NETWORK

SECURITY
 Security Concerns

 Systems connected by networks are more prone to

attacks and also suffer more as a result of the
attacks than stand-alone systems (Reasons?)
 Concerns such as the following are common
 How do I know the party I am talking on the

network is really the one I want to talk?

 How can I be assured that no one else is listening

and learning the data that I send over a network

 Can I ever stay relaxed that no hacker can enter

my network?
 Concerns continued…

 Is the web site I am downloading information from a

legitimate one, or a fake?

 How do I ensure that the person I just did a financial

transaction denies having done it tomorrow or at a
later time?

 I want to buy some thing online, but I don’t want to let

them charge my credit card before they deliver the
product to me.
 That is why…
 ..we need security
 To safeguard the confidentiality integrity
authenticity and availability of data transmitted over
insecure networks
 Internet is not the only insecure network in this world
 Many internal networks in organizations are prone to
insider attacks
 In fact, insider attacks are greater both in terms of
likelihood of happening and damage caused
 Attacks, Services and Mechanisms

 Security Attack: Any action that compromises the

security of information.
 Security Mechanism: A mechanism that is designed to
detect, prevent, or recover from a security attack.
 Security Service: A service that enhances the
security of data processing systems and information
transfers. A security service makes use of one or
more security mechanisms.
Security Attacks
 Interruption: This type of attack is due to the
obstruction of any kind during the communication
process between one or more systems. So the systems
which are used become unusable after this attack by
the unauthorized users which results in the wastage of
systems.
 Interception: The phenomenon of confidentiality plays
an important role in this type of attack. The data or
message which is sent by the sender is intercepted by
an unauthorized individual where the message will be
changed to the different form or it will be used by the
individual for his malicious process. So the
confidentiality of the message is lost in this type of
attack.
Modification:
 As the name indicates the message which is sent by

the sender is modified and sent to the destination by

an unauthorized user. The integrity of the message is
lost by this type of attack. The receiver cannot
receive the exact message which is sent by the source
which results in the poor performance of the network.
 Fabrication: In this type of attack a fake message is
inserted into the network by an unauthorized user as if
it is a valid user. This results in the loss of
confidentiality, authenticity and integrity of the
message.
 Security Attacks

 Interruption: This is an attack on availability

 Interception: This is an attack on confidentiality
 Modfication: This is an attack on integtrity
 Fabrication: This is an attack on authenticity
 Passive and active attacks

 Passive attacks
 No modification of content or fabrication

 Eavesdropping to learn contents or other

information (transfer patterns, traffic flows etc.)

 Active attacks
 Modification of content and/or participation in

communication to
 Impersonate legitimate parties

 Modify the content in transit

 Launch denial of service attacks

 Eavesdropping

 In general, the majority of network communications

occur in an unsecured or "cleartext" format, which
allows an attacker who has gained access to data paths
in your network to "listen in" or interpret (read) the
traffic. When an attacker is eavesdropping on your
communications, it is referred to as sniffing or
snooping. The ability of an eavesdropper to monitor the
network is generally the biggest security problem that
administrators face in an enterprise. Without strong
encryption services that are based on cryptography,
your data can be read by others as it traverses the
network.
Passive Attacks
Passive Attacks
Active Attacks
Active Attacks
Security Attacks
 Security Services

 A security service is a service provided by the

protocol layer of a communicating system (X.800)
 5 Categories
 Authentication
 Access Control
 Data confidentiality
 Data Integrity
 Nonrepudiation (and Availability)
 Security Services

 Authentication (Peer entity authentication and

Data origin authentication)
 Ensuring the proper identification of entities and origins of
data before communication
 Access control
 Preventing unauthorized access to system resources

 Confidentiality
 Preventing disclosure to unauthorized parties
 Security Services

 Integrity (has not been altered)

 Preventing corruption of data
 Non-repudiation
 Collecting proof to prevent denial of participation in
transaction or communication
 Availability
 Protection against denial-of-service