Computer Network Security (Part--1)

Source: Feleke Merin (Dr. – Engr.)

Senior Asst. Professor

Computer Security Terminology
» Vulnerability
• A weakness which can be exploited by an attacker in its benefit, for
example
• Physical environment, software bugs
• Protocol / system design flaws
• Weak passwords
» Threat
• Event or circumstance which causes damage to systems, could
exploit a vulnerability, for example
• Physical (fire, water, earthquake)
• Malicious codes (virus, trojan, malware)
• Phishing, social engineering
Computer Security Terminology
» Exploit
• Mechanism or tool used to take advantage of a vulnerability,
in order to compromise the security or functionality of a
system
• Sequence of commands
• Piece of software or chunk of data
» Risk
• The probability of a threat or event to happen
• Security Risk cannot be completely mitigated
• Remaining risk is called residual risk or accepted risk
Network Security Goals
» Network security goals are to protect data’s…
• Confidentiality
• Only authorized users should have access to it
• Integrity
• The data should not have been tampered with
• Availability
• Data should be accessible whenever needed
• Systems need to be functional as designed and configured
Understanding Security Threats
» “First step in designing network security and preventing a
security breach is to understand what type of threats exist
» Second step is to understand which ones apply to your
environment, called risk of threat

» Third step is to identify the costs to implement countermeasures

• If costs outweigh the possible loses, it will never be implemented unless
regulations forces the organization to

» Two types of threats

• External
• Internal
External Security Threats
» Users without physical access to or prior knowledge of the
internal network, most commonly seen
• E.g. an attack coming from the Internet
» Generally more complex in nature, deployed in steps
• Attacker runs blind ping sweeps and port scans to find vulnerabilities
• Attacker starts exploiting vulnerabilities
» Easier to detect and prevent with technical tools
• Firewall filtering on the network edge, intrusion prevention systems
» Can be used as intermediate step for attacks from the inside
• Malicious USB stick received as gift
 Internal Security Threats
» Users that already have access to and knowledge of the
internal network
• E.g. a disgruntled employee
» Generally less complex in nature
• User physically steals data
» Harder to prevent with technical tools
• Firewall can’t prevent physical theft
» Requires additional administrative and physical control
measures to detect and prevent
• Physical locks, surveillance cameras, ID access policy
 Each user only has access to what id needs to performs its job

• Data Loss Prevention

Responding to Security Threats
» Attack Mitigation is the process of preventing or
responding to a breach in network security
» Attack mitigation can be
• Proactive
• Prevent attacks before they occur
• E.g. a firewall blocking a port
• Reactive
• Respond to attacks once it has occurred
• E.g. an IPS shunning an attacker running a port scan
Implementing Attack Mitigation
» The first step of mitigation is to understand possible
vulnerabilities and attacks
» Different tools are available for mitigation depending on
whether confidentiality, integrity, or availability is being
attacked
» In general, for the protection to be effective
• Implement up-to-date security solutions, adapted to current threat
models (replace FW with NGFW)
• Security solutions need to integrate into a security architecture
• Upon attack detection or infected endpoint, alert and take action
automatically
Assets
» What are we protecting exactly ?
• Assets
• Anything of value to an organization
» In order to provide the appropriate level of security to an asset
(lower the risk level)
• Assets are classified into categories by each organization
• Common private organization classification:
• Public, sensitive, private, confidential
• Common public organization classification:
• Unclassified, confidential, secret, top secret
» Criteria for asset classification varies:
• Liability, replacement cost, age, value
Vulnerabilities
» Why are we protecting assets ?
• Because are vulnerable
» In order to implement the appropriate countermeasure,
vulnerabilities have to be likewise classified
• Policy flaws
• Design flaws
• Protocol built-in flaws
• Software flaws
• Misconfiguration flaws
• Human flaws
» Publicly available list of vulnerability classification and management
• http://cve.mitre.org/
• https://nvd.nist.gov/
Countermeasures
» In order to provide the appropriate security control, if required,
countermeasures are likely classified
» Based on their nature
• Physical (security guards, fire and smoke detection systems)
• Technical (firewalls, intrusion prevention systems)
• Administrative (policies and procedures)
» Based on attack phase being useful in
• Preventive (firewall)
• Detective (surveillance camera)
• Corrective (infected endpoint cleaning procedure)
• Recovery, subset of corrective (system availabilityafter incident)
• Deterrent, subset of preventive ( system banners)
Countermeasures
» Based on risk management
• Risk avoidance
• Only HTTP and HTTPS traffic is allowed from user endpoints
towards the Internet
• No encrypted traffic is allowed from the endpoints
• Risk reduction
• Firewall deployed so that all traffic leaving a sensitive network
segment is blocked
• Risk transfer
• Insurance for data center movement or for specific data leakage
• Risk acceptance
• Do nothing and accept the risk
Risk Analysis
» Required in order to qualify the impact of a threat against an
asset
• Allows for correct cost-to-value ratio for possible countermeasures to
be implemented
• The organization will end up investing more where the
countermeasures are needed and effective
» Two methods
• Quantitative, based on mathematical algorithms, used in general
• By loosing asset X, the organization looses $5.000.000, possible
countermeasures costs $400.000 and reduces risk by 80%
• Qualitative, subjective in nature, used when quantitative assessment is
not possible
• Natural disaster or terrorist attack
Network Security Design Principles
» Security policies
• First and most important
• How can a user behave appropriate without a policy in place to enforce that
• How can a user know what’s allowed and disallowed
• How can you blame a user for not knowing something he was not told
• We have technical policies and user policies
» Defense-In-Depth
• Does not mean redundancy, but layered approach
» Network Segmentation
• Group assets of same type/value/risk level into security zones
» Least Privilege
• Authorize users and system with access only to perform their day-to-day jobs
Network Security Design Principles
» Separation of duties
• A user does not have privilege-level on a device and also to the
command auditing system
» Weakest Link
• Your network is as secure as your weakest link
• Humans are considered weakest link, they can be manipulated
• By using other principles, the risk can be lowered
» Accountability and nonrepudiation
• User activity should be accounted and audited for, useful for
forensics analysis
• Gathered data has to offer evidence as not being tampered with
Network Security Responsibilities
» Senior management (CEO)
• Ultimately responsible for everything
» Security management (CISO)
• Responsible for providing guidance and defining security policies
» Security staff
• Responsible for creating security policies
• Responsible for implementing security policies
• Awareness, education and training, periodic quizzes
» End Users
• Responsible for being conform with security policies
• Most of it should be automated and transparent if possible
======= The End ! =======