Natalia Miloslavskaia, Associate Professor Alexandre Tolstoi, Associate Professor

The Educational Course "Vulnerability and Protection Methods in the Global Internet Network" — the Experience of the Moscow State Engineering Physics ...
Author: Jerome Jackson
1 downloads 1 Views 3MB Size
The Educational Course "Vulnerability and Protection Methods in the Global Internet Network" — the Experience of the Moscow State Engineering Physics Institute Natalia Miloslavskaia, Associate Professor Alexandre Tolstoi, Associate Professor

E-mail: [email protected], [email protected] URL: http://www.fis-mephi.ru

Information Protection Expert Training in Russia 40 Russian universities; their activity is licensed by Russian State authorities

MEPhI MEPhI = the Moscow State Engineering Physics Institute (Technical University)

The Russian State Humanitarian University: graduates get the degree of a qualified information protection manager.

The St.-Petersburg State Technical University: experts on computer protection against computer viruses and other malicious programs.

MEPhI: specialists in hardware and software methods and tools of information protection for modern information processing systems.

1997 - The Ministry of General and Vocational Training (MGVT) of the Russian Federation has accepted a decision to convene a training methodological association of higher schools for information security education, whose basic tasks are 1) development of the state educational standards for the personnel training 2) co-ordination of educational activities.

Educational Level Structure Expert training along the speciality group “Information Security”

Expert training along the trend “Information Security” 4 YEARS

BACHELOR 6 YEARS

MASTER

UNIVERSITY

S T A N D A R D

ENGINEER 5...5.5 YEARS

IMPROVED by the MGVT

TECHNICAL UNIVERSITY, INSTITUTE

From the State Codifier of Specialities SPECIALITY

QUALIFICATION

Secure Telecommunication Systems Information Security Organization and Technology Complex Maintenance of Automated Systems Information Security

Engineer 1) Mathematician 2) Engineer 3) Manager Engineersystemotechnics

5 State Standards

main activities:

Expert training Professional re-training

D E P A R T M E N T S

Information Protection Cryptology and Discrete Mathematics Strategic Information Researches Information Security of Banking Systems Computer Law

Faculty of Information Security Trends

Specialities

Law

Specialisations

Complex Maintenance of Automated Systems Information Security

Technologies of Maintenance of Banking Automated System Information Security

Computer Law (bachelor)

Security Maintenance of Distributed Information Systems Security Analysis of Information Technologies Design and Management of Complex Systems of Information Security Maintenance

Re-training Courses for Security Service Workers of Financial and Banking Establishments • • • •

Since 1995. Lectures and practice sessions. Special programs (1, 2, 3 weeks). Both university lecturers and highly skilled experts of various state and commercial structures. • About 1000 employees of the Central bank of the Russian Federation and the Savings bank of Russia from all the regions of Russia have already passed through this system.

Faculty of Information Security 1997 - educational course (EC) Vulnerability and Protection Methods in the Global Internet network 1998 - EC was successfully tested with senior and post-graduate students

EC is taught: 1) as the basic course for the speciality of Complex Maintenance of Automated Systems Information Security 2) at professional re-training courses (8 hours, shortened course)

A student is an active participant of the training process (even during lectures)

Virtual audiences and Web-technology are an effective environment for such an active training

The Global Internet Network January 1999 (www.nua.com): • > 320 m documents; • serving daily more than 115 m users; • 45 m hosts (active computers with unique Internetaddresses).

The Russian Public Center of Internet Technologies www.rocit.ru: • •

180000 hosts; > 26000 information resources in Russian language (Websites, pages, servers, independent thematic sections); • 1500000 of Russian Internet users: 250000 have got the right of access in private usage; 500000 have access from corporate networks; 600000 from the educational and academic networks.

Internet users — from specialists without training in the field of information technologies and home-computer users up to experts in the field of computer networks and network technologies. Aims of the Internet users — from the harmless search for information and copying of graphics, audio and video and software to the intrusion into computers and networks with Internet access for the purpose of stealing information of different degrees of confidentiality and the start of the destructive software and network viruses. => difficult choice of appropriate specialized tools for protection, warning and detection of the attacks from Internet

Requirements for Preliminary Preparation Internet protocols Internet services basic principles of network security and protection technologies network operating systems (Unix, Windows 95, 98 and NT, Netware) database management systems computer viruses programming languages and technologies (C, Java, and ActiveX)

Student’s Knowledge after Training applying methods of network traffic and security monitoring applying methods of malefactors intrusion detection in a network applying and developing own methods, strategies, and tools for securing networks estimating the quality of services and products offered in the Internet carrying out research in the World Wide Web using e-mail and news groups

The Syllabus Structure hours per week quantity duration, hours

laboratory exercises

seminars

amount, hours

lectures

32 28 24 20 16 12 8 4 0

1 academic term = 16 weeks = 64 academic hours

Stages of EC development The illustrative material (IM) for the EC = presentation of > 400 slides (Windows 95; Microsoft PowerPoint 97). Location: faculty local area network (LAN) server with access to 1) staff during classes and 2) students during their independent work. Requirements: 12-Mb hard disc space and not less than 24 KB RAM for demonstration. The slides were complemented by hypertext references to Web-sites in the Internet, acquaintance with which assumes use of any standard Web-browser (Netscape Navigator, Microsoft Internet Explorer etc.).

