• A Web page stored on a Web server• Contains information and links to

other related information (hyperlinks)

HTML (Hypertext Markup Language)• A standard method used to specify

the format of Web pages• Uses codes/tags which stipulate how

the content should appear to the user

Web Browser• A software program used to locate

and display Web pages• Includes text, graphics, and

multimedia content


World Wide Web

HTTP (Hypertext Transfer Protocol)• A protocol used to process user

requests for displaying Web pages from a Web server

Web Servers• A special computer that is

specifically designed to store and “serve up” Web pages

• This machine contains special hardware and software to perform its many specialized functions


World Wide Web - Architecture


Current State of the Internet

Internet hosts per 1000 inhabitants

Internet hosts 1991-2007Numbers in millions


Internet2

Internet Research User FrustrationAfter 1995, increases in personal and business traffic began congesting the network primarily used for research

Internet Research User FrustrationAfter 1995, increases in personal and business traffic began congesting the network primarily used for research

Internet2University Corporation for Advanced Internet Development (UCAID) was formed to lead the design and development of an private high-speed alternative to the public Internet

Internet2University Corporation for Advanced Internet Development (UCAID) was formed to lead the design and development of an private high-speed alternative to the public Internet

Abilene network backboneA new network has been developed connecting IS researchers by use of GigaPop (Gigabit Point of Presence) network access points to a high-speed private network (currently operating at 10Gbps with a goal of 100Gbps)

Abilene network backboneA new network has been developed connecting IS researchers by use of GigaPop (Gigabit Point of Presence) network access points to a high-speed private network (currently operating at 10Gbps with a goal of 100Gbps)


Internet2

• Mission: Internet2 is a not-for-profit consortium, led by over 200 US universities, developing and deploying advanced network applications and technology, accelerating the creation of tomorrow's Internet.

• Facilitate and coordinate the development, deployment, operation, and technology transfer of advanced, network-based applications and network services to further US leadership in research and higher education and accelerate the availability of new services and applications on the Internet.


• Abilene: Internet2 backbone network (IP over SONET)

• A project of the University Corporation for Advanced Internet Development (UCAID) in collaboration with various corporate partners

• Link Capacity: 13,000 miles of fiber optic cable, with over 8,000 miles of interior circuits and another 5,000 miles of access circuits

• Operates at OC-192 (9.6 gigabits per second) or about 354,000 times faster than a typical computer modem.

Internet2


Internet2


• Examples of Applications:– Grid computing– Telemedicine– Astronomy– Tele-immersion– Music– Digital Video– Tele-Operation of Remote Equipment– Tele-Presence (Magic)

Internet2


Changes to the Internet

• Privacy? – Increased government access to personal

information in the name of security / anti terrorism measures.

• Paying for bandwidth?– Big sites Vs personal home pages– Already exists in the world of cell phones, why

not?


State of IS Security - Security Threats & Technologies

Security TechnologiesCompanies and research organizations continue to develop and refine technologies to prevent security breaches. Some Include:• Firewalls• Biometrics• VPN and Encryption

Security ThreatsToday we hear about many security breaches that affect organizations and individuals. Some recently in the news:• Identity Theft – gaining access to someone’s personal

information allowing them to imitate you (stolen laptop) • Denial of Service – attacks on websites using zombie

computers that overwhelm the site and shut it down• Others: Spyware, Spam, Wireless Access, Viruses


Security Threat: Spyware, Spam, and Cookies

CookiesA message passed to a browser from a Web server. Used by legitimate programs to store state and user information• Problems: can be used to track user activities• Prevention: browser settings, firewall

SpywareAny software that covertly gathers information about a user through an Internet connection without the user’s knowledge• Problems: uses memory resources, uses bandwidth, and can cause system instability• Prevention: Firewalls and Anti-spyware software

SpamElectronic junk mail or junk newsgroup postings usually for purpose of advertising some product and/or service• Problems: nuisance, wastes time deleting, uses storage• Prevention: Spam Blocker software


