1

SSM COLLEGE OF ARTS & SCIENCE

DEPARTMENT OF COMPUTER SCIENCE

UNIT - I
COMPUTE SECURITY

Computer Security is the process of detecting and preventing any unauthorized use of your
laptop/computer. This definition introduces three key objectives that are at the heart of computer
security CIA stands for:

1. Confidentiality

2. Integrity

3. Availability

CONFIDENTIALITY

Protects information (data1) from unauthorized access. This term covers two related concepts:

 Data1 confidentiality: Assures that private or confidential information is not made

available or disclosed to unauthorized individuals.

 Privacy: Assures that individuals control or influence what information related to them
may be collected and stored and by whom and to whom that information may be
disclosed.

INTEGRITY

Integrity is the accuracy and consistency of data as well as the completeness and reliability of
systems. This term covers two related concepts:
 2
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

 Data integrity: Assures that information (both stored and in transmitted packets) and
programs are changed only in a specified and authorized manner.

 System integrity: Assures that a system performs its intended function in an unimpaired
manner, free from deliberate or inadvertent unauthorized manipulation of the system.
AVAILABILITY

Availability is the ability for users to access systems and information when needed, even under
duress

These three concepts form what is often referred to as the CIA triad. Although the use of the
CIA triad to define security objectives is well established, some in the security field feel that
additional concepts are needed to present a complete picture (Figure 1.1). Two of the most
commonly mentioned are as follows

AUTHENTICITY

The property of being genuine and being able to be verified and trusted; confidence in the
validity of a transmission, a message, or message originator. This means verifying that users are
who they say they are and that each input arriving at the system came from a trusted source.

ACCOUNTABILITY

The security goal that generates the requirement for actions f an entity to be traced uniquely to
that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and
prevention, and afteraction recovery and legal action. Because truly secure systems are not yet
an achievable goal, we must be able to trace a security breach to a responsible party. Systems
must keep records of their activities to permit later forensic analysis to trace security breaches or
to aid in transaction disputes.
 3
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

1.2 THE OSI SECURITY ARCHITECTURE

The OSI (Open Systems Interconnection) Architecture defines a systematic approach to

providing security at each layer.

The OSI security architecture focuses on security attacks, mechanisms, and services. These can
be defined briefly as
THE OSI SECURITY ARCHITECTURE

 Security attack: Any action that compromises the security of information owned by an
organization.

 Security mechanism: A process (or a device incorporating such a process) that is designed to
detect, prevent, or recover from a security attack.

 Security service: A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization. The services are
intended to counter security attacks, and they make use of one or more security
mechanisms to provide the service.

1.3 SECURITY ATTACKS

A security attack is an attempt by a person or entity to gain unauthorized access to disrupt or

compromise the security of a system, network, or device. These are defined as the actions that
put at risk an organization’s safety. They are further classified into 2 sub-categories:

1. Passive attacks

2. Active attacks

PASSIVE ATTACKS

Passive Attacks are the type of attacks in which, The attacker observes the content of
messages or copies the content of messages.
 4
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

Passive Attack is a danger to Confidentiality. Due to passive attack, there is no harm to the
system. The most important thing is that In a passive attack, Victim does not get informed
about the attack

Two types of passive attacks are

1. The Release of Message contents

2. Traffic analysis.

 The release of message contents is easily understood. A telephone conversation, an

electronic mail message, and a transferred file may contain sensitive or confidential
information. We would like to prevent an opponent from learning the contents of these
transmissions.

 A second type of passive attack, traffic analysis Suppose that we had a way of masking
(encryption) information, so that the attacker even if captured the message could not
extract any information from the message

 The main types of passive attacks are traffic analysis and release of message contents.
During a traffic analysis attack, the eavesdropper analyzes the traffic, determines the
location, identifies communicating hosts and observes the frequency and length of
exchanged messages.

ACTIVE ATTACKS

Active attacks are the type of attacks in which, The attacker efforts to change or modify the
content of messages. Active Attack is dangerous to Integrity as well as availability. Due to
active attack system is always damaged and System resources can be changed. The most
important thing is that, In an active attack, Victim gets informed about the attack.
 5
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

Active attacks (Figure 1.2b) involve some modification of the data stream or the creation of a
false stream and can be subdivided into four categories:

1. Masquerade

2. Replay

3. Modification of messages

4. Denial of service

 A masquerade takes place when one entity pretends to be a different entity. A masquerade
attack usually includes one of the other forms of active attack. For example, authentication
sequences can be captured and replayed after a valid authentication sequence has taken
place, thus enabling an authorized entity with few privileges to obtain extra privileges by
impersonating an entity that has those privileges

 First, they would create a fake website that looks same as real one. . Then, they'd launch an
email campaign, trying to trick the users to go to the fake website and enter their credentials.
Once the hacker has the user credentials, they can log into the target network.

