AUB Department of Electrical and Computer Engineering

Imad H. Elhajj American University of Beirut

Electrical and Computer Engineeringie05@aub.edu.lb

ITU Academia SeminarSeptember 28, 2011

Potential Collaboration between ITU and Academia on Cyber Security

AUB Department of Electrical and Computer Engineering

Macro

AUB Department of Electrical and Computer Engineering

Macro

AUB Department of Electrical and Computer Engineering

Micro

AUB Department of Electrical and Computer Engineering

Nano

AUB Department of Electrical and Computer Engineering

Nano

AUB Department of Electrical and Computer Engineering

Office

Play

AUB Department of Electrical and Computer Engineering

AUB (Founded in 1866)

AUB Department of Electrical and Computer Engineering

Electrical and Computer Engineering

AUB 7,500 students 73-acre Campus

ECE 620 Undergraduate students 50 Graduate students 26 Full-time faculty members Opportunities for graduate students and

collaboration

AUB Department of Electrical and Computer Engineering

Areas of Research

AUB Department of Electrical and Computer Engineering

Security Group At AUB

Dr. Ayman Kayssi Dr. Ali Chehab Dr. Imad Elhajj 3 PhD Students 8 MS Students

AUB Department of Electrical and Computer Engineering

Graduate Courses Offered

Cryptography and Computer Security Internet Security Wireless Security Information Security Management Network and Computer Security

Laboratory

AUB Department of Electrical and Computer Engineering

Laboratory Description

This laboratory addresses advanced network and computer security topics. Experiments include the execution of attacks, the setup of intrusion detection and prevention, securing computers and wired and wireless networks, and digital forensics.

AUB Department of Electrical and Computer Engineering

Topics Covered

• Section 1 — Networking Basics - How do networks work?– Lab 1: Security Lab Setup and Networking Basics

• Section 2 — Vulnerabilities and Threats - How can networks be compromised?– Lab 2: Scanning and Enumerating the Network for Targets and Address Spoofing

– Lab 3: Denial of Service Attacks and Network Applications Exploits

– Lab 4: Malware Analysis and Botnets

– Lab 5: Escalating Privilege – Sniffing, Keylogging, Password Cracking and Man in the Middle Attacks

– Lab 6: Security in Wireless Systems

• Section 3 — Prevention - How do we prevent harm to the networks?– Lab 7: Firewalls

– Lab 8: Hardening the Host Computer and Securing Network Communications

• Section 4 — Detection and Response – How do we detect and respond to attacks?

– Lab 9: Preparing for and Detecting Attacks

– Lab 10: Identify and Mitigate Network Attacks

– Lab 11: Digital Forensics

AUB Department of Electrical and Computer Engineering

Lab Objectives

The objectives of this lab are to give students: An applied understanding of the principles of network and

computer security. A hands-on experience in attack execution, and the use of tools

in such attacks. A hands-on experience in the use of intrusion detection and

prevention systems and techniques. The practical knowledge required to secure computers and

networks including the setup of policies and security assessment. The practical knowledge to conduct digital forensics and attack

tracing

AUB Department of Electrical and Computer Engineering

Lab Overall Diagram

AUB Department of Electrical and Computer Engineering

Lab Group Diagram

AUB Department of Electrical and Computer Engineering

Cabinets

Juniper IPS

AUB Department of Electrical and Computer Engineering

Photos

AUB Department of Electrical and Computer Engineering

Photos

AUB Department of Electrical and Computer Engineering

Potential Uses

Customized training for industry Testing and benchmarking of equipment Vendor demonstrations Lab could potentially be virtualized to

duplicate at low cost

AUB Department of Electrical and Computer Engineering

ITU Resolutions Relevant to AUB Collaboration

ITU Plenipotentiary Resolution 130: Strengthening the role of ITU in building confidence and security in the use of information and communication technologies (Guadalajara, 2010)

ITU WTDC Resolution 45: Mechanisms for enhancing cooperation on cybersecurity, including combating spam (Hyderabad, 2010)

ITU WTDC Resolution 69: Creation of national computer incident response teams, particularly for developing countries, and cooperation between them (Hyderabad, 2010)

ITU WTSA Resolution 58: Encourage the creation of national computer incident response teams, particularly for developing countries (Johannesburg, 2008)

UN Resolutions 57/239 (2002) and 58/199 (2004): Creation of a global culture of cybersecurity and the protection of critical information infrastructures

AUB Department of Electrical and Computer Engineering

Research Relevance to ITU-T SG17 Questions

QUESTIONS TITLEQ 1/17   Telecommunications systems security project Q 2/17   Security architecture and framework Q 3/17   Telecommunications information security

management Q 4/17   Cybersecurity Q 5/17   Countering spam by technical means Q 6/17   Security aspects of ubiquitous telecommunication

services Q 7/17   Secure application services Q 8/17   Service oriented architecture security Q 9/17   Telebiometrics Q 10/17   Identity management architecture and mechanisms Q 11/17   Directory services, Directory systems, and public-

key/attribute certificates

AUB Department of Electrical and Computer Engineering

Potential Collaboration between ITU and AUB

Test lab for ITU-T standards conformance Contributions to standards (ITU-T SG17).

Several of the questions for Study Group 17 are areas of research at AUB

Organizing events (workshops, seminars) Capacity building and Awareness Help establish CERT (AUB Member of the

PAN Arab Cyber Security Observatory)

AUB Department of Electrical and Computer Engineering

ie05@aub.edu.lb

Thank you