Professional Documents
Culture Documents
LEARNINIG OBJECTIVES
Introduction:
1
The terms network security and information security are often used interchangeably. Network
security is generally taken as providing protection at the boundaries of an organization by
keeping out intruders or hackers. Information security, however, explicitly focuses on protecting
data resources from malware attack or simple mistakes by people within an organization by use
of data loss prevention (DLP) techniques. Network security starts from authenticating the user,
commonly with a username and a password. Once authenticated, a firewall enforces access
policies such as what services are allowed to be accessed by the network users.
Security management:
Security Management for networks is different for all kinds of situations. A small home or an
office would only require basic security while large businesses will require high maintenance
and advanced software and hardware to prevent malicious attacks from hacking and spamming.
Threats:
Threats are an abuse of computer base information system. It means an occurrence or activity
which could result in loss of security. It is a breach of security as was stated before, which can be
either natural, physical, or accidental examples of these include flood, fire, earthquake, electrical
spark, manufacturer error, vandalism and so on. We can classify the security attacks as
Release of message content: The process of preventing an opponent from learning the
contents of transmissions
Traffic analysis: The process of guessing the information being transmitted by observing
the frequency and length of message being exchanged.
2. Active attack: Active attacks attempts to alter system resources or affects their
operation. It is very difficult to prevent active attacks absolutely.
According to sources, attacks on the security of a computer can be characterized best by viewing
how the computer functions when sending and receiving information. The normal and accurate
flow of information from one source (Source A) to another source, which is the destination (B),
is shown in the diagram below:
2
A Information flow A to B B
Information Information
Source A Destination B
Normal flow
However deviations from the normal flow of information will happen if there is an attack or a
threat:
• Interruption
• Interception
• Modification
• Fabrication
Interruption:
This happens when an asset is destroyed or becomes unavailable or cannot be used. This is an
attack on the availability of the system. Diagram (b) shows how interruption can occur.
A B
Examples of interruption are destruction of a piece of hardware, the cutting of cable and
disabling of a file management system.
Interception:
Interception occurs when any unauthorized unit gains access to an asset. This attack means that
there is no privacy therefore it is an attack on confidentiality. The unauthorized unit or party
could be an individual, a program or even another computer. Diagram (c) reveals the nature of
interception.
Information goes to B
A B
Same information
also
Examples of interception can be seen ingoes to C – C to capture data into a network and coping
wiretapping
incorrect
of files which is not permitted.
destination
Interception
Modification:
3
If an unauthorized party gains access to a system and make some changes to it, then this
tampering is known as Modification. This medication is an attack on the integrity of the system
or the organization. Diagram (d) depicts this attack.
A B
C sends
Information
goes to C - changed
incorrect C information to B
destination
Modification
Examples of such tampering includes the changing of values in a file, altering a program so that
it performs differently and changing the contents of messages that are sent over the network.
Fabrication:
If an unauthorized party gains access to the system and inserts false objects into it, this is
Fabrication and it degrades the authenticity of the system. Diagram (e) reflects this information.
A B
Source C sends
information to B, C
B thinks that it is
coming from A
Fabrication
Examples of such an attack include a hacker gaining access to a person’s email and sending
messages. This makes the recipients believe that it is indeed the person sending the message
when it is in fact not so OR it could be addition of records to a file.
Security services: It enhances the security of a data processing system and the information
transfer of an organization. The services are intended to counter the security
attacks and they make use of one or more security mechanisms to provide the
service. Security services are as follow.
Confidentiality:
Integrity:
In information security, integrity means that data cannot be modified undetectably. This is not
the same thing as referential integrity in databases, although it can be viewed as a special case of
Consistency as understood in the classic ACID model of transaction processing. Integrity is
violated when a message is actively modified in transit. Most cipher systems provide message
integrity along with privacy as part of the encryption process. Messages that have been tampered
with in flight will not decrypt successfully.
Availability:
For any information system to serve its purpose, the information must be available when it is
needed. This means that the computing systems used to store and process the information, the
security controls used to protect it, and the communication channels used to access it must be
functioning correctly. High availability systems aim to remain available at all times, preventing
service disruptions due to power outages, hardware failures, and system upgrades. Ensuring
availability also involves preventing denial-of-service attacks.
