Introduction to Cybersecurity and strategy

NETWORK AND
DISTRIBUTED SYSTEM
SECURITY
Introduction to Cybersecurity and strategy

LEARNING OBJECTIVES

At the end of this lesson, you should be able to:

● Explain network and distributed systems.

● Describe how to secure a network system.

● Describe the working of network and distributed Security.

● Describe how to secure a distributed system.

Introduction to Cybersecurity and strategy

Introduction
• In this lesson we will first look at network
security and thereafter, distributed system
security.
• Therefore, let us start by defining a network.

What is a Network?
• A network is composed of hosts and
internetworking devices (hubs, switches and
routers).
• The term hosts can include dierent kinds of
devices, such as computers of all sorts,
servers, and even wireless devices such as
cell phones and PDAs.
Introduction to Cybersecurity and strategy

INTRODUCTION
• The purpose of the network is to transfer data
between the hosts.
• We are primarily concerned with the Internet,
the king of all networks.
• A network has an edge and a core.
• The hosts are distributed and live at the
edge, while the core consists of an
interconnected mesh of routers.
• The purpose of the core is to route data
through the network from host to host.
Introduction to Cybersecurity and strategy

Introduction 4
3
2
1

• The Internet is a packet switched network,

1
3
4
3

meaning that the data is sent in discrete

4
2

chunks known as packets. 4 3

• In contrast, the traditional telephone

2
2 4

system is a circuit switched network.

2 3 4 1

• For each telephone call, a dedicated

circuit—with dedicated bandwidth—is
established between the endpoints.
• Packet switched networks can make more
eicient use of the available bandwidth.
Introduction to Cybersecurity and strategy

Introduction
• The study of modern networking is largely the study
of networking protocols.
• Networking protocols precisely specify
communication rules employed by the network.
• Protocols can be classified in many ways, but one
classification that is particularly relevant in security
is stateless versus stateful.
• Stateless protocols do not “remember” anything,
while stateful protocols do have some memory.
• Many security problems are related to state, for
example, denial of service.
Introduction to Cybersecurity and strategy

Network Security
• With the introduction of the computer, the need
for automated tools for protecting files and other
information stored on the computer became
evident.
• Network security is any activity designed to
protect the usability and integrity of your network
and data.
• It includes both hardware and software
technologies.
• It targets a variety of threats and stops them from
entering or spreading on your network.
• Eective network security manages access to the
network.
Introduction to Cybersecurity and strategy

Network Security
How does network security work?
● There are many layers to consider when addressing
network security across an organization.
● Aacks can happen at any layer in the network
security layers model.
● Network security hardware, software and policies
must be designed to address each area.
● Network security typically consists of three
dierent controls:
Physical
Technical
Administrative
Introduction to Cybersecurity and strategy

Network Security
• Here is a brief description of the dierent types
of network security and how each control
works.

Physical Network Security

• This is the most basic level that includes
protecting the data and network through
unauthorized personnel from acquiring control
over the confidentiality of the network.
• These include external peripherals and routers
that might be used for cable connections.
• The same can be achieved by using devices like
biometric systems.
Introduction to Cybersecurity and strategy

Network Security
Technical Network Security
● It primarily focuses on protecting the data
stored in the network or data involved in
transitions through the network.
● This type serves two purposes:
○ One is protected from
unauthorized users, and
○ The other is protected from
malicious activities.
Introduction to Cybersecurity and strategy

Network Security
Administrative Network Security
• This level of network security protects user
behavior like how the permission has been
granted and how the authorization process
takes place.
• This also ensures the level of sophistication
the network might need for protecting it
through all the aacks.
• This level suggests necessary amendments
that have to be done to the infrastructure.
Introduction to Cybersecurity and strategy

Network Security
Types of Network Security
• The few types of network securities are listed below:
● Access Control
● Application Security
● Email Security
● Firewalls
● Antivirus and Anti-Malware Software
● Virtual Private Network (VPN)
● Intrusion Prevention System(IPS)
• In the next slides, we will discuss the types of network securities.
Introduction to Cybersecurity and strategy

Types of Network Security

• Access control defines the people or groups
and the devices that have access to network
applications and systems thereby denying
unsanctioned access, that might be threats.
• Not every person should have a complete
allowance for the accessibility to the network
or its data.
• One way to examine this is by going through
each personnel’s details.
• This is done through Network Access Control.
Introduction to Cybersecurity and strategy

