Scribd Logo
Upload

Welcome to Scribd!

  • 27 views

    Nework Security-3

    Uploaded by

    mahtab mahtab
    The document discusses various types of security attacks that can threaten network confidentiality, integrity, and availability. Passive attacks like eavesdropping and traffic analysis threaten confidentiality by observing data, while active attacks like modification, masquerading, and replay alter data integrity. Denial of service attacks inhibit availability by overwhelming network resources. Effective security requires prevention of attacks, detection of intrusions, and coordinated response to minimize harm.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd

    Nework Security-3

    Uploaded by

    mahtab mahtab
    27 views19 pages
    The document discusses various types of security attacks that can threaten network confidentiality, integrity, and availability. Passive attacks like eavesdropping and traffic analysis threaten confidentiality by observing data, while active attacks like modification, masquerading, and replay alter data integrity. Denial of service attacks inhibit availability by overwhelming network resources. Effective security requires prevention of attacks, detection of intrusions, and coordinated response to minimize harm.

    Original Description:

    Information Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses various types of security attacks that can threaten network confidentiality, integrity, and availability. Passive attacks like eavesdropping and traffic analysis threaten confidentiality by observing data, while active attacks like modification, masquerading, and replay alter data integrity. Denial of service attacks inhibit availability by overwhelming network resources. Effective security requires prevention of attacks, detection of intrusions, and coordinated response to minimize harm.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    27 views19 pages

    Nework Security-3

    Uploaded by

    mahtab mahtab
    The document discusses various types of security attacks that can threaten network confidentiality, integrity, and availability. Passive attacks like eavesdropping and traffic analysis threaten confidentiality by observing data, while active attacks like modification, masquerading, and replay alter data integrity. Denial of service attacks inhibit availability by overwhelming network resources. Effective security requires prevention of attacks, detection of intrusions, and coordinated response to minimize harm.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    of 19

    Security Attacks

    Snooping or Sniffing means Security Attacks


    listening or observing
    (eavesdropping)
    Eavesdropping

    Snooping Modification Denial of Service

    Traffic Analysis Masquerading Threats to Availability

    Threats to Confidentiality Replaying

    Repudiation
    Type: Active Attacks
    Type: Passive Attacks
    Threats to Integrity
    Passive Versus Active Attacks
    B
    A

    • If User A and User B want to communicate in presence of


    adversary (Attacker)
    • Attack may be:
    • Passive – just looking
    • Active – may change message

    2
    Passive Vs. Active Attacks
    Main Differences
    Passive Attack Active Attack
    Attacker acts secretly and just Attacker altered the message with
    observe the message or fake modifications
    communication
    Difficult to detect It can be detected easily
    Can be prevented using Can be prevented using encryption,
    encryption Msg. digest and digital signature.
    Destroy confidentiality Destroy message integrity
    Passive Attacks
    • In nature these attacks are alike eavesdropping or
    monitoring of transmission

    Types:
    1. Snooping and releasing message contents
    (Looking, listening/observing)

    2. Traffic Analysis: Monitoring traffic flow (location, identity


    of host, message length even sometime possible in case of
    encryption)
    Eavesdropping (Message
    Interception)
    • Basic attacking approach to destroy confidentiality

    • It provides unauthorized access to information (message, files,


    audio clip etc.) either sniffing of data packet or through wire-tapping.
    • Difficult to detect

    A B

    Eavesdropper
    Active Attacks
    • In nature these attacks are alike message tempering and
    replaying with false modifications.

    Types:
     Modification
     Masquerading
     Replaying
     Repudiation
    Modification (Message
    Tampering)
    • It means, stops the flow of the message, modify it fake
    modifications (addition or deletion) and then release it
    again.
    • Normally hidden communication delay occurs in it.
    • It can easily be detected using message digest.

    A B

    Attacker
    Masquerade (Identity
    Fabrication
    • It means to steel the identity of someone else and then
    generate and distribute objects under this identity

    Happens when one


    entity is different
    A B
    Msg. sequence can
    also be captured
    Fabricated identity from A and replayed later
    as valid sequence
    Kerberos is a network authentication protocol that works on the basis of 'tickets' to allow nodes
    communicating over a non-secure network to prove their identity to one another in a secure manner .
    Repudiation Attack
    • It means denying his/her participation in any transaction
    or in data transmission on the network.

    • For example, Someone may deny that he/she did not make
    any transaction from the credit card
    Denial of Service Attack
    (Destroying Connection) Inhibits the use of
    • Destroy or denying the connection with network normal
    resources with different tricks or commands Communication
    • Modify software with (alias commands) facilities with:
    • Corrupt packets in transit
    delay, server down
    not responding
    Link down or
    A B failure etc.

    • Crashing or overwhelm the server


    Basic Attacking Approaches for
    Security Goals
    Basic Attacking Approaches Victimized
    Security Goal
    Eavesdropping
    ??
    Modification (Message
    Tempering)
    ??
    Masquerading (Identity
    Fabrication)
    ??
    Denial of Service
    ??
    General Elements for effective
    Security System
    • Prevention: means to prevent the system from attack
    before its successful execution using antiviruses and
    firewalls.
    • Detection: When a system is under attack, to detect it. it
    might be effective or ineffective due to prevention policy.
    Intrusion detection system (IDS) are commonly used for it.
    IDS: network analyzer to identify the un-expected network
    traffic or pattern

    • Response: How to react against the attacked system


    Response (…)
    • It includes the strategies to reduce the harmful effects that
    might be happened due to the detected attack(s).

    Common Strategies:
    • Automated Intrusion Prevention System (IPS) are used for
    this purpose. IPS automatically remove the fake access
    control and facilitate backup option.
    • Turn Off or disconnect the system
    • Reset the system using system restore
    Hacker Categories
    • White Hat Hackers - Good guys. Very knowledgeable
    (programming & OS skills). Hired to find a vulnerability
    in a network to improve security. Write own software.
    • Black Hat Hackers (Cracker) - Bad guys. Desire to
    cause harm to a specific system. Write own software to
    destroy security.
    • Script Kiddies - Starting hacker. May not target a
    specific system. Rely on tools written by others.
    • Cyber terrorists - Motivated by political, religious, or
    philosophical agenda. They initiate unlawful attacks made against
    computer, networks and the stored information to force the government or any
    other religious group or nations to fulfill their demands
    Why Networks are Vulnerable?
    Anonymity: E.g. Who and where is the attacker?
    Unknown perimeter: Where is my networks boundary?
    Unknown Path: unknown route & shared medium
    System complexity: great mesh of network interconnected
    resources.
    Sharing: Who needs access to what and why?
    Points of failure: Any weakest link(s)?
    What is X.800
    • Security architecture or service that provides various
    services to secure network transmission

    • Authentication - assurance that the communicating


    entity is the same that is claimed
    • Access Control - prevention of the unauthorized use of
    a resource
    • Data Confidentiality –protection of data from
    unauthorized disclosure
    • Data Integrity - assurance that data received is as sent
    by an authorized entity without any false modification
    • Non-Repudiation - protection against denial by one of
    the parties in a communication
    History of Security Attacks
    What can an Attacker do?
    • eavesdrop: intercept messages
    • actively insert messages into connection
    • impersonation: can fake (spoof) source address in
    packet (or any field in packet)
    • hijacking: “take over” ongoing connection by
    removing sender or receiver, inserting himself in
    place
    • denial of service: prevent service from being used by
    them (e.g., by overloading resources)

    • And many more….

    You might also like