NETWORK SECURITY

Ms. Mousmi Pawar

OVERVIEW

1. Need for Security

2. Goals of Security

3. Famous Malwares and Phishing

4. Cryptography

NEED FOR SECURITY

GOALS OF SECURITY

Integrity

Confendtiality

Authentication

Non-Repudiation

Availability

Access Control

INTEGRITY

Protect the information INTEGRITY

This type of attack is called Modification

Transfer `1000

To

B

Transfer `1000

To

C

Ideal route of the message

Actual route of the message

A

X

CONFIDENTIALITY

Guarantee Data Confidentiality

To:aaa@gmail.com

ATM pin is 9876

This type of Attack is called Interception.

X

A

AUTHENTICATION

Absence of proper authentication is called Fabrication.

A

X

I am user A

Transfer `5000 to

X

NON-REPUDIATION

Transfer `1000

To

B

I never

requested to

transfer `1000

to B

A

A

AVAILABILITY & ACCESS CONTROL

username: aaa@gmail.com

Password: ********

-----

-----

-----

-----

-----

----

Read

Read, Write

Read

This type of attack is called Interruption.

FAMOUS MALWARES

Viruses

Worms

Trojan Horse

VIRUS

A virus is a piece of program code that attaches itself to

legitimate program code and runs when the legitimate

program runs.

Sum=a+b;

Print sum;

End.

Sum=a+b;

Print sum;

Virus Code

End.

Original Code

Original Code

+ Virus code

Delete all files

Send copy of myself

to all using user’s

address book.

Virus code

WORM

A worm does not modify the program, instead it

replicates itself again and again.

Resource

eating and

no

destruction

Resource eating

and no destruction

Resource

eating and no

destruction

Resource

eating and no

destruction

Resource eating

and no destruction

Resource eating

and no destruction

Resource eating

and no destruction

TROJAN HORSE

It provides the attacker with unauthorized remote access to

a compromised computer, infects files and damages the

system, or steals user sensitive information.

username: aaa@gmail.com

Password: ********

Trojan Program

A

X

X

PHISHING

Attacker set up fake website which looks like real

website to obtain your details.

CRYPTOGRAPHY

Cryptography is the science of achieving security by

encoding messages to make them non-readable.

Encryption: The process of encoding plain text message

into cipher text message is called as encryption.

Decryption: the reverse process of transforming cipher

text to plain text is called decryption.

CRYPTOGRAPHY MECHANISM

Every Encryption and Decryption process has 2 aspects:

the algorithm and the key used for encryption.

Symmetric key Cryptography: If the same key is used for

encryption and decryption.(e.g. DES)

Asymmetric key Cryptography/Public Key Cryptography: if

two different keys are used for encryption and decryption

process(e.g. RSA)

REFERENCES

Cryptography and Network Security, Atul Kahate, Tata

McGraw Hill.

http://en.wikipedia.org/wiki/Cryptography.- Wikipedia.

THANK YOU