Designing Network Security

•Chapter I: Introduction to Network                 Security

•Chapter II: Authentication and                         Access Control

•Chapter III: Network Defense

•Chapter IV: Host Defense

 

Introduction to Network Security

Why Network Security

•The past decade has seen an explosion in the concern for the security of information 

–Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003, and will grow to over $75 billion by 2007 

•Jobs and salaries for technology professionals have lessened in recent years. BUT … 

•Security specialists markets are expanding ! 

 –“ Full-time information security professionals will rise almost 14% per year around the world, going past 2.1 million in 2008” (IDC report)  

•Internet attacks are increasing in frequency, severity and sophistication

•Denial of service (DoS) attacks

–Cost $1.2 billion in 2000

–1999 CSI/FBI survey 32% of respondents detected DoS attacks directed to their systems

–Thousands of attacks per week in 2001

–Yahoo, Amazon, eBay, Microsoft, White House, etc., attacked

 

•Virus and worms faster and powerful

–Melissa, Nimda, Code Red, Code Red II, Slammer …

–Cause over $28 billion in economic losses in 2003, growing to over $75 billion in economic losses by 2007.

–Code Red (2001): 13 hours infected >360K machines - $2.4 billion loss

–Slammer (2003): 10 minutes infected > 75K machines - $1 billion loss

  

The Definition of Network Security

•Security is a state of well-being of information and infrastructures of network in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable

•Security facets: Confidentiality, Integrity, Availability, and Non-Repudiation/Intrusion Detection

The CIA of Security