Logical design: Network Management and Security McCable ch.10 - PowerPoint PPT Presentation

Loading...

PPT – Logical design: Network Management and Security McCable ch.10 PowerPoint presentation | free to view - id: 90f61-NWJhN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Logical design: Network Management and Security McCable ch.10

Description:

... Management and Security into the Design ... management instrumentation on network design ... A network design should consider the data flows for ... – PowerPoint PPT presentation

Number of Views:92
Avg rating:3.0/5.0
Slides: 127
Provided by: orha9
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Logical design: Network Management and Security McCable ch.10


1
Logical design Network Management and Security
(McCable ch.10)
  • Integrating Network Management and Security into
    the Design
  • Defining Network Management
  • Designing with Manageable Resources
  • Network Management Architecture
  • Security
  • Security Mechanisms
  • Security Examples
  • Network Management and Security Plans

2
Network Management and Security
  • Integrating Network Management and Security into
    the Design
  • How to define and characterize management for a
    network design
  • How to plan for
  • monitoring,
  • configuring and
  • troubleshooting the network
  • Examine network management protocols and
    instrumentation requirements

3
Defining Network Management
  • Network management tasks
  • Monitoring for event notification
  • Monitoring for metrics and planning
  • Configuration of network parameters
  • Troubleshooting the network
  • Planning

4
Defining Network Management
  • Network elements and characteristics
  • A network element is a component of the network
    that can be managed
  • Hosts
  • Routers
  • Switches
  • Data Service Units (DSUs)
  • Hubs
  • NICs
  • Cable segments

5
Defining Network Management
  • Network elements and characteristics
  • End to end characteristics the characteristics
    that can be measured across multiple network
    elements and may be extended across the entire
    network or between hosts
  • Availability
  • Capacity
  • Delay
  • Delay variation (jitter)
  • Throughput
  • Error rates
  • Network utilization
  • Burstiness of the traffic

6
Defining Network Management
  • Network elements and characteristics
  • Link and element characteristics specific to the
    type of the element being managed.
  • IP forwarding rates (packets/second) for
    routers
  • Buffer utilization of a router
  • Logs of authentication failures

7
Defining Network Management
  • Monitoring and metering
  • Monitoring obtaining values for the end-to-end,
    link, and element characteristics.
  • Collecting data (e.g. using SNMP)
  • Processing data (e.g. time averaging)
  • Displaying processed data
  • Archiving data

8
Defining Network Management
  • Monitoring for event notification
  • Event A problem or a failure in a network
    element
  • Threshold may be set on end-to-end or element
    characteristics for notification of events. (real
    time analysis)
  • Real time analysis usually involves short polling
    intervals capacity, CPU, memory, storage needed

9
Defining Network Management
  • Example
  • 100 network elements
  • Each polled for 8 characteristics 800 polls and
    800 responses
  • Average size of each poll and response is 64
    bytes
  • We plan to poll every 5 seconds
  • (800 polls 800 responses)(64 bytes/poll)(8
    bits/byte)/(5 seconds) 164 Kb/s

10
Defining Network Management
  • Monitoring for metrics and planning
  • Metering collecting data for long term analysis
  • Metrics measured values
  • Baselines can be established by monitoring for
    metrics

11
Defining Network Management
  • Generating the characteristics set
  • Generate a working set of end-to-end and element
    characteristics
  • For each element
  • Generate a table of configuration parameters
  • Establish methods for adjusting these parameters
  • Understand the effects of adjusting the
    parameters
  • Understand the effects of problems and how to
    correct them
  • Troubleshooting problem notification, isolation,
    identification, and resolution

12
Designing with manageable resources
  • Network management protocols
  • The requirement for management protocols and
    instrumentation
  • The impact of management instrumentation on
    network design
  • Instrumentation is the set of facilities provided
    by network elements for accessing element
    characteristics and configuration parameters

13
Designing with manageable resources
  • Network Management Protocols
  • Used to couple this instrumentation with
  • Monitoring
  • Display
  • Processing and
  • Storage
  • Two major NM protocols
  • The simple network management protocol (SNMP,
    SNMPv2 and SNMPv3)
  • The common management information protocol
    (CMIP/CMIP over TCP/IP (CMOT))

14
Designing with manageable resources
  • SNMP
  • Widely used
  • Provides facilities for collecting and
    configuring parameters from network elements
  • Commands get, get-next, set. Users can set traps
    (thresholds) for parameters for automatic notices
    (less polling)
  • Default port 161

