Information SecurityAssistant Professor Pramote Kuacharoen, Ph.D.

Network Attacks

Information Security Curriculum• เปนสาขาเกยวกบการรกษาความมนคงปลอดภยของ

สารสนเทศขององคกร ซงมงเนนพฒนาบคลากรทสามารถ วเคราะหความเสยงและวางแผนความมนคงปลอดภยขององคกร สรางนโยบายความมนคงปลอดภย รกษาความมนคงปลอดภย และสามารถตอบสนองตอภยคกคามตาง ๆ เพอสงเสรมพนธกจขององคกร

• ผทศกษาในสาขานจะไดความร ความเชยวชาญทงทางดานเทคโนโลยเกยวกบความมนคงสารสนเทศและการบรหารจดการความมนคงสารสนเทศ

• Technology Is Concrete• Can visualize devices and transmission lines• Can understand device and software operation

• Management Is Abstract• Management Is More Important• Security is a process, not a product (Bruce

Schneier)

4

Management is the Hard Part

Courses• Information Security Management • Computer and Network Security • Information Security Risk Analysis• Software Development Security• Information Security Policy• Internet Security• Database Security• Software Development Security• Cloud Computing Security• Penetration Testing and Vulnerability Analysis• Digital Forensics and Investigations

Security Management Process

Plan

ProtectRespond

• Identify Current IT Security Gaps• Identify Driving Forces• The threat environment• Compliance laws and regulations• Corporate structure changes, such as mergers• Identify Corporate Resources

Needing Protection• Enumerate all resources• Rate each by sensitivity

7

Strategic IT Security Planning

• Develop Remediation Plans• Develop a remediation plan for all security

gaps• Develop a remediation plan for every resource

unless it is well protected• Develop an Investment Portfolio• You cannot close all gaps immediately• Choose projects that will provide the largest

returns• Implement these

8

Strategic IT Security Planning

In The News

Stealing Money using fake ID

IDENTITY THEFT

SOCIAL ENGINEERING

OTP

TWO-FACTOR AUTHENTICATION

Campus Area Networks

AAA Server

DHCP ServerESA/WSA

Web ServerEmail Server

VPN

Hosts

Layer 3 Switches

Layer 2 Switches

IPSFirewall

Internet

Small Office and Home Office Networks

Wireless Router

Layer 2 SwitchInternet

Wide Area Networks

POP

VPN

Corporate

Branch Site

Regional Site

SOHO Site

Mobile Worker

The Evolving Network Border

• Critical MDM functions for BYOD network– Data encryption– PIN enforcement– Data wipe– Data loss prevention– Jailbreak/root detection

The Hacker & The Evolution of Hackers

Modern hacking titles:

• Script Kiddies

• Vulnerability Brokers

• Hacktivists

• Cyber Criminals

• State-Sponsored Hackers

Traditional Hackers• Motivated by thrill, validation of skills,

sense of power• Motivated to increase reputation among

other hackers• Often do damage as a byproduct• Often engage in petty crime

Script Kiddie

Cyber Criminals

Hacktivists

State-Sponsored Hackers

Attack Tools vs. Knowledge

Penetration Testing ToolsPassword Crackers

Wireless Hacking

Network Scanning and Hacking

Packet Crafting

Packet Sniffers

Rootkit Detectors

Fuzzers to Search Vulnerability

Forensic

Debuggers

Hacking OS

Encryption Tools

Vulnerability Exploitation

Vulnerability Scanners

Network Hacking Attacks• Eavesdropping• Data modification• IP address spoofing• Password-based• Denial-of-service• Man-in-the-middle• Compromised-key• Sniffer

Reconnaissance Attacks

Access Attacks

DoS Attacks

Network Security Organizations

Domains of Security

The Security Artichoke

Security Goals

Confidentiality

IntegrityAvailability

Evolution of Network Security Tools

IDS IPS

Software Firewall

Security Appliance

Next Generation Firewall (NGFW)

• An integrated network platform that combines a traditional firewall with other network device filtering functionalities such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS)

Cloud-Based Protections

www.example.com

CorporateNetwork

Cloud Security Service

Borderless Network

Any Device

Any Location

Any Resource

Protecting Modern Endpoints

Modern Security

Solutions

AMP

ESA

WSA

NAC

Encryption of Local Data

Hardware

Software

Switch Attack Categories

Layer 2 Attacks

CAM Table

VLAN

DHCP

ARP

Address Spoofing

STP

Network Security Professionals

Top 10 Highest Paying Jobs in Information Security

1. Chief Information Security Officer (CISO) $81,000-$240,000

2. Security Architect $84,000-$160,0003. Security Director $66,000-$180,0004. Security Manager $71,433-$143,3745. Security Engineer $57,000-$128,0006. Incident Responder $50,000-$150,0007. Security Consultant $46,000-$147,0008. Computer Forensics Expert $56,000-$119,0009. Malware Analyst $48,000-$100,00010.Security Specialist $43,000-$113,000

Cybersecurity Jobs• One Million Cybersecurity Job Openings In

2016• Top Cyber Security Salaries In U.S. Metros

Hit $380,000

Common Career Path