tcn lecture 3

8/7/2019 TCN Lecture 3

1/20

Security ServicesSecurity Services

Presented By

Mr. Fasee Ullah

CUSITPeshawar


2/20

Agenda of the presentationAgenda of the presentation

y Security?

y Basic Network Security services

y

Types ofAttacks


3/20

What is security?What is security?

y The feelings of the owner of the data thathis digital assets are safe

y Common security services

Confidentiality

Integrity

Authentication

Non-Repudiation

Digital Signature


4/20

ConfidentialityConfidentiality

y To make something (intelligent) into non-meaningless (intelligent way)

y Means keep messages known only to thereceiver

y Mechanism used for it, is

y Encryption/Decryption


5/20

IntegrityIntegrity

yWhen receiver receives message M

y Can verify that message not modifiedduring transmission

y Mechanism to verify the integrity is

y Hashing (MD5), SHA1,SHA2, etc


6/20


7/20

NonNon--RepudiationRepudiation

yWhen receiver receives message m,receiver gets proof that sender of m eversent m

y Receiver of m can show proof to third-party so that sender of m cannotrepudiate

y Forensic Science used


8/20

Digital SignatureDigital Signature

y If private key (own password etc) is usedy Mechanism is used integrity with digital

signaturey

DS issued by the CAy CA are Verisign Entrust Etrust Microsoft CISCO Netscape etc


9/20

Why should you study security?Why should you study security?

y Security is an increasingly important issue

y You want to have basic knowledgeabout network security

y You can learn latest attacks and newestskills to counter those attacks


10/20

AttacksAttacks

y Two main type of attacks Passive &Active

y Passive Attack (Eavesdropper

attack)yWireless communication based on

broadcasting

y

this attack, an attacker observes thepattern of flows and gains somethinginterested and relevant information fromthem


11/20

Types of PassiveAttackTypes of PassiveAttack

y Traffic Analysis

y Message interception


12/20


13/20

Message Interception attackMessage Interception attack

y In this attack, an adversary is just copyingrelevant the information


14/20

ActiveAttackActiveAttack

y Aim of the attack to modify the contents ofthe message(s) or may also possible to copythe contents

y

Types Message loss

Message modification

Message interception

Message insertion Message replay

Denial-of-Service attack


15/20

Message loss

y During communication of two parties anadversary is just discarding the message.


16/20

Message ModificationMessage Modification

y an adversary is just modifying the contentof message


17/20

Message InterceptionMessage Interception

y An adversaryA can get a copy of m whenm passes


18/20

Message insertionMessage insertion

y AdversaryA can arbitrarily produce amessage m, pretending that m was sent byx


19/20

Message ReplayMessage Replay

y AdversaryA can replay a message m thathas been sent earlier by x and received byy


20/20

Denial Of Service (DOS) attackDenial Of Service (DOS) attack

y AdversaryA can send huge amount of

messages to y to block m from arriving at y

tcn lecture 3

Documents