Bapinger Network Security

Bapinger Solution: Wireless Security 1

WIRELESS SECURITY LECTURE

Djadja Sardjana
djadja@bapinger.web.id

7-Dec-09


AGENDA :

Introduction :
Network Security Definition
Virus, Worm, Trojan and
Intrusion Attack

Bapinger Wireless Security
Solutions

Conclusion

7-Dec-09


INTRODUCTION :
NETWORK SECURITY DEFINITION
VIRUS, WORM, TROJAN AND INTRUSION ATTACK

Bapinger Solution,
Djadja Achmad S

7-Dec-09

NETWORK SECURITY Bapinger Solution: Wireless Security 4

DEFINITION

1. The protection of networks and their services from unauthorized
modification, destruction, or disclosure. Network security provides
for assurance that a network performs its critical functions correctly
and there are no harmful side effects. (US Army Information
Assurance Security Officer (IASO) /
http://ia.gordon.army.mil/iaso/default.htm)
2. Computer security is the effort to create a secure computing
platform, designed so that agents (users or programs) can only
perform actions that have been allowed. This involves specifying
and implementing a security policy. The actions in question can be
reduced to operations of access, modification and deletion.
Computer security can be seen as a subfield of security
engineering, which looks at broader security issues in addition to
computer security.
(Wikipedia / en.wikipedia.org/wiki/Network_security)

7-Dec-09

TELECOMMUNICATION
NETWORK SECURITY

Quote from Houlin Zhao, Director of the Telecom
Standardization Bureau, ITU :
“All businesses face pressure to increase revenue and
reduce costs. And in the face of this pressure, security is
often sidelined as non-essential. But investment in
security is money in the bank. And investment in the
making of security standards means that manufacturers
and service providers can be sure that their needs and
views are taken into account. “
(http://www.itu.int/ITU-T/lighthouse/articles/ecta-
2004.html)

7-Dec-09

VIRUS, WORM, TROJAN Bapinger Solution: Wireless Security 6

AND INTRUSION ATTACK
What is a virus?
A computer virus, according to Webster's Collegiate Dictionary, is
"a computer program usually hidden within another seemingly
innocuous program that produces copies of itself and inserts them
into other programs or files, and that usually performs a malicious
action (such as destroying data)".
Two categories of viruses:
- macro viruses
- worms

Computer viruses are never naturally occurring; they are always
man-made. Once created and released, however, their spread is
not directly under human control.
(Indiana University Knowledge Base / http://kb.iu.edu/data/aehm.html )

7-Dec-09



What is a Trojan horse?
Named after the wooden horse the
Greeks used to infiltrate Troy. According
to some people, a virus is a particular
case of a Trojan horse, namely one which
is able to spread to other programs (i.e.,
it turns them into Trojans too). According
to others, a virus that does not do any
deliberate damage (other than merely
replicating) is not a Trojan. Finally,
despite the definitions, many people use
the term "Trojan" to refer only to a non-
replicating malicious program.
(Indiana University Knowledge Base /
http://kb.iu.edu/data/aehm.html )

7-Dec-09


What is a Intrusion Attack?
The willful or negligent unauthorized
activity that affects the availability,
confidentiality, or integrity of computer
resources. Computer abuse includes
fraud, embezzlement, theft, malicious
damage, unauthorized use, denial of
service, and misappropriation.
Operations to disrupt, deny, degrade,
or destroy information resident in
computers and computer networks, or the
computers and networks themselves.
(DODD S-3600.1 of 9 Dec 96)

(Texas State Library Home Page / http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html
)

7-Dec-09


BAPINGER WIRELESS
SECURITY SOLUTIONS
PORTFOLIOS

Bapinger Solution,
Djadja Achmad S

7-Dec-09

Business Position
10

Practice
Areas

• Network Support • Planning & Design • GAMA • Managed Operations
• Optimization • Install & Comm (Services Services
Key • Operations • Network Integration Development • Seamless Mobility
Elements & Maintenance • Program and Delivery Management
• Network Management Platform) • Managed Security
Management • Hosted Services Services
• Content • Project and Outsource
•Security Management Management Services
• Training • IMS/non-IMS
Revenue Based
“Total Network Care”
Applications
Bapinger Solution: Wireless Security 7-Dec-09

Future Growth is in IP Based Services
11 Billions of
Subscribers

1.8
1.6 IP Services:
VoIP
1.4 IP Enabled PoC, Push-to-View
1.2 SMS & IM
1 Music
Gaming
0.8 Presence
Location Based Srvs
0.6
Multimedia Messaging
0.4 Circuit Only Video Streaming
0.2 Converged Voice
Srvs
0
2002 2003 2004 2005 2006 2007 2008
Source: IMS Research

Market is moving towards IP enabled service


GROWTH IN DATA SERVICES
Worldwide Wireless
Operator Data Revenue ($M)

100.000
92.011

80.000
71.272

60.000 51.897 Total
SMS
Rich Data
34.117 MMS
40.000
20.311

20.000 12.978

0 Source:
2003 2004 2005 2006 2007 2008 MOT est.

Introduce new applications and services
consistently and securely while optimizing
total cost of ownership, time-to-revenue
and delivery of compelling new
applications

OPERATOR FOCUS / CONCERNS
13
Planning & Strategy
Enterprise customers recognize security as
differentiator
Focus Concerned about migration to open, IP-based
network
Impact of government regulations and requirements
How do we improve security while controlling costs?

