best ppt on security attacks services mechanism
TRANSCRIPT
![Page 1: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/1.jpg)
Henric Johnson 1
Chapter 1Chapter 1Introduction: Computer and Introduction: Computer and
Network SecurityNetwork Security
A V Ramana
![Page 2: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/2.jpg)
Network Security/ A V Ramana 2
OutlineOutline
• Information security• Attacks, services and mechanisms• Security attacks• Security services• Methods of Defense• A model for Internetwork Security• Internet standards and RFCs
![Page 3: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/3.jpg)
Network Security/ A V Ramana 3
Information Security “Protection of data”.
Has gone two major changes:
1. Computer Security:
oTimesharing systems: multiple users share
the H/W and S/W resources on a computer.
o Remote login is allowed over phone lines.
“Measures and tools to protect data and thwart
hackers is called Computer Security”.
![Page 4: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/4.jpg)
Network Security/ A V Ramana 4
Information Security…
2. Network Security:
Computer networks are widely used to connect computers at distant locations.
Raises additional security problems:
o Data in transmission must be protected.
o Network connectivity exposes each computer to more vulnerabilities.
![Page 5: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/5.jpg)
Network Security/ A V Ramana 5
Attacks, Services and Attacks, Services and MechanismsMechanisms
Three aspects of Information Security:
• Security Attack: Any action that compromises the security of information.
• Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
• Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
![Page 6: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/6.jpg)
Network Security/ A V Ramana 6
Security AttacksSecurity Attacks
![Page 7: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/7.jpg)
Network Security/ A V Ramana 7
Security AttacksSecurity Attacks
Interruption: An asset of the system is destroyed or becomes unavailable or unusable.
• This is an attack on availability.Examples:• Destroying some H/W (disk or wire).• Disabling file system.• Swamping a computer with jobs or
communication link with packets.
![Page 8: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/8.jpg)
Network Security/ A V Ramana 8
Security AttacksSecurity Attacks
Interception: An unauthorized party gains access to an asset.
O This is an attack on confidentiality.Examples:>Wiretapping to capture data in a
network.>Illicitly copying data or programs.
![Page 9: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/9.jpg)
Network Security/ A V Ramana 9
Security AttacksSecurity Attacks
Modification: An unauthorized party gains access and tampers an asset.
oThis is an attack on integrity.Examples:• Changing data files.• Altering a program.• Altering the contents of a message.
![Page 10: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/10.jpg)
Network Security/ A V Ramana 10
Security AttacksSecurity Attacks
Fabrication: An unauthorized party inserts a counterfeit object into the system.
O This is an attack on authenticity.Examples:> Insertion of records in data files.> Insertion of spurious messages in
a network. (message replay).
![Page 11: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/11.jpg)
Network Security/ A V Ramana 11
Passive vs. Active Attacks
1. Passive Attacks:
o Eavesdropping on information without
modifying it.
(difficult to detect ).
2. Active Attacks:
o Involve modification or creation of info.
![Page 12: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/12.jpg)
Network Security/ A V Ramana 12
![Page 13: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/13.jpg)
Network Security/ A V Ramana 13
Passive Threats
• Release of a message contents: Contents of a message are read.> A message may be carrying sensitive or
confidential data.• Traffic analysis: An intruder makes inferences by observing message
patterns.> Can be done even if messages are encrypted.> Inferences: location and identity of hosts.
![Page 14: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/14.jpg)
Network Security/ A V Ramana 14
Active Threats
• Masquerade: An entity pretends to be some other entity. Example: An entity captures an authentication
sequence and replays it later to impersonate the original entity.
• Replay:Involves capture of a data unit and its
retransmission to produce an unauthorized effect.
![Page 15: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/15.jpg)
Network Security/ A V Ramana 15
Active Threats
• Modification of messages:A portion of a legitimate message has been
altered to produce an undesirable effect.• Denial of service:Inhibits normal use of computer and
communications resources.> Flooding of computer network.>Swamping of CPU or a server.
![Page 16: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/16.jpg)
Network Security/ A V Ramana 16
Security ServicesSecurity ServicesA classification of security services:
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
![Page 17: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/17.jpg)
Network Security/ A V Ramana 17
Security GoalsSecurity Goals
Integrity
Confidentiality
Avalaibility
![Page 18: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/18.jpg)
Henric Johnson 18
![Page 19: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/19.jpg)
Network Security/ A V Ramana 19
![Page 20: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/20.jpg)
Network Security/ A V Ramana 20
Methods of DefenceMethods of Defence
• Encryption• Software Controls (access
limitations in a data base, in operating system protect each user from other users)
• Hardware Controls (smartcard)• Policies (frequent changes of
passwords)• Physical Controls
![Page 21: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/21.jpg)
Network Security/ A V Ramana 21
Internet standards and Internet standards and RFCsRFCs
• The Internet society– Internet Architecture Board (IAB)– Internet Engineering Task Force (IETF)– Internet Engineering Steering Group
(IESG)
![Page 22: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/22.jpg)
Network Security/ A V Ramana 22
Internet RFC Internet RFC Publication ProcessPublication Process
![Page 23: Best PPT on Security Attacks Services Mechanism](https://reader038.vdocuments.net/reader038/viewer/2022102804/543e7359afaf9f195e8b45fb/html5/thumbnails/23.jpg)
Network Security/ A V Ramana 23
Recommended ReadingRecommended Reading
• Pfleeger, C. Security in Computing. Prentice Hall, 1997.
• Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001.