Dilla University

College of Engineering and Technology

School of Electrical and Computer
Engineering (Computer Stream)
Computer Network Security

Dilla University
 CHAPTER ONE
Basic concepts in computer Network
security

By:Shewangizaw Liulseged
 WHAT IS COMPUTER SECURITY ?
• Computer security is refers to techniques for ensuring that
data stored in a computer cannot be read or compromised
by any individuals without authorization.
• Most computer security measures involve data encryption
and passwords.
• The purpose of computer security is to device ways to
prevent the weaknesses from being exploited.
WHAT IS COMPUTER SECURITY ?
• We are addressing three important aspects of any
computer-related system such as confidentiality, integrity,
and availability.
WHAT IS COMPUTER SECURITY ?
• These are the three goals in
computing Security.
1. Confidentiality
2. Integrity
3. Availability
THREE GOALS IN COMPUTING SECURITY

• Confidentiality: ensures that computer-related assets are

accessed only by authorized parties. Confidentiality is
sometimes called secrecy or privacy.
• Integrity: it means that assets can be modified only by
authorized parties or only in authorized ways.
• Availability: it means that assets are accessible to
authorized parties at appropriate times.
THREE GOALS IN COMPUTING SECURITY

• One of the challenges in building a secure system is

finding the right balance among the goals, which often
conflict.
 VULNERABILITY
• Vulnerability is a weakness in the security system.
• Weaknesses can appear in any element of a computer,
both in the hardware, operating system, and the
software.
The types of vulnerabilities we might find as they apply to
the assets of hardware, software, and data.
• These three assets and the connections among them are all
potential security weak points.
 HARDWARE VULNERABILITY

• Hardware is more visible than software, largely because it

is composed of physical objects.
• it is rather simple to attack by adding devices, changing
them, removing them, intercepting the traffic to them, or
flooding them with traffic until they can no longer function.
 HARDWARE VULNERABILITY

• other ways that computer hardware can be attacked

physically.
• Computers have been drenched with water, burned, frozen,
gassed, and electrocuted with power surges.
 SOFTWARE VULNERABILITIES

• Software can be replaced, changed, or destroyed

maliciously, or it can be modified, deleted, or misplaced
accidentally. Whether intentional or not, these attacks
exploit the software’s vulnerabilities.
 SOFTWARE VULNERABILITIES

• Sometimes, the attacks are obvious, as when the software

no longer runs. More subtle are attacks in which the
software has been altered but seems to run normally.
 DATA VULNERABILITY

• a data attack is a more widespread and serious problem

than either a hardware or software attack.
• data items have greater public value than hardware and
software because more people know how to use or
interpret data.
 THREATS

• A threat to a computing system is a set of circumstances

that has the potential to cause loss or harm.
• There are many threats to a computer system, including
human-initiated and computer-initiated ones.
• A threat is blocked by control of a vulnerability.
• We can view any threat as being one of four kinds such as
interception, interruption, modification, and fabrication.
THREATS

• An interception means that some

unauthorized party has gained
access to an asset. The outside
party can be a person, a program,
or a computing system.
 THREATS

• In an interruption is an asset of the system becomes lost,

unavailable, or unusable.
 THREATS

• If an unauthorized party not only accesses but tampers

with an asset, is called as a modification.
 THREATS

• An unauthorized party might create a fabrication of

counterfeit objects on a computing system.
• The intruder may insert spurious transactions to a network
communication system or add records to an existing
database.
 ATTACKS

• A human who exploits a vulnerability perpetrates an

attack on the system. An attack can also be launched by
another system, as when one
• system sends an overwhelming set of messages to another,
virtually shutting down the second system's ability to
function.
 ATTACKS

• Unfortunately, we have seen this type of attack frequently,

as denial-of-service attacks flood servers with more
messages than they can handle.
 CONTROL

• The control is an action, device, procedure or technique

that removes or reduces a vulnerability.
• We use a control as a protective measure.
• There are so many ways to control.
 HOW TO SECURE THE COMPUTER

• There are two ways

1. Physical secure
2. Other security methods
 PHYSICALLY SECURE COMPUTERS

• Obtain physical computer

locks for all your computers
 PHYSICALLY SECURE COMPUTERS

• Attach mobile proximity

alarms to your
computers.
 PHYSICALLY SECURE COMPUTERS

• Store computers in an area

with secure access.
• Or place the computers in a
locked room
 PHYSICALLY SECURE COMPUTERS

• Station security guards at

entry points to the college
building.
 SECURE THE COMPUTER

• Choose a good secured

operating system
 SECURE THE COMPUTER

• Choose a web browser based

on its security and vulnerabilities
because most malware will come
through via your web browser
 SECURE THE COMPUTER

• When setting up, use strong

passwords in your user account,
router account etc. Hackers may
use dictionary attacks and brute
force attacks.
 SECURE THE COMPUTER

• When downloading software

(including antivirus software), get
it from a trusted source
 SECURE THE COMPUTER

• Install good antivirus software

because Antivirus software is
designed to deal with modern
malware including viruses,
Trojans, key loggers, rootkits, and
worms.
 SECURE THE COMPUTER

