Professional Documents
Culture Documents
Widespread
DDoS
Packet
spoofing
1997 2007
2
What are the Issues & problems?
Security was not a fundamental design
consideration
The Internet is growing exponentially
User dependence is increasing;
With increasing complexity, there are
billions of entry points
3
Who are the intruders?
• Criminals
• “Curious” Intruders
• Insiders
• Corporate Spies
4
Motives
Money
Access to additional resources
Competitive advantages
Curiosity and Mischief
Terrorism
5
BUT!!!! I do not have anything important on my machine;
who would want to crack my machine ??????
7
Possible Attacks:
DDoS (Distributed Denial of Service)
Sniffing
Port Scanning
Malicious code
8
9
Denial of Service (DoS) Attack
10
Example of DDoS attack:
Request with
spoofed IP of target
Intruder
Target
11
Example of DDoS attack:
12
Target
Sniffing
• Examines traffic on same physical network
• Intruder must have physical access to
network
• Used to gather usernames and passwords
13
Port Scanning
• Over 65535 ports available.
• Each port scanned sequentially.
14
Malicious Code
• Includes Viruses and
Trojan Horses
• Difficult to control.
15
Methods of Defence
• Encryption
• Software Controls
• Hardware Controls
• Policies
• Firewalls
16
Encryption
Science of writing in Secret Code
Protects data from theft and alteration.
Unencrypted Data PlainText
Encrypted Data CipherText
17
Cryptographic Techniques
18
Secret Key Cryptography
19
Public Key Cryptography
20
Hash Function
21
Sample Application of 3 Cryptography Techniques
for Secure Communication
Alice’s Hash
Digital
Function
Message Envelope
Encrypted Sent to
Random Secret Key Message Bob
Crypto
Session Key
Encrypted
Bob’s Public Key Session
Public Key Crypto Key
22
SOFTWARE CONTROLS
HARDWARE CONTROLS
Use Smartcard for authentication
23
POLICIES
24
Firewalls
A firewall is a network access control device.
Performs a centralized security management
function.
Denies all traffic except that which is
explicitly allowed.
25
Why Use firewalls?
Prevent Compromises and Vulnerabilities
Preventing DDoS Attack
Preventing Port Scanning
Preventing Malicious Code
Prevent Attack From Insiders
26
As individuals and businesses increase
information sharing and communication via the
Internet, vulnerability to attack or
intrusion rises.
27
I would like to thank:
Mrs. Vandana Syal
&
All of you for your time and
patience.
28