15
Designing with manageable resources
  • SNMP
  • Management information Base (MIB) collection of
    parameters accessible by SNMP.
  • MIBs for
  • Routers
  • Switches
  • Circuits (e.g. T3)
  • Remote monitoring (RMON) MIB provides information
    about a LAN segment

16
Designing with manageable resources
  • Instrumentation methods
  • SNMPv2, v3
  • Ping
  • Traceroute
  • Pathchar
  • Tcpdump
  • telnet
  • FTP

17
Network Management Architecture
  • A network design should consider the data flows
    for management information
  • In-band vs. out-of-band monitoring
  • Centralized vs. distributed monitoring
  • Capacity and delay requirements
  • Flows of management data
  • Configuration of network management

18
Network Management Architecture
  • In-band vs. out-of-band monitoring
  • In-band monitoring having the NM data flow over
    the same network that the user network traffic
    uses
  • Simple network management architecture
  • In case of network problems monitoring and
    troubleshooting may be difficult
  • Out-of-band monitoring providing different paths
    for NM traffic and user network traffic
  • ISDN D-channel
  • Separate Frame Relay/ATM virtual circuit
  • Telephone lines

19
Network Management Architecture
  • Centralized/distributed monitoring
  • Centralized all monitoring data are sent from
    one monitoring node using either in-band or
    out-of-band-monitoring
  • Distributed local monitoring nodes
  • Less NM traffic
  • In-band/out-of band

20
Network Management Architecture
  • Capacity and Delay Requirements
  • For LANs one monitoring node per subnet
  • For WAN/MAN one monitoring node at each
    WAN/MAN-LAN interface

21
Network Management Architecture
  • LANs determine the
  • Number of hosts and network elements to be polled
    for parameters
  • Number of parameters to be collected
  • Frequency of polling
  • NM traffic rate
  • 2-5 (Ethernet, FDDI, Token Ring)
  • 0.2-0.5 (HiPPI 800 Mb/s capacity), etc.

22
Network Management Architecture
  • Have more than one method to verify the accuracy
    of data collected
  • SNMP
  • RMON
  • Avoid overloading network with NM data

23
Security
  • For the development of a security plan
  • User requirements for security
  • Security policies
  • Security risk analysis
  • Protect network resources from being disabled,
    stolen, modified, or damaged
  • Protect hosts, servers, users, and system data

24
Security
  • Security policies
  • Understand possible security breaches
  • Implement policies to deal with these breaches
  • Common security philosophies
  • Deny specifics/permit all else
  • Permit specifics/deny all else
  • Example policies
  • Acceptable use statements, security incident
    handling procedures, configuration-modification
    policies, and network access/firewall policies

25
Security
  • Security risk analysis
  • A process used to determine which components of
    the system need to be protected and the types of
    security risks they should be protected from
  • Security risks may also change in time in line
    with changes in an organisation

26
Security Risk Analysis Example
  • Assume a fictitious company
  • Identify effect/likelihood (e.g. A/B)
  • Effect A (destructive), B (Disabling), C
    (Disruptive), D (No impact)
  • Likelihood A (Certain), B (Likely), C
    (Unlikely), D (Impossible)

27
Security Risk Analysis Example
28
Security Risk Analysis Example
  • Outcome
  • A strong user authentication mechanism needed
  • Added protection for DNS and email applications
    (e.g. application firewall)
  • Encryption for email messages

29
Security mechanisms
  • Physical
  • Security awareness
  • User authentication
  • Packet filters
  • Application wrappers and gateways
  • Encryption
  • Firewalls

30
Security mechanisms
  • Not all mechanisms are appropriate for any
    environment
  • Degree of protection it provides
  • Expertise required for installation and
    configuration
  • Cost of purchasing, implementing and operating it
  • Amounts of administration and maintenance required

31
Security mechanisms
  • Physical security
  • Protected access (e.g. to servers etc.)
  • Backup power source and power conditioning,
    secondary backup storage
  • Security against natural disasters

32
Security Mechanisms
  • Security awareness
  • User involvement in all aspects of security
  • User authentication
  • Packet filters (ACLs)
  • Require administration and maintenance
  • Take up network resources (e.g. CPU)

33
Security Mechanisms
  • Application Security mechanisms
  • Application wrappers similar to packet filters
    but implemented on hosts
  • Application gateways relays between protected
    and unprotected systems
  • Encryption
  • Degrades network performance 15-85
  • Administration, maintenance required
  • Expensive

