27-Sep-19

Topics In Network Security

V.aijazahmed@maju.edu.pk

Why study information security ?

Being an IT expert requires knowledge about IT security

Analogy: Building architects must have knowledge about fire safety

Developing IT systems without considering security will lead to vulnerable IT

systems
System :a set of things
Global IT infrastructure is vulnerable to cyber attacks
working together as
IT experts without security skills are part of the problem parts of a mechanism

Learn about IT security to become part of the solution !

1
 27-Sep-19

Course Information (Lecture 1)

• Home Assignments 20 Marks

• Quiz 20 Marks
• Mid Term 20 Marks
• Final Exam 40 Marks
• Course Book: None
• Reference Books : NETWORK SECURITY ESSENTIALS: APPLICATIONS
AND STANDARDS by William Stallings

Course Objective

• Importance of Information Security for every one.

• Academics + Industry ( Demand and Supply)
• Bridging the gap of concepts and implementation by understanding the
security principles and best practice along with practical examples and tools.

2
 27-Sep-19

Course Contents ( Topics In Network Security)

• Security Concepts
• Types of security threat
• IP Network architecture Review
• Mitigating security threats ( Perimeter Security, Firewalls , Endpoint Security)
• Access Management ( BYOD, SSO , 802.1X, NAC)
• Cryptography in Action ( Ciphers, PKI , SSL, VPN ,Digital Signature)
• Security Tools
• Risk Management.
• Network Management ( SNMP , Syslog , SIEM)
• Best Practices
• Network Brands and Product Selection

Some Important Concepts and Terms

• Security is about protecting assets from damage or harm

3
 27-Sep-19

Components of an Information System

System :a set of things working together as parts of a mechanism

• Information system (IS) is entire set of software, hardware, data,

people, procedures, and networks necessary to use information as a
resource in the organization

• Data, Application, User… most important security layers.

Information Security

• Information ( or Data) is an asset that must be protected.

• The value of information comes from the characteristics it possesses.
When a characteristic of information changes, the value of that
information either increases, or, more commonly, decreases.
• Information security, to protect the confidentiality, integrity and
availability of information assets, whether in storage, processing, or
transmission. It is achieved via the application of policy, education,
training and awareness, and technology.

4
 27-Sep-19

Security Goals
• The CIA triad has become the de facto standard model for keeping
your organization secure.

Security Goals C.I.A

Confidentiality
Protection of data from unauthorized disclosure. A loss of
confidentiality is the unauthorized disclosure of information.

Integrity
Assurance that data received is as sent by an authorized entity. A
loss of integrity is the unauthorized modification or destruction of information

Availability
• The information created and stored by an organization needs to
be available to authorized entities. A loss of availability is the disruption of
access to or use of information or an information system.

5
 27-Sep-19

Generic Tools for implementing C I A

6
 27-Sep-19

Network Security
• Network security, a subset of Information security, aims to protect
any data (asset) that is being sent through devices in your network
to ensure that the information is not changed (integrity) or
intercepted (confidentiality) and reaches (availability) the
destination .
• The role of network security is to protect the organization’s IT
infrastructure from all types of cyber threats.

The Need for Information Security

• Why not simply solve all security problems once for all?
• Rapid innovation constantly generates new technology with new vulnerabilities
• More activities go online
• Crime follows the money
• Information security is a second thought when developing IT Systems
• More effective and efficient attack technique and tools are being developed

Conclusion: Information security doesn’t have a final goal, it’s a continuing process

7
 27-Sep-19

The Bigger Picture

Information Security
Teams makes the policies
and Network /Systems
(OS, Applications , DB)
Teams implement the
policies.

Classifying Assets
• Reason to classify an asset is so that you can take specific action,
based on policy, with regard to assets in a given class.

• By classifying data and labeling it (such as labeling “top secret” data

on a hard disk), we can then focus the appropriate amount of
protection or security on that data.
• More security for top secret data than for unclassified data, for
instance.

8
 27-Sep-19

Asset Classification
Not all assets have the same value. An organization must classify its assets

Some Known characters of Network Security literature

Generic characters can be users ,
Client server machines , Routers etc.
communicating over an unsecure
channel .

9
 27-Sep-19

How it Fits All in Network Security

• Alice wants only Bob to be able to understand a message that she has
sent, even though they are communicating over an "insecure" medium
where an intruder (Trudy, the intruder) may intercept, read, and perform
computations on whatever is transmitted from Alice to Bob.
• Bob also wants to be sure that the message that he receives from Alice
was indeed sent by Alice, and Alice wants to make sure that the person
with whom she is communicating is indeed Bob.

• Alice and Bob also want to make sure that the contents of Alice's message
have not been altered in transit.

• Given these considerations, we can identify the desirable properties of

secure communication:

10
 27-Sep-19

OSI Security Architecture

The OSI Security Architecture is a framework (a basic structure underlying a system) that provides a systematic way of
defining the requirements for security and characterizing the approaches to satisfying those requirements. The
document defines security attacks, mechanisms, and services, and the relationships among these categories.

Security Attacks
• Security attack: Any action that compromises the security of
information owned by an organization

• Passive Attacks
A Passive attack attempts to learn or make use of information from
the system but does not affect system resources. The goal of the
opponent is to obtain information is being transmitted.

Difficult to Detect . Countermeasure is to prevent than detect.

11
 27-Sep-19

Security Attacks (Contd.)

• Active Attacks

An Active attack attempts to alter system resources or effect their

operations. Active attack involve some modification of the data stream
or creation of false statement.

Easier to detect difficult to prevent , goal is to defend ,detect and

recover.

12
27-Sep-19

13
27-Sep-19

14
27-Sep-19

15
 27-Sep-19

Some Tools /Commands

• Wire Shark
• Nmap
• IP scanners
• Syslog
• Cisco Packet Tracer.
• Subnet Calculators
• https://www.microsoft.com/en-us/download/details.aspx?id=11533
• Microsoft File Checksum Integrity Verifier
• Nslookup , net stat , tracert/tracroute ,ipconfig / options
and many more

16