Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Chapter_Five Compueter secuityryhf S.pdf
1. Welcome to CoSc 4031
Computer Security
Chapter Five
Security Mechanism
Dilla University
College of Engineering and Technology
School of Computing and Informatics, Department of comp.sci
Dilla University, Department of Computer Science
3. Introduction
• A security mechanism is a software or hardware
that is designed to identify, avoid, or restore
from a security attack.
• Security mechanisms are built using personnel
and technology.
– Personnel are used to frame security policy and
procedures, and for training and awareness.
– Technologies like cryptography, digital signature,
firewall, user identification and authentication, and
other measures like intrusion detection, virus
protection, and, data and information backup, as
countermeasures for security attack.
Dilla University, Department of
Computer Science
3
4. Introduction to Firewall
• A firewall can be defined as a special type of
network security device or a software program that
monitors and filters incoming and outgoing network
traffic based on a defined set of security rules.
• It acts as a barrier between internal private
networks and external sources (such as the public
Internet).
• The primary purpose of a firewall is to allow non-
threatening traffic and prevent malicious or
unwanted data traffic for protecting the computer
from viruses and attacks.
Dilla University, Department of
Computer Science
4
5. Introduction to Firewall
• A firewall is a cybersecurity tool that filters
network traffic and helps users block malicious
software from accessing the Internet in infected
computers.
• To protect private networks and individual
machines from the dangers of the greater
Internet.
• a firewall can be employed to filter incoming or
outgoing traffic based on a predefined set of
rules called firewall policies.
Dilla University, Department of
Computer Science
5
7. Introduction to Firewall
• Packets flowing through a firewall can have one of three
outcomes:
– Accepted: permitted through the firewall
– Dropped: not allowed through with no indication of failure
– Rejected: not allowed through, accompanied by an attempt
to inform the source that the packet was rejected
• Policies used by the firewall to handle packets are based on
several properties of the packets being inspected, including
the protocol used, such as:
– TCP or UDP
– Source and destination IP addresses
– Source and destination ports
– Application-level payload of the packet (e.g., whether it
contains a virus).
Dilla University, Department of
Computer Science
7
8. Firewall Types
• There are multiple types of firewalls based on their traffic
filtering methods, structure, and functionality. A few of
the types of firewalls are:
• Packet filtering Firewall (stateless): A packet filtering
firewall controls data flow to and from a network. It allows
or blocks the data transfer based on the packet's source
address, the destination address of the packet, the
application protocols to transfer the data, port number and
so on.
• Stateful inspection Firewall filters (Dynamic packet
filtering ): It maintains records of all connections passing
through it and can determine if a packet is either the start
of a new connection, a part of an existing connection, or is an
invalid packet. This type keeps track of all open connections
in a table.
Dilla University, Department of
Computer Science
8
9. Firewall Types
• Application-Level Gateways (Proxy service Firewall): This
type of firewall protects the network by filtering messages
at the application layer. For a specific application, a proxy
firewall serves as the gateway from one network to another.
• Next-Generation Firewall: The next-generation firewall is a
deep-packet inspection firewall that adds application-level
inspection, intrusion prevention, and information from
outside the firewall to go beyond port/protocol inspection
and blocking.
Dilla University, Department of
Computer Science
9
10. Proxy Server
• A proxy server is a computer on the internet that
accepts the incoming requests from the client and
forwards those requests to the destination server.
• It works as a gateway between the end-user and
the internet. It has its own IP address. It
separates the client system and web server from
the global network.
• The basic purpose of Proxy servers is to protect
the direct connection of Internet clients and
internet resources.
Dilla University, Department of
Computer Science
10
11. Proxy Server
• The proxy server also prevents the identification of
the client’s IP address when the client makes any
request is made to any other servers.
• Proxy servers allow to hide, conceal and make your
network id anonymous by hiding your IP address.
Dilla University, Department of
Computer Science
11
13. Proxy Server
Dilla University, Department of
Computer Science
13
• Proxy servers offers the following basic functionalities:
• Monitoring and Filtering: Content Filtering, Filtering encrypted
data, Bypass filters, Logging and eavesdropping.
• Bandwidth savings and improved speeds: It fasten the service
by process of retrieving content from the cache which was
saved when previous request was made by the client.
• Translation: It helps to customize the source site for local
users by excluding source content or substituting source
content with original local content. In this the traffic from the
global users is routed to the source website through Translation
proxy.
• Accessing services anonymously: In this the destination server
receives the request from the anonymizing proxy server and
thus does not receive information about the end user.
• Security: Since the proxy server hides the identity of the user
hence it protects from spam and the hacker attacks.
14. Types of Proxy Servers
Dilla University, Department of
Computer Science
14
• There are many types of proxy servers available. The two most
common types of proxy servers are forward and reverse proxy
servers.
• Forward Proxy server - In this proxy server, the user’s request
is passed from the internal server to the internet by passing
through a firewall check.
• Forward proxies are configured to either ‘allow' or ‘deny' the
user's request to pass through the firewall to access content on
the Internet.
• This means that the target server doesn’t see the user’s real
online identity, which is beneficial for their privacy
15. Types of Proxy Servers
Dilla University, Department of
Computer Science
15
• Reverse Proxy Server: A reverse proxy is designed to work
with the backend servers’ needs, ensuring their performance,
stability, and security.
• Reverse proxies act on the server’s behalf, receiving user
requests, routing them via the proxy network, and forwarding
the server’s response back to the client.
