Professional Documents
Culture Documents
Architecture
Lecture-1
Subject – Network Security & Cryptography
Class – B.E Information Technology
5th Semester
by
SECTION-B
(06)
Public Key Encryption Systems
Concept and Characteristics of Public Key Encryption system, Rivets-Shamir-Adleman (RSA) Encryption,
Digital Signature Algorithms and authentication protocols, Digital Signature Standard (DSA).
(05)
Hash Algorithms
Hash concept, description of Hash Algorithms, Message Digest Algorithms such as MD4 and MD5, Secure
Hash Algorithms such as SH1 and SHA2
(04)
Network Security
Kerberos, IP security: Architecture, Authentication Header, Encapsulating Security Payload
(04)
Web Security
Web security consideration, Secure Socket Layer Protocol, Transport Layer Security, Secure Electronic
Transaction Protocol
(04)
Firewalls
Firewall Design principles, Trusted Systems, Virtual Private Networks.
Outline
• Computer Network & its goals
• Layered model
• TCP/IP Hybrid Protocol Stack
• What is vulnerability
• Typical Internet Architecture
• Vulnerabilities in Internet
Architecture
• Questions & Feedback
Introduction to Computer Networks
Computer Network
Computer network
connects two or more
autonomous computers.
Philosopher-
translator-
secretary
architecture.
7
OSI Reference Models
8
Packet Encapsulation
The data is sent
down the protocol
stack
Each layer adds
to the data by
prepending
headers
64 to 1500 Bytes
TCP/IP Protocol Stack for Internet
Packet Switching
Vulnerability
• A vulnerability is a weakness which can be exploited by an
attacker
• A vulnerability is a hole or a weakness in the application,
which can be a design flaw or an implementation bug, that
allows an attacker to cause harm to the stakeholders of an
application. Stakeholders include the application owner,
application users, and other entities that rely on the
application.
(https://owasp.org/www-community/vulnerabilities/)
• Attacker perform unauthorized actions within the system once
the weakness is exploited
• A network vulnerability is a weakness or flaw in software,
hardware, or organizational processes, which when
compromised by a threat, can result in a security breach.
Internet Architecture
Vulnerabilities
No authentication, integrity and
traceability
X
Un patched
machines
Domain B
Legitimate hosts
Domain C
Lack of centralized control on
Internet
Infrastructure-level DDoS
attacks
Any suggestions !
Any Queries !