Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Docsity AI
Docsity AI
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search for your university

Find the specific documents for your university's exams

Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

Network Security and Information Security: TCP Attacks, TCP Congestion Control, and IPsec, Cheat Sheet of Mathematics

Mathematics

An in-depth analysis of network security and information security, focusing on attacks against tcp, tcp congestion control mechanisms, and ipsec. The vulnerabilities of transmission control protocol (tcp) and the syn attack, as well as the use of ipsec for secure communication. It also covers the basics of ipsec, including protocols, security associations, authentication header, encapsulating security payload, and the handshake protocol.

Typology: Cheat Sheet

2023/2024

Uploaded on 01/22/2024

duck-fat
duck-fat 🇻🇳

1 document

1 / 41

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Information Security
Van K Nguyen - HUT
Network Security
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29

Partial preview of the text

Download Network Security and Information Security: TCP Attacks, TCP Congestion Control, and IPsec and more Cheat Sheet Mathematics in PDF only on Docsity!

Information Security

Van K Nguyen - HUT

Network Security

Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology

Transmission Control Protocol - TCP 

Connection oriented protocol for a userprocess 

Reliable

, full-duplex channel: acknowledgements,

retransmissions, timeouts

Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology

The packets are delivered in the same order



Congestion control mechanisms

TCP 3-way handshake



The sequence numberx and y are random values that the other

Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology

values that the other side need to

ack

by

increment (x+1 or y+1)



The connection onlyfully opened whenserver-side receivedclient’s ack

Why it works? 

There is no authentication of the source ofthe packets



Addresses can be easily spoofed



Server needs to allocate a lot or resources

Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology 

Server needs to allocate a lot or resources while client doesn’t

Some measurements to the SYN attack 

Configuration Optimization 

At the server 

Reduce the timeout to 10 seconds  Increase the size of the queue Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology  Disable non-essential services, reducing the number ofports to be attacked

At all routers in the Internet 

Block packets to the outside that have source addressesfrom outside the internal network

TCP Congestion Control 

Source determines how much bandwidth is availablefor it to send, it starts slow and increases thewindow of send packet based on ACKS.



ACKS are also used to control the transmission of packets.

Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology

packets.



Uses Additive Increase Multiplicative Decrease(AIMD)



Uses Retransmission Timeout (RTO) to avoidcongestion

TCP Congestion Control

 All the attacker needs todo is generate a TCPflow to force the targetedTCP connection torepeatedly enter a retransmission timeout Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology retransmission timeout state

Intro 

Internet Protocol Security

IPsec

) is a

protocol

suite

for securing Internet Protocol (IP)

communications by authenticating and encryptingeach IP packet of a data stream. 

Authentication/integrity Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology Authentication/integrity

Confidentiality

Protection against replayed packets 

Transparent to applications 

below transport layer (TCP, UDP) 

IETF IPSEC Working Group 

Documented in RFCs and Internet drafts

Basics on IPSec 

Protocols  Internet key exchange (IKE) : set up a security association (SA) with encryption and authentication keys to be used.  Authentication Header (AH): provides integrity and authenticationwithout confidentiality  Encapsulating Security Payload (ESP): provides confidentiality Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology and can also provide integrity and authentication

Both AH/ESP can operate on two different modes  Transport-mode: encapsulates an upper-layer protocol (e.g. TCPor UDP) and prepends an IP header in clear  Tunnel-mode: encapsulates an entire IP datagram into newpacket adding a new IP header

Tunnel Mode 

ESP in Tunnel Mode 

encrypts and optionally authenticates the entireinner IP packet, including the inner IP header.



AH in Tunnel Mode



AH in Tunnel Mode 

authenticates the entire inner IP packet andselected portions of the outer IP header.

Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology

Security Associations 

SA- the basis for building security functions into IP.

A security association is simply the bundle of algorithmselection and parameters (such as keys) that is beingused to encrypt and authenticate a particular flow in onedirection. SPI (Security Parameter Index) + IP destination address uniquely  SPI (Security Parameter Index) + IP destination address uniquely identifies a particular Security Association.

Therefore, in normal bi-directional traffic, the flows aresecured by a pair of security associations.  SAs are unidirectional, sender supplies SPI to receiver. Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology

AH: Preventing Replay 

When a SA is established, sender initializes sequence counter to 0.

Every time a packet is sent the counter is incremented and is set inthe sequence number in the AH header.

When sequence number 2

  • 1 is reached, a new SA should be negotiated. Sep 2009 Information Security by Van K Nguyen Hanoi University of Technology

AH Authentication: Transport Mode Sep 2009

Information Security by Van K Nguyen Hanoi University of Technology