Authenticity:
In computing, e-Business and information security it is necessary to ensure that the data,
transactions, communications or documents are genuine. It is also important for authenticity to
validate that both parties involved are who they claim they are.
Non-repudiation:
In law, non-repudiation implies one's intention to fulfill their obligations to a contract. It also
implies that one party of a transaction cannot deny having received a transaction nor can the
other party deny having sent a transaction. Electronic commerce uses technology such as digital
signatures and encryption to establish authenticity and non-repudiation.
Access control
Access to protected information must be restricted to people who are authorized to access the
information. The computer programs, and in many cases the computers that process the
information, must also be authorized. This requires that mechanisms be in place to control the
access to protected information.
Security mechanism: A mechanism that is designed to detect, prevent or recover the system
from the security attacks. The security mechanisms are as follow.
Encipherment: The use of mathematical algorithms to transfer the data into a form that is not
readily intelligible.
5
Digital signatures: Used to protect the data against forgery. Digital signature appended to the
data unit that allows a recipient of the data unit to prove the source and integrity of the data unit.
Data integrity: A variety of mechanisms are used to assure the integrity of data unit.
Traffic padding: The insertion of bits into gaps in a data stream to control traffic analysis
attacks
Notarization: The use of trusted third party to assure certain properties of a data exchange.
Routing control: Enables selection of particular physically secure routes for certain data and
allows routing changes.
A Model for network security: A message is to be transferred from one party to another party
across some sort of internet, then two parties who are the principals in this transaction must
cooperate for the exchange take place. When it is necessary to protect the information
transmission from attacker, then security aspects come into play. A model for network security
contains six different parts.
Always there is a chance for opponent to access data from information channel, but opponent
can’t access data from the trusted third party because these are trusted channels. A third party
may be needed to arbitrate disputes between the two principals concerning the authenticity of a
message transmission.
6
Trusted third party
Security Security
related related
transfor transfor
mation mation
message
message
Message
Message
Secure
Secure
Inf
ati
on
an
ne
ch
or
m
l
Secret Secret
information information
Opponent
sender receiver
This general model shows that there are four basic tasks in designing a security service:
4) Specify a protocol to be used by the two principals that make use of security algorithm
and the secret information to achieve a particular security service.
Internet society: Internet society is responsible for the development and publication of standards
for the use over the internet. The internet society is a professional membership organization that
oversees a number of boards and task forces involved in internet development and
standardization. The internet society is the coordinating committee for internet design,
engineering, and management. Three organizations under the internet society are responsible for
the actual work of standards development and publication.
• Internet Architecture Board (IAB): Responsible for defining the overall architecture of
the internet, providing guidance and broad direction to the IETF.
• Internet Engineering Task Force (IETF): The protocol engineering and development
arm of the internet.
7
RFC(request for comment) publication: The actual development of new standards and
protocols for the internet is carried out by the working groups chartered by IETF. Member ship
in a working group is voluntary, any interested party may participate. The RFCs are the working
notes of the internet research and development community.
Internet draft
Draft standard
Internet standard
Historic
• The left hand side of the figure shows the series of steps called standards track that a
specification goes through to become a standard.
• At each step, The IETF must make a recommendation for advancement of the protocol
and IESG must ratify it.
• The process begins when the IESG approves the publication of an internet draft
document as an RFC with the status of proposed standard.
• Here the white boxes represent the temporary states, which should be occupied for the
minimum practical time. The gray boxes represent long term states that may be occupied
for years.
• For a specification to be advanced to draft standard status, there must be at least two
independent and interoperable implementations from which adequate operational
experience has been obtained.
8
• After significant implementation and operational experience has obtained, specification
may be elevated to internet standard. At this point the specification is assigned an STD
number as well as an RFC number.
• Be technically competent
Internet standards categories: All the internet standards fall into one of two categories:
Format string vulnerabilities: Format string attacks are a class of software vulnerability
discovered around 1999. Format string attacks can be used to crash a program or to execute
9
harmful code. The problem stems from the use of unfiltered user input as the format string
parameter in certain C functions that perform formatting, such as printf().
