Professional Documents
Culture Documents
Harsh Networking Notes
Harsh Networking Notes
through use of codes so that only those person for whom the
information is intended can understand it and process it. Thus
preventing unauthorized access to information. The prefix “crypt”
means “hidden” and suffix graphy means “writing”.
Confidentiality:
Information can only be accessed by the person for whom it is intended
and no other person except him can access it.
Integrity:
Information cannot be modified in storage or transition between sender
and intended receiver without any addition to information being
detected.
Non-repudiation:
The creator/sender of information cannot deny his intention to send
information at later stage.
Authentication:
The identities of sender and receiver are confirmed. As well as
destination/origin of information is confirmed.
Types Of Cryptography:
In general there are three types Of cryptography:
Attacks
There are two types of attacks that are related to security namely
passive and active attacks. In an active attack, an attacker tries to modify
the content of the messages. In a passive attack, an attacker observes
the messages and copies them.
Passive Attacks
The first type of attack is passive attack. A passive attack can monitor,
observe or build use of the system’s data for sure functions. However, it
doesn’t have any impact on the system resources, and also, the data can
stay unchanged. The victim is difficult to note passive attacks as this sort
of attack is conducted in secret. Passive attack aims to achieve data or
scan open ports and vulnerabilities of the network.
Active Attacks
Trojan horse attacks are another example of network attack, the most
ordinary sort of that is backdoor trojan. A backdoor trojan permits the
attackers that don’t have the authority to realize access to the pc system,
network, or code application. As an example, the attackers may hide
some malware in an exceedingly explicit link. Once the users click the
link, a backdoor is going to be downloaded within the device. Then, the
attackers can have basic access to the device. Apart from that, a rootkit
is additionally another example of a trojan attack. A rootkit is usually
won’t to get hidden privileged access to a system. It’ll give root access to
the attackers. The attackers can manage the system; however, the users
won’t get informed of it. They will amend any settings of the pc, access
any files or photos, and monitor the users’ activities. A number of the
favored rootkit examples are Lane Davis and Steven Dake, NTRootKit,
philosopher Zeus, Stuxnet, and Flame. Flame a malware that’s
established within the year 2012 that is intended to attack Windows OS.
It will perform some options like recording audio, screenshotting, and
observance network traffic.
Phishing attack
Security technology
No single cybersecurity technology can prevent phishing attacks. Instead,
organizations must take a layered approach to reduce the number of
attacks and lessen their impact when they do occur. Network security
technologies that should be implemented include email and web
security, malware protection, user behavior monitoring, and access
control.
Conventional encryption
The idea that uses in this technique is very old and that’s why this model
is called conventional encryption.
Plain text –
It is the original data that is given to the algorithm as an input.
Encryption algorithm –
This encryption algorithm performs various transformations on plain text
to convert it into ciphertext.
Secret key –
The secret key is also an input to the algorithm. The encryption
algorithm will produce different outputs based on the keys used at that
time.
Ciphertext –
It contains encrypted information because it contains a form of original
plaintext that is unreadable by a human or computer without proper
cipher to decrypt it. It is output from the algorithm.
Decryption algorithm –
This is used to run encryption algorithms in reverse. Ciphertext and
Secret key is input here and it produces plain text as output.
Simple –
This type of encryption is easy to carry out.
Fast –
Conventional encryption is much faster than asymmetric key encryption.
Disadvantages of Conventional Encryption Model:
CIA Model
When talking about network security, the CIA triad is one of the most
important models which is designed to guide policies for information
security within an organization.
Confidentiality
Integrity
Availability
These are the objectives that should be kept in mind while securing a network.
Confidentiality :
Integrity :
The next thing to talk about is integrity. Well, the idea here is to make
sure that data has not been modified. Corruption of data is a failure to
maintain data integrity. To check if our data has been modified or not,
we make use of a hash function.
We have two common types: SHA (Secure Hash Algorithm) and
MD5(Message Direct 5). Now MD5 is a 128-bit hash and SHA is a 160-bit
hash if we’re using SHA-1. There are also other SHA methods that we
could use like SHA-0, SHA-2, SHA-3.
Let’s assume Host ‘A’ wants to send data to Host ‘B’ maintaining
integrity. A hash function will run over the data and produce an arbitrary
hash value H1 which is then attached to the data. When Host ‘B’
receives the packet, it runs the same hash function over the data which
gives a hash value H2. Now, if H1 = H2, this means that the data’s
integrity has been maintained and the contents were not modified.
Availability :
This means that the network should be readily available to its users. This
applies to systems and to data. To ensure availability, the network
administrator should maintain hardware, make regular upgrades, have a
plan for fail-over, and prevent bottlenecks in a network. Attacks such as
DoS or DDoS may render a network unavailable as the resources of the
network get exhausted. The impact may be significant to the companies
and users who rely on the network as a business tool. Thus, proper
measures should be taken to prevent such attacks.
Types of Security Mechanism
Encipherment :
This security mechanism deals with hiding and covering of data which
helps data to become confidential. It is achieved by applying
mathematical calculations or algorithms which reconstruct information
into not readable form. It is achieved by two famous techniques named
Cryptography and Encipherment. Level of data encryption is dependent
on the algorithm used for encipherment.
Access Control :
This mechanism is used to stop unattended access to data which you are
sending. It can be achieved by various techniques such as applying
passwords, using firewall, or just by adding PIN to data.
Notarization :
This security mechanism involves use of trusted third party in
communication. It acts as mediator between sender and receiver so that
if any chance of conflict is reduced. This mediator keeps record of
requests made by sender to receiver for later denied.
Data Integrity :
This security mechanism is used by appending value to data to which is
created by data itself. It is similar to sending packet of information
known to both sending and receiving parties and checked before and
after data is received. When this packet or data which is appended is
checked and is the same while sending and receiving data integrity is
maintained.
Authentication exchange :
This security mechanism deals with identity to be known in
communication. This is achieved at the TCP/IP layer where two-way
handshaking mechanism is used to ensure data is sent or not
Bit stuffing :
This security mechanism is used to add some extra bits into data which is
being transmitted. It helps data to be checked at the receiving end and is
achieved by Even parity or Odd Parity.
Digital Signature :
This security mechanism is achieved by adding digital data that is not
visible to eyes. It is form of electronic signature which is added by sender
which is checked by receiver electronically. This mechanism is used to
preserve data which is not more confidential but sender’s identity is to
be notified.