Introduction to Network Security-Network Security-Lecture Slides, Slides of Cryptography and System Security

This lecture was delivered by Prof. Adityavardhana Gavde at Ankit Institute of Technology and Science. It is part of series lecture on Network Security course. It includes: Network, Security, Attack, Threat, Active, Passive, Services, Encryption, Symmetric, Ciphers

Typology: Slides

2011/2012

Uploaded on 07/23/2012

pararijka
pararijka 🇮🇳

4.5

(4)

90 documents

1 / 25

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CE4608‐NetworkSecurity
(Lecture1)
docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19

Partial preview of the text

Download Introduction to Network Security-Network Security-Lecture Slides and more Slides Cryptography and System Security in PDF only on Docsity!

CE^4608 ‐

Network^ Security (Lecture^ 1)

Agenda

Course^ Contents Prerequisite^ &^

Text^ Book

What^ is^ Security? Network^ Security Aspects^ of^ Security Threat^ and^ Attack Active^ vs.^ Passive

Attack

Security^ Services Encryption? Course^ Objective Grading^ and^ Policies

Prerequisite

&^ Textbook

“Cryptography

and^ Network

Security^ Principles

and^ Practices”,

Fourth^ Edition,

by^ William^ stalling

Reference

books

Cryptography

and^ Network

Security”^ by

Behrouz^ A^ Forouzan “Introduction

to^ Network^ Security”

by^ Neal

Krawets. “Introduction

to^ Cryptography

and^ Network

Security”^ by^ Sunil

Gupta

Network^ Security?

Network security is the security measures thatare^ needed

to^ protect

data^ during

their

transmission.

Aspects^ of

Security

Security^ attack:

Any^ action^ that

compromises^ the

security^ of^ information

owned^ by^ an^ organization.

Security^ mechanism:

A^ mechanism^

that^ is^ designed

to

detect,^ prevent,

or^ recover^ from

a^ security^ attack.

Security^ service:

A^ service^ that^

enhances^ the^ security

of^ the^ data^ processing

systems^ and^ the

information

transfers^ of^ an^

organization. Designed to counter^ security^ attacks.

Interruption

Destroy^ hardware

(cutting^ fiber)^

or^ software

Corrupt^ packets

in^ transit

Denial^ of^ service

(DoS):Crashing the serverOverwhelm the server^ (use^ up^ its

resource) S^

R

Modification

Stop^ the^ flow

of^ the^ message.

Delay^ and^ optionally

modify^ the^ message

Release^ the

message^ again. S

R Perpetrator

Fabrication

Unauthorized

assumption^

of^ other’s

identity Generate^ and

distribute^ objects

under

this^ identity S^

R Masquerader:^ from

S

Passive^ Attacks

Passive^ attacks

eavesdrop,

or^ monitor,

transmission. Goal:^ To^ obtain

transmitted

information.

^2 Types^ of

passive^ attacks.

Passive^ Attack

Types

Release^ of^ contents:

A^ telephone^ conversation,

an

electronic^ mail

message,^ or^ confidential

information.

Traffic^ analysis:

Using^ the^ location

and^ identities^

of

hosts^ and^ the^ frequency

and^ length^ of^ messages

to

determine^ the^

type^ of^ communication

taking^ place.

Passive^ attacks

are^ difficult^ to

detect^ since^ they

do^ not

involve^ any^ alteration

of^ data.

Active^ Attacks

Types

Masquerade^ takes

place^ when^ one^ entity

pretends^ to^ be^ a different^ entity.^ This^ form^ usually

includes^ one^ of^ the^ other

forms^ of^ active^ attack. Replay^ involves

the^ passive^ capture

of^ a^ data^ unit^ and

its

subsequent^ retransmission

to^ produce^ an^ unauthorized

effect.

Modification^ occurs

when^ an^ unauthorized

party^ gains^ access to^ and^ tampers^ with

an^ asset. This is an attack on^ integrity. Denial^ of^ service

prevents^ or^ slow

down^ the^ normal

use^ or

management^ of^ communications

facilities.

Security^ Services

(CAIN2A)

Confidentiality^ is^ the

protection^ of^ transmitted

data^ from^ passive^ attacks. Authentication^ is^ concerned

with^ assuring^ that^ a^

communication^ is authentic. Integrity^ assures^ that

messages^ are^ received

as^ sent. A^ connection‐oriented

integrity^ service^ should

assure^ that^ there^ are

no

duplicates,^ insertions,

deletions,^ modifications,

reordering,^ or^ replays. A^ connectionless^ integrity

service^ deals^ only^ with

an^ individual message. Non‐repudiation^ prevents

either^ the^ sender^ or

receiver^ from^ denying

a

transmitted^ message. Access^ Control^ is^ the

ability^ to^ limit^ and^ control

the^ access^ to^ host^ systems and^ applications^ via^ communications

links. Availability^ is^ the^ ability

to^ prevent^ the^ loss^ or

a^ reduction^ in^ availability

of

elements^ of^ a^ distributed

system.