34
Security Mechanisms
  • Firewalls
  • A combination of a number of mechanisms
  • May give a false sense of security
  • Security and system components
  • Security at the user component
  • Security at the host component
  • Security at the network component

35
Security Examples External firewall
  • Between external and internal networks
  • Recommended when
  • there is a security threat from external sources
  • limited /no systems and network administration
  • access to external networks is needed
  • will not impact connectivity to external networks

36
(No Transcript)
37
External Firewalls Trade offs
  • May require knowledge of users requirements
    (telnet, ftp, etc.)
  • Requires firewall construction/configuration
    expertise
  • Network performance degradation up to 30
  • Can complicate WAN/MAN troubleshooting
  • May require address translator
  • May require additional hardware e.g. routers

38
Security Examples Internal Firewall
  • Between subnets
  • Recommended when
  • there is a security threat from within or
    external to network
  • limited /no systems and network administration
  • interconnectivity between subnets/connectivity to
    external networks is needed
  • will not impact connectivity to internal and
    external networks

39
(No Transcript)
40
Internal Firewalls Trade offs
  • May require knowledge of users requirements
    (telnet, ftp, etc.)
  • Requires firewall construction/configuration
    expertise
  • Network performance degradation up to 30
  • Can complicate LAN/MAN/WAN troubleshooting
  • May require address translator
  • May require additional hardware e.g. routers

41
Security Examples Distributed Host Security
  • Distributed host security
  • When there is a threat from external networks
  • When internal sources can be protected via system
    administration
  • When connectivity to internal and external
    networks would be impacted by firewall
    performance issues
  • Example TCP/IP filtering in MS Windows2000
    authentication encryption

42
(No Transcript)
43
Distributed Host Security Trade offs
  • May require knowledge of users requirements
    (telnet, ftp, etc.)
  • Requires consistent and thorough systems and
    network administration
  • internal security may be dependent on the
    security of every host and server within the
    network
  • Security holes in host operating systems or
    applications will likely affect all internal
    hosts and servers

44
Example breaches of security
45
Example Security Breaches
46
Security points
47
Example security controls
  • Access control error control to prevent
    unauthorised access
  • Physical access control mechanisms,
  • Backup equipment and procedures,
  • Physical security,
  • Logging of message and transaction flow
  • etc.

48
Network Management and Security Plans
  • Evaluating and selecting secure, manageable
    network resources
  • Evaluating trade-offs in security and network
    management architectures
  • Integration with the network design
  • Risk analysis and contingency planning for the
    design

49
Fundamentals of cryptography and encryption
  • Confidentiality allow only authorized persons to
    access information
  • Authentication guarantee of originator and of
    electronic transmission
  • Integrity information that was sent is what was
    received
  • non-repudiation originator of information cannot
    deny content or transmission

50
One-key and two-key systems
  • One-key symmetric (secret key) cryptosystems
  • conventional
  • fast
  • Theory well developed
  • AES, DES, IDEA
  • Two-key asymmetric (public key) cryptosystems
  • based on difficult number theory problem
  • slow
  • RSA

51
Practical Security
  • Firewalls
  • Network Intrusion Detection
  • Endpoint Security/Host Intrusion Protection
  • VPN Security

52
and more specifically
  • Cisco PIX Firewalls
  • has received ICSA Firewall and IPsec
    certification, as well as Common Criteria EAL4
    evaluation status.
  • provide a wide range of security and networking
    services including
  • Network Address Translation (NAT),
  • Port Address Translation (PAT),
  • content filtering (Java/ActiveX),
  • URL filtering,
  • AAA (RADIUS/TACACS) integration,
  • support for leading X.509 PKI solutions,
  • DHCP client/server

53
AAA
  • an architectural framework for configuring three
    different security features.
  • authentication,
  • authorization, and
  • accounting

54
AAA Advantages
  • Provides scalability
  • rely on a server or group of servers to store
    usernames and passwords
  • supports standardized security protocols,
  • Terminal Access Controller Access Control System
    Plus (TACACS),
  • Remote Authentication Dial-In User Service
    (RADIUS), and
  • Kerberos
  • allows you to configure multiple backup systems

55
TACACS
  • A security application used with AAA that
    provides centralized validation of users
    attempting to gain access to a router or network
    access server.
  • Services are maintained in a database on a
    TACACS daemon running, typically, on a UNIX or
    Windows workstation.
  • Provides for separate and modular authentication,
    authorization, and accounting facilities
  • Uses TCP

56
RADIUS
  • A distributed client/server system used with AAA
    that secures networks against unauthorized
    access.
  • e.g. RADIUS clients may run on Cisco routers and
    send authentication requests to a central RADIUS
    server that contains all user authentication and
    network service access information.
  • Uses UDP

57
Kerberos
  • A secret-key network authentication protocol used
    with AAA that uses the Data Encryption Standard
    (DES) cryptographic algorithm for encryption and
    authentication.