Types of Network Security

Application Security
• Application security denotes the security
precautionary measures utilized at the
application layer to prevent the stealing or
capturing of data or code inside the
application.
• Application may contain holes, or
vulnerabilities, that aackers can use to
infiltrate your network.
• It also includes the security measurements
made during the advancement and design
of applications.
Introduction to Cybersecurity and strategy

Types of Network Security

Email Security
• Email gateways are the number one threat
vector for a security breach.
• Aackers use personal information and social
engineering tactics to build sophisticated
phishing campaigns to deceive recipients and
send them to sites serving up malware.
• An email security application blocks incoming
aacks and controls outbound messages to
prevent the loss of sensitive data.
• For Example, fraud emails are automatically
sent to the Spam folder because most email
service providers have built-in features to
protect the content.
Introduction to Cybersecurity and strategy

Types of Network Security

Firewalls
• A firewall is a network security device, either
hardware or software-based.
• It monitors all incoming and outgoing traic and
based on a defined set of security rules.
• This rules accepts, rejects, or drops that specific
traic.
• Before Firewalls, network security was performed
by Access Control Lists (ACLs) residing on routers.
• Network security relies heavily on Firewalls,
especially Next Generation Firewalls, which focus
on blocking malware and application-layer aacks.
Introduction to Cybersecurity and strategy

Types of Network Security

Antivirus and Anti-malware Software:
• This type of network security ensures that
any malicious software does not enter the
network and jeopardize the security of the
data.
• Malware," short for "malicious software,"
includes viruses, worms, Trojans,
ransomware, and spyware.
• Sometimes malware will infect a network but
lie dormant for days or even weeks.
• This ensures that not only the entry of the
malware is protected but also that the system
is well-equipped to fight once it has entered.
Introduction to Cybersecurity and strategy

Types of Network Security

A virtual private network (VPN)
• VPN encrypts the connection from an endpoint
to a network, often over the Internet.
• Typically, a remote-access VPN uses IPsec or
Secure Sockets Layer to authenticate the
communication between device and network.
• For example, users working from home would
typically connect to the organization’s network
over a VPN.
• Data between the two points is encrypted and
the user would need to authenticate to allow
communication between their device and the
network.
Introduction to Cybersecurity and strategy

Types of Network Security

An intrusion Prevention System (IPS)
• It is also known as Intrusion Detection and
Prevention System.
• It is a network security application that
monitors network or system activities for
malicious activity.
• The major functions of intrusion prevention
systems are to identify malicious activity,
collect information about this activity, report
it, and aempt to block or stop it.
• Next we will discuss distributed systems.
Introduction to Cybersecurity and strategy

Mid-lesson Questions
Question 1: Describe the basic workings of
network security.

Question 2: When connecting to the enterprise

network through the internet from a remote
location, which of the network security solutions
is the most appropriate to implement.
Introduction to Cybersecurity and strategy

Mid-lesson Answers
Answer 1
Network security is any activity designed to protect the
usability and integrity of your network and data.
It includes both hardware and software technologies. It
targets a variety of threats and stops them from entering or
spreading on your network. Eective network security
manages access to the network.

Answer 2
VPN will be the most appropriate. VPN encrypts the
connection from an endpoint to a network, often over the
Internet. Typically, a remote-access VPN uses IPsec or Secure
Sockets Layer to authenticate the communication between
device and network. Data between the two points is
encrypted and the user would need to authenticate to allow
communication between their device and the network.
Introduction to Cybersecurity and strategy

Introduction to Distributed Systems

Before we look into security in distributed system, let us
describe what a distributed system is.
What is a distributed system?
• A distributed system in its most simplest definition is a
group of computers working together as to appear as a
single computer to the end-user.
• These machines have a shared state, operate
concurrently and can fail independently without
aecting the whole system’s uptime.
• Today, data is more distributed than ever, and modern
applications no longer run in isolation.
• The vast majority of products and applications rely on
distributed systems.
Introduction to Cybersecurity and strategy

Introduction to Distributed Systems

• For example, let us go with a database.
• Traditional databases are stored on the file
system of one single machine, whenever you web application
want to fetch/insert information in it — you talk to
that machine directly.
• For us to distribute this database system, we will
need to have this database run on multiple
machines at the same time.
• The user must be able to talk to whichever
machine he chooses and should not be able to
tell that he is not talking to a single machine.
• If he inserts a record into node#1, node #3 must
be able to return that record.
Introduction to Cybersecurity and strategy