 Replay involves the passive capture of a data unit and its subsequent retransmission to
produce an unauthorized effect (paths 1, 2, and 3 active). Modification of messages simply
means that some portion of a legitimate message is altered, or that messages are delayed or
reordered, to produce an unauthorized effect (paths 1 and 2 active). For example, a message
meaning “Allow John Smith to read confidential file accounts” is modified to mean “Allow
Fred Brown to read confidential file accounts.”

 The denial of service prevents or inhibits the normal use or management of

communications facilities (path 3 active). This attack may have a specific target; for
example, an entity may suppress all messages directed to a particular destination (e.g., the
security audit service). Another form of service denial is the disruption of an entire network,
either by disabling the network or by overloading it with messages so as to degrade
performance

SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE
S.NO Active Attack
1 In an active attack,
Modification in information
takes place.
2 Active Attack is a danger
to Integrity as well
as availability.
3 In an active attack,
attention is on prevention.
4 Due to active attacks, the
execution system is always
damaged.
5 In an active attack, Victim
gets informed about the
attack.
6 In an active attack, System
resources can be changed.
7 Active attack influences the
services of the system.
8 In an active attack,
information collected
through passive attacks is
used during execution.
9 An active attack is tough to
restrict from entering
systems or networks.
10 Can be easily detected.
11 The purpose of an active
attack is to harm the
ecosystem.
12 In an active attack, the
original information is
modified.
13 The duration of an active
attack is short.
14 The prevention possibility
of active attack is High
15 Complexity is High
1.4 SECURITY MECHANISMS
6
Passive Attack
While in a passive attack, Modification
in the information does not take place.
Passive Attack is a danger
to Confidentiality.
While in passive attack attention is on
detection.
While due to passive attack, there is no
harm to the system.
While in a passive attack, Victim does
not get informed about the attack.
While in passive attack, System
resources are not changing.
While in a passive attack, information
and messages in the system or network
are acquired.
While passive attacks are performed by
collecting information such as
passwords, and messages by
themselves.
Passive Attack is easy to prohibit in
comparison to active attack.
Very difficult to detect.
The purpose of a passive attack is to
learn about the ecosystem.
In passive attack original information is
Unaffected.
The duration of a passive attack is long.
The prevention possibility of passive
attack is low.
Complexity is low.
 7
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

The X. 800 Recommendation: provides a general description of security services and related
mechanisms. There are two types of security mechanism

1. Specific security mechanisms

2. Pervasive security mechanisms

A process (or a device compilation such a process) that is designed to identify, avoid, or restore
from a security attack

SPECIFIC SECURITY MECHANISMS

May be incorporated into the appropriate protocol layer in order to provide some of the OSI
security services.

 Encipherment The use of mathematical algorithms to transform data into a form that is
not readily intelligible. The transformation and subsequent recovery of the data depend
on an algorithm and zero or more encryption keys.

 Digital Signature Data appended to, or a cryptographic transformation of, a data unit
that allows a recipient of the data unit to prove the source and integrity of the data unit
and protect against forgery (e.g., by the recipient).

 Access Control A variety of mechanisms that enforce access rights to resources.

 Data Integrity A variety of mechanisms used to assure the integrity of a data unit or
stream of data units

 Authentication Exchange A mechanism intended to ensure the identity of an entity by

means of information exchange.

 Traffic Padding The insertion of bits into gaps in a data stream to frustrate traffic
analysis attempts.

 Routing Control Enables selection of particular physically secure routes for certain data
and allows routing changes, especially when a breach of security is suspected.

 Notarization The use of a trusted third party to assure certain properties of a data
exchange.

PERVASIVE SECURITY MECHANISMS

Mechanisms that are not specific to any particular OSI security service or protocol layer.

 Trusted Functionality That which is perceived to be correct with respect to some

criteria (e.g., as established by a security policy).
 8
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

 Security Label The marking bound to a resource (which may be a data unit) that names
or designates the security attributes of that resource.

 Event Detection Detection of security-relevant events.

 Security Audit Trail Data collected and potentially used to facilitate a security audit,
which is an independent review and examination of system records and activities.

 Security Recovery Deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.

1.6 A MODEL FOR NETWORK SECURITY

A message is to be transferred from one party to another across through Internet service. The
two parties, who are the principals in this transaction, must cooperate for the exchange to take
place. A logical channel is used to transfer data. The security have two components

 A security-related transformation on the information to be sent. Examples include the

encryption of the message, which scrambles the message so that it is unreadable by the
opponent, and the addition of a code based on the contents of the message, which can be
used to verify the identity of the sender.

 Some secret information shared by the two principals and, it is hoped, unknown to the
opponent. An example is an encryption key used in conjunction with the transformation
to scramble the message before transmission and unscramble it on reception

There are four basic tasks in designing a particular security service:

1. Design an algorithm for performing the security-related transformation. The algorithm

should be such that an opponent cannot defeat its purpose.

