Chapter 1 Introduction
Chapter 1 Introduction
NETWORK SECURITY
1
Outline
• What is Security?
• Security trend
• Sources and consequences of risks
• Types of Vulnerabilities
• Security criteria
• Security attack types
• Security services and mechanisms
• Security model (X.800 and X.805)
2
Computer and Network Security
• What is Security?
Security is about
• Threats (bad things that may happen, e.g. your
money getting stolen)
• Vulnerabilities (weaknesses in your defenses, e.g.
your front door being made of thin wood and glass)
• Attacks (ways in which the threats may be
actualized,
• e.g. a thief breaking through your weak front
door while you and the neighbors are on holiday)
3
Computer and Network Security…
4
Computer and Network Security…
• Computer security is about
provisions and policies adopted to
protect information and property
from theft, corruption, or natural
disaster
– while allowing the information and
property to remain accessible and
productive to its intended users.
• security of computers against
intruders (e.g.,hackers) and
malicious software (e.g., viruses).
5
Computer and Network Security…
• Network security on the other hand deals with
provisions and policies adopted to prevent and monitor
unauthorized access, misuse, modification, or denial of
the computer network and network-accessible
resources.
Not Sufficient!!
Internet
Internet 6
Security trends
• In 1994, the Internet Architecture Board (IAB) issued a
report entitled "Security in the Internet Architecture" (RFC
1636).
• The report stated the general consensus that the Internet
needs more and better security, and it identified key areas
for security mechanisms.
• Among these were:
– the need to secure the network infrastructure from
unauthorized monitoring and control of network traffic and
– the need to secure end-user-to-end-user traffic using
authentication and encryption mechanisms.
7
• The trends reported by the Computer Emergency Response
Team (CERT) Coordination Center (CERT/CC)
These include:
8
• The number of security-related incidents reported to CERT.
• These include:
– denial of service attacks; IP spoofing, in which intruders create packets
with false IP addresses and exploit applications that use authentication
based on IP;
– various forms of eavesdropping and packet sniffing, in which attackers read
transmitted information, including logon information and database
contents.
9
Who are the attackers?
• Vandals (Hackers, crackers) driven by intellectual challenge.
• Insiders: employees or customers seeking revenge or gain
informal benefits
• Natural disasters: flooding, fire, storms, earthquake…
• Criminals seeking financial gain.
• Organized crime seeking gain or hiding criminal activities.
• Organized terrorist groups or nation states trying to influence
national policy.
• Foreign agents seeking information (spying) for economic,
political, or military purposes.
• Tactical countermeasures intended to disrupt military capability.
• Large organized terrorist groups
• Cyber attacks
10
What are the vulnerabilities?
•Physical vulnerabilities (Eg. Computer can be stolen)
•Natural vulnerabilities (Eg. Earthquake)
•Hardware and Software vulnerabilities (Eg. Failures)
•Media vulnerabilities (Eg. Hard disks can be stolen)
•Communication vulnerabilities (Ex. Wires can be tapped)
•Human vulnerabilities (Eg. Insiders)
•Poorly chosen passwords
•Software bugs (non reliability of software)
– buffer overflow attacks
11
What are the vulnerabilities?...
• Automatically running active content: active-x, scripts,
Java programs (applet)
• Open ports: telnet, mail
• Incorrect configuration
– file permissions
– administrative privileges
• Untrained users/system administrators
• Trap doors (intentional security holes)
• Unencrypted communication
• Limited Resources (i.e. TCP connections)
12
Consequences…
• Failure/End of service
• Reduction of QoS, down to Denial of Service (DDoS)
• Internal problems in the enterprise
• Trust decrease from partners (client, providers, share-
holders)
• Technology leakage
• Human consequences (personal data, sensitive data -
medical, insurances, …)
13
Security and privacy criteria
Properties of Security?
• Security is expressed in terms of:
Confidentiality (Privacy)
Integrity
No repudiation
Availability (Denial of Service)
14
Security criteria (in detail)
• To understand the types of threats to security that
exist, first we need to have a definition of security
requirements.
• In this section, different security requirements are
presented.
Availability
• It requires that computer and network assets are only
available to authorized parties.
• computer and network should provide all the designated
services in the presence of all kinds of security attack.
15
Security criteria...
