1 / 18

Welcome to EECS 450 Internet Security

Explore the importance of internet security in our digital age. Discover the increasing frequency, severity, and sophistication of internet attacks, and the significant economic losses they cause. Learn about the emerging threat of botnets and the need for stronger defense mechanisms.

shellye
Download Presentation

Welcome to EECS 450 Internet Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome to EECS 450Internet Security

  2. Why Internet Security The past decade has seen an explosion in the concern for the security of information Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003Security specialists markets are expanding ! “ Full-time information security professionals will rise almost 14% per year around the world, going past 2.1 million in 2008” (IDC report) Security has become one of the hottest jobs even with downturn of economy

  3. Why Internet Security (cont’d) Internet attacks are increasing in frequency, severity and sophistication Denial of service (DoS) attacks Cost $1.2 billion in 2000 1999 CSI/FBI survey 32% of respondents detected DoS attacks directed to their systems Thousands of attacks per week in 2001 Yahoo, Amazon, eBay, Microsoft, White House, etc., attacked

  4. Why Internet Security (cont’d) Virus and worms faster and powerful Melissa, Nimda, Code Red, Code Red II, Slammer … Cause over $28 billion in economic losses in 2003, growing to over $75 billion in economic losses by 2007. Code Red (2001): 13 hours infected >360K machines - $2.4 billion loss Slammer (2003): 15 minutes infected > 75K machines - $1 billion loss Spams, phishing … New Internet security landscape emerging: BOTNETS !

  5. The History of Computing For a long time, security was largely ignored in the community The computer industry was in “survival mode”, struggling to overcome technological and economic hurdles As a result, a lot of comers were cut and many compromises made There was lots of theory, and even examples of systems built with very good security, but were largely ignored or unsuccessful E.g., ADA language vs. C (powerful and easy to use)

  6. Computing Today is Very Different Computers today are far from “survival mode” Performance is abundant and the cost is very cheap As a result, computers now ubiquitous at every facet of society Internet Computers are all connected and interdependent This codependency magnifies the effects of any failures

  7. Biological Analogy Computing today is very homogeneous. A single architecture and a handful of OS dominates In biology, homogeneous populations are in danger A single disease or virus can wipe them out overnight because they all share the same weakness The disease only needs a vector to travel among hosts Computers are like the animals, the Internet provides the vector. It is like having only one kind of cow in the world, and having them drink from one single pool of water!

  8. The Spread of Sapphire/Slammer Worms

  9. The Flash Worm Slammer worm infected 75,000 machines in <15 minutes A properly designed worm, flash worm, can take less than 1 second to compromise 1 million vulnerable machines in the Internet The Top Speed of Flash Worms. S. Staniford, D. Moore, V. Paxson and N. Weaver, ACM WORM Workshop 2004. Exploit many vectors such as P2P file sharing, intelligent scanning, hitlists, etc.

  10. Logistics • Instructor Yan Chen (ychen@northwestern.edu) • Location and time Tu. and Th. 2-3:20pm, M166 Tech

  11. Course Overview • Seminar class: paper reading + a big project • Start with overview of Internet attack landscape • Introducing BGP and Internet routing security • IP hijacking • Major attack force: botnet and the underground economy • Main defense mechanism: intrusion detection/prevention system • Most important emerging threat: Web security • Other topics • Wireless net security, honeynet/honeyfarm, spam, etc.

  12. Prerequisites and Course Materials • Required: EECS340 (Intro to computer networking) or any introductory networking course, or talk to me • Highly Recommended: EECS350 • No required textbook – paper reading! • Recommended books on computer security (see webpage for a complete list)

  13. Grading • No exams for this class • Class participation 10% • Paper reading summary 10% • In class paper presentation and debate 25% • Project 55% • Proposal and survey 5% • Midterm presentation and report 10% • Weekly report and meeting 10% • Final presentation 10% • Final report 20%

  14. Paper Reading • Write a very brief summary of each paper, to be emailed to me before the class • Summary should include: • Paper title and its author(s) • Brief one-line summary • A paragraph of the one or two most significant new insight(s) you took away from the paper • A paragraph of at least two most significant flaw(s) of the paper • A last paragraph where you state the relevance of the ideas today, potential future research suggested by the article

  15. Class Format - Presentation • Student presentations of one paper or two closely related papers • Introduction of the basic problems, survey of the related work, give overview to the general problems (30 minutes) • 40 minutes for particular solutions presented in these two papers • Each non-speaker need to ask at least two questions about the shortcoming for the paper or any issues raised from the presentation • Summarize with the last 10 minutes

  16. Format of the Presentation • Presentation should include the following • Motivation • Classification of related work/background • Main ideas • Evaluation and results • Open issues • Send the slides to me for review at least 24 hours ahead of the class • Guidelines online

  17. Projects • The most important part of class • Group of 2 or 3 people (an undergrad will be paired w/ a grad) • Project list to be discussed soon • Proposal – 1/18 • 3-4 pages describing the purpose of the project, work to be done, expected outcome/results and related work • Weekly Meeting and Progress Report – 1/12-3/8 • Each team will schedule a weekly meeting (30 minutes) with me. An accumulative work-in-progress report (with 1-2 page new content) is due 24 hours ahead of the meeting. • Midterm presentation – 2/10 • Midterm report – 2/8 • Project Presentation – 3/10 and 3/12 • Final Report – 3/18

  18. Next … • Sign up for Presentation • Symantec Internet Threat Report • Discussion of potential projects • Web security, e.g., malicious code that modifies Web pages (Alex, Yi 4pm) • Web plug-in security: vulnerability and/or defense (Ben, Yinzhi 3:30pm Tu) • High-throughput Network IDS/IPS (Hongyu, Clint 1:15pm Tu) • Viruses through removable media and shrink-wrapped devices as a new threat • E.g., USB rather than floopy disk • Measurement study of social networking and online auction/payment sites for phishing (Kai, Issac 5pm)

More Related