Bapinger Network Security-07Dec09

8/9/2019 Bapinger Network Security-07Dec09

1/24

WIRELESS SECURITY LECTURE

1Bapinger Solution: Wireless Security

Djadja Sardjana

[email protected]

7-Dec-09


2/24

AGENDA :

Introduction :


Network Security Definition

Virus, Worm, Trojan andIntrusion Attack

Bapinger Wireless SecuritySolutions

Conclusion

7-Dec-09


3/24

INTRODUCTION : NETWORK SECURITY DEFINITION VIRUS, WORM, TROJAN AND INTRUSION ATTACK


Bapinger Solution,

Djadja Achmad S

7-Dec-09


4/24

NETWORK SECURITY

DEFINITION

1. The protection of networks and their services from unauthorized

modification, destruction, or disclosure. Network security provides


and there are no harmful side effects. (US Army Information

Assurance Security Officer (IASO) /

http://ia.gordon.army.mil/iaso/default.htm)

2. Computer security is the effort to create a secure computingplatform, designed so that agents (users or programs) can onlyperform actions that have been allowed. This involves specifyingand implementing a security policy. The actions in question can be

, .

Computer security can be seen as a subfield of securityengineering, which looks at broader security issues in addition tocomputer security.(Wikipedia / en.wikipedia.org/wiki/Network_security)

7-Dec-09


5/24

TELECOMMUNICATION

NETWORK SECURITY

Quote from Houlin Zhao, Director of the Telecom


,

All businesses face pressure to increase revenue andreduce costs. And in the face of this pressure, security isoften sidelined as non-essential. But investment in

security is money in the bank. And investment in themaking of security standards means that manufacturersand service providers can be sure that their needs and

(http://www.itu.int/ITU-T/lighthouse/articles/ecta-2004.html)

7-Dec-09


6/24

VIRUS, WORM, TROJAN

AND INTRUSION ATTACK

What is a virus?

A computer virus, according to Webster's Collegiate Dictionary, is"


innocuous program that produces copies of itself and inserts theminto other programs or files, and that usually performs a maliciousaction (such as destroying data)".

Two categories of viruses:

- macro viruses

- worms

Computer viruses are never naturally occurring; they are alwaysman-made. Once created and released, however, their spread isnot directly under human control.

(Indiana University Knowledge Base / http://kb.iu.edu/data/aehm.html )

7-Dec-09


7/24

VIRUS, WORM, TROJAN


What is a Trojan horse?

Named after the wooden horse the


ree s use o n ra e roy. ccor ngto some people, a virus is a particularcase of a Trojan horse, namely one whichis able to spread to other programs (i.e.,it turns them into Trojans too). According

to others, a virus that does not do anydeliberate damage (other than merelyreplicating) is not a Trojan. Finally,despite the definitions, many people usethe term Trojan to refer only to a non-replicating malicious program.

(Indiana University Knowledge Base /http://kb.iu.edu/data/aehm.html )

7-Dec-09


8/24

VIRUS, WORM, TROJAN


What is a Intrusion Attack?

The willful or negligent unauthorizedactivity that affects the availability,


confidentiality, or integrity of computerresources. Computer abuse includesfraud, embezzlement, theft, maliciousdamage, unauthorized use, denial ofservice, and misappropriation.

Operations to disrupt, deny, degrade,or destroy information resident incomputers and computer networks, or thecomputers an networ s t emse ves.(DODD S-3600.1 of 9 Dec 96)

(Texas State Library Home Page / http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html)

7-Dec-09


9/24

BAPINGER WIRELESSSECURITY SOLUTIONS


PORTFOLIOS

Djadja Achmad S

7-Dec-09


10/24

Business Position10

PracticeAreas

Key

Network Support Optimization Operations

Planning & Design Install & Comm Network Integration

GAMA(ServicesDevelopment

Managed OperationsServices

Seamless Mobilitya n enance

NetworkManagement

Security Training

rogram

Management

an e very

Platform) Hosted Services Content

Management IMS/non-IMS

Revenue Based

Applications

anagemen

Managed SecurityServices

Project and OutsourceManagement Services

Total Network Care

7-Dec-09Bapinger Solution: Wireless Security


11/24

Future Growth is in IP Based Services

1.8

Billions ofSubscribers

11

IP Services: VoIP

PoC, Push-to-View

SMS & IM

Music

Gaming

Presence

Location Based Srvs

Multimedia Messaging

Video Streaming

0.4

0.60.8

1

1.2

1.4

.

IP Enabled

Circuit Only

Srvs

2002 2003 2004 2005 2006 2007 2008

Source: IMS Research

Market is moving towards IP enabled service

0

.



12/24

GROWTH IN DATA SERVICES

92.011

100.000

Worldwide WirelessOperator Data Revenue ($M)

12.978

20.311

34.117

51.897

71.272

20.000

40.000

60.000

80.000

Total

SMS

Rich Data

MMS

Introduce new applications and servicesconsistently and securely while optimizing

total cost of ownership, time-to-revenue

and delivery of compelling newapplications

0

2003 2004 2005 2006 2007 2008 Source:MOT est.


13/24

OPERATOR FOCUS / CONCERNS

Planning & Strategy

Enterprise customers recognize security asdifferentiator

13

Security into Operations How do I structure m securit or anization?

Concerned about migration to open, IP-basednetwork Impact of government regulations and requirements How do we improve security while controlling costs?

ocu

Need to coordinate multiple organizations, no standards

We need a security baseline to develop a plan

Were concerned about virus activity

How to define and split security domains, what to protect?

