emerging c-s threats

8/2/2019 Emerging C-S Threats

1/20

NETWORK SECURITY

AND FIREWALLS


2/20

EMERGING THREATS IN C-S ARCHITECTURE

Introduction :-

Software agent: mobile code (executable program )that

resembles virus threat. To prevent them firewalls are used

to filter incoming packets.

These threats can be categorized into following:

a.) threats to local computing environment from mobile

software.

b.) access control and threats to servers that include

impersonation, eavesdropping, denial of service, packet

replay, and packet modification.


3/20

Continue

Software agents & malicious code:o Client programs interpret data downloaded from internet and

in absence of checks on imported data as the downloadeddata passes through interpreter programs on clients machine

without his knowledge, can affect the system.

o Clients threats also arise from malicious code such as viruses,

worms, trojan horses,logic bombs etc.

o Malicious code is associated with both stand alone PCs and

networked systemso To prevent such threats the client must do scan for malicious

code and executable programs.


4/20

Continued

Threats to servers:

o These are more prone to attacks which exploits the bugs in

server software.

o

Vulnerable software running, usage of popluar programs,eavesdropping the conversation, spoofing the system etc.

enhances the attacking chances.

o DoS, eavesdropping,service overloading, message

overloading, packet replay are common threats.

o To prevent them access to accounts, protect from

unauthorized access must be done.


5/20

FIREWALLS AND NETWORK SECURITY

Its a barrier between corporate work and outside network

It can be computer or router that monitors the traffic

The device allows insiders to access services outside while

allowing restricted access to outsiders Its located at gateway and internal gateways


6/20

What it does

It provides several level of security:

o Screen packets and filter the network traffic

o allow/restrict access to certain applications

o Firewalls range from simple traffic logging systems that recordall network traffic to complex one such as screening of

packets

o Most secure are application gateways and provide proxy

services to userso In case of heavy traffic, hardened firewall machines are set

up.


7/20

IP Packet screening routers

Static traffic routing service placed between network service

providers router and internal network

Rules screens the IP packets

Firewall router filters incoming packets to permit or deny IPpackets based on rules.

Preventive Measures:

o Screening rules are difficult to specify

o Not easily flexibleo If it is circumvented, the rest of network is open to attack


8/20

Proxy application gateways

It is a special server that runs on a firewall machine.

Their primary use is access to applications such as www from

within a secure perimeter, so each request from client go

through proxy on firewall rather going directly to servers.

It allows organisation users to access application proxy and

disallow external hackers.

It accepts the request from inside and forward it to remote

server outside the firewall and returns to the client

Proxies do not include complex network code and can manage

network functions such as auditing,access to services etc.

Proxy act as intermediate having capability to mitigate attacks


9/20

Hardened firewall hosts

This type of firewalls requires inside/outside users to connect

to trusted applications on the firewall itself before connecting

further.

These are configured to protect against unauthorized

interactive logins.

It is created such that only that operate it can access it and it

provides auditing, logging and monitoring to check remote

access

Its advantage is concentration of security, information

hiding,centralized service management


10/20

Data and message security

Data and message security

Data security

Packet sniffing : monitorsnetwork by compromisinghost and installing sniffer

program

Message security

Threats to message securityare:

Confidentiality, integrity andauthentication


11/20

Encryption as basis for data and message

security

Encryption

Secret/symmetric crptography

Asymmetriccryptography

DES,RSA anddigital

certificates


12/20

Encryption/encipher

It means to convert plaintext into a scrambled

text which cannot be read by anyone.


13/20

Single-key/symmetric

It involves the encryption and decryption by using single key

that is shared between transmitter and reciever.

It suffers from problem of key distribution.

The generation, transmission and storage of keys is called key

management.

In business environment it is impossible that key management

is flawless. Therefore this method is impractical


14/20

Asymmetric/public key

It involves usage of 2 keys: private and public keys

Information encrypted with private key can only be

opened by public key and vice versa.

The private key is secret whereas public key is knownto everyone.

These keys are maintained in central repository so no

problem of key-distribution, the private key is mainconcern to management


15/20

DES

It is the implementation of secret-key cryptography

It operates on 64-bit of blockof message. And uses

56-bit key

Designed for hardware implementation

It deploys more than one stage of encryption

This can be cracked so its advanced version like des3,

desx are used


16/20

RSA algorithm

It is a public key cryptographic system required for

encryption and authentication

This is hard to crack, as long prime number

multiplication is used It is used in wide variety products, platforms and

industries e.g. www browsers,on ethernet networks,

secure telephones


17/20

Digital signatures

In business transcations , authnticatio refres to use of

digital signatures that verifies digital document.

It is neede for proliferation of e-commerce

The recipient, as well as third party verifies that thedocument did originate from the person hose

signature are attached and that document is not

altered since it signed.


18/20

Encrypted documents and email

Email users who desire confidentiality and

authentication uses encryption

Pretty good privacy and privacy enhanced mail are

commonly used methods


19/20

Privacy enhanced mail

It includes encryption, authentication and key

management and allows use of both single-

key/double-key cryptosystems.

It uses DES for encryption and RSA forauthentiaction.


20/20

Pretty good privacy

It is implementation of public key cryptography

based on RSA and encrypts email and is rapidly used

in ecomm applications.

Also uses hash algorithms, MD5,to form a digitalsignature.

Emailtyping

MD5

generatedigital

signature

Digitalsignatureencryptedwith RSA

using privatekey

emerging c-s threats

Documents