Information

Security
CS-324
Model of Information Security
Types of Attacks

LECTURE 3
A MODEL FOR NETWORK
SECURITY
 A message is to be transferred from one party to another
across some sort of Internet service.
 The two parties, who are the principals in this transaction, must
cooperate for the exchange to take place.
 A logical information channel is established by defining a
route through the Internet from source to destination and by
the cooperative use of communication protocols (e.g.,
TCP/IP) by the two principals.
…A MODEL FOR NETWORK
SECURITY
 Security aspects come into play when it is necessary or
desirable to protect the information transmission from an
opponent who may present a threat to
 confidentiality,
 Integrity,
 availability.
…A MODEL FOR NETWORK
SECURITY
…A MODEL FOR NETWORK
SECURITY
 All the techniques for providing security have two
components:
 Security-related transformation on the information to be sent.
Example
 The encryption of the message, which scrambles the message
so that it is unreadable by the opponent, and the addition of
a code based on the contents of the message, which can be
used to verify the identity of the sender.
…A MODEL FOR NETWORK
SECURITY
 Some secret information shared by the two principals and, it is
hoped, unknown to the opponent.
 An example is an encryption key used in conjunction with the
transformation to scramble the message before transmission
and unscramble it on reception.
…A MODEL FOR NETWORK
SECURITY
 This general model shows that there are four basic tasks in
designing a particular security service:
1. Design an algorithm for performing the security-related
transformation. The algorithm should be such that an
opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret
information.
4. Specify a protocol to be used by the two principals that makes
use of the security algorithm and the secret information to
achieve a particular security service.
Network Access Security
Model
SECURITY ATTACKS

 A useful means of classifying security attacks, used both in

X.800 and RFC 2828, is in terms of passive attacks and active
attacks.
 A passive attack attempts to learn or make use of information
from the system but does not affect system resources.
 An active attack attempts to alter system resources or affect
their operation.
Passive Attacks

 Passive attacks are in the nature of monitoring/analyze of

transmissions.
 The goal of the opponent is to obtain information that is being
transmitted.
 Two types of passive attacks are the release of message
contents and traffic analysis.
Release of message
contents
 A telephone conversation, an electronic mail message, and a
transferred file may contain sensitive or confidential
information.

 We would like to prevent an opponent from

learning the contents of these transmissions.
…Release of message
contents
Traffic analysis

 Suppose that we had a way of masking the contents of

messages or other information traffic so that opponents, even if
they captured the message, could not extract the information
from the message.
 The common technique for masking contents is encryption.
 If we had encryption protection in place, an opponent might
still be able to observe the pattern of these messages.
…Traffic analysis

 The opponent could determine the location and identity of

communicating hosts and could observe the frequency and
length of messages being exchanged.
 This information might be useful in guessing the nature of the
communication that was taking place.
…Traffic analysis
Ultimately…

 Passive attacks are very difficult to detect, because they do

not involve any alteration of the data.
 Typically, the message traffic is sent and received in an
apparently normal fashion.
 The sender and receiver are not aware that a third party has
read the messages or observed the traffic pattern.
 However, it is feasible to prevent the success of these attacks,
usually by means of encryption.
 Thus, the emphasis in dealing with passive attacks is on
prevention rather than detection.
Active Attacks

 Active attacks involve some modification of the data stream or

the creation of a false stream.
It can be subdivided into four categories:

 Masquerade
 Replay
 Modification of messages
 Denial of service
Masquerade

 A masquerade takes place when one entity pretends/affects

to be a different entity.
 For example, authentication sequences can be captured and
replayed after a valid authentication sequence has taken
place.
 Thus enabling an authorized entity with few privileges to obtain
extra privileges by impersonating an entity that has those
privileges.
… Masquerade
Replay

 Replay involves the passive capture of a data unit and its

subsequent retransmission to produce an unauthorized effect.
Modification of messages

 Modification of messages simply means that some portion of a

legitimate message is altered, or that messages are delayed or
reordered, to produce an unauthorized effect.
 For example,
a message meaning
 “Allow John Smith to read confidential file accounts”
is modified to mean
 “Allow Fred Brown to read confidential file accounts.”
…Modification of
messages
Denial of service (DOS)

 The denial of service prevents or inhibits the normal use or

management of communications facilities.
 This attack may have a specific target.
 For example,
 An entity may suppress all messages directed to a particular
destination.
 Another form of service denial is the disruption of an entire
network, either by disabling the network or by overloading it
with messages so as to degrade performance.
…Denial of service (DOS)
Ultimately…

 Active attacks present the opposite characteristics of passive

attacks.
 Whereas passive attacks are difficult to detect, measures are
available to prevent their success.
 On the other hand, it is quite difficult to prevent active attacks
absolutely because of the wide variety of potential physical,
software, and network vulnerabilities.
 Instead, the goal is to detect active attacks and to recover
from any disruption or delays caused by them.
 If the detection has a deterrent effect, it may also contribute to
prevention.
Thanks