Integrity
• It requires that messages should be modified or altered only
by authorized parties.
– Modification includes writing, changing, deleting, and creating the
message that is supposed to be transmitted across the network.
16
Security criteria...
Confidentiality
• It requires that the message can only be accessible for reading by
authorized parties.
• It also requires that the system should verify the identity of a user.
Authentication
• It means that correct identity is known to communicating parties.
• This property ensures that the parties are genuine not impersonator.
Authorization
• This property gives access rights to different types of users.
– For example a network management can be performed by network
administrator only.
17
Computer and Network Security
Attacks
• Categories of Attacks
18
Computer and Network Security
Attacks…
• Categories of Attacks/Threats
Source
Destination
Normal flow of information
Attack
Interruption Interception
Modification Fabrication 19
Examples of threats
20
Security attack types
• The attacks can also be classified by the following criteria.
– Passive or active,
– Internal or external,
– At different protocol layers.
Passive vs. active attacks
• A passive attack attempt to learn or make use of the information
without changing the content of the message and disrupting the
operation of the communication.
• Examples of passive attacks are:
-- Eavesdropping , traffic analysis, and traffic monitoring.
21
Security attack types…
22
Passive Attacks
• Passive attacks do not affect system resources
– Eavesdropping, monitoring
– The goal of the opponent is to obtain information that is being
transmitted
• Two types of passive attacks
– Release of message contents
– Traffic analysis
• Passive attacks are very difficult to detect
– Message transmission apparently normal
• No alteration of the data
– Emphasis on prevention rather than detection
• By means of encryption
23
Passive Attacks (1)
Release of Message Contents
24
Passive Attacks (2)
Traffic Analysis
25
Active Attacks
• Active attacks try to alter system resources or
affect their operation
– Modification of data, or creation of false data
• Four categories
– Masquerade of one entity as some other
– Replay previous message
– Modification of messages
– Denial of service (DoS): preventing normal use
• A specific target or entire network
• Difficult to prevent
– The goal is to detect and recover
26
Active Attacks (1)
Masquerade
27
Active Attacks (2)
Replay
28
Active Attacks (3)
Modification of Messages
29
Active Attacks (4)
Denial of Service
30
Security attack types…
Internal vs. External attacks
• External attacks are carried out by hosts that don’t
belong to the network domain, sometimes they are
called outsider.
– E.g.it can causes congestion by sending false routing
information thereby causes unavailability of services.
• In case of internal attack, the malicious node from the
network gains unauthorized access and acts as a genuine
node and disrupts the normal operation of nodes.
• They are also known as insider.
31
Security attack types…
• Attacks on different layers of the TCP/IP model:
• The security attacks can also be classified as according to the
TCP/IP layers. Table shows the attack types at each layer.
Layer Attacks
Application layer E-mail bombing, Repudiation, data
corruption, malicious code attack
(Trojan, maleware,virus,...)
Transport layer Session hijacking, Altering checksum,
SYN flooding.
Network layer IP spoofing, ICMP echo,Worm hole, black
hole, gray hole, Byzantine, flooding
Data link layer Traffic analysis, disruption (E.g MAC
IEEE 802.11 Wi-Fi)
Physical layer Jamming, interception, eavesdropping
Cross-layer attack DoS, impersonation, replay, man-in-the-
32
middle attack
Security attack types…
Denial of Service attack
• This attack aims to attack the availability of message, device or
the entire network service at large.
• The attacker may use radio signal jamming and the battery
exhaustion method (e.g, in wireless networks)
Impersonation
• If the authentication mechanism is not properly implemented, a
malicious node can act as a genuine node and monitor the
network traffic.