Potential vulnerabilities from the roaming environment

oncern


SECURITY ALREADY AFFECTING


14/24

Number of Internet Security Incidents ReportedTotal 183 Million Reported Security Incidents

82.1

70

80

90

($000's)

Attacks Are: Occurring More Frequently

SECURITY ALREADY AFFECTING

WIRELESS CARRIERS14

Cost of Computer Crime & Security Losses

Total Losses Reported (1997-2002): $1.43B$425450

Downtime Impact/Revenue Per Hour

$2,000

$2,500

$3,000

($000's)

0.1 0.3

0.4 0.8 1.3 2.3 2.4

2.6

2.1 3.79.9

21.8

52.7

0

10

20

30

40

50

60

88 89 90 91 92 93 94 95 96 97 98 99 00 01 02

Disruptive And Costly

Impacting Operators As Data Usage Grows

Source: CSI/FBI Survey

0

50

1997 1998 1999 2000 2001 2002E

$100$137

$124

$265

$378

150

200

250

300350

400

100

$-

$500

$1,000

$1,500

Energy Telecom MFG Financial InfoTech

Insurance Retail

Source: Meta Group



15/24

300

FASTER CYCLES:Time From Vulnerability To Attack

100

150

200

250

until widespread attack in 1999

Now onl 10 da s!!!

0

1999 2000 2001 2002 2003 2004

Foundstone Data

Vulnerability Management Capability is Baseline Requirement


16/24

OPERATORS DILEMMA

Operators Know TheImportance Of Security

Significant Barriers to Improving Network Security

Cost of Products/tools

Determining NW Security Requirements

16

Staff Turnover

Staff Training

Other projects

Lack of Experienced staff

Justify Cost/Benefit to Mgmt

Lack of Products/Tools

Importance of Improving

Network Security

Very Important75%

Source: IDC, Lucent Network Security Survey

But Seeking Assistance

On How To Address It

0% 10% 20% 30% 40% 50% 60%

Somewhat

Important

19%

Not So

Important

6%



17/24

Enabling Revenue17

Comprehensive Security Program

Provides Market Differentiation7-Dec-09Bapinger Solution: Wireless Security

THE CHALLENGE WIRELESS


18/24


OPERATORS Rapidly Expanding Operations

Subscriber Base; Coverage; Revenue-Generating Services

Operations in Multiple Markets

Multiple operations

Varied policy and processes

Management Realization

Minimal understanding of security capability

Lack comprehensive vulnerability data

Suspected breeches, reactive approach

Security Purchases/Effort Integration



19/24


OPERATORS Vulnerabilities & Issues

Quantity Varies with Size of Network

From 200 to over 1000 issues identified High + Medium Risk = 30% to 70% of issues

Multiple Sources of Issues

Policy Few Policies, Low/No Framework or PolicyManagement

Process Security updates, monitoring of network

Operations Lack of metrics and vulnerability data orremediation programs

asswor anagemen as y crac e passwor s, s are or no

passwords Funding Prioritization, requisite skills or resource investment

But.

Operational Awareness of Need

Small contingent usually working to improve Project based, slow evolution of management support, want

ability to focus



20/24


OPERATORS

Examples

Charging Gateway Vulnerabilities

High + Medium Risk = up to 53% of issues on these elements DNS Servers vulnerabilities

High + Medium Risk = up to 32% of issues on these elements

DNS Cache poisoning, flooding from mobile devices

Firewall Vulnerabilities

High + Medium Risk = up to 65% of issues on these elements

GTP-aware capability available but not configured

FTP Servers

sites

Lack of Defense-in-Depth

Internal network with unrestricted protocol and service access

Spoofed source address from GRX into network, Remove GTP tunnels

Inject routing changes, Ability to leverage access across network

Undocumented Network Elements

Not documented = not managed. Unrestricted access, potential impact to availability



21/24


OPERATORS Examples

Test Systems: Higher level of vulnerabilities

But unrestricted access to production network Additional threat vector; Ability to bypass firewall protection

Network Management Systems

Access to broad range of network elements

Comprehensive policy for access and management not evident

Secure communication not addressed

Policy Passwords, Access controls

Managing, c anging, ogging, istri ution & storage proce ures require

Incomplete password management policy and/or not enforced

Easily cracked passwords

Access rights - Lack consistent procedure to update, review as roles/personnel change

Policy Audits

Baseline vulnerability data unavailable, lack of remediation plan or process


22/24

BAPINGER NETWORK SECURITYLECTURECONCLUSION


Djadja Achmad S

7-Dec-09

23B i S l ti Wi l S it


23/24

CONCLUSION :

1. The successful operation of todays communicationsnetworks demands that many disparate systems andapplications can talk to each other. Its no wonder there


are a ew oop o es a ma e vu nera y on enetworks.2. In recent years the most obvious threat to computer

systems has come from viruses. These attacks can usuallybe traced to exploitation of one of a small number ofsecurity flaws.

3. Insider attacks are almost certainly more common andhave the potential to be much more damaging.

.

date with the latest security patches and users are awareof some simple security rules will thwart the majority ofthese attacks.

7-Dec-09

24B i S l ti Wi l S it


24/24


THANK YOU

Bapinger Solution,

Djadja Achmad S

7-Dec-09

Date post:	29-May-2018
Category:	Documents
Upload:	djadja-sardjana
View:	213 times
Download:	0 times

Bapinger Network Security-07Dec09

Documents