Introduction to Distributed Systems

The most important functions of distributed computing are:
• Resource sharing - whether it is the hardware, software or data that
can be shared.
• Openness - how open is the software designed to be developed and
shared with each other.
• Concurrency - multiple machines can process the same function at
the same time.
• Scalability - how do the computing and processing capabilities
multiply when extended to many machines.
• Fault tolerance - how easy and quickly can failures in parts of the
system be detected and recovered.
• Transparency - how much access does one node have to locate and
communicate with other nodes in the system.
Introduction to Cybersecurity and strategy

Types of Distributed System Architectures

Examples of Distributed Systems
• Networks
• Telecommunication Networks
• Distributed Real-time Systems
• Parallel Processing
• Distributed Database Systems

Types of Distributed System Architecture

• Client-server
• Three-tier
• Multi-tier
• Peer-to-Peer
Introduction to Cybersecurity and strategy

Types of Distributed System Architectures

Client-server:
• In the early days, distributed systems
architecture consists of a server as a
shared resource like a printer, database, or a
web server.
• It had multiple clients that decide when to
use the shared resource, how to use and
display it, change data, and send it back to
the server.

internet server

Clients
Introduction to Cybersecurity and strategy

Types of Distributed System Architectures

• Today, distributed systems architecture has
evolved with web applications into: Three-tier,
Multi-tier and Point-to-Point.
Three-tier
• In this architecture, the clients no longer need to
be intelligent and can rely on a middle tier to do the
processing and decision making.
• Most of the first web applications fall under this
category.
• The middle tier could be called an agent that
receives requests from clients, that could be
stateless, processes the data and then forwards it
on to the servers.
Introduction to Cybersecurity and strategy

Types of Distributed System Architectures

Multi-tier
• Enterprise web services first created n-tier or
multi-tier systems architectures.
• This popularized the application servers that
contain the business logic and interacts both
with the data tiers and presentation tiers.
• Generally used when an application or server
needs to forward requests to additional
enterprise services on the network.
Introduction to Cybersecurity and strategy

Types of Distributed System Architectures

Peer-to-peer
• There are no centralized or special
machine that does the heavy lifting and
intelligent work in this architecture. blockchain node
• All the decision making and
responsibilities are split up amongst the node
blockchain
machines involved and each could take
on client or server roles.
• Blockchain is a good example of this.
Introduction to Cybersecurity and strategy

Security Threats in Distributed System

• Leakage: An unauthorized party gains access to a
service or data.
• Aacker obtains knowledge of a withdrawal or
account balance.
• Tampering: Unauthorized change of data,
tampering with a service.
• Aacker changes the variable holding your
personal checking $$ total.
• Vandalism: Interference with proper operation,
without gain to the aacker.
• Aacker does not allow any transactions to your
account.
Introduction to Cybersecurity and strategy

Security Properties in Distributed System

• Confidentiality: Concealment of information
or resources.
• Authenticity: Identification and assurance of
origin of information.
• Integrity: Trustworthiness of data or
resources in terms of preventing improper and
unauthorized changes.
• Availability: Ability to use desired information
or resource.
• Non-repudiation: Oer of evidence that a
party indeed is the sender or a receiver of
certain information.
• Access control: Facilities to determine and
enforce who is allowed access to what
resources (host, software, network, …).
Introduction to Cybersecurity and strategy

Attack on Distributed System

Aack on Confidentiality
● Eavesdropping
● Unauthorized access to information
● Packet sniers and wiretappers (e.g. tcpdump)
● Illicit copying of files and programs

Aack on Integrity
• Tampering
○ Stop the flow of the message
○ Delay and optionally modify the message
○ Release the message again
•
Introduction to Cybersecurity and strategy

Attack on Distributed System

Aack on Availability
● Destroy hardware (cuing fiber) or
software.
● Modify software in a subtle way.
● Corrupt packets in transit.
● Denial of service (DoS):
● Crashing the server
● Overwhelm the server (use up its
resource)
Introduction to Cybersecurity and strategy

Designing Secure Systems

• Your system is only as secure as your weakest component!
• Need to make worst-case assumptions about aackers:
● Exposed interfaces, insecure networks, algorithms and program code
available to aackers, aackers may be computationally very
powerful.
● Tradeo between security and performance impact/diiculty.
● Typically design system to withstand a known set of aacks (Aack
Model or Aacker Model).
• It is not easy to design a secure system.
• And it’s an arm race!
Introduction to Cybersecurity and strategy

Summary
In this class, we have studied:
• Network and distributed systems.
• Network security consisting of three dierent
controls: Physical, Technical and Administrative.
• Dierent types of network security
• Security threat and properties in distributed
system.
• Designing a secured distributed system.
Introduction to Cybersecurity and strategy

THANK
YOU