Professional Documents
Culture Documents
Lecture 9
Syed Asim Jalal
Department of Computer Science
University of Peshawar
Security Goals
• Confidentiality
– Concealment of information or resources
• Integrity
– Trustworthiness of data or resources
• Availability
– Ability to use information or resources
Confidentiality
• Need for keeping information secret
arises from use of computers in sensitive
fields such as government, electronic-
commerce, and banking
• Mechanisms, such as cryptography,
support confidentiality
– Example: encrypting account or personal
information
Integrity
• Computer Security
– They are the collection of tools designed
– to protect data and
– to prevent hackers’ attacks
• Interruption:
– This is an attack on availability of services
– Disrupting traffic
– It could also mean Physically breaking communication
line
• Interception:
– This is an attack on confidentiality
– Overhearing, eavesdropping over a
communication line
Security Attacks (continued)
• Modification:
– This is an attack on integrity of data
– Corrupting transmitted data or tampering
with it before it reaches its destination
• Fabrication:
– This is an attack on authenticity
– Faking data as if it were created by a
legitimate and authentic party
Threats and Attacks
• Threat
– A potential for violation of security or a possible
danger that might exploit a vulnerability
• Attack
– An assault on system security- an intelligent act
that is a deliberate attempt to evade security
services and violate the security policy of a
system.
Passive and Active Attacks
13
– Passive Attack
14
Passive Attack Example
Passive Attack Example
– Active Attack
In an active attack, the attacker tries to break or bypass any
security mechanisms implemented to secure a system or
network.
The attacker gains access to information or resources after
breaking some security mechanism.
Active attacks result in the disclosure or dissemination of
data files, Denial of Service (DoS) attacks or modification of
some data.
Such attacks can be carried out through viruses, worms,
Trojan horses or any programming code.
For example, Denial-of-service attacks, spoofing.
17
Active Attack Example
21
Phishing Attack
22
23
24
Spoof attack/Masquerading
– The term spoofing usually refers to a category of
scam in which the sender poses as somebody else.
Pretending to be someone else, usually in an email or any
other communication using fake IP address.
25
– Attackers poses as original person or organization by using
similar URL or email addresses.
– One aim is to deceive a recipient of a message to download
harmful content or provide sensitive information in return.
– In a spoof attack, the hacker may modify the source address
of the packets he or she is sending so that they appear to be
coming from someone else in order to attempt to bypass a
firewall.
IP Spoofing
27
– Eavesdropping is the process of examining packets as they
are in transit between a source and destination device.
– A hacker typically uses a protocol-analyzer tool (packet
sniffer) to perform eavesdropping.
– In general, the majority of network communications occur in
an unsecured or "clear text" format, which allows an attacker
who has gained access to data paths in your network to "listen
in" or interpret (read) the traffic.
28
Denial of service attacks
– In this kind of attack, an attacker floods servers with data
packets in an attempts to make a machine or network resource
unavailable for users.
– The goal is interrupted or suspended services that connect to
the Internet.
29
Viruses
– Computer programs that corrupt or delete files
– Virus is sent as attachments or embedded in other files.
Worm
– A worm is a program that replicates itself over a network with
some malicious intent in mind, such as crashing a system or
using up all the resources on the system.
– A worm doesn’t need to be sent.
– Trojan horse
– A malicious program that hides within a friendly program,
waiting for the user to activate it through normal computer
and application activity.
The easiest way to protect a network from an outside
attack is to close it off completely from the outside
world.
31
Network security
32
Network security measures would:
– Allow only authorized users to access resources in
a network
– Prevent unauthorized users from obtaining access
33
Firewall: to prevent networks from attacks
34
A firewall is a network security system that
monitors and controls the incoming and outgoing
network traffic based on predetermined security
policy (rules).
35
– It protects local area network (LAN) from outside
intruders.
– It offers Safety barrier for data flowing in and out.
36
Basic Principles of firewall
37
Firewall limitation
Firewalls do not protect you from internal security threats to your
local area network.
38