Network Security
Module 1
Network Security
Need for Network Security
In
the past, hackers were highly skilled programmers who
understood the details of computer communications and how
to exploit vulnerabilities.
Today
almost anyone can become a hacker by downloading
tools from the Internet.
These
complicated attack tools and generally open networks
have generated an increased need for network security and
dynamic security policies.
With
the development of large open networks, security
threats have increased significantly in the past 20 years.
Hackers
have discovered more network vulnerabilities .
Types of attack
Classes of attack might include passive
monitoring of communications, active network
attacks, exploitation by insiders, and attacks
through the service provider.
A system must be able to limit damage and
recover
rapidly
when
attacks
occur.
There are five types of attack:
Passive Attack
Active Attack
Distributed Attack
Insider Attack
Close-in Attack
Active Attack
In anactive attack,the attacker tries to
bypass or break into secured systems. This can
be done through stealth, viruses, worms, or
Trojan horses.
Active attacks are mounted against a network
backbone, exploit information in transit,
electronically penetrate an area, or attack an
authorized remote user.
Active attacks result in the disclosure or
dissemination of data files, DoS, or modification
of data.
Active Attacks
Masquerade Attack:
An entity pretends to be some other entity, for
example, An entity captures an authentication
sequence and pretend to be the original entity.
Replay Attack:
It capture the data and retransmit to receiver for
producing an unauthorized effect.
Modification of messages:
A portion of a real message has been altered to
produce an undesirable effect.
Denial of service:
It
prevent
normal
use
of
computer
and
communications resources. For example Flooding of
packets in computer network, Swamping of CPU or a
server.
Information Security
Protection of data.
Has gone two major changes:
1. Computer Security:
oTimesharing systems: multiple users share
the H/W and S/W resources on a computer.
o Remote login is allowed over phone
lines.Measures and tools to protect data and
thwart hackers is called Computer Security.
Information Security
2. Network Security:
Computer networks are widely used
to connect computers at distant
locations.
Raises additional security problems:
o Data in transmission must be
protected.
o Network connectivity exposes each
computer to more vulnerabilities.
Henric Johnson
Attacks, Services and Mechanisms
Three aspects of Information Security:
Security
Attack: Any action that compromises the security
Security
Mechanism: A mechanism that is designed to
Security
Service: A service that enhances the security of
of information.
detect, prevent, or recover from a security attack.
data processing systems and information transfers. A security
service makes use of one or more security mechanisms.
8
Security Attacks
Security Attacks
Interruption: An asset of the system is destroyed or
becomes unavailable or unusable.
This is an attack on availability.
Examples:
Destroying some H/W (disk or wire).
Disabling file system.
Flooding a computer with jobs or communication
link with packets.
Henric Johnson
10
Security Attacks
Interception: An unauthorized party gains access to an asset.
O This is an attack on confidentiality.
Examples:
>Wiretapping to capture data in a network.
>Illegally copying data or programs.
Henric Johnson
11
Security Attacks
Modification: An unauthorized party gains access and tampers
an asset.
oThis is an attack on integrity.
Examples:
Changing data files.
Altering a program.
Altering the contents of a message.
Henric Johnson
12
Security Attacks
Fabrication: An unauthorized party inserts a counterfeit object
into the system.
O This is an attack on authenticity.
Examples:
> Insertion of records in data files.
> Insertion of spurious messages in a network. (message
replay).
Henric Johnson
13
Passive vs. Active Attacks
1. Passive Attacks:
o Eavesdropping on information without
modifying it.
(difficult to detect ).
2. Active Attacks:
o Involve modification or creation of info.
Henric Johnson
14
Henric Johnson
15
Passive Threats
Release of a message contents:
Contents of a message are read.
> A message may be carrying
sensitive or confidential data.
Traffic analysis:
An intruder makes inferences by
observing message patterns.
> Can be done even if messages are
encrypted.
> Inferences: location and identity of
hosts.
Henric Johnson
16
Security Services
A classification of security services:
Confidentiality (privacy)
Authentication (who created or sent the data)
Integrity (has not been altered)
Non-repudiation (the order is final)
Access control (prevent misuse of resources)
Availability (permanence, non-erasure)
Denial of Service Attacks
Virus that deletes files
Henric Johnson
17
Security Goals
Confidentiality
Integrity
Avalaibility
Henric Johnson
18
Design Guidlines
Authentication
Authorization
Accounting
Physical access control
Logical access control
Methods of Defence
Encryption
Software Controls (access limitations in a data base, in
operating system protect each user from other users)
Hardware Controls (smartcard)
Policies (frequent changes of passwords)
Physical Controls
Henric Johnson
20
Security for Computers
Ways to secure data
Locked servers
Removable hard drives that are locked when
not in use
Hard disk drives requiring special tools for
detachment
Physical cages around computers that prohibit
access
Passwording files
Security when using Internet
Firewall
Dedicated
computer that
governs interaction
between internal
network and the
Internet
Encryption
Data Encryption
Standard (DES)