• It handles all the access policy management and traffic routing,
and it protects the identity of the server that actually
processes the request.
16. Intrusion Detection System (IDS)
• IDS is a device or system that monitors incoming and outgoing
network traffic to detect potential anomalous or suspicious activity.
It does this by comparing incoming traffic to suspicious patterns or
identifiers drawn from a database of known threats.
• As the name suggests, the primary purpose of an IDS is to detect
and then alert the relevant people to prevent intrusions within IT
infrastructure. These solutions can be either hardware devices or
software applications.
• The main goal of an IDS is to detect anomalies before hackers
complete their objective. Once the system detects a threat, the IDS
informs the IT staff and provides the following info about the
danger:
– Monitor inbound and outbound network traffic.
– Analyze the patterns in the network continuously.
– The source address of the intrusion.
– Send an alert and alarm immediately after detecting unwanted intrusion and activities in the network.
Dilla University, Department of
Computer Science
16
17. Intrusion Detection System (IDS)
IDS types vary based on where they’re monitoring threats and how they’re
detecting them.
1. Network intrusion detection systems (NIDS): A network intrusion
detection system will monitor traffic through various sensors — placed either
via hardware or software — on the network itself. The system will then monitor
all traffic going through devices across the multiple sensor points.
2. Host intrusion detection systems (HIDS): A HIDS examines the incoming
and outgoing traffic of the device only. It detects suspicious activities on the
device and alerts the administrator.
3. Protocol-based intrusion detection systems (PIDS): Organizations set up a
Protocol-based Intrusion Detection System at the front end of the server. It
interprets the protocols between the server and the user.
4. Application protocol-based intrusion detection systems (APIDS): This is
often leveraged on specific application protocols to specifically monitor activity,
helping network administrators better segment and classify their network
monitoring activities.
5. Hybrid intrusion detection systems: Hybrid IDS solutions provide a
combination of the above types of intrusion detection.
Dilla University, Department of
Computer Science
17
19. Intrusion prevention System (IPS)
Dilla University, Department of
Computer Science
19
• IPS is a device that inspects, detects, classifies, and
proactively prevents harmful traffic. If the IPS detects any
suspicious activity, it takes the correct remedial action per its
configuration and policy.
• This action could take the form of blocking it, reporting it, or
dropping it, reset the connection depending on how far the
intruder has penetrated at the time of detection.
• Intrusion Prevention System (IPS) is classified into 4 types:
• Host-based intrusion prevention system (HIPS):
• Network-based intrusion prevention system (NIPS):
• Wireless intrusion prevention system (WIPS):
• Network behavior analysis (NBA):
20. Intrusion Prevention System (IPS)
Dilla University, Department of
Computer Science
20
Classification of Intrusion Prevention System (IPS):
1. Network-based intrusion prevention system (NIPS):
A NIPS monitors and protects an entire network from
anomalous or suspicious behavior.
• This is a broad-based system that can be integrated
with additional monitoring tools to help provide a
comprehensive view of an organization’s network.
2. Wireless intrusion prevention system (WIPS): WIPS
are monitoring any wireless networks owned by an
organization.
• This type is similar to a NIPS but is localized to wireless
networks for a more targeted detection and response.
21. Intrusion Prevention System (IPS)
Dilla University, Department of
Computer Science
21
Classification of Intrusion Prevention System (IPS):
3. Host-based intrusion prevention system (HIPS):
HIPS are often deployed on key devices or hosts that an
organization needs to secure.
• The system will then monitor all traffic flowing through
and from the host to detect malicious behavior.
4. Network behavioral analysis (NBA): NBA solution will
look for anomalous behavior within patterns of a network
itself, making it key for detecting incidents such as DDoS
attacks, behaviors against the policy, and other types of
malware
22. Virtual Private network
• A virtual private network (VPN) is a technology that creates a
safe and encrypted connection over a less secure network, such
as the internet.
• A VPN establishes a secure, encrypted connection between
your computer and the internet, providing a private tunnel for
your data and communications while you use public networks.
• The encrypted connection helps to ensure that sensitive data is
safely transmitted.
• It prevents unauthorized people from eavesdropping on the
traffic and allows the user to conduct work remotely.
• VPN technology is widely used in corporate environments.
Dilla University, Department of
Computer Science
22
23. Virtual Private network
The benefits of a VPN connection
• Secure encryption: With the help of a VPN, your online activities are
hidden even on public networks.
• Disguising your whereabouts: VPN servers essentially act as your
proxies on the internet.
• Access to regional content: Regional web content is not always
accessible from everywhere.
• This means that you cannot access content at home while traveling,
and you cannot access international content from home. With VPN
location spoofing , you can switch to a server to another country and
effectively “change” your location.
• Secure data transfer: VPN services connect to private servers and
use encryption methods to reduce the risk of data leakage.
Dilla University, Department of
Computer Science
23
24. Different types of VPN
• There are two basic types of VPNs.
Remote-access VPN
• A remote-access VPN allows users to connect to another network,
be it the internet or their company’s internal system, through a
private encryption tunnel, usually by using special software.
Site-to-site VPN
• A site-to-site VPN, is also called a router-to-router VPN. This type
of VPN is mostly used within corporate environments, specifically
when an enterprise has headquarters in several different locations.
The site-to-site VPN creates a closed, internal network where the
various locations can all connect with each other. This is known as an
intranet.
Dilla University, Department of
Computer Science
24