Information System Security – Managerial Techniques

Organizational Policies and Procedures• Acceptable Use Policies – formally document how systems

should be used, for what, and penalties for non-compliance

Backups and Disaster Recovery• Backups – taking periodic snapshots of critical systems data

and storing in a safe place or system (e.g. backup tape)• Disaster Recovery Plans – spell out detailed procedures to

be used by the organization to restore access to critical business systems (e.g. viruses or fire)

• Disaster Recovery – executing Disaster Recovery procedures using backups to restore the system to the last backup if it was totally lost


IS Security: Technology

Firewall Techniques• Packet Filter – examine each packet entering and leaving

network and accept/reject based on rules• Application Level Control – Performs certain security

measures based on a specific application (e.g. file transfer)• Circuit Level Control – detects certain types of

connections or circuits on either side of the firewall• Proxy Server – acts as, or appears as, an alternative

server that hides the true network addresses

FirewallsA system of software, hardware or both designed to detect intrusion and prevent unauthorized access to or from a private network


Security Technology: Biometrics

Biometrics• A sophisticated authentication

technique used to restrict access to systems, data and/or facilities

• Uses biological characteristics to identify individuals such as fingerprints, retinal patterns in the eye, etc. that are not easily counterfeited

• Has great promise in providing high security


Security Threat: Viruses

VirusesPrograms that can attack a computer and/or a network and delete information, disable software, use up system resources, etc.

Prevention Steps: AntiVirus software: Install this software which is designed to block all known viruses and offers automatic or manual updates to virus patterns to block future virusesNo Disk Sharing – Viruses can be transferred to clean computers by inserting disks containing infected filesDelete Suspicious Email Messages – Do not open suspicious e-mail messages…Delete Only!Report Viruses – If you get a virus, report it to you network administrator immediately!


Computer Crimes

Computer CrimeThe act of using a computer to commit an illegal act. The broad definition of computer crime can include the following:

• Targeting a computer while committing an offense (e.g gaining entry to a computer system in order to cause damage to the computer or the data it contains)

• Using a computer to commit and offense (e.g. stealing credit card numbers from a company database)

• Using computers to support criminal activity(e.g. drug dealer using computers to store records of illegal transactions)

Computer CrimeThe act of using a computer to commit an illegal act. The broad definition of computer crime can include the following:

• Targeting a computer while committing an offense (e.g gaining entry to a computer system in order to cause damage to the computer or the data it contains)

• Using a computer to commit and offense (e.g. stealing credit card numbers from a company database)

• Using computers to support criminal activity(e.g. drug dealer using computers to store records of illegal transactions)


Computer Crimes and the Impact on Organizations


Computer Crime – Unauthorized Access

Unauthorized AccessA person gaining entry to a computer system for which they have no authority to use such access

THIS IS A COMPUTER CRIME!

Unauthorized AccessA person gaining entry to a computer system for which they have no authority to use such access

THIS IS A COMPUTER CRIME!


Computer Crime – Unauthorized Access Trends


Computer Crimes – Who Commits Them?

Unauthorized Access1998 Survey of

1600 companies by PricewaterhouseCoopers

82% come from inside the

organization(employees)


Computer Crimes – Who Commits Them?

Unauthorized Access2004 Survey by

Computer Security Institute

Unauthorized Access2004 Survey by

Computer Security Institute


Computer Crime – Various Types 1st Half


Computer Crime – Various Types 2nd Half


Computer Crimes - Hacking and Cracking

HackersA term to describe unauthorized access to computers based entirely on a curiosity to learn as much as possible about computers. It was originally used to describe MIT students in the 1960s that gained access to mainframes. It was later used universally used for gaining unauthorized access for any reason

HackersA term to describe unauthorized access to computers based entirely on a curiosity to learn as much as possible about computers. It was originally used to describe MIT students in the 1960s that gained access to mainframes. It was later used universally used for gaining unauthorized access for any reason

CrackersA term to describe those who break into computer systems with the intention of doing damage or committing crimes. This term was created because of protests by true hackers

CrackersA term to describe those who break into computer systems with the intention of doing damage or committing crimes. This term was created because of protests by true hackers


Computer Crimes – Cracker (Humorous)


Computer Crime – Software Piracy

Software PiracyThis practice of buying one copy and making multiple copies for personal and commercial use, or for resale is illegal in most countries while others offer weak or nonexistent protections. This has become and international problem as shown below


Destructive Code that Replicates

Viruses These programs disrupt the normal function of a computer system through harmless pranks or by destroying files on the infected computer. They come in several types:

• Boot Sector – attaches to the section of a hard disk or floppy disk that boots a computer.