• Download and install a

firewall
 SECURE THE COMPUTER

• Close all ports. Hackers use

port scanning (Ubuntu Linux
has all ports closed by
default)
BASICS OF CRYPTOGRAPHY
 BASICS OF CRYPTOGRAPHY
Name from Greek word called
‘ kryptos’ which means ‘Hidden secrets’.
Cryptography is the science and art of
transforming messages to make them
secure and immune to attack.
It is also the science of
using mathematics to encrypt and
decrypt data.
 BASICS OF CRYPTOGRAPHY

Cryptography enables you to store sensitive information

or transmit it across insecure networks so that it cannot
be read by anyone except the intended recipient.
study of techniques for secure communication in the
presence of third parties
 BASIC TERMS
PLAIN TEXT
CIPHER TEXT
CIPHER
ENCRYPTION & DECRYPTION
KEYS
 BASIC TERMS
Plain text
A message in its natural format readable by attacker.
Cipher text
Message altered to be unreadable by anyone except the
intended recipients.
Key
Sequence that control the operation and behaviour of the
cryptographic algorithm.
 BASIC TERMS
Encryption
The process of converting plain text into cipher text.
Decryption
The process of converting cipher text into plain text.
cipher
Algorithm for transforming plaintext to ciphertext
cryptanalysis (codebreaking)
Study of principles/ methods of deciphering ciphertext
without knowing key
Cryptology
Field of both cryptography and cryptanalysis
 TYPES OF CRYPTOGRAPHY
Cryptography

Symmetric key Asymmetric key

cryptography cryptography
(Public key cryptography)

Classical cryptography Modern cryptography

Transposition cipher Substitution cipher Stream cipher Block cipher

 SYMMETRIC KEY CRYPTOGRAPHY
It is also known as secret key.
Sender & receiver uses same key & an encryption or
decryption algorithm to encrypt/decrypt data. i.e. the key is
shared.
same key for encryption and decryption .
Key distribution problem may happen.
It is Simpler and Faster
But it is Less secured
 SYMMETRIC KEY CRYPTOGRAPHY
D_K(E_K(P)) = P
Where D_K is Decryption key, E_K is Encryption key, P is
plain text and K is key

E D
E_K(X)
X Enciphering Deciphering D_K(E_K(X)) = X

K
 SYMMETRIC KEY CRYPTOGRAPHY
Example
Let k = 4
Turn plaintext SECRET into cipher text
S+4=W, E+4=I, C+4=G, R+4=V, E+4=I, T+4=X
Some algorithms used are the following:
Data Encryption Standard (DES): 56 bits key
Advance Encryption Standard (AES): 128, 192 or 256 bits
key
International Data Encryption Algorithm(IDEA): 128 bits
key
 TRANSPOSITION CIPHER
In classical cryptography, a transposition cipher changes one
character from the plaintext to another i.e. the order of the
characters is changed.
1.Rail Fence Cipher
2.Columnar Transposition
Simple Columnar Transposition
Double Columnar Transposition
 1. RAIL FENCE & SIMPLE COLUMNAR CIPHER
In this method plain text is written downwards on “rails of fence
“ , starting a new column when bottom is reached.
Algorithm:
1. First write down plain text message as a sequence of diagonals.
2. Read the plain text written in first step as a sequence of rows.
 1. RAIL FENCE CIPHER
Example:
Plain text: come home tomorrow

Cipher text: cmhmtmrooeoeoorw

Plain text: Welcome to home where key is 2
Cipher text=_________________
 TRANSPOSITION CIPHER
In the transposition technique the positions of
letters/numbers/symbols in plaintext is changed with one
another.
1 2 3 4 5 6 4 2 1 6 3 5
M E E T M E T E M E E M
A F T E R P E F A P T R
A R T Y Y R A T

Plain text: MEET ME AFTER PARTY

Cipher text: TEMEEMEFAPTRYRAT
KEY USED: 421635
 SUBSTITUTION CIPHER
Substitution cipher is a method of encryption by which
units of plaintext are substituted with cipher text
according to a regular system.
 EXAMPLE 1. CAESAR CIPHER
earliest known substitution cipher
by Julius Caesar
first attested use in military affairs
replaces each letter by a letter three places down the alphabet
example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
 CAESAR CIPHER
can define transformation as:
abcdefghijklmnopqrstuvwxyz
DEF GHIJKLMNO PQRSTUVWXYZABC
mathematically give each letter a number
abcd efgh i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
then have Caesar cipher as:
C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)
Where C is cipher text, E(p) is encryption key, p is plain text, k is the
key D(c) is dycryption key
Plain text=MEET ME what is the Cipher text=PHHWPH
 ASYMMETRIC CRYPTOGRAPHY
It is also known as public key
Two keys: public k, private k’ used.
• Private key not required for both parties
More computationally intensive
Mathematically related key pairs for encryption/decryption
more secured Authentication
Relatively Complex
Diffie-Hellman is one of the first public key cryptographic
systems used.
COMPARISION