Scribd
Upload
7 views

Week#07 Lecture#01,02

Uploaded by

emanajmal187
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
7 views

Week#07 Lecture#01,02

Uploaded by

emanajmal187
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 15

Week#07

Lecture#01,02
Security Technology: Intrusion Detection
and Prevention Systems, and Other Security
Tools

Learning Objectives:
– List and define the major categories of specific
tools used within each of these categories
– Operating System Detection Tools
– Firewall Analysis Tools
– Wireless Security Tools
– Explain the various methods of access control,
including the use of biometric access
mechanisms
Operating System (OS) detection
tools
 Operating System (OS) detection tools are software
utilities used to identify the operating system that is
running on a computer or device within a network.

• These tools are commonly used by system administrators,


network security professionals, and even attackers to gather
information about target systems.

 The primary goal of OS detection tools is to determine the


specific operating system version and sometimes its
architecture (32-bit or 64-bit).
Operating System (OS) detection
tools
In security, understanding the operating system of a target computer is
crucial for several reasons:

Vulnerability Assessment:
 Different operating systems have different vulnerabilities.
 Once an attacker knows the OS, they can easily determine which
vulnerabilities affect the target system and exploit them to gain
unauthorized access or perform other malicious activities.

Troubleshooting:
 When diagnosing network or connectivity issues, knowing the operating
systems of the devices involved can help identify potential compatibility
issues or misconfigurations.

Policy Enforcement:
 Organizations may have specific policies regarding the types of operating
systems allowed on their networks.
 OS detection tools can help enforce these policies by identifying
Operating System (OS) detection
tools
Network Management:
 System administrators use OS detection tools as part of
network management tasks.

 By maintaining an inventory of devices and their respective


operating systems, administrators can ensure proper
configuration, software updates, and compliance with
organizational policies.

Resource Allocation:
 Understanding the distribution of operating systems across
a network helps security professionals allocate resources
effectively.

 For example, if a network has a significant number of


Windows systems, more resources may be allocated to
patching and securing Windows-specific vulnerabilities.
Operating System (OS) detection
tools
Targeted Attacks:
 Attackers often tailor their attacks based on
the target's operating system.

 For example, an exploit designed for Windows


may not work on a Linux system.

 By identifying the OS, attackers can choose the


most suitable attack vectors or method and
tools for their malicious activities.
Firewall Analysis Tools
• Understanding the exact position of an
organization's firewall and the functions of its
current rule sets are crucial measures for any
security administrator.

• Several technologies exist that facilitate the


automated remote detection of firewall rules and
help the administrator or attacker examine the
rules to discover exactly what they allow and
block.
Firewall Analysis Tools
• Firewall Policy Management Tools:
– These tools help administrators manage firewall policies
efficiently by providing centralized visibility and control over
firewall rules.

• Firewall Log Analysis Tools:


– These tools analyze firewall logs to identify security
incidents, anomalous traffic patterns, and compliance issues.

• Firewall Rule Optimization Tools:


– These tools analyze firewall rule sets to optimize
performance, reduce complexity, and enhance security.

• Attack Simulation Tools:


– These tools simulate cyber attacks to test the effectiveness
of firewall configurations and identify potential weaknesses
Wireless Security Tools
 Wireless security tools are software utilities or
platforms designed to assess, monitor, and enhance
the security of wireless networks.

 These tools help organizations identify vulnerabilities,


detect unauthorized access, and mitigate risks
associated with wireless communication.

Some common wireless security tools are:


 Wireless Network Scanners
 Wireless Intrusion Detection Systems (WIDS)
 Wireless Packet Analyzers
 Wireless Network Monitoring Tools
Wireless Security Tools
• Wireless Network Scanners:
– These tools scan for available wireless networks, identify access
points (APs), and gather information about network configurations
and security settings.

• Wireless Intrusion Detection Systems (WIDS):


– WIDS tools monitor wireless networks for unauthorized access,
rogue APs, and suspicious activities. They analyze wireless traffic
and alert administrators to potential security threats.

• Wireless Packet Analyzers:


– These tools capture and analyze wireless packets to inspect
network traffic, detect vulnerabilities, and troubleshoot
connectivity issues.

 Wireless Network Monitoring Tools:


– These tools continuously monitor wireless network traffic and
performance metrics to detect anomalies, troubleshoot issues,
Biometric access control
• Biometric access control relies on unique human
characteristics to verify the identity of a user
getting to access a system.

• Unlike traditional authentication methods such as


passwords or PINs, which can be forgotten, stolen,
or shared, biometrics offer a more reliable and
secure means of authentication because they are
directly connected to the individual and are
difficult to replicate.

• It relies on recognition, similar to how individuals


identify friends and family.
Biometric access control
Biometric authentication technologies include:

• Fingerprint Comparison: Compares the actual


fingerprint of the user to a stored fingerprint for
authentication.

• Facial Recognition using Photographic ID Card: A


human security guard compares the user's face to a
photo on an ID card.

• Facial Recognition using a Digital Camera:


Compares the user's face captured by a digital camera
to a stored image.

• Retinal Print Comparison: Compares the actual retina


of the user to a stored image.
Biometric access control
Iris Pattern Comparison: Compares the actual iris
of the user to a stored image.

Signature Access Control


This is an example of dynamic biometric access since
it relies on pressure, writing speed, and acceleration
when signing rather than the image of the signature.

Voice Access Control


Voice is another distinctive feature among human
beings, as its sound depends on multiple factors,
such as vocal cord vibrations or characteristics of the
oral cavity.
Effectiveness of Biometrics

• Biometric technologies are evaluated on three


basic criteria:
– False reject rate
– False accept rate
– Crossover error rate

False Reject Rate:


 This rate represents the percentage of authorized users
who are incorrectly denied access due to a system
failure.
 While inconvenient for users, false rejections pose
minimal security risk.
Effectiveness of Biometrics

False Accept Rate:


 This rate represents the percentage of unauthorized
users who are incorrectly granted access due to a system
failure.
 False acceptances are a significant security concern as
they can lead to unauthorized access.

Crossover Error Rate:


 The CER is the point at which the false reject rate equals
the false accept rate.
 It indicates the optimal balance between security and
usability in a biometric system.

You might also like