• File Infector – attach themselves to certain file types such as .doc, .exe, etc.

• Combination – viruses can change types between boot sector and file infector to fool antivirus programs

• Attachment – released from an e-mail when an attachment is launched. Can also send themselves your address book

Viruses These programs disrupt the normal function of a computer system through harmless pranks or by destroying files on the infected computer. They come in several types:

• Boot Sector – attaches to the section of a hard disk or floppy disk that boots a computer.

• File Infector – attach themselves to certain file types such as .doc, .exe, etc.

• Combination – viruses can change types between boot sector and file infector to fool antivirus programs

• Attachment – released from an e-mail when an attachment is launched. Can also send themselves your address book

Worms This destructive code also replicates and spreads through networked computers but does damage by clogging up memory to slow the computer versus destroying files

Worms This destructive code also replicates and spreads through networked computers but does damage by clogging up memory to slow the computer versus destroying files


Computer Crimes – Destructive Code


Destructive Code that Doesn’t Replicates

Trojan HorsesThese programs do not replicate but can do damage as they run hidden programs on the infected computer that appears to be running normally (i.e. a game program that creates an account on the unsuspecting user’s computer for unauthorized access)

Trojan HorsesThese programs do not replicate but can do damage as they run hidden programs on the infected computer that appears to be running normally (i.e. a game program that creates an account on the unsuspecting user’s computer for unauthorized access)

Logic or Time BombsA variation of a Trojan Horse that also do not replicate and are hidden but are designed to lie in wait for a triggering operation. (i.e. a disgruntled employee that sets a program to go off after they leave the company)

• Time Bombs – are set off by dates (e.g. a birthday)

• Logic Bombs – are set off by certain operations (e.g. a certain password)

Logic or Time BombsA variation of a Trojan Horse that also do not replicate and are hidden but are designed to lie in wait for a triggering operation. (i.e. a disgruntled employee that sets a program to go off after they leave the company)

• Time Bombs – are set off by dates (e.g. a birthday)

• Logic Bombs – are set off by certain operations (e.g. a certain password)


Cyberwar and Cyberterrorism

Cyberwar

An organized attempt by a country’s military to disrupt or destroy the information and communications systems of another country. Common targets include:

• Command and control systems

• Intelligence collection and distribution systems

• Information processing and distribution systems

• Tactical communication systems

• Troop and weapon positioning systems

• Friend-or-Foe identification systems

• Smart weapons systems

Cyberwar

An organized attempt by a country’s military to disrupt or destroy the information and communications systems of another country. Common targets include:

• Command and control systems

• Intelligence collection and distribution systems

• Information processing and distribution systems

• Tactical communication systems

• Troop and weapon positioning systems

• Friend-or-Foe identification systems

• Smart weapons systems



A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack):

• an attempt to make a computer resource unavailable to its intended users.

• motives for, and targets of a DoS attack may vary• generally consists of the concerted efforts of a

person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.

• perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack):

• an attempt to make a computer resource unavailable to its intended users.

• motives for, and targets of a DoS attack may vary• generally consists of the concerted efforts of a

person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.

• perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.



Cyber Terrorism

The use of computer and networking technologies against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals

Cyber Terrorism

The use of computer and networking technologies against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals

Responses to the ThreatAt greatest risk are those that depend highly on computers and networking infrastructure (i.e. governments, utilities, transportation providers, etc.) Responses include:

• Improved intelligence gathering techniques

• Improved cross-government cooperation

• Providing incentives for industry security investment

Responses to the ThreatAt greatest risk are those that depend highly on computers and networking infrastructure (i.e. governments, utilities, transportation providers, etc.) Responses include:

• Improved intelligence gathering techniques

• Improved cross-government cooperation

• Providing incentives for industry security investment

4-1 Chapter 4 The Internet And Security Robert Riordan, Carleton University.

Documents

Transcript of 4-1 Chapter 4 The Internet And Security Robert Riordan, Carleton University.