Security into Operations
How do I structure my security organization?
Concerns Need to coordinate multiple organizations, no standards
We need a security baseline to develop a plan
We’re concerned about virus activity
How to define and split security domains, what to protect?
Potential vulnerabilities from the roaming environment

SECURITY – ALREADY AFFECTING
WIRELESS CARRIERS
14
Total 183 Million Reported Security Incidents
Number of Internet Security Incidents Reported
Attacks Are: 90
80
82.1
($000's)
► Occurring More Frequently 70
► Disruptive And Costly 60 52.7
50
► Impacting Operators As Data Usage Grows 40
30 21.8
20
9.9
10
0.1 0. 0.4 0.8 1.3 2.3 2. 2. 2.1 3.7
0 3 4 6
Downtime Impact/Revenue Per Hour 88 89 90 91 92 93 94 95 96 97 98 99 00 01 02
($000's)
$3,000
Cost of Computer Crime & Security Losses
$2,500
Total Losses Reported (1997-2002): $1.43B
$2,000 450 $425
400 $378
$1,500
350
$1,000 300 $265
$500 250
200
$- $137
150 $124
Energy Telecom MFG Financial Info Insurance Retail $100
Tech 100
Source: Meta Group 50
0
1997 1998 1999 2000 2001 2002E
Source: CSI/FBI Survey

FASTER CYCLES:
Time From Vulnerability To Attack

300

250 300 days from known vulnerability
until widespread attack in 1999…
200

150

100

50 Now only 10 days!!!
0
1999 2000 2001 2002 2003 2004

Foundstone Data

Vulnerability Management Capability is Baseline Requirement

OPERATOR’S DILEMMA
16
Significant Barriers to Improving Network Security
Determining NW Security Requirements
Operators Know The
Importance Of Security… Cost of Products/tools

Lack of Experienced staff

Justify Cost/Benefit to Mgmt
Importance of Improving
Network Security Other projects

Very Important Staff Training
75%
Lack of Products/Tools

Staff Turnover

0% 10% 20% 30% 40% 50% 60%

Not So Somewhat
Important Important
6% 19%

…But Seeking Assistance
On How To Address It
Source: IDC, Lucent Network Security Survey

Enabling Revenue
17

Comprehensive Security Program
Provides Market Differentiation

THE CHALLENGE – WIRELESS
OPERATORS
Rapidly Expanding Operations
Subscriber Base; Coverage; Revenue-Generating Services

Operations in Multiple Markets
Multiple operations
Varied policy and processes

Management Realization
Growing awareness of need
Minimal understanding of security capability
Lack comprehensive vulnerability data
Suspected breeches, reactive approach
Security Purchases/Effort Integration

OPERATORS
Vulnerabilities & Issues
Quantity Varies with Size of Network
From 200 to over 1000 issues identified
High + Medium Risk = 30% to 70% of issues
Multiple Sources of Issues
Policy – Few Policies, Low/No Framework or Policy
Management
Process – Security updates, monitoring of network
Operations – Lack of metrics and vulnerability data or
remediation programs
Password Management – Easily cracked passwords, shared or no
passwords
Funding – Prioritization, requisite skills or resource investment
But….
Operational Awareness of Need
Small contingent usually working to improve
Project based, slow evolution of management support, want
ability to focus

OPERATORS
Examples
Charging Gateway Vulnerabilities
High + Medium Risk = up to 53% of issues on these elements
DNS Servers vulnerabilities
DNS Cache poisoning, flooding from mobile devices
Firewall Vulnerabilities
GTP-aware capability available but not configured
FTP Servers
Known vulnerabilities with potential for DoS attacks; establish Superuser permissions; control FTP
sites
Lack of Defense-in-Depth
Internal network with unrestricted protocol and service access
Spoofed source address from GRX into network, Remove GTP tunnels
Inject routing changes, Ability to leverage access across network
Undocumented Network Elements
Not documented = not managed. Unrestricted access, potential impact to availability

OPERATORS
Examples
Test Systems: Higher level of vulnerabilities
But unrestricted access to production network
Additional threat vector; Ability to bypass firewall protection
Network Management Systems
Access to broad range of network elements
Comprehensive policy for access and management not evident
Secure communication not addressed
Policy – Passwords, Access controls
Managing, changing, logging, distribution & storage procedures required
Incomplete password management policy and/or not enforced
Easily cracked passwords
Access rights - Lack consistent procedure to update, review as roles/personnel change
Policy – Audits
Baseline vulnerability data unavailable, lack of remediation plan or process


BAPINGER NETWORK SECURITY
LECTURE
CONCLUSION

Bapinger Solution,
Djadja Achmad S

7-Dec-09

CONCLUSION :

1. The successful operation of today’s communications
networks demands that many disparate systems and
applications can talk to each other. It’s no wonder there
are a few loopholes that make vulnerability on the
networks.
2. In recent years the most obvious threat to computer
systems has come from viruses. These attacks can usually
be traced to exploitation of one of a small number of
security flaws.
3. Insider attacks are almost certainly more common and
have the potential to be much more damaging.
4. A simple policy of ensuring that all systems are kept up to
date with the latest security patches and users are aware
of some simple security rules will thwart the majority of
these attacks.

7-Dec-09


THANK YOU

Bapinger Solution,
Djadja Achmad S

7-Dec-09

Bapinger Network Security

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Bapinger Network Security

Similar to Bapinger Network Security (20)

More from Djadja Sardjana

More from Djadja Sardjana (20)

Recently uploaded

Recently uploaded (20)

Bapinger Network Security