58
(No Transcript)
59
More on Security

60
Security
  • Computer and Network Security Requirements
  • Security Threats
  • Protection
  • Intruders
  • Malicious Software
  • Trusted Systems

61
Computer and Network Security Requirements
  • Confidentiality
  • Requires information in a computer system only be
    accessible for reading by authorized parties
  • Integrity
  • Assets can be modified by authorized parties only
  • Availability
  • Assets be available to authorized parties
  • Authenticity
  • Requires that a computer system be able to verify
    the identity of a user

62
Types of Threats
  • Interruption
  • Interception
  • Modification
  • Fabrication

63
Types of Threats
  • Interruption
  • An asset of the system is destroyed or becomes
    unavailable or unusable
  • Attack on availability
  • Destruction of hardware
  • Cutting of a communication line
  • Disabling the file management system

64
Types of Threats
  • Interception
  • An unauthorized party gains access to an asset
  • Attack on confidentiality
  • Wiretapping to capture data in a network
  • Illicit copying of files or programs

65
Types of Threats
  • Modification
  • An unauthorized party not only gains access but
    tampers with an asset
  • Attack on integrity
  • Changing values in a data file
  • Altering a program so that it performs
    differently
  • Modifying the content of messages being
    transmitted in a network

66
Types of Threats
  • Fabrication
  • An unauthorized party inserts counterfeit objects
    into the system
  • Attack on authenticity
  • Insertion of spurious messages in a network
  • Addition of records to a file

67
Computer System Assets
  • Hardware
  • Software
  • Data
  • Communication lines and Network

68
Computer System Assets
  • Hardware
  • Threats include accidental and deliberate damage
  • Software
  • Threats include deletion, alteration, damage
  • Backups of the most recent versions can maintain
    high availability

69
Computer System Assets
  • Data
  • Involves files
  • Security concerns for availability, secrecy, and
    integrity
  • Statistical analysis can lead to determination of
    individual information which threatens privacy

70
Computer System Assets
  • Communication Lines and Networks Passive
    Attacks
  • Release of message contents for a telephone
    conversation, an electronic mail message, and a
    transferred file are subject to these threats
  • Traffic analysis
  • encryption masks the contents of what is
    transferred so even if obtained by someone, they
    would be unable to extract information

71
Computer System Assets
  • Communication Lines and Networks Active Attacks
  • Masquerade takes place when one entity pretends
    to be a different entity
  • Replay involves the passive capture of a data
    unit and its subsequent retransmission to produce
    an unauthorized effect
  • Modification of messages means that some portion
    of a legitimate message is altered, or that
    messages are delayed or reordered, to produce an
    unauthorized effect

72
Computer System Assets
  • Communication Lines and Networks Active Attacks
  • Modification of messages means that some portion
    of a legitimate message is altered, or that
    messages are delayed or reordered, to produce an
    unauthorized effect
  • Denial of service prevents or inhibits the normal
    use or management of communications facilities
  • Disable network or overload it with messages

73
Protection
  • Sharing resources among users involve
  • Memory
  • I/O devices
  • Programs
  • Data
  • Sharing creates a need for protection

74
Protection
  • No protection
  • When sensitive procedures are run at separate
    times
  • Isolation
  • Each process operates separately from other
    processes with no sharing or communication

75
Protection
  • Share all or share nothing
  • Owner of an object declares it public or private
  • Share via access limitation
  • Operating system checks the permissibility of
    each access by a specific user to a specific
    object
  • Operating system acts as the guard

76
Protection
  • Share via dynamic capabilities
  • Dynamic creation of sharing rights for objects
  • Limit use of an object
  • Limit not only access to an object but also the
    use to which that object may be put
  • Example a user may be able to derive
    statistical summaries but not to determine
    specific data values

77
Protection
  • Protection of memory
  • User-oriented access control
  • Data oriented access control

78
Protection of Memory
  • Ensure correct function of various processes that
    are active
  • Virtual memory scheme
  • Paging
  • Segmentation
  • Shareable/non-shareable
  • Hardware support (mP) can be provided for memory
    protection

