Scribd Logo
Upload

Welcome to Scribd!

  • 2 Security Attacks

    Uploaded by

    sasanaravi2020
    12 views37 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views37 pages

    2 Security Attacks

    Uploaded by

    sasanaravi2020

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 37

    Cryptography and Network

    Security

    Security Attacks

    S.Neelavathy Pari
    Assistant Professor
    Dept of Computer Technology
    MIT Campus, Anna University
    neela@annauniv.edu
    Introduction
    The art of war teaches us to rely not on the
    likelihood of the enemy's not coming
    but on our own readiness to receive him;

    not on the chance of his not attacking


    but rather on the fact that we have made our
    position unassailable.

    —The Art of War, Sun Tzu


    Outline
    • Information Security
    • Attacks, services and mechanisms
    • Security attacks
    • Security services
    • Methods of Defense
    • A model for Internetwork Security
    • Internet standards and RFCs
    Background
    • Information Security requirements have
    changed in recent times
    • Traditionally provided by physical and
    administrative mechanisms
    • computer use requires automated tools to
    protect files and other stored information
    • use of networks and communications links
    requires measures to protect data during
    transmission
    Definitions
    • Computer Security - generic name for
    the collection of tools designed to protect
    data and to thwart hackers
    • Network Security - measures to protect
    data during their transmission
    • Internet Security - measures to protect
    data during their transmission over a
    collection of interconnected networks
    • We have to formulate the method which
    consists of measures to
    – Deter
    – Prevent
    – Detect
    – Correct security violations

    that involve the transmission of information


    Attacks, Services and
    Mechanisms
    • Security Attack: Any action that compromises
    the security of information.
    • Security Mechanism: A mechanism that is
    designed to detect, prevent, or recover from a
    security attack.
    • Security Service: A service that enhances the
    security of data processing systems and
    information transfers. A security service makes
    use of one or more security mechanisms .
    Security Attack
    • any action that compromises the security
    of information owned by an organization
    • information security is about how to
    prevent attacks, or failing that, to detect
    attacks on information-based systems
    • have a wide range of attacks
    • can focus of generic types of attacks
    • note: often threat & attack mean same
    Security Attacks
    • Interruption : attack on Availability
    • Interception : attack on confidentiality
    • Modification : attack on integrity
    • Fabrication : attack on authenticity
    Attacks / Threats
    Passive Attacks
    Passive and Active attacks
    • The information is modified or accessed
    – Passive Attacks
    • Obtain information that is being transmitted
    (eavesdropping)
    – Two types
    • Release of Message Contents
    • Traffic analysis
    (server most frequently used)
    Very difficult to detect.
    Active Attacks
    • Active Attacks
    – Involves some modification of the data stream
    or the creation of a false stream.
    – Four categories
    • Masquerade :One entity pretends to be a different
    entity.
    • Replay : Passive capture of a transaction and
    subsequent replay.
    • Modification : Some portions of a message is
    altered on its way
    • Denial of Service : prevents access to resources.
    Security Goals

    Confidentiality

    Integrity
    Availability
    Security Services
    • Confidentiality (privacy)
    • Authentication (who created or sent the data)
    • Integrity (has not been altered)
    • Non-repudiation (the order is final)
    • Access control (prevent misuse of resources)
    • Availability (permanence, non-erasure)
    – Denial of Service Attacks
    – Virus that deletes files
    Network Access Security Model

    G Internal Network

    A
    Computers
    Opponent : T
    Access Channel S/W resource
    Human
    Virus E Databases
    Worm
    W
    A Security Control

    Y
    Methods of Defence
    • Encryption

    • Software Controls (access limitations in a data base,


    in operating system protect each user from other
    users)

    • Hardware Controls (smartcard)

    • Policies (frequent changes of passwords)

