Network Security
Network Security
k
Securit
Table Of Content
Abstact
ISO Model
Aspects Of security
Encryption for network security
Authentication And Data Integrity
Internet Security
Threats
Fire Wall
Conlusion
Open Systems
Interconnection (OSI)
Model
Security Attack
Any action that attempts to compromise the security of information or
facilities
Security Mechanism
A method of preventing, detecting or recovering from an attack
Security Service
Uses security mechanisms to enhance the security of information or
facilities in order to stop attacks
Security Attacks
• Passive Attacks
– Make use of information, but not affect system resources
– Eavesdropping or monitoring transmissions of information
• Release message contents
• Traffic analysis
– Relatively hard to detect, but easier to prevent
• Active Attacks
– Alter system resources or operation. Four sub-types:
• Masquerade: pretend to be someone else
• Replay: retransmission of captured information
• Modification: change message contents
• Denial of service: reduce the availability of resources
– Relatively hard to prevent, but easier to detect
• (Ability to detect may act as a deterrent or prevent attacks)
Passive: Release Message Contents
“Please transfer
1,000,000 Baht into my
bank account number
123456. From Bob”
Darth is pretending to
be Bob.
Active Attack: Replay
Example: On Tuesday,
Bob sends a message to
Alice that says:
On Wednesday, Darth
replays the same
message, and steals
Alice’ car.
Active Attack: Modification
• Cryptanalysis
– Use knowledge of algorithm and/or plaintext patterns to “intelligently” decipher the ciphertext
– Attacks differ based on amount of information known to attacker
Another Example:
Monoalphabetic Ciphers
• Instead of Caesar Cipher rotating the letters, allow any permutation of letters
Plain (p): a b c d e … w x y z
Cipher (C): D Z G L S … B T F Q
• Secure Sockets Layer (SSL) (also called Transport Layer Security (TLS)) is an
optional extra for TCP
• Firewalls
– Provide access control at edge of local network
• Look at each packet entering/leaving the local network
• Check a set of rules as to whether the packet is allowed
– Rules based on source/destination addresses, port numbers,
protocols, users, and other policies
The Threats
Denial-of-Service
Unauthorized Access
Execution of Unauthorized Commands
Breaches of Confidentiality
Destructive Behavior
Fire wall