For example: C functions take format string as a parameter that describes how the other
parameters should be interpreted. The string %d specifies the parameter should be displayed as a
decimal integer, while the %s specifies that a parameter should be displayed as an ASCII string.
Format strings gives us a lot of control over how the data is to be interpreted. Through format
string vulnerability attack, this control can be abused to read and write memory in arbitrary
locations.
• A malicious user may use the %s and %x format tokens, among others, to print data from
the stack or possibly other locations in memory.
• One may also write arbitrary data to arbitrary locations using the %n format token, which
commands printf() and similar functions to write the number of bytes formatted to an
address stored on the stack
ii) Reading attacks: These attacks typically utilize the %x format specifier to print
sections of memory that we do not normally have access to.
iii) Writing attacks: These attacks utilizes the %d , %u, %x format specifiers to over
write the instruction pointer.
TCP session hijacking: In computer science, session hijacking refers to the exploitation of a
valid computer session also called a session key—to gain unauthorized access to information or
services in a computer system. TCP session hijacking takes place when a hacker takes over a
TCP session between two machines. Since most authentications only occur at the start of a TCP
session, this allows the hacker to gain access to a machine. In particular, it is used to refer to the
theft of a magic cookie used to authenticate a user to a remote server.
10
• A hacker can also be "inline" between B and C using a sniffing program to watch the
conversation. This is known as a "man-in-the-middle attack".
• A common component of such an attack is to execute a denial-of-service (DoS) attack
against one end-point to stop it from responding. This attack can be either against the
machine to force it to crash, or against the network connection to force heavy packet loss.
• TCP session hijacking is much more complex and difficult attack. The purpose of this
attack is not to deny service, but to pretend to be an authorized user in order to gain
access to a system.
• Based on the anticipation of sequence numbers there are two types of TCP hijackings
a) Man-in-the-middle
b) Blind Hijacking.
ARP attacks: Address Resolution Protocol (ARP) spoofing, also known as ARP flooding or
ARP poisoning, is a technique used to attack an Ethernet wired or wireless network. ARP
Spoofing may allow an attacker to sniff data frames on a local area network (LAN) and modify
the traffic, or stop the traffic altogether. The attack can only be used on networks that actually
make use of ARP and not another method of address resolution.
Route table modification: In some situations, an attacker attempts to alter the route table
remotely. One common attack is snooping of Internet Control Message Protocol (ICMP) and
redirecting of packets there by fooling the hosts by allowing them to retransmit their packets
through the attackers IP address. This process continues till the connection between two hosts is
completely terminated. If an attacker is able to set his system across the routing path between the
two hosts, his task becomes much easier.
• The attacker must be able to intercept all messages going between the two victims and
inject new ones, which is straightforward in many circumstances (for example, an
attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert
himself as a man-in-the-middle).
11
• A man-in-the-middle attack can succeed only when the attacker can impersonate each
endpoint to the satisfaction of the other—it is an attack on mutual authentication. Most
cryptographic protocols include some form of endpoint authentication specifically to
prevent MITM attacks. For example, SSL authenticates the server using a mutually
trusted certification authority.
Brute force attack: A brute force attack or exhaustive key search is a strategy that can in
theory be used against any encrypted data by an attacker which involves systematically checking
all possible keys until the correct key is found. In the worst case, this would involve traversing
the entire search space.
• The key length used in the encryption determines the practical feasibility of performing a
brute force attack, with longer keys exponentially more difficult to crack than shorter
ones.
• One of the measures of the strength of an encryption system is how long it would
theoretically take an attacker to mount a successful brute force attack against it.
• Brute-force attacks are an application of brute-force search, the general problem-solving
technique of enumerating all candidates and checking each one.
UDP hijacking: To avoid the overhead problems associated with TCP protocol a connection less
protocol called User Datagram Protocol (UDP) will be used. The UDP protocol designer must be
responsible for implementing the equivalent features of TCP on the top of UDP. By hijacking the
UDP attacker can affect the communication between client and server. Here attacker may use
appropriate tools for obtaining the request from the client, and then produces a response of his
choice and insert it on the transmission line.
13