Network Security: Know It All

Network Security: Know It All

by James Joshi
Released July 2008
Publisher(s): Morgan Kaufmann
ISBN: 9780080560151

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Network Security: Know It All explains the basics, describes the protocols, and discusses advanced topics, by the best and brightest experts in the field of network security.Assembled from the works of leading researchers and practitioners, this best-of-the-best collection of chapters on network security and survivability is a valuable and handy resource. It consolidates content from the field’s leading experts while creating a one-stop-shopping opportunity for readers to access the information only otherwise available from disparate sources.

* Chapters contributed by recognized experts in the field cover theory and practice of network security technology, allowing the reader to develop a new level of knowledge and technical expertise. * Up-to-date coverage of network security issues facilitates learning and lets the reader remain current and fully informed from multiple viewpoints.* Presents methods of analysis and problem-solving techniques, enhancing the reader’s grasp of the material and ability to implement practical solutions.* Examples illustrate core security concepts for enhanced comprehension

Table of contents

  1. Copyright
  2. About the Authors
  3. 1. Network Security Overview
    1. 1.1. Cryptographic Tools
      1. 1.1.1. Principles of Ciphers
      2. 1.1.2. Symmetric-Key Ciphers
      3. 1.1.3. Public-Key Ciphers
      4. 1.1.4. Authenticators
    2. 1.2. Key Predistribution
      1. 1.2.1. Predistribution of Public Keys
        1. Certification Authorities
        2. Web of Trust
        3. Certificate Revocation
      2. 1.2.2. Predistribution of Symmetric Keys
    3. 1.3. Authentication Protocols
      1. 1.3.1. Originality and Timeliness Techniques
      2. 1.3.2. Public-Key Authentication Protocols
      3. 1.3.3. Symmetric-Key Authentication Protocols
        1. Kerberos
      4. 1.3.4. Diffie-Hellman Key Agreement
    4. 1.4. Secure Systems
      1. 1.4.1. Pretty Good Privacy (PGP)
      2. 1.4.2. Secure Shell (SSH)
      3. 1.4.3. Transport Layer Security (TLS, SSL, HTTPS)
        1. Handshake Protocol
        2. Record Protocol
      4. 1.4.4. IP Security (IPsec)
      5. 1.4.5. Wireless Security (802.11i)
    5. 1.5. Firewalls
      1. 1.5.1. Strengths and Weaknesses of Firewalls
    6. 1.6. Conclusion
    7. Further Reading
  4. 2. Network Attacks
    1. 2.1. Introduction
    2. 2.2. Network Attacks and Security Issues
      1. 2.2.1. Network Communications
      2. 2.2.2. Some Example Security Attacks
        1. TCP SYN Flood Attack
        2. Address Spoofing and Sequence Number Guessing Attacks
        3. Worm Attacks
        4. Phishing, Evil Twins, and Pharming
      3. 2.2.3. Security Attacks, Services, and Architecture
    3. 2.3. Protection and Prevention
      1. 2.3.1. Firewalls and Perimeter Security
      2. 2.3.2. Cryptographic Potocols
        1. Kerberos
        2. IPSec
        3. SSL
    4. 2.4. Detection
    5. 2.5. Assessment and Response
    6. 2.6. Conclusion
    7. References
  5. 3. Security and Privacy Architecture
    1. 3.1. Objectives
      1. 3.1.1. Preparation
    2. 3.2. Background
    3. 3.3. Developing a Security and Privacy Plan
    4. 3.4. Security and Privacy Administration
      1. 3.4.1. Threat Analysis
      2. 3.4.2. Policies and Procedures
        1. User Access to the System
        2. Administrator Skills and Requirements for Certification
        3. System Configuration and Management
    5. 3.5. Security and Privacy Mechanisms
      1. 3.5.1. Physical Security and Awareness
      2. 3.5.2. Protocol and Application Security
      3. 3.5.3. Encryption/Decryption
      4. 3.5.4. Network Perimeter Security
      5. 3.5.5. Remote Access Security
    6. 3.6. Architectural Considerations
      1. 3.6.1. Evaluation of Security Mechanisms
      2. 3.6.2. Internal Relationships
      3. 3.6.3. External Relationships
    7. 3.7. Conclusion
  6. 4. Network Security Algorithms
    1. 4.1. Searching for Multiple Strings in Packet Payloads
      1. 4.1.1. Integrated String Matching Using Aho–Corasick
      2. 4.1.2. Integrated String Matching Using Boyer–Moore
    2. 4.2. Approximate String Matching
    3. 4.3. IP Traceback via Probabilistic Marking
    4. 4.4. IP Traceback via Logging
      1. 4.4.1. Bloom Filters
      2. 4.4.2. Bloom Filter Implementation of Packet Logging
