Discussion/Fun

• Ancient Lock
• QR-Code Scam

Network Modeling Basics Recall

• Network Modeling - OSI Model (Open Systems Interconnection)
• Layers of Cybersecurity
• MAC/MIC
• Latency [s]
• Bandwidth [bps]

ISO/OSI Model

• Router/L3 Switch, Switch, Hub/Repeater
• Physical Layer - Physical Channel
  • Channel Capacity
    • Speed of Light
    • Encoding
  • Confidentiality vs. openness
• Segmentation
  • Switch/VLAN
• Reliability - encoding, modulation
• Availability (+ regulations: ISM Bands)

BIE-UKB Lecture 06 Notes: Network Security

Attacks and Measures

(Availability) Attack Zoo

• Ping of Death
• Ping Flood
• Smurf Attack
• SYN Flood
• DoS, DDoS, Amp. DDoS

Network Segmentation

Models

Perimeter Model

• Phishing - time-limited code (2FA) is hard to exploit
• weakest path is the attack path - attack cost

Zero Trust

• Network is only one component - defense in depth
• from implicit rights to explicit rights

Network Monitoring

Packet Capture

• Deep Packet inspection
  • Past -> Network Forensics Devices
    • Big data -> Big-Data Analysis !!!
    • Encryption …

  • Now -> On-the-Fly

  • Gateway SSL Inspection
    • man-in-the-middle-like SSL inspection
    • Privacy/Legal Problems

Netflows

• metadata about the connection
• Statistics: typical net flow

Logs

• Information aggregation
  • SIEM - Security Information Management
  • SEM - Security Event Management