This project is funded by Structural Funds of the European Union (ESF) and state budget of the Czech Republic

Simple Overview on Network Security Issues

Dr. Tarek Gaber Computer Science Department,

VSB-Technical University of Ostrava, Czech

Faculty of Computers & Informatics

Suez Canal University, Ismailia, Egypt

Lecture Objectives

To learn the importance of providing security for any network

To know techniques and algorithms used to achieve security in networks

Lecture Outlines

What is the Problem

Security Fundamentals

Algorithms to achieve security services

Security, functionality, and ease of use

What is the Problem?

• The Internet as a network is

– a shared resources,

– used by competing businesses, mutually unfriendly governments, and opportunistic criminals.

• What consequences if there is no security services?

Security Threat Example

• Suppose you are using a credit card to order an item from a website, an adversary would

– eavesdrop on your network communication,

– reading your messages to obtain your credit card information.

34% of WiFi users take no special measures to protect themselves accessing WiFi network

Threat Countermeasure • Encryption,

– Locking the exchanged messages so that preventing an attacker from understanding the message contents. • This in know as confidentiality.

- Taking the concept a step farther, concealing the

quantity or destination of communication is called • traffic confidentiality

Is Encryption Enough?

• An attacker who can’t read an encrypted message may still be able to modify a few bits in it,

– resulting in a completely different item or message.

– E.g. changing 0001 to 1010

• So, encryption alone is not enough.

– What are possible solutions?

Message Tampering Solution • Data Integrity: It is a technique to detect any

tampering with exchanging messages.

• The adversary could alternatively get a copy of your

message and then transmit it again as a replay attack.

Another Security Attack

• Imagine these websites are not accessible for minutes :

– Amazon.com

– Ebay.com

– Others

• When customers are unable to access a website, this could happen because it is being overwhelmed by fake requests

– This is know as Denial of Service (DoS) attacks

DoS Countermeasure: Firewall

Internet Without Security Services

• There will be NO

– E-Commerce

– E-Banking

– E-ticket

– E-health

– …

– …

So, how these service can be secured?

Security Fundamentals

Security Fundamentals: CIA security model

unauthorized access is

prevented

network performs its

tasks without interruption

message cannot be

modified by attackers

Typical Attacks to CIA Model • Confidentiality:

– Eavesdropping : unauthorized message reception

• Integrity: – man-in-the-middle: unauthorized message modification

• Availability: – denial-of-service : attempt to disrupt transmission or service

Other Security Services and Typical Attacks

Algorithms to achieve security services

Symmetric Encryption

Example: AES Algorithm

Asymmetric Encryption

Example: RSA Algorithm

Hash Function/Algorithm

Digital Signature

Considerations of Designing a Security

Solution

The Security, Functionality, and Ease of Use Triangle

References • William, Stallings, and William Stallings. Cryptography and

Network Security, 4/E. Pearson Education India, 2006.

• http://techathon.mytechlabs.com/web-application-security-testing/

• http://www.privatewifi.com/csid-recommends-using-a-vpn-to-stop-man-in-the-middle-attacks/

• http://techathon.mytechlabs.com/web-application-security-testing/

• http://en.kryptotel.net/encryption.html

Thank you

Dr. Tarek Gaber

Ostrava, ….. (04 December 2014)

This project is funded by Structural Funds of the European Union and state budget of the Czech Republic