NETWORK SECURITY

21EC742
 MODULE 1

ATTACKS ON COMPUTER AND

COMPUTER SECURITY
PRINCIPLES OF SECURITY

1. CONFIDENTIALITY
2. AUTHENTICATION
3. INTEGRITY
4. NON REPUDIATION
AVAILABILITY
Types of Attacks
4 categories

 Interception
 Fabrication
 Modification
 Interruption
Passive attack
 Attacker monitors the data transmission
 The term passive indicates – attacker will not modify the contents of
the original message.
Release of message contents
 When the confidential email is sent from person A to B, We desire that only B can see
the message.

 Due to the attack the contents of the message are released to some one else .
 Traffic analysis attack
 The passive attacker, from the many messages could try to figure out the similarities
between them.

 Comes up with some sort of pattern that provides clues regarding the communication that
is taking place.

 Analysis of the encoded messages is called traffic analysis attack

Active Attacks
Application level attack

 Attacker attempts to access, modify or prevent access to information of a particular

application

 Trying to obtain some one credit card information on the internet,

 Changing the contents of a message to change the amount in a transaction.

Network level attacks

 It reduces the capabilities of the network by number of possible

means.

 They generally attempt to slow down, or completely bring to halt a

network.

 Sensitive information is modified.

1. Virus
2. Worm
3. Trojan Horse
4. Applets and Active X Controls
5. Cookies
Specific Attacks

1. Sniffing and Spoofing

i) Packet Sniffing
Packet sniffing is a passive attack on an ongoing conversation.
This can be done at two levels:
(i) The data that is traveling can be encoded in some ways, or
(ii) The transmission link itself can be encoded.
ii) Packet spoofing
In this technique, an attacker sends packets with an incorrect source address.
(i) The attacker can intercept the reply If the attacker is between the destination and the forged source, the
attacker can see the reply and use that information for hijacking attacks. (ii) The attacker need not see the
reply If the attacker’s intention was a Denial Of Service (DOS) attack, the attacker need not bother about
the reply.
2. Phishing

● The attacker decides to create his/her own Web site, which looks very
identical to a real Web site. For example, the attacker can clone
Citibank’s Web site. The cloning is so clever that the human eye will
not be able to distinguish between the real (Citibank’s) and fake
(attacker’s) site.

The attacker can use many techniques to attack the bank’s customers.
3. Pharming (DNS Spoofing)

Domain Name System (DNS), people can identify Web sites with human-readable names (such as
www.yahoo.com), and computers can continue to treat them as IP addresses (such as 120.10.81.67).
For this, a special server computer called a DNS server maintains the mappings between domain
names and the corresponding IP addresses.
A protocol called DNS Sec (Secure DNS) is being used to thwart such attacks.

Fig: Effect of DNS attack

Security Services
 X.800 defines it as: a service provided by a protocol layer of communicating

open systems, which ensures adequate security of the systems or of data

transfers

 RFC 2828 defines it as: a processing or communication service provided by

a system to give a specific kind of protection to system resources

 X.800 defines it in 5 major categories

Network Security 34
Security Services
 Authentication

 Peer entity authentication

 Data origin authentication

 Access Control

 Data Confidentiality

 Connection Confidentiality

 Connectionless Confidentiality

 Selective field Confidentiality

 Traffic flow Confidentiality

Data Integrity

Connection integrity with recovery

Connection integrity without recovery

Selective field Connection integrity

Connection integrity with recovery

Connectionless integrity

Selective filed Connectionless integrity

Non Repudiation

 Non repudiation, origin

 Non repudiation, destination

Security Mechanisms (X.800)

 Specific Security Mechanisms:

 Encipherment, Digital signatures, Access controls, Data

integrity, authentication exchange, Traffic padding,

Routing control, Notarization

 Pervasive Security Mechanisms:

 Trusted functionality, Security labels, Event detection,

Security audit Network

trails,Security
Security recovery 38
Model for Network Security

Network Security 40
Model for Network Access
Security

Network Security 41
NETWORK ACCESS CONTROL (NAC)

 Elements of a Network access control system:

i) Access Requestor (AR)

Ii) Policy Server

Iii)Network Access Server (NAS)

Network Access Enforcement Methods:

 IEEE 802.1X

 Virtual Local Area Networks (VLANs)

 Firewall

 DHCP Management
Extensible Authentication
Protocol

Fig: EAP Layered Context

EAP Exchanges

Components are
1. EAP Peer
2. EAP Authenticator
3. Authentication
server

EAP Fields:
1. Code
2. Identifier
3. Length
4. Data
Fig: EAP Protocol Exchanges
Example of EAP exchange:

Fig: EAP Message Flow in Pass-Through Mode

THANK YOU