    5. 4.5. Detecting Worms
    6. 4.6. Conclusion
  7. 5. Concepts in IP Security
    1. 5.1. The Need for Security
      1. 5.1.1. Choosing to Use Security
    2. 5.2. Choosing Where to Apply Security
      1. 5.2.1. Physical Security
      2. 5.2.2. Protecting Routing and Signaling Protocols
      3. 5.2.3. Application-Level Security
      4. 5.2.4. Protection at the Transport Layer
      5. 5.2.5. Network-Level Security
    3. 5.3. Components of Security Models
      1. 5.3.1. Access Control
      2. 5.3.2. Authentication
      3. 5.3.3. Encryption
    4. 5.4. IPsec
      1. 5.4.1. Choosing between End-to-End and Proxy Security
      2. 5.4.2. Authentication
      3. 5.4.3. Authentication and Encryption
    5. 5.5. Transport-Layer Security
      1. 5.5.1. The Handshake Protocol
      2. 5.5.2. Alert Messages
    6. 5.6. Securing the Hypertext Transfer Protocol
    7. 5.7. Hashing and Encryption: Algorithms and Keys
      1. 5.7.1. Message Digest Five (MD5)
      2. 5.7.2. Data Encryption Standard (DES)
    8. 5.8. Exchanging Keys
      1. 5.8.1. Internet Key Exchange
    9. Further Reading
      1. Security Considerations
      2. IPsec
      3. Other Security Protocols
      4. Algorithms
      5. Key Exchange
  8. 6. IP Security in Practice
    1. 6.1. IP Security Issues
    2. 6.2. Security Goals
    3. 6.3. Encryption and Authentication Algorithms
      1. 6.3.1. Symmetric Encryption
      2. 6.3.2. Public Key Encryption
      3. 6.3.3. Key Management
      4. 6.3.4. Secure Hashes
      5. 6.3.5. Digital Signature
    4. 6.4. IPsec: The Protocols
    5. 6.5. IP and IPsec
      1. 6.5.1. Security Associations
      2. 6.5.2. Using Security Associations
      3. 6.5.3. Tunnel and Transport Mode
      4. 6.5.4. Encapsulating Security Payload (ESP)
      5. 6.5.5. Authentication Header
      6. 6.5.6. Calculating the Integrity Check Value (ICV)
      7. 6.5.7. IPsec Headers in Action
    6. 6.6. Implementing and Deploying IPsec
    7. 6.7. Conclusion
  9. 7. Security in Wireless Systems
    1. 7.1. Introduction
    2. 7.2. Security and Privacy Needs of a Wireless System
      1. 7.2.1. Purpose of Security
      2. 7.2.2. Privacy Definitions
      3. 7.2.3. Privacy Requirements
      4. 7.2.4. Theft Resistance Requirements
      5. 7.2.5. Radio System Requirements
      6. 7.2.6. System Lifetime Requirements
      7. 7.2.7. Physical Requirements
      8. 7.2.8. Law Enforcement Requirements
        1. Over-the-Air Tap
        2. Wiretap at Switch
    3. 7.3. Required Features for a Secured Wireless Communications System
    4. 7.4. Methods of Providing Privacy and Security in Wireless Systems
    5. 7.5. Wireless Security and Standards
    6. 7.6. IEEE 802.11 Security
    7. 7.7. Security in North American Cellular/ PCS Systems
      1. 7.7.1. Shared Secret Data Update
      2. 7.7.2. Global Challenge
      3. 7.7.3. Unique Challenge
    8. 7.8. Security in GSM, GPRS, and UMTS
      1. 7.8.1. Security in GSM
        1. GSM Token-Based Challenge
      2. 7.8.2. Security in GPRS
      3. 7.8.3. Security in UMTS
    9. 7.9. Data Security
      1. 7.9.1. Firewalls
      2. 7.9.2. Encryption
        1. Secret Key (symmetric encryption)
        2. Public Key (or asymmetric encryption)
        3. Public Key Algorithms
          1. Rivet-Shamir-Adleman (RSA) Algorithm
          2. Diffie-Hellman (DH) Algorithm
        4. One-Time Key Method
        5. Elliptic Curve Cryptography (ECC)
        6. Digital Signature
      3. 7.9.3. Secure Socket Layer
      4. 7.9.4. IP Security Protocol (IPSec)
      5. 7.9.5. Authentication Protocols
    10. 7.10. Air Interface Support for Authentication Methods
    11. 7.11. Summary of Security in Current Wireless Systems
      1. 7.11.1. Billing Accuracy
      2. 7.11.2. Privacy of Information
      3. 7.11.3. Theft Resistance of MS
      4. 7.11.4. Handset Design
      5. 7.11.5. Law Enforcement
    12. 7.12. Conclusion
    13. References
  10. 8. Mobile Security and Privacy
    1. 8.1. Security Primer
      1. 8.1.1. Ciphers and Message Confidentiality
      2. 8.1.2. Cryptographic Hash Algorithms and Message Integrity
      3. 8.1.3. Authentication
        1. Digital Signature
        2. PKI and Digital Certificate
      4. 8.1.4. Key Management
        1. Diffie–Hellman Key Exchange Protocol
        2. RSA
        3. Elliptic Curve Cryptography
      5. 8.1.5. Nonrepudiation
      6. 8.1.6. Network Security Protocols
        1. Password
        2. Challenge and Response
        3. Kerberos
