Course1.

1: Network Security
1.1

The intense factor for an organization is to ensure security. Cyber world cannot be thinking without
security and safety, thus, there must be a standard security architecture, which need to be followed by
an organization. This International standard security architecture is called OSI security architecture,
which provides the needed security and safety, preventing potential threats, and risks, organize tasks in
an organization effectively as well as enhances performance. The main three pillars of OSI is security
attacks, security mechanism and security services.

1.2

The security attacks includes two types- active threat and passive threat.

If the attackers try to change or modify the data or massages then it will be type of active attacks. In
case of active attacks, the system is always damaged and resource of the system can be changed. In
active attacks the victims: sender and receiver get informed about the attacks.

On the other hand if the attackers only watch the content or messages silently but not change any data
is called passive attacks. Here, attackers keeps a close observation on the transmission or eave-dropping
the transmission. Passive attacks are more dangerous for the confidentiality because due to passive
attacks there is no harm in the system so the victims cannot trace the attack before. Therefore, the
victims cannot get informed before and cannot be prepared.

1.3

Based on the behavior active attacks can be divided into four categories:

1. Masquerade is a type of active attack where the attacker manipulates the information received by the
receiver by claiming itself as the sender.

2. Replay is a type of active attack where the attacker attacks the transmitted message through a passive
channel making the final message received by the receiver look, as it is not authorized and safe.

3. Modification of Message is a type of active attack where the attacker modifies the transmitted
message and makes the final message received by the receiver look, as it is not authorized and safe.

4. Denial of Services is a type of active attack, the receiver is prevented from receiving the transmitted
message, as there is an overflow of requests to the receiver, which makes the services damage from
their usual behavior.

Based on their behavior passive attacks are divided into two parts:

1. Message Content is the type of passive Attack where the intruder stealing all the message/data
transmitted unethically. Here, the information gathered by the intruder is stolen unethically.
2. Masked Traffic Analysis: This type of passive Attack involves messages/ data being encrypted before
transmission. Here, the message being masked/ encrypted the intruder cannot read the message but
only understand the pattern and length of encryption.

1.4

To maintain the security and the safety of an organization there are different types of security services.
These security services are divided into 5 main types, which are:

Authentication: To ensure the optimized permission is well verified and safe, authentication is the most
basic service.

Access Control: Only authorized users have the access to the available resources access control is
necessary.

Data Confidentiality: To ensuring the data is kept extremely safe from third-party intruders, data
confidentiality is responsible.

Data Integrity: To ensures that the transmitted information received by the receiver is well-
authenticated and there is no tampering with the information received.

Non- repudiation: It controls the forwarding of the message transmission by either of the parties (sender
and receiver).

1.5

Security mechanism is the mechanism that is built to identify any breach of the organizations.

Types of Security Mechanism are:

Encipherment:

To hide and cover of data, which helps to keep data’s confidentiality decipherment, is used.
Mathematical calculations or algorithms are applied in cryptography and encipherment.

Access Control:

Access control is used to stop unattended access to send data like applying password, using firewall, or
just by adding PIN to data
Notarization:

Notarization is the use of third party in communication. To reduce the possible conflict it acts as
mediator, which keeps the record of the requests.

Data Integrity:

Data integrity is used by appending value to data created by itself. It should be ensured when this packet
or data is checked similar while sending and receiving data integrity.

Authentication exchange:

This security mechanism deals with identity to be known in communication. This is achieved at the
TCP/IP layer where two-way handshaking mechanism is used to ensure data is sent or not.

Bit stuffing:

Bit stuffing is used to add some extra bits into data, which is being transmitted. To check at the receiving
end and to achieve by even and odd party Bit stuffing is used.

Digital Signature:

To add some invisible data this security mechanism is achieved. It is a form of electric signature, which is
added by senders checked by receiver to preserve data.

1.6

Fundamental Security Design Principles:

Economy of Mechanism: Security measures implemented in the software and the hardware must be
simple and small.

Fail-safe Defaults: If any user wants access to any mechanism then whether the access is permitted or
denied should be based on authorization rather than elimination.

Complete Mediation: There must be an access control mechanism, which would check every access-
taking place on the system.

Open Design: The security mechanism design should be open to the public.

Separation of Privilege: This security principle states that whenever a user tries to gain access to a
system, the access should not be granted based on a single attribute or condition.
Least Privilege: Only those limited privileges should be assigned to the user, which are essential to
perform the desired task.

Least Common Mechanism: There should be minimum common functions to share between the
different users.

Psychological Acceptability: This security design principle says that the security mechanisms design to
protect the system should not interfere with the working of the user every now and then.

Isolation: The system that has critical data, processes or resources must be isolated such that it restricts
public access.

Encapsulation: This security design principle is a form of isolation, which is designed on the principle of
object-oriented principles.

Modularity: This principle helps in updating the security mechanism independently without modifying
the entire system.

Layering: Multiple security layers must be used in order to protect the opponent from accessing crucial
information.

Least Astonishment: This is all about the security design principles that should be considered while
designing the security mechanism for a system.

1.7

Attack surface is the total summation of all the touchpoints on a network where a resister can attempt
to gain access across the hardware, software, cloud, and network components.

It is consists of the reachable and exploitable vulnerabilities in a system.

Attack trees allow dangers against system security to be sculptured briefly in an easy to realize graphical
format.

A branching, hierarchical data structure that represents a set of potential techniques for exploiting
security vulnerabilities.

The security incident that is the goal of the attack is delineated as the root node of the tree.

The ways that an attacker could reach that goal are iteratively and increasingly represented as branches
and subnodes of the tree.

The effectiveness of cybersecurity, network security, banking system security, installation and personnel
security may all be modeled using attack trees.