The electronic tutorial (ET)

Electronic Tutorial (cover)

Progress Test is Carried out by: 1) checking homework, during performance of which a student is • to take quizzes (“common tutorial”), • to write some program modules for perfection of already available protection tools or for implementation of some remote network attacks, • to develop integrated protection of networks with particular topology and segmentation while connecting to the Internet (“practical tutorial”); 2) to do an examination at the end of the EC. In the Electronic Tutorial test will be automated!

Objectives of IM creation 1) to help lecturers to present their professional knowledge in a most effective — electronic — way that would give them the necessary modern level and a high quality of stated material; 2) to apply teaching based on automation and involving extensive information resources of the Internet; 3) to place students in such an environment, where they can creatively use this technology as a part of their daily exercises within the framework of self-education, actively construct their own knowledge, set their individual style of training and master new information; 4) to give state-of-the-art information on the EC theme at the expense of usage of hypertext references to Web-sites with the newest documents, demos of the latest software information protection tools for networks, and descriptions of functionality of hardware protection tools.

IM Characteristics The subject of the EC - the Internet - is very dynamic => the EC should be dynamic. The content of its core is static and is based on the fundamental principles of open network security.

The Internet references maintain state-of-the-art information. IM base - Web-technology with hypertext links to information: 1) Web-browsers are easy in use and are widely accessible; 2) Web pages can contain any information stored in a computer including multimedia (images, sound, video...); 3) Web pages support interaction by means of forms or executable code such as Java.

Internet usage in EC: 1) search engines and databases for in-depth study of themes; 2) file transfer service for downloading text files and software; 3) e-mail for communication with other trainees, experts, and teachers; 4) discussion groups and teleconferences on certain themes; 5) composition of private address books of Web-sites with information on the newest strategies and standards of protection, reviews of research organisations, and information from hacker’s and other malefactors communities.

IM and ET Structure Introductory part (“cover” + instructions + preliminary tests...)

illustrations for the main ideas of all chapters notes analysis of certain examples (case studies) glossary Training part

references

knowledge control Internet resources (only in ET)

IM usage: independent teaching CDROM ("off-line training") at home PC

IM can be represented on an institute Web-site

separate block of network file server ("online training")

at display classes with connection to network of institute, faculty or department and access to all network information resources (databases, software, libraries etc.)

2 + access to other open systems and the global Internet network

With an instructor

Without an instructor

EC Content 1.Introduction: – brief discussion of principles, which underlie Internet design and influence security of stand alone computers and networks connected to the Internet; – main types of Internet users and their purposes in maintenance of information protection; – some examples of system breaking and statistical data on threats in networks; – types of malefactors and main reasons of network breaking; – classification of remote attacks and typical schemes of attacks; – classic and modern methods of intrusions.

EC Content 2.Weakness and vulnerability in various types of networks and the Internet used for non-authorized access to information: – weakness and vulnerability of protocols, system utilities, commands, and information services; – some examples of attacks using errors in programming; – attacks by network computer viruses.

EC Content 3. Protection tools used for securing connections between firm networks and the Internet:

– levels of security in the Internet; – some conceptual approaches for networks and interworking protection; – security policies and means of their implementation; – fundamentals of client/server architecture protection; – Internet host protection, including protection of database management systems and network operating systems (by examples of UNIX, Windows NT, Novell Netware); – communication channel protection by means of firewall installation and various systems of password and message encryption; – monitoring and auditing tools which detect weak places in networks; – electronic data interchange protection; – selection of protected network topology; – existing hardware-software protection tools for different kinds of attacks.

EC Content 4.Conclusion: – attack attributes; – list of tools that should be installed in a network with access to the Internet; – some practical recommendations for protection of networks having access to the Internet; – some useful Web-sites with additional information on the themes of the EC.

Advantages of Distance Learning System in Russia 1) equal educational opportunities for everybody irrespective of where they are living; 2) the EC can be installed and run at a remote computer; 3) this remote PC can address all institute network resources and open networks to which a network manager has opened access; 4) training becomes very flexible and individual and focuses on the needs and interests of a trainee; 5) students can work irrespective of time and place with a suitable rate of acquaintance with the course material; 6) expenses for training for students are essentially reduced.

Suggest Documents