        4. Internet Protocol Security
        5. Secure Socket Layer
      7. 8.1.7. General Considerations of Mobile Security and Privacy
    2. 8.2. Cellular Network Security
      1. 8.2.1. Secure Wireless Transmission
      2. 8.2.2. Secure Wireless Transaction
        1. Wireless Transport Layer Security
        2. WAP Identification Module
        3. IPSec/SSL VPNs
    3. 8.3. Wireless LAN Security
      1. 8.3.1. Common 802.11 Security Myths
      2. 8.3.2. WEP Vulnerability
      3. 8.3.3. 802.11 Authentication Vulnerabilities
      4. 8.3.4. 802.1X, WPA, and 802.11i
    4. 8.4. Bluetooth Security
      1. 8.4.1. Bluetooth Security Architecture
      2. 8.4.2. Bluetooth Weakness and Attacks
    5. 8.5. Ad Hoc Network Security
      1. 8.5.1. Link Layer Ad Hoc Security
      2. 8.5.2. Key Management
      3. 8.5.3. Wireless Sensor Network Security
    6. 8.6. Mobile Privacy
      1. 8.6.1. Identity and Anonymity
      2. 8.6.2. Location Privacy
    7. 8.7. Conclusion
    8. Further Reading
    9. References
  11. 9. Optical Network Survivability
    1. 9.1. Basic Concepts
    2. 9.2. Protection in SONET/SDH
      1. 9.2.1. Point-to-Point Links
      2. 9.2.2. Self-Healing Rings
      3. 9.2.3. Unidirectional Path-Switched Rings
      4. 9.2.4. Bidirectional Line-Switched Rings
        1. Handling Node Failures in BLSRs
        2. Low-Priority Traffic in BLSRs
      5. 9.2.5. Ring Interconnection and Dual Homing
    3. 9.3. Protection in IP Networks
    4. 9.4. Why Optical Layer Protection
      1. 9.4.1. Service Classes Based on Protection
    5. 9.5. Optical Layer Protection Schemes
      1. 9.5.1. 1 + 1 OMS Protection
      2. 9.5.2. 1:1 OMS Protection
      3. 9.5.3. OMS-DPRing
      4. 9.5.4. OMS-SPRing
      5. 9.5.5. I:N Transponder Protection
      6. 9.5.6. 1 + 1 OCh Dedicated Protection
      7. 9.5.7. OCh-SPRing
      8. 9.5.8. OCh-Mesh Protection
      9. 9.5.9. Choice of Protection Technique
    6. 9.6. Interworking between Layers
    7. 9.7. Conclusion
    8. Further Reading
    9. References
  12. 10. Intrusion Response Systems: A Survey
    1. 10.1. Introduction
    2. 10.2. Static Decision-Making Systems
      1. 10.2.1. Generic Authorization and Access Control—Application Programming Interface
        1. Introduction
        2. Details
        3. Significance
      2. 10.2.2. Snort Inline
        1. Introduction
        2. Details
        3. Significance
      3. 10.2.3. McAfee Internet Security Suite
        1. Introduction
        2. Details
        3. Significance
      4. 10.2.4. Other Systems
        1. McAfee IntruShield Intrusion Prevention System
    3. 10.3. Dynamic Decision-Making Systems
      1. 10.3.1. Broad Research Issues
      2. 10.3.2. ADEPTS
        1. Design Approach
        2. Contributions and Further Work
      3. 10.3.3. ALPHATECH Light Autonomic Defense System
        1. Design Approach
        2. Contributions and Further Work
      4. 10.3.4. Cooperating Security Managers and Adaptive, Agent-Based Intrusion Response Systems
        1. Design Approach
        2. Contributions and Further Work
      5. 10.3.5. EMERALD
        1. Design Approach
        2. Contributions and Further Work
      6. 10.3.6. Other Dynamic Intrusion Response Systems
    4. 10.4. Intrusion Tolerance through Diverse Replicas
      1. 10.4.1. Broad Research Issues
      2. 10.4.2. Building Survivable Services Using Redundancy and Adaptation
      3. 10.4.3. Scalable Intrusion-Tolerant Architecture
        1. Design Approach
        2. Contributions and Further Work
      4. 10.4.4. Survival by Defense Enabling
        1. Design Approach
        2. Contributions and Further Work
      5. 10.4.5. Implementing Trustworthy Services Using Replicated State Machines
      6. 10.4.6. Distributing Trust on the Internet
        1. Design Approach
        2. Contributions and Further Work
    5. 10.5. Responses to Specific Kinds of Attacks
      1. 10.5.1. Primitives for Responding to DDoS
      2. 10.5.2. Citra
        1. Design Approach
        2. Contributions and Further Work
      3. 10.5.3. Cooperative Counter-DDoS Entity
        1. Design Approach
        2. Contributions and Further Work
    6. 10.6. Benchmarking Intrusion Response Systems
    7. 10.7. Thoughts on Evolution of IRS Technology
    8. 10.8. Conclusion
    9. References

Product information

  • Title: Network Security: Know It All
  • Author(s): James Joshi
  • Release date: July 2008
  • Publisher(s): Morgan Kaufmann
  • ISBN: 9780080560151