79
User-Oriented Access Control
  • Log on
  • Requires both a user identifier (ID) and a
    password
  • System only allows users to log on if the ID is
    known to the system and password associated with
    the ID is correct
  • Users can reveal their password to others either
    intentionally or accidentally
  • Hackers are skillful at guessing passwords
  • ID/password file can be obtained

80
Data-Oriented Access Control
  • Associated with each user, there can be a user
    profile that specifies permissible operations and
    file accesses
  • Operating system enforces these rules
  • Database management system controls access to
    specific records or portions of records

81
Data-Oriented Access Control
  • Access Matrix A general model of access control
    as exercised by a file or database management
    system. Its elements
  • Subject
  • An entity capable of accessing objects
  • e.g. a process enabling a user/application to
    access an object
  • Object
  • Anything to which access is controlled
  • Files, programs, segments of memory
  • Access rights
  • The way in which an object is accessed by a
    subject

82
Access Matrix
83
Access Control List
  • Matrix decomposed by columns
  • For each object, an access control list gives
    users and their permitted access rights

84
Access Control List
85
Capability Tickets
  • Decomposition of access matrix by rows
  • Specifies authorized object and operations for a
    user

86
Capability Tickets
87
Intruders
  • Hacker or cracker
  • Three classes
  • Masquerader
  • Not authorized to use the computer, penetrates
    systems access controls to exploit a legitimate
    users account
  • Misfeasor
  • A legitimate user accessing objects without
    authorization or misusing his/her privileges
  • Clandestine user
  • An individual who seizes supervisory control

88
Intrusion Techniques
  • Objective of intruder is to gain access to the
    system or to increase the range of privileges
    accessible on a system
  • Protected information that an intruder acquires
    is a password
  • Protecting password file
  • Encryption
  • Access control

89
Techniques for Learning Passwords
  • Try default password used with standard accounts
    shipped with computer
  • Exhaustively try all short passwords
  • Try words in dictionary or a list of likely
    passwords
  • Collect information about users and use these
    items as passwords

90
Techniques for Learning Passwords
  • Try users phone numbers, social security
    numbers, and room numbers
  • Try all legitimate license plate numbers for this
    state
  • Use a Trojan horse to bypass restrictions on
    access
  • Tap the line between a remote user and the host
    system

91
Password protectionID Provides Security
  • Determines whether the user is authorized to gain
    access to a system
  • Determines the privileges accorded to the user
  • Guest or anonymous accounts have more limited
    privileges than others
  • ID is used for discretionary access control
  • A user may grant permission to files to others by
    ID

92
Password Selection Strategies
  • Computer generated passwords
  • Users have difficulty remembering them
  • Need to write it down
  • Have history of poor acceptance

93
Password Selection Strategies
  • Reactive password checking strategy
  • System periodically runs its own password cracker
    to find guessable passwords
  • System cancels passwords that are guessed and
    notifies user
  • Consumes resources to do this
  • Hacker can use this on their own machine with a
    copy of the password file

94
Password Selection Strategies
  • Proactive password checker
  • The system checks at the time of selection if the
    password is allowable
  • With guidance from the system users can select
    memorable passwords that are difficult to guess

95
(No Transcript)
96
Intrusion Detection
  • Assume the behavior of the intruder differs from
    the legitimate user
  • Statistical anomaly detection
  • Collect data related to the behavior of
    legitimate users over a period of time
  • Statistical tests are used to determine if the
    behavior is not legitimate behavior

97
Intrusion Detection
  • Rule-based detection
  • Anomaly detection Rules are developed to detect
    deviation from previous usage pattern
  • Penetration identification Expert system
    searches for suspicious behavior

98
Intrusion Detection
  • Audit record
  • Native audit records
  • All operating systems include accounting software
    that collects information on user activity
  • Detection-specific audit records
  • Collection facility can be implemented that
    generates audit records containing only that
    information required by the intrusion detection
    system

99
Malicious Programs
  • Those that need a host program
  • Fragments of programs that cannot exist
    independently of some application program,
    utility, or system program
  • Independent
  • Self-contained programs that can be scheduled and
    run by the operating system

100
(No Transcript)
101
Trapdoor
  • A secret entry point into a program that allows
    someone who is aware of trapdoor to gain access
  • used by programmers to debug and test programs
  • Avoids necessary setup and authentication
  • Method to activate program if something wrong
    with authentication procedure
  • Difficult to control take care of program
    development and software update activities