    • Physical Controls
    Security Service
    – is something that enhances the security of the
    data processing systems and the information
    transfers of an organization
    – intended to counter security attacks
    – make use of one or more security
    mechanisms to provide the service
    – replicate functions normally associated with
    physical documents
    • eg. have signatures, dates; need protection from
    disclosure, tampering, or destruction; be notarized
    or witnessed; be recorded or licensed
    Internet standards and RFCs
    • The Internet society
    – Internet Architecture Board (IAB)
    – Internet Engineering Task Force (IETF)
    – Internet Engineering Steering Group
    (IESG)
    Internet RFC Publication
    Process
    Security Mechanism
    • a mechanism that is designed to detect,
    prevent, or recover from a security attack
    • no single mechanism that will support all
    functions required
    • however one particular element underlies
    many of the security mechanisms in use:
    cryptographic techniques
    • hence our focus on this area
    OSI Security Architecture
    • ITU-T X.800 Security Architecture for OSI
    • defines a systematic way of defining and
    providing security requirements
    • for us it provides a useful, if abstract,
    overview of concepts we will study
    Security Services
    • X.800 defines it as: a service provided by
    a protocol layer of communicating open
    systems, which ensures adequate security
    of the systems or of data transfers
    • RFC 2828 defines it as: a processing or
    communication service provided by a
    system to give a specific kind of protection
    to system resources
    • X.800 defines it in 5 major categories
    Security Services (X.800)
    • Authentication - assurance that the
    communicating entity is the one claimed
    • Access Control - prevention of the
    unauthorized use of a resource
    • Data Confidentiality –protection of data from
    unauthorized disclosure
    • Data Integrity - assurance that data received is
    as sent by an authorized entity
    • Non-Repudiation - protection against denial by
    one of the parties in a communication
    Security Mechanisms (X.800)
    • specific security mechanisms:
    – encipherment, digital signatures, access
    controls, data integrity, authentication
    exchange, traffic padding, routing control,
    notarization
    • pervasive security mechanisms:
    – trusted functionality, security labels, event
    detection, security audit trails, security
    recovery
    Summary
    • have considered:
    – computer, network, internet security def’s
    – security services, mechanisms, attacks
    – X.800 standard
    – models for network (access) security
    Limitation of ASCII based
    cryptography
    • ASCII and EBCDIC code developed by
    using only English character and word.
    • Difficult for Hebrew and Arabic
    • It was very difficult to represent the
    language with huge number of characters.

    UNICODE : 16 bit decimal code.


    BC 1600 Ancient Tamil Porulkoal
    language like
    Tholkappiyam and
    Thirukural
    BC 1500 Egypt Symbolic Representation

    BC 500 ATBASH in Bible written in zig zag of


    Hebrew scripts

    BC 486 Spartans Transposition cipher,


    cylinder with a strip of
    leather

    60-50 BC Julius Caesar Caesar cipher – shifting of


    characters
    Choice of Unicode

    Devanagari 128 code values from 0900


    Bengali 128 code values from 0980
    Oriya 128 code values from 0B00
    Gurmukhi 128 code values from 0A00
    Gujarati 128 code values from 0A80
    Tamil 128 code values from 0B80
    Telugu 128 code values from 0C00
    Kannada 128 code values from 0C80
    Malayalam 128 code values from 0D00
    Reliability on multi language
    • Multilanguage possibility for indian languages
    • Total number of Languages currently
    spoken=337
    • Let’s Assume Number of character in each
    language=100
    • Total Number of Character=100*337
    =33700
    • Compare to this value total English alphabets 26
    is negligible
    In india there are
    • 18 scheduled languages
    • 114 other languages
    • 216 mother tongues
    • 96 non specified languages
    totally up to 10000 languages speaks
    by people.
    • Most of the languages becomes extinct as
    last speaker dies.
    • In order to preserve the language, people
    who are really interested in their mother
    tongue tries to make the keyboard available
    in their own language.
    • This is the best way of preserving the
    language because now a days computers
    are the one used by everyone at every time.
    Recommended Reading

    Pfleeger, C. Security in Computing.


    Prentice Hall, 1997.

    William Stallings cryptography and network


    security , 4th edition

    Mel, H.X. Baker, D. Cryptography


    Decrypted. Addison Wesley, 2001.

    You might also like