SPECIAL INTEREST GROUP 3RD

CYBERSECURITYSPECIAL INTEREST GROUP3RD MEETINGMAY 27, 2021

5:30 PM – 6:30 PM

WWW.SPSNET.COM WWW.SPSNET.COM/SPINNLABS [email protected]

http://www.spsnet.com/

http://www.spsnet.com/spinnlabS

mailto:[email protected]

AGENDA

1. Opening Remarks – Dr. Arshad Ali – 10 Min2. Security Management at University – Dr. Saad A. Malik, Namal – 15 Min3. Setting up a SOC in University – Mr. Rizwan Ali, SPS – 25 Min4. General Discussion – 10 Min





AGENDA






Security Management at a University

Part-IIby

Saad A. Malik*

SPS/SPINN Lab Special Interest Group on Cyber Security Weekly Talks

Dated: 27 May 2021*Saad A. Malik (Ph.D., Engr.)Asst. Prof. CS Department,Head ITSC & SDC,Namal Institute Mianwali, Pakistan.Email: [email protected]; [email protected]: +92 (0) 332 860 7168


Outline of the talk

Review a campus network for a Denial of Service Attack.

Example Campus NW

Networkof

Networks

What needs to be secured?

Internet

The Information residing in

Server


Internet

The Information residing in: Smart phones,

Laptops,Desktops,

PDA


Internet

The Information residing in: NW devicesNW devices

Internet

User #1Waiting for server

To get free

DOS Attack?

Internet

LMS is constantlyServicing User #2

RepeatedlySends requests

To LMS


To get free

DOS Attack?

Back to the Basics:- how information is accessed over the network?– – How information is stored in a computer?– – How it is made available on the network?– – how DOS attacks work!

Computers are Everywhere!

An internal Computer keeps each of the devices operational!

- processes information from data.- executes actions, based on commands.- e.g desktops, laptops, routers, smart phones.

CPU

Building blocks of a Computer!

MemoryRAM

MemoryCD / DVD

MemoryHDD

I/O Bus

Peripherals Peripheral 2 Peripheral 3 ...

CPU

Building blocks of a Computer

A LU

R3R4R5R2

R1R0

Path ControlLogic

Cache

CacheR3R4R5R2

R1R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD

Input / Output Interface

Keyboard Display Network InterfaceCard

Other Peripherals

CPU

How does code execute?

I/OCNTRLA LU

R3R4R5R2

R1R0

ControlLogicUnit

CacheCacheR3

R4R5R2

R1R0

MemoryRAM

Memory controller

+1

MemoryCD / DVD

MemoryHDD



Other Peripherals

Application CodeE.g. ask computer to find the sum of two numbers say a + b.A code which can sum two variable, is written in either Assembly, C, Java, Python etc.

The Code resides in HDD, till the time it is executed.

Code stored in HDD

CPU

How does a code execute?

I/OCNTRLA LU

R3R4R5R2

R1R0

ControlLogicUnit

CacheCacheR3

R4R5R2

R1R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD



Other Peripherals

Application Code

Step 1Step 2

E.g. ask computer to find the sum of two numbers say a + b.A code which can sum two variable, is written in either Assembly, C, Java, Python etc.


STEP 1, 2: On execution, it is fetched into RAM, then to CPU cache, and then into internal registers.

Code in CPU

CPU

How does a code execute?

I/OCNTRLA LU

R3R4R5R2

R1R0

ControlLogicUnit

CacheCacheR3

R4R5R2

R1R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD



Other Peripherals

E.g. ask computer to find the sum of two numbers say a + b.A code which can sum two variable, is written in either Assembly, C, Java, Python etc.


On execution, it is fetched into RAM, then to CPU cache, and then into internal registers.

STEP 3: ALU then computes the sum, stores it in one of the registers.

Application Code

Step 1Step 2

Step 3Step 4

Results

CPU

Files the containers of information!

I/OCNTRLA LU

R3R4R5R2

R1R0

ControlLogicUnit

CacheCacheR3

R4R5R2

R1R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD



Other Peripherals

Application Code

Results

The application code, and the results are stored as files.

The operating system manages the storage format of files. It also manages the resources.

Unix philosophy is behind stable OS’s e.g. Red Hat Linux, SystemV, MAC OS, Android.

Code FilesResult files

CPU

Send Results over the NW!

I/OCNTRLA LU

R3

R4

R5R2

R1

R0

ControlLogicUnit

CacheCacheR3

R4

R5R2

R1

R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD



Other Peripherals

Application Code

Results

ScenarioAssuming the results need to be sent to another computer connected over the network, then how the file named “Results” is transferred via the network.

CPU

I/OCNTRLA LU

R3

R4

R5R2

R1

R0

ControlLogicUnit

CacheCacheR3

R4

R5R2

R1

R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD



Other Peripherals

Application Code

Results

Another application will transform the file into another file, suitable for sending on the internet, called packet.

Note:The parcel may be sent directly from RAM, or could be stored in HDD.

Networking CodeParcel containing Results

CPU

I/OCNTRLA LU

R3

R4

R5R2

R1

R0

ControlLogicUnit

CacheCacheR3

R4

R5R2

R1

R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD



Other Peripherals

Application Code

Results

Parcel is sent to the NIC. NIC converts the digital data into electrical signals and sends them on a wire or wireless.

Networking Code

Parcel containing Results

CPU

The role of Operating System!

I/OCNTRLA LU

R3

R4

R5R2

R1

R0

ControlLogicUnit

CacheCacheR3

R4

R5R2

R1

R0

MemoryRAM

Memory controller

MemoryCD / DVD

MemoryHDD



Other Peripherals

Application Code

ResultsIn modern OS’s like Unix, and Windows, the networking code is embedded in the OS kernel.

OS supports multi-tasking i.e. it can run multiple applications simultaneously.

An application is considered a process, therefore each process is identified uniquely.

A popular API used for networking applications is Sockets

OS

Networking Code

MultiTasking Operating System

Process #1

Operating System

Process #2 Process #3

App #1 App #2

CPU Time Memory Network I/O Standard I/O

Simplified Linux Arch.Process #1 Process #2 Process #n

Apps


System Call Interface

Kernel

Architecture Dependent Kernel Code

GNU C Library (glibC)

User Space

Kernel Space

Simplified Kernel Sub-Systems


Process Management Virtual File System

Memory Management Network Stack

Architecture Dependent Device Drivers

Socket API






Socket BindListen Accept

Socket Application ProgrammerInterface

Misc Functions






Socket BindListen Accept

Socket API

Misc Functions

read writegetpidfork exec

getppid

System Calls

Networking APPsUse these APIs

To send message Over the network

Lets delve in to coding.

Internet

LMS is constantlyServicing User #2

RepeatedlySends requests

To LMS


To get free

Thank you !

Questions, queries etc.

AGENDA






GENERAL DISCUSSION([email protected])

•

•

•

•

•

•

•

•

THANK YOU!

[email protected]

BACK UP SLIDES

SPECIAL INTEREST GROUP 3RD

Documents