Information Security and Forensics

Lecture # 11

Classify Security Attacks as

 Passive attacks
o -eavesdropping on, or monitoring of, transmissions to;
o -obtain message content, or
o -monitor traffic flows
 Active attacks-
o Modification of data steam to:
o masquerade of one entity as some other
o reply previous messages
o modify messages in transit
o denial of services

Passive Attacks: Release of Message contents

Traffic Analysis

Observe pattern from bob to Alice

Masquerade

Message from Darth that appear to be from Bob

Replay

Capture message, later reply message to alice

Modification of Message

Darth modifies message from Bob to Alice

Denial of Service

Darth disrupts service provided by server

Passive Threats Active Threats

Traffic analysis

Release of masquerade reply Modification Denial of series

Message contents

Active and Passive threats

Model for network security

Model for Network Security

 Using this model require us to

1. : design a suitable algorithm for the security transformation
2. : generate the secret information used by the algorithm
3. : develop methods to distribute and share the secret information
4. : specify a protocol enabling the principals to use the transformation and secret
information for a security service

Model for Network Access Security

Model for Network Access Security

 Using this model requires us to

1. 1: Select appropriate gatekeeper function to identify users
2. 2: implement security controls to ensure only authorized users access designated
information or resources
Trusted Computer System can be used to implements this model

Methods of Defense

 Encryption
 Software controls(access limitation in a database, in os protect each user from other
users)
 Hardware controls(smart card)
 Policies(frequent changes of password)
 Physical controls