102
Logic Bomb
  • Code embedded in a legitimate program that is set
    to explode when certain conditions are met
  • Presence or absence of certain files
  • Particular day of the week
  • Particular user running application

103
Trojan Horse
  • Useful program that contains hidden code that
    when invoked performs some unwanted or harmful
    function
  • Can be used to accomplish functions indirectly
    that an unauthorized user could not accomplish
    directly
  • User may set file permission so everyone has
    access to files on another users machine

104
Viruses
  • Program that can infect other programs by
    modifying them
  • Modification includes copy of virus program
  • The infected program can infect other programs

105
Worms
  • Use network connections to spread form system to
    system
  • Electronic mail facility
  • A worm mails a copy of itself to other systems
  • Remote execution capability
  • A worm executes a copy of itself on another
    system
  • Remote log-in capability
  • A worm logs on to a remote system as a user and
    then uses commands to copy itself from one system
    to the other

106
Zombie
  • Program that secretly takes over another
    Internet-attached computer
  • It uses that computer to launch attacks that are
    difficult to trace to the zombies creator

107
Virus Stages
  • Dormant phase
  • Virus is idle
  • Propagation phase
  • Virus places an identical copy of itself into
    other programs or into certain system areas on
    the disk

108
Virus Stages
  • Triggering phase
  • Virus is activated to perform the function for
    which it was intended
  • Caused by a variety of system events
  • Execution phase
  • Function is performed

109
Types of Viruses
  • Parasitic
  • Attaches itself to executable files and
    replicates
  • When the infected program is executed, it looks
    for other executables to infect
  • Memory-resident
  • Lodges in main memory as part of a resident
    system program
  • Once in memory, it infects every program that
    executes

110
Types of Viruses
  • Boot sector
  • Infects boot record
  • Spreads when system is booted from the disk
    containing the virus
  • Stealth
  • Designed to hide itself from detection by
    anti-virus software
  • May use compression so that the infected program
    is exactly the same length as an uninfected
    version

111
Types of Viruses
  • Polymorphic
  • Mutates with every infection, making detection by
    the signature of the virus impossible
  • Mutation engine creates a random encryption key
    to encrypt the remainder of the virus
  • The key is stored with the virus

112
Macro Viruses
  • Platform independent
  • Most infect Microsoft Word
  • Infect document, not executable portions of code
  • Easily spread

113
Macro Viruses
  • A macro is an executable program embedded in a
    word processing document or other type of file
  • Autoexecuting macros in Word
  • Autoexecute
  • Executes when Word is started (Macro named
    AutoExec is in the normal.dot template)
  • Automacro
  • Executes when defined event occurs such as
    opening or closing a document
  • Command macro
  • Executed when user invokes a command (e.g., File
    Save)

114
Antivirus Approaches
  • Detection
  • Determining that an infection has occurred and
    locating the virus
  • Identification
  • Following detection of a virus identifying the
    specific virus
  • Removal
  • Remove all traces of the virus from the infected
    program and all infected systems

115
Antivirus Approaches
  • Generic Decryption
  • Digital Immune System

116
Generic Decryption
  • Elements
  • CPU emulator
  • Instructions in an executable file are
    interpreted by the emulator rather than the
    processor
  • Virus signature scanner
  • Scan target code looking for known virus
    signatures
  • Emulation control module
  • Controls the execution of the target code

117
Digital Immune System
  • Developed by IBM
  • Motivation has been the rising threat of
    Internet-based virus propagation
  • Integrated mail systems
  • Groupware Lotus notes, MS Outlook
  • Mobile-program system
  • Portable Java, ActiveX

118
(No Transcript)
119
E-mail Virus
  • Activated when recipient opens the e-mail
    attachment
  • Activated by open an e-mail that contains the
    virus
  • Uses Visual Basic scripting language
  • Propagates itself to all of the e-mail addresses
    known to the infected host

120
Trusted Systems
  • Multilevel security
  • Information organized into categories
  • A subject at a high level may not convey
    information to a subject at a lower level unless
    authorized to do so
  • No read up
  • A subject can only read objects of a less or
    equal security level (simple security property)
  • No write down
  • A subject can only write objects of greater or
    equal security level (-property star property)

121
(No Transcript)
122
Trojan Horse Defense
  • Use secure, trusted operating system

123
Trojan Horse Defense
124
Trojan Horse Defense
125
Trojan Horse Defense
126
Trojan Horse Defense
About PowerShow.com