Professional Documents
Culture Documents
Advanced Cyber Security: Week 1
Advanced Cyber Security: Week 1
Week 1
Who am I?
About Instructor
Name: Dr. Syed Asif Raza
Qualification: PhD, South Korea
Designation: Assistant Professor
University Department: Computer Science at Sukkur
IBA University
Email: asif.shah@iba-suk.edu.pk
Campus
Research
Group/Lab
Experience & Research Interests
Experience:
Korea Institute of Science and Technology Information (KISTI), S. Korea
Fermi National Accelerator Lab (FNAL), USA
NESCOM HQ, Islamabad,
National Telecommunication Corporation (NTC) HQ, Islamabad
DataCheck (pvt) Ltd.
NADRA RHQ, Pakistan
Research Interests
Software-Defined Networking (SDN), Network Function Virtualization
(NFV), Cloud Computing, Virtualization
Network Security, Blockchain Technology, HPC/HTC
Research Contribution
Cloud/Virtualization/Other papers
Google scholar URL:
1."Aperformance analysis of precopy, postcopy and hybrid live VM
https://bit.ly/2TGCUjA migration algorithms in scientific cloud computing environment”
(HPCS), 2015
SDN/NFV papers 2."Improve Performance and Throughput of VMs for Scientific
Workloads in a Cloud Environment." (PlatCon), 2016, (Best Paper
1. "AmoebaNet: An SDN-enabled network service Award)
for big data science."Journal of Network and 3."An Optimal and Utilization Aware Virtual Machine Scheduling for
Computer Applications” (JNCA), (IF: 3.99) Scientific Workloads in Cloud Data Center." In ICCT, 2016
2. CAMOR: Congestion Aware Multipath Optimal 4."PerformanceEvaluation of Scientific Workflow on OpenStack and
Routing Solution by Using Software-Defined OpenVZ." In International Conference on Cloud Computing, 2015
Networking”, (PlatCon), 2017 5."OpenStack and Docker Comparison for Scientific Workflow wrt
Execution and Energy", ISCA 2016
3. "An adaptive load monitoring solution for 6."Performance Analysis of NAS and SAN Storage for Scientific
logically centralized SDN controller.“ (APNOMS), Workflow." (PlatCon), 2016
2016
7."Monitoring
of Virtual Machine’s Launching Time in OpenStack and
4. "Network Softwarization: A Study of SDN and OpenNebula." ICCT, 2016
NFV Integration." In ICCT, 2016 8.Monitoringof Joining Time of Virtual Machine to HTCondor Pool in
Federated Cloud Environment.“, ICCT, 2016
5. “BigData Express –Toward Schedulable, Predictable,
9."Study of control communication system for 6LowPAN." In ICCT,
High-performance Data Transfer”, in 2017 (Poster)
2016
"Study
10. of Device Management System (DMS) on 6LowPAN." In
ICCT, 2015
11.Federated
Cloud Demonstration: Fermilab HEP Cloud, KISTI
GCloud, AWS”, Supercomputing Conference 2015. (Poster)
I don’t know about you!!!
• Name?
• Hometown?
• Experience in IT?
• Field of interest in CS (e.g. ML,
Network, Security, etc.)
• Expectation from this course?
7
Text Books
Textbook:
Michael E. Whitman and Herbert J. Mattord, Principles of Information Security,
Thomson/Course Technology, Fifth Edition
William Stallings, “Cryptography and Network Security”, 5th edition, Pearson Prentice Hall.
If you have any question during class raise your hand first and then ask question
Don’t take notes, these slides will be available on google classroom soon
12
We want you to succeed!
13
Weekly Reading
Weekly Reading Assignment details:
Read and review 2 research paper related to cyber security every week.
1-2 page(s) write-up for each paper: just a few paragraphs: Submit your report the
day before upcoming class
include your observation to the points that the papers deal with
their motivation, problems: relevant? Important issue? Trivial?
their solution is efficient? Make sense? Any other approaches?
discussion items or further works?
15
Research Paper
Start working on a research topic of cyber security and prepare a research paper
on that topic:
Research paper should be at least 14 pages (two-column) IEEE format
Mid-report Deadline: 1st March 2020
Final research paper Deadline: 1st May 2020
16
Group Video Project
Develop a 5-minute digital video that will:
Describe and explain some aspect of cyber security
Provide practical advice to the viewer
The idea is for this video to raise awareness about cyber security
You have to upload the Video on YouTube and share link with me
Max. 2 team members can work together to produce high quality video
This project breakdown into 4 stages
Really excellent videos will be linked to the SIBAU Web site as examples of the
quality work
17
Group Video Project (Stage 1: Team
Formation)
Document must contain the following sections with headers:
Team name
Names of all team members
Information for all members –including CMS-ID, email, cell phone, etc.
