Potential Collaboration between ITU and Academia on Cyber Security Imad H. Elhajj
advertisement
Potential Collaboration between ITU and Academia on Cyber Security Imad H. Elhajj American University of Beirut Electrical and Computer Engineering ie05@aub.edu.lb ITU Academia Seminar September 28, 2011 AUB Department of Electrical and Computer Engineering Macro AUB Department of Electrical and Computer Engineering Macro AUB Department of Electrical and Computer Engineering Micro AUB Department of Electrical and Computer Engineering Nano AUB Department of Electrical and Computer Engineering Nano AUB Department of Electrical and Computer Engineering Play Office AUB Department of Electrical and Computer Engineering AUB (Founded in 1866) AUB Department of Electrical and Computer Engineering Electrical and Computer Engineering AUB 7,500 students 73-acre Campus ECE 620 Undergraduate students 50 Graduate students 26 Full-time faculty members Opportunities for graduate students and collaboration AUB Department of Electrical and Computer Engineering Areas of Research AUB Department of Electrical and Computer Engineering Security Group At AUB Dr. Ayman Kayssi Dr. Ali Chehab Dr. Imad Elhajj 3 PhD Students 8 MS Students AUB Department of Electrical and Computer Engineering Graduate Courses Offered Cryptography and Computer Security Internet Security Wireless Security Information Security Management Network and Computer Security Laboratory AUB Department of Electrical and Computer Engineering Laboratory Description This laboratory addresses advanced network and computer security topics. Experiments include the execution of attacks, the setup of intrusion detection and prevention, securing computers and wired and wireless networks, and digital forensics. AUB Department of Electrical and Computer Engineering Topics Covered • Section 1 — Networking Basics - How do networks work? – • Section 2 — Vulnerabilities and Threats - How can networks be compromised? – – – – – • Lab 2: Scanning and Enumerating the Network for Targets and Address Spoofing Lab 3: Denial of Service Attacks and Network Applications Exploits Lab 4: Malware Analysis and Botnets Lab 5: Escalating Privilege – Sniffing, Keylogging, Password Cracking and Man in the Middle Attacks Lab 6: Security in Wireless Systems Section 3 — Prevention - How do we prevent harm to the networks? – – • Lab 1: Security Lab Setup and Networking Basics Lab 7: Firewalls Lab 8: Hardening the Host Computer and Securing Network Communications Section 4 — Detection and Response – How do we detect and respond to attacks? – – – Lab 9: Preparing for and Detecting Attacks Lab 10: Identify and Mitigate Network Attacks Lab 11: Digital Forensics AUB Department of Electrical and Computer Engineering Lab Objectives The objectives of this lab are to give students: An applied understanding of the principles of network and computer security. A hands-on experience in attack execution, and the use of tools in such attacks. A hands-on experience in the use of intrusion detection and prevention systems and techniques. The practical knowledge required to secure computers and networks including the setup of policies and security assessment. The practical knowledge to conduct digital forensics and attack tracing AUB Department of Electrical and Computer Engineering Lab Overall Diagram AUB Department of Electrical and Computer Engineering Lab Group Diagram AUB Department of Electrical and Computer Engineering Cabinets Juniper IPS AUB Department of Electrical and Computer Engineering Photos AUB Department of Electrical and Computer Engineering Photos AUB Department of Electrical and Computer Engineering Potential Uses Customized training for industry Testing and benchmarking of equipment Vendor demonstrations Lab could potentially be virtualized to duplicate at low cost AUB Department of Electrical and Computer Engineering ITU Resolutions Relevant to AUB Collaboration ITU Plenipotentiary Resolution 130: Strengthening the role of ITU in building confidence and security in the use of information and communication technologies (Guadalajara, 2010) ITU WTDC Resolution 45: Mechanisms for enhancing cooperation on cybersecurity, including combating spam (Hyderabad, 2010) ITU WTDC Resolution 69: Creation of national computer incident response teams, particularly for developing countries, and cooperation between them (Hyderabad, 2010) ITU WTSA Resolution 58: Encourage the creation of national computer incident response teams, particularly for developing countries (Johannesburg, 2008) UN Resolutions 57/239 (2002) and 58/199 (2004): Creation of a global culture of cybersecurity and the protection of critical information infrastructures AUB Department of Electrical and Computer Engineering Research Relevance to ITU-T SG17 Questions QUESTIONS TITLE Q 1/17 Telecommunications systems security project Q 2/17 Security architecture and framework Q 3/17 Telecommunications information security management Q 4/17 Cybersecurity Q 5/17 Countering spam by technical means Q 6/17 Security aspects of ubiquitous telecommunication services Q 7/17 Secure application services Q 8/17 Service oriented architecture security Q 9/17 Telebiometrics Q 10/17 Identity management architecture and mechanisms Q 11/17 Directory services, Directory systems, and publickey/attribute certificates AUB Department of Electrical and Computer Engineering Potential Collaboration between ITU and AUB Test lab for ITU-T standards conformance Contributions to standards (ITU-T SG17). Several of the questions for Study Group 17 are areas of research at AUB Organizing events (workshops, seminars) Capacity building and Awareness Help establish CERT (AUB Member of the PAN Arab Cyber Security Observatory) AUB Department of Electrical and Computer Engineering Thank you ie05@aub.edu.lb AUB Department of Electrical and Computer Engineering
