sequences can be captured and replayed after a valid authentication sequence has taken place, thus

enabling an authorized entity with few privileges to obtain extra privileges by impersonating an
entity that has those privileges. Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect (Figure 1.8). Modification of messages simply
means that some portion of a legitimate message is altered, or that messages are delayed or
reordered, to produce an unauthorized effect (Figure 1.9). For example, a message meaning “Allow
John Smith to read confidential file accounts” is modified to mean “Allow Fred Brown to read
confidential file accounts.” The denial of service prevents or inhibits the normal use or management
of communications facilities (Figure 1.10). This attack may have a specific target; for example, an
entity may suppress all messages directed to a particular destination (e.g., the security audit service).
Another form of service denial is the disruption of an entire network—either by disabling the
network or by overloading it with messages so as to degrade performance. Security aspects come
into play when it is necessary or desirable to protect the information transmission from an opponent
who may present a threat to confidentiality, authenticity, and so on. All of the techniques for
providing security have two compl security objWith a DoS attack, a hacker attempts to render a
network or an Internet resource, such as a web server, worthless to users. A DoS attack typically
achieves its goal by sending large amounts of repeated requests that paralyze the network or a
server. A common form of a DoS attack is a SYN flood, where the server is overwhelmed by
embryonic connections. A hacker sends to a server countless Transmission Control Protocol (TCP)
synchronization attempts known as SYN requests. The server answers each of those requests with a
SYN ACK reply and allocates some of its computing resources to servicing this connection when it
becomes a "full connection." Connections are said to be embryonic or half-opened until the
originator completes the three-way handshake with an ACK for each request originated. A server
that is inundated with half-opened connections soon runs out of resources to allocate to upcoming
connection requests, thus the expression "denial of service attack." The following sidebars provide
the anatomy oreceiver must also be mutually agreeing to the sharing of the message. Now, the
transmission of a message from sender to receiver needs a medium i.e. Information channel which is
an Internet service. A logical route is defined through the network (Internet), from sender to the
receiver and using the communication protocols both the sender and the receiver established
communication. Any security service would have the three components discussed below: 1.
Transformation of the information which has to be sent to the receiver. So, that any opponent
present at the information channel is unable to read the message. This indicates the encryption of
the message. It also includes the addition of code during the transformation of the information
which will be used in verifying the identity of the authentic receiver. 2. Sharing of the secret
information between sender and receiver of which the opponent must not any clue. Yes, we are
talking of the encryption key which is used during the encryption of the message at the sender’s end
and also during the decryption of message at receiver’s end. 3. There must be a trusted third party
which should take the responsibility of distributing the secret information (key) to both the
communicating parties and also preThe network security model presents the two communicating
parties sender and receiver who mutually agrees to exchange the information. The sender has
information to share with the receiver. But sender cannot send the message on the information
cannel in the readable form as it will have a threat of being attacked by the opponent. So, before
sending the message through the information channel, it should be transformed into an unreadable
format. Secret information is used while transforming the message which will also be required when
the message will be retransformed at the recipient side. That’s why a trusted third party is required
which would take the responsibility of distributing this secret information to both the parties
involved in communication. So, considering this general model of network security, one must
consider the following four tasks while designing the security model. 1. To transform a readable
message at the sender side into an unreadable format, an appropriate algorithm should be designed
such that it should be difficult for an opponent to crack that security algorithm. 2. Next, the network
security model designer is conc