Bulleted list of responsibilities of team members
Description of communication and meeting strategy. How will you communicate?
When will you meet? How will you share work?
Designate a team leader. This is not the ‘boss.’
Deadline: 29th Jan. 2020
18
Group Video Project (Stage 2: Topic
Selection)
The proposal must contain the following sections with headers:
Title page with team name and title for video
Description of topic – including explanation of why this topic is relevant to information
security
Examples of information you might present in the video
Description of intended audience
Detailed project plan, listing project milestones and due dates leading up to
completed project
Complete description of all technologies to be used in completing project
Listing of 4-5 references you will possibly use in gathering data for video
Deadline: 18th Feb. 2020
19
Project Topics
There are many possible topics. This is just a very short sample:
Malware
Firewalls
Safe use of social networking
Home Wi-Fi security
Safe browsing in public Wi-Fi hotspots
Data encryption
Protecting children online
Cyber-bullying
Please feel free to propose a different topic – but talk with me before you
develop your proposal.
20
Group Video Project (Stage 3: Progress
Report)
Give an informal presentation on your progress in this project
You will be expected to show the work you have done so far
You will also be expected to provide:
A detailed list of references/resources in MLA format
A detailed script/storyboard for your video that explains where you will be acquiring
video, stills, music and other content
Updated detailed timeline, showing tasks completed and tasks yet to be completed
with anticipated completion dates.
21
Group Video Project (Stage 4: Final Video
&Your
Report)
completed project video will be uploaded to YOUTUBE.
The URL of the video will be delivered by the due date.
Final report will have the following sections:
Good front material – team name, class/section, name of project/topic
Detailed transcript and storyboard for video
Detailed description of all technologies used
Explanation of process followed
Complete references in MLA format with explanation of information gained from that
reference
A breakdown of the work completed by each team member.
Deadline: 5th May 2020
22
Starting with a Video!
Israel Rules The World Of Cyber Security!
https://www.youtube.com/watch?v=ca-C3voZwpM
23
Reality!
“People are the weakest link. You can have the best
technology, firewalls, intrusion-detection systems, biometric
devices – and somebody can call an unsuspecting employee.
That’s all she wrote, baby. They got everything.”
- Kevin Mitnik
24
What Is Security?
“A state of being secure and free from danger or harm; the actions taken to
make someone or something secure.”
25
Why We Need Cyber
Security???
26
Case 1: Internet Under Siege
February 7 - 9, 2000
Yahoo!, Amazon, Buy.com, CNN.com, eBay, E*Trade, ZDNet websites hit with massive DOS
Attacks received the attention of president Clinton and Attorney General Janet
Reno.
U.S. Federal Bureau of Investigation (FBI) officials have estimated the attacks
caused $1.7 billion in damage
--
Case 2: Slammer Worm
January 2003
Infects 90% of vulnerable computers within 10 minutes
Effect of the Worm
- Interference with elections
- Cancelled airline flights
- 911 emergency systems affected in Seattle
- 13,000 Bank of America ATMs failed
No malicious payload!
Estimated ~$1 Billion in productivity loss
--
Case 3: WorldCom
July 2002
WorldCom declares bankruptcy
Problem
WorldCom carries 13% - 50% of global internet traffic. About 40% of Internet
traffic uses WorldCom’s network at some point
October 2002
Outage affecting only 20% of WorldCom users snarls traffic around the globe
Congressional Hearings
Congress considers, but rejects, extension of FCC regulatory powers to prevent
WorldCom shutdown
Physical Vulnerability!
Legitimate Usage!
With Live Demo!
A Digital Era.
32
Golden Age for Data Exploits
33
Cyber Attacks
34
History of Cyber Attacks
35
Cyber Security?
36
Cyber Security?
Cyber security?
Cyber security is the protection of Internet connected system, including hardware,
software, and program or data from cyber attacks.
Precautions taken to guard against unauthorized access to data (in electronic form) or
information systems connected with internet
37
Protect Against What?
38
CIA TRIAD?
39
CIA TRIAD (Video)
https://www.youtube.com/watch?v=rwigKjEsdTc
- 40 -
C.I.A. triangle or Security Objectives
Confidentiality
“Preserving authorized restriction on information access and disclosure, including
means for protecting personal privacy and proprietary information.”
Integrity
“Guarding against improper information modification or destruction, and includes
ensuring information non-repudiation and authenticity.”
Availability
“Ensuring timely and reliable access and use of information.”
- 41 -
Attacks on CIA
42
Steps to Fix a Crime
43
Vulnerability, Threat & Risk
44