Network Security Basics and Philosophy
-
Upload
dr-enis-karaarslan -
Category
Documents
-
view
218 -
download
0
Transcript of Network Security Basics and Philosophy
-
7/30/2019 Network Security Basics and Philosophy
1/33
5/10/13 Dr. Enis Karaarslan 1
Network Security
Philosphy & Introduction
Dr. Enis Karaarslan
Mula University
Computer Engineering
Department
-
7/30/2019 Network Security Basics and Philosophy
2/33
-
7/30/2019 Network Security Basics and Philosophy
3/33
SECURITY
PHILOSPHY
-
7/30/2019 Network Security Basics and Philosophy
4/33
Computer & Network Security hassimilarities with the security innormal life.
-
7/30/2019 Network Security Basics and Philosophy
5/33
There is no such thing as
%100 Security
-
7/30/2019 Network Security Basics and Philosophy
6/33
Security at the gates only,
is not enough
-
7/30/2019 Network Security Basics and Philosophy
7/33
A chain is only as strong as
its weakest link
-
7/30/2019 Network Security Basics and Philosophy
8/33
As there is no %100 security
So give up?
A possible solution:
Use more than one chain
-
7/30/2019 Network Security Basics and Philosophy
9/33
MULTI LAYER SECURITY
-
7/30/2019 Network Security Basics and Philosophy
10/33
-
7/30/2019 Network Security Basics and Philosophy
11/33
Keep in mind that When Security measures increase,
Usability decrease
-
7/30/2019 Network Security Basics and Philosophy
12/33
False Sense of Security
A false sense of security is worsethan a true sense of insecurity.
Solution:
Never think your system is secure.
-
7/30/2019 Network Security Basics and Philosophy
13/33
No Template Which Suits All
There is no templates which suits all.There is a different solution for
different organizations Different needs
Different assets
-
7/30/2019 Network Security Basics and Philosophy
14/33
To win a war,
one must know the
way
Sun Tzu
The Art of War
-
7/30/2019 Network Security Basics and Philosophy
15/33
Security is a process, not a product.Bruce Schneier
-
7/30/2019 Network Security Basics and Philosophy
16/33
MONITOR
The system should be monitored forintrusions
And immediate action should betaken at attacks
-
7/30/2019 Network Security Basics and Philosophy
17/33
Warn The Attacker
-
7/30/2019 Network Security Basics and Philosophy
18/33
Network Awareness
Know your enemy (?) Know yourself,
know your assets
know what to protect
Know your systems more than theattacker
-
7/30/2019 Network Security Basics and Philosophy
19/33
FUNDAMENTALS
-
7/30/2019 Network Security Basics and Philosophy
20/33
INFORMATION SYSTEM
Information System and
Security
ATTACKER
VULNERABILITY
ATTACK
USERS
SECURITYMEASURES
-
7/30/2019 Network Security Basics and Philosophy
21/33
Vulnerable Systems
The systems are vulnerable Mainly because of bad coding
Must be patched (but can not be done
rapidly as they should) False sense of security
-
7/30/2019 Network Security Basics and Philosophy
22/33
A vulnerability timeline
-
7/30/2019 Network Security Basics and Philosophy
23/33
The Attacker/Intruder
The attacker can be called as:
Lamer, intruder, attacker
(wrongly used as hacker also) Also secret organizations? Also companies
(serious antivirus/defence economy)
-
7/30/2019 Network Security Basics and Philosophy
24/33
5/10/13 Ar. Gr. Enis Karaaslan 24
Hacker /Lamer /Attacker
Hacker is used as attacker/lamer, in the meaning:
The intruder, who gets in your system and intends
to use for his/her own aims.
-
7/30/2019 Network Security Basics and Philosophy
25/33
The Attacker
The attackers strength is Dedication
Will not stop until he/she gets in
Can use the computer for days long sleepless
Knows the vulnerabilities of systems
-
7/30/2019 Network Security Basics and Philosophy
26/33
5/10/13 Ar. Gr. Enis Karaaslan 26
-
7/30/2019 Network Security Basics and Philosophy
27/33
Network Security Assets
Network Security Overall
Network Awareness
Firewall, Intrusion Detection Systems etc
More Host (Computer/Server/NW Device) Security
Physical Security
OS and Application Security
User Management Encryption
-
7/30/2019 Network Security Basics and Philosophy
28/33
Firewall
-
7/30/2019 Network Security Basics and Philosophy
29/33
5/10/13 Ar. Gr. Enis Karaaslan 29
Firewall Basics
Rule based access control betweennetworks.
Software/hardware based
Architecture Static Packet Filtering Dynamic Packet Filtering (Statefull
inspection)
Application Level Protection
Logging and alert capabilities
-
7/30/2019 Network Security Basics and Philosophy
30/33
5/10/13 Ar. Gr. Enis Karaaslan 30
Encryption
Encryption is the conversion of data
into a form, called a ciphertext, that
cannot be easily understood byunauthorized people.
(Encryption x Decryption)
-
7/30/2019 Network Security Basics and Philosophy
31/33
5/10/13 Ar. Gr. Enis Karaaslan 31
Encryption
Two different methods (according to key use) Conventional Two keys are the same
Asymetric (Public Key Encryption)
Key pair (public, private)
-
7/30/2019 Network Security Basics and Philosophy
32/33
5/10/13 Ar. Gr. Enis Karaaslan 32
Encryption
To decyrpt an encrypted data
How much time?
How much Processing (Computing power)?
The science which deals with encryption is
Cryptology
-
7/30/2019 Network Security Basics and Philosophy
33/33
5/10/13 Ar Gr Enis Karaaslan 33
END OF THE SESSION
Dr. Enis [email protected]
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]