Upload
bainida
View
462
Download
7
Embed Size (px)
Citation preview
Information SecurityAssistant Professor Pramote Kuacharoen, Ph.D.
Network Attacks
Information Security Curriculum• เปนสาขาเกยวกบการรกษาความมนคงปลอดภยของ
สารสนเทศขององคกร ซงมงเนนพฒนาบคลากรทสามารถ วเคราะหความเสยงและวางแผนความมนคงปลอดภยขององคกร สรางนโยบายความมนคงปลอดภย รกษาความมนคงปลอดภย และสามารถตอบสนองตอภยคกคามตาง ๆ เพอสงเสรมพนธกจขององคกร
• ผทศกษาในสาขานจะไดความร ความเชยวชาญทงทางดานเทคโนโลยเกยวกบความมนคงสารสนเทศและการบรหารจดการความมนคงสารสนเทศ
• Technology Is Concrete• Can visualize devices and transmission lines• Can understand device and software operation
• Management Is Abstract• Management Is More Important• Security is a process, not a product (Bruce
Schneier)
4
Management is the Hard Part
Courses• Information Security Management • Computer and Network Security • Information Security Risk Analysis• Software Development Security• Information Security Policy• Internet Security• Database Security• Software Development Security• Cloud Computing Security• Penetration Testing and Vulnerability Analysis• Digital Forensics and Investigations
Security Management Process
Plan
ProtectRespond
• Identify Current IT Security Gaps• Identify Driving Forces• The threat environment• Compliance laws and regulations• Corporate structure changes, such as mergers• Identify Corporate Resources
Needing Protection• Enumerate all resources• Rate each by sensitivity
7
Strategic IT Security Planning
• Develop Remediation Plans• Develop a remediation plan for all security
gaps• Develop a remediation plan for every resource
unless it is well protected• Develop an Investment Portfolio• You cannot close all gaps immediately• Choose projects that will provide the largest
returns• Implement these
8
Strategic IT Security Planning
In The News
Stealing Money using fake ID
IDENTITY THEFT
SOCIAL ENGINEERING
OTP
TWO-FACTOR AUTHENTICATION
Campus Area Networks
AAA Server
DHCP ServerESA/WSA
Web ServerEmail Server
VPN
Hosts
Layer 3 Switches
Layer 2 Switches
IPSFirewall
Internet
Small Office and Home Office Networks
Wireless Router
Layer 2 SwitchInternet
Wide Area Networks
POP
VPN
Corporate
Branch Site
Regional Site
SOHO Site
Mobile Worker
The Evolving Network Border
• Critical MDM functions for BYOD network– Data encryption– PIN enforcement– Data wipe– Data loss prevention– Jailbreak/root detection
The Hacker & The Evolution of Hackers
Modern hacking titles:
• Script Kiddies
• Vulnerability Brokers
• Hacktivists
• Cyber Criminals
• State-Sponsored Hackers
Traditional Hackers• Motivated by thrill, validation of skills,
sense of power• Motivated to increase reputation among
other hackers• Often do damage as a byproduct• Often engage in petty crime
Script Kiddie
Cyber Criminals
Hacktivists
State-Sponsored Hackers
Attack Tools vs. Knowledge
Penetration Testing ToolsPassword Crackers
Wireless Hacking
Network Scanning and Hacking
Packet Crafting
Packet Sniffers
Rootkit Detectors
Fuzzers to Search Vulnerability
Forensic
Debuggers
Hacking OS
Encryption Tools
Vulnerability Exploitation
Vulnerability Scanners
Network Hacking Attacks• Eavesdropping• Data modification• IP address spoofing• Password-based• Denial-of-service• Man-in-the-middle• Compromised-key• Sniffer
Reconnaissance Attacks
Access Attacks
DoS Attacks
Network Security Organizations
Domains of Security
The Security Artichoke
Security Goals
Confidentiality
IntegrityAvailability
Evolution of Network Security Tools
IDS IPS
Software Firewall
Security Appliance
Next Generation Firewall (NGFW)
• An integrated network platform that combines a traditional firewall with other network device filtering functionalities such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS)
Cloud-Based Protections
www.example.com
CorporateNetwork
Cloud Security Service
Borderless Network
Any Device
Any Location
Any Resource
Protecting Modern Endpoints
Modern Security
Solutions
AMP
ESA
WSA
NAC
Encryption of Local Data
Hardware
Software
Switch Attack Categories
Layer 2 Attacks
CAM Table
VLAN
DHCP
ARP
Address Spoofing
STP
Network Security Professionals
Top 10 Highest Paying Jobs in Information Security
1. Chief Information Security Officer (CISO) $81,000-$240,000
2. Security Architect $84,000-$160,0003. Security Director $66,000-$180,0004. Security Manager $71,433-$143,3745. Security Engineer $57,000-$128,0006. Incident Responder $50,000-$150,0007. Security Consultant $46,000-$147,0008. Computer Forensics Expert $56,000-$119,0009. Malware Analyst $48,000-$100,00010.Security Specialist $43,000-$113,000
Cybersecurity Jobs• One Million Cybersecurity Job Openings In
2016• Top Cyber Security Salaries In U.S. Metros
Hit $380,000
Common Career Path