tcn lecture 3
TRANSCRIPT
-
8/7/2019 TCN Lecture 3
1/20
Security ServicesSecurity Services
Presented By
Mr. Fasee Ullah
CUSITPeshawar
-
8/7/2019 TCN Lecture 3
2/20
Agenda of the presentationAgenda of the presentation
y Security?
y Basic Network Security services
y
Types ofAttacks
-
8/7/2019 TCN Lecture 3
3/20
What is security?What is security?
y The feelings of the owner of the data thathis digital assets are safe
y Common security services
Confidentiality
Integrity
Authentication
Non-Repudiation
Digital Signature
-
8/7/2019 TCN Lecture 3
4/20
ConfidentialityConfidentiality
y To make something (intelligent) into non-meaningless (intelligent way)
y Means keep messages known only to thereceiver
y Mechanism used for it, is
y Encryption/Decryption
-
8/7/2019 TCN Lecture 3
5/20
IntegrityIntegrity
yWhen receiver receives message M
y Can verify that message not modifiedduring transmission
y Mechanism to verify the integrity is
y Hashing (MD5), SHA1,SHA2, etc
-
8/7/2019 TCN Lecture 3
6/20
-
8/7/2019 TCN Lecture 3
7/20
NonNon--RepudiationRepudiation
yWhen receiver receives message m,receiver gets proof that sender of m eversent m
y Receiver of m can show proof to third-party so that sender of m cannotrepudiate
y Forensic Science used
-
8/7/2019 TCN Lecture 3
8/20
Digital SignatureDigital Signature
y If private key (own password etc) is usedy Mechanism is used integrity with digital
signaturey
DS issued by the CAy CA are Verisign Entrust Etrust Microsoft CISCO Netscape etc
-
8/7/2019 TCN Lecture 3
9/20
Why should you study security?Why should you study security?
y Security is an increasingly important issue
y You want to have basic knowledgeabout network security
y You can learn latest attacks and newestskills to counter those attacks
-
8/7/2019 TCN Lecture 3
10/20
AttacksAttacks
y Two main type of attacks Passive &Active
y Passive Attack (Eavesdropper
attack)yWireless communication based on
broadcasting
y
this attack, an attacker observes thepattern of flows and gains somethinginterested and relevant information fromthem
-
8/7/2019 TCN Lecture 3
11/20
Types of PassiveAttackTypes of PassiveAttack
y Traffic Analysis
y Message interception
-
8/7/2019 TCN Lecture 3
12/20
-
8/7/2019 TCN Lecture 3
13/20
Message Interception attackMessage Interception attack
y In this attack, an adversary is just copyingrelevant the information
-
8/7/2019 TCN Lecture 3
14/20
ActiveAttackActiveAttack
y Aim of the attack to modify the contents ofthe message(s) or may also possible to copythe contents
y
Types Message loss
Message modification
Message interception
Message insertion Message replay
Denial-of-Service attack
-
8/7/2019 TCN Lecture 3
15/20
Message loss
y During communication of two parties anadversary is just discarding the message.
-
8/7/2019 TCN Lecture 3
16/20
Message ModificationMessage Modification
y an adversary is just modifying the contentof message
-
8/7/2019 TCN Lecture 3
17/20
Message InterceptionMessage Interception
y An adversaryA can get a copy of m whenm passes
-
8/7/2019 TCN Lecture 3
18/20
Message insertionMessage insertion
y AdversaryA can arbitrarily produce amessage m, pretending that m was sent byx
-
8/7/2019 TCN Lecture 3
19/20
Message ReplayMessage Replay
y AdversaryA can replay a message m thathas been sent earlier by x and received byy
-
8/7/2019 TCN Lecture 3
20/20
Denial Of Service (DOS) attackDenial Of Service (DOS) attack
y AdversaryA can send huge amount of
messages to y to block m from arriving at y