33
Common security attacks and their
countermeasures
• Finding a way into the network
– Firewalls
• Exploiting software bugs, buffer overflows
– Intrusion Detection Systems
• Denial of Service
– access filtering, IDS
• TCP hijacking
– IPSec
• Packet sniffing
– Encryption (SSL, HTTPS)
• Social problems
– Education
34
Security Services
• X.800:
“a service provided by a protocol layer of
communicating open systems, which ensures
adequate security of the systems or of data
transfers”
• RFC 2828:
“a processing or communication service provided by a
system to give a specific kind of protection to
system resources”
35
Security Services (X.800)
• Authentication - assures that communicating entity is the
one claimed
– have both peer-entity & data origin authentication
• Access Control - prevention of the unauthorized use of a
resource
• Data Confidentiality –protection of data from
unauthorized disclosure
• Data Integrity - assurance that data received is as sent
by an authorized entity
• Non-Repudiation - protection against denial by one of
the parties in a communication
• Availability – resource accessible/usable
36
Security Mechanism
• Feature designed to detect, prevent, or recover
from a security attack
• no single mechanism that will support all
services required
• however one particular element underlies many
of the security mechanisms in use:
– Cryptographic techniques
• hence our focus on this course
37
Security Mechanisms (X.800)
• Specific security mechanisms:
– Ciphering/deciphering, digital signatures, data integrity,
authentication exchange, routing control, …
– Firewall, proxy server
– Access control, Intrusion detection system
38
Model for Network Security
39
Model for Network Security…
• In considering the place of encryption, its useful to use the
above model.
• Information being transferred from one party to another over an
insecure communications channel,
– in the presence of possible opponents.
• The two parties, who are the principals in this transaction, must
cooperate for the exchange to take place.
• They can use:
– an appropriate security transform (encryption algorithm),
– with suitable keys (secret information),
– possibly negotiated using the presence of a trusted third
party.
40
Model for Network Security…
41
Model for Network Access Security…
42
Model for Network Access Security…
• This model is concerned with controlling access to information or
resources on a computer system, in the presence of possible
opponents.
– Here appropriate controls are needed on the access to and within the system,
to provide suitable security.
• The security mechanisms needed to cope with unwanted access fall
into two broad categories (as shown in the figure).
• The first category might be termed a gatekeeper function.
– It includes password-based login procedures that are designed to deny access
to all but authorized users (access control) and
– screening logic that is designed to detect and reject worms, viruses, and other
similar attacks. (firewalls/proxy server)
• Once either an unwanted user or unwanted software gains access,
• The second line of defense consists of a variety of internal controls that
monitor activity and analyze stored information in an attempt to detect the
presence of unwanted intruders. (antivirus/IDS)
43
Model for Network Access Security…
44
Eight Security Dimensions Address the
Breadth of Network Vulnerabilities
• Limit & control access to
network elements, services Access Control
& applications • Provide Proof of Identity
• Examples: password, ACL, • Examples: shared secret
firewall Authentication key, PKI, digital signature,
digital certificate
• Prevent ability to deny that
an activity on the network Non-repudiation
• Ensure confidentiality of data
occurred • Example: encryption
• Examples: system logs,
digital signatures Data Confidentiality
Availability
• Ensure network elements, • Ensure identification and
services and application network use is kept private
available to legitimate users Privacy • Examples: NAT, encryption
• Examples: IDS/IPS, network
redundancy, BC/DR
45
How the Security Dimensions
Map to the Security Threats
Access Control
Authentication
Non-
Repudiation
Data
Confidentiality
Communication
Security
Data Integrity
Availability
Privacy
46
Security
Security Objectives
Dimension
Ensure that only authorised personnel or devices are allowed access to end-user data that is
Access Control transiting a network element or communications link or is resident in an offline storage device.
Verify the identity of the person or device attempting to access end-user data that is transiting a
Authentication network element of communications link or is resident in an offline storage device.
Authentication techniques may be required as part of Access Control.
Provide a record identifying each individual or device that accessed end-user data that is transiting a
Non-Repudiation network element or communications link, or is resident in offline devices and that the action was
performed. The record is to be used as proof of access to end-user data.
Protect end-user data that is transiting a network element or communications link, or is resident in
Data
an offline storage device against unauthorised access or viewing. Techniques used to address access
Confidentiality control may contribute to providing data confidentiality for end-user data.
Communication Ensure that end-user data that is transiting a network element or communications link is not diverted
Security or intercepted as it flows between the end points (without an authorised access)
www.lucent.com/security
Protect end-user data that is transiting a network element or communications link or is resident in
Data Integrity offline storage devices against unauthorised modification, deletion, creation and replication.
Ensure that access to end-user data resident in in offline storage devices by authorised personnel
Availability and devices cannot be denied.
Ensure that network elements do not provide information pertaining to the end-users network
47 Privacy activities (eg. Users geographic location, websites visited, content etc.) to unauthorised personnel.