2. Generate the secret information to be used with the algorithm.

3. Develop methods for the distribution and sharing of the secret information.

4. Specify a protocol to be used by the two principals that makes use of the security
algorithm and the secret information to achieve a particular security service.
 9
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

In security there are two types of attacks

1. Human attacks

2. Software attacks

HUMAN ATTACKS
An aware of the attackers who attack your system that is accessible through the internet. These
attackers fall into two categories:

 Hacker

 Intruder

HACKER

Hacker is a person who breaks into a computer system. The reasons for hacking can be many:
installing malware, stealing or destroying data, disrupting service, and more. Hacking can also
be done for ethical reasons, such as trying to find software vulnerabilities so they can be fixed.

 The good people who hack for knowledge purposes.

 10
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

 They are skilled and have advanced knowledge of computers OS and programming
languages.
 Hackers share the knowledge and never damages the data.

 Hackers are the ethical professionals.

 They are known as White hats .

INTRUDER

An intruder refers to an unauthorized person or entity attempting to gain access to a computer

system, network, or data without permission. (e.g., obtaining credit card numbers or performing
illegal money transfers).

 The evil person who breaks into a system for benefits.

 They may or may not be skilled, some crackers just know a few tricks to steal data.

 Crackers are unethical and want to benefit themselves from illegal tasks.

 They are known as Black hats

SOFTWARE ATTACKS
 VIRUS

 WORMS

VIRUS - Vital Information Resources under Siege

A computer virus is a type of malicious software or malware that spreads between computers
and causes damage to data and software. Computer viruses aim to disrupt systems, cause major
operational issues, and result in data loss.

A computer program that can copy itself and infect a computer without permission or knowledge
of the user. A virus might corrupt or delete data on a computer, use e-mail programs to spread
itself to other computers or even erase everything on a hard disk.

WORMS – Write Once Read Many

A computer worm is a standalone malware computer program that replicates itself in order to
spread to other computers. It often uses a computer network to spread itself, relying on security
failures on the target computer to access it. It will use this machine as a host to scan and infect
other computers.
 11
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

SECURITY MECHANISMS MODEL

The security mechanisms needed to cope with unwanted access fall into two broad categories
(see Figure 1.6).

The first category might be termed a gatekeeper function. It includes password-based login
procedures that are designed to deny access to all but authorized users and screening logic that is
designed to detect and reject worms, viruses, and other similar attacks. Once either an unwanted
user or unwanted software gains access,

The second line of defense consists of a variety of internal controls that monitor activity and
analyze stored information in an attempt to detect the presence of unwanted intruders

.
 12
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

UNIT - II

CLASSICAL ENCRYPTION TECHNIQUES

CRYPTOGRAPHY

Cryptography is the study and practice of techniques for secure communication in the
presence of third parties called adversaries. The prefix “crypt” means “hidden” and the suffix
“graphy” means “writing”. It has key generation techniques

1. Encryption

2. Decryption

3. Key generation

Encryption is the process by which a readable plain text is converted to an cipher text form to
prevent unauthorized parties from reading it.

Decryption is the process of converting cipher text to plain text. It reverse to encryption.

Key generation For encrypt and decrypt key is used to convert. A key is a group of random
characters in a particular order. Encryption process use a key to alter data. Without key cannot
decode the message. There are two types of key available

1. Symmetric Key or Public Key

2. Asymmetric Key or Private Key

 Public key cryptography, also known as asymmetric cryptography, uses two separate keys
instead of one shared one: a public key and a private key. Public key cryptography is an
important technology for Internet security.

 Private key cryptography is a cryptographic technique where only one key is used to
encrypt the plain text and the same key is used to decrypt the corresponding cipher text. This
technique is also known as Symmetric key cryptography or Secret key cryptography.
 13
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE

3.1 SYMMETRIC CIPHER MODEL

Symmetric Encryption is the most basic and old method of encryption. It uses only one key
for the process of both the encryption and decryption of data. Thus, it is also known as
Single-Key Encryption. A symmetric encryption scheme has five ingredients (Figure 3.1):

1. Plaintext: This is the original intelligible message or data that is fed into the algorithm as
input.

2. Encryption algorithm: The encryption algorithm performs various substitutions and

transformations on the plaintext.

3. Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different
output depending on the specific key being used at the time. The exact substitutions and
transformations performed by the algorithm depend on the key.

4. Ciphertext: This is the scrambled message produced as output. It depends on the

plaintext and the secret key. For a given message, two different keys will produce two
different ciphertexts. The ciphertext is an apparently random stream of data and, as it
stands, is unintelligible.

5. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It

takes the ciphertext and the secret key and produces the original plaintext.
 14
SSM COLLEGE OF ARTS & SCIENCE
DEPARTMENT OF COMPUTER SCIENCE