Computer System Security Notes ALL UNITS

www.aktutor.
in
Computer
syst
em
secur
it
ynotes
RD
3 SEM
CS/I
T/ME/
EC
/CI
VIL
www.aktutor.in
UNI
T-1
TY-
COMPUTERSYSTEM SECURI Comput
ersecur
it
y basi
cal
l
yist
hepr
otect
ionof
comput
er
systems andi
nfor
mati
onfrom har
m, t
hef
t,andunaut
hor
izeduse.I
tist
hepr
ocessofpr
event
ingand
detect
ingunaut
hori
zeduseofyour
computersy
stem
i
nter
nalar chi
tect
uraldesi
gn comes i
n di
ff
erent t
ypes and si
zes,but the basi
c str
uct
ure
remai
nssame ofal l
comput
ersyst
ems.hardwar
e and soft
warether
e ar
et wo componentof
computersyst
em secur
it
y
mar ketplacev ul ner abi l

ity-Sof
twarevulnerabil
i
tiesand"exploi
ts"areusedt ogetremote
accesstobothstoredinformationandinfor
mationgener atedinrealt
ime.Whenmostpeopl eusethe
same softwar
e,asisthecasei nmostofcount r
iestodaygi venthemonopol isti
cnat ur
eofinter
net
contentandservi
ceproviders,
onespeci f
icvul
nerabili
tycanbeusedagai nstthousandsifnotmill
i
ons
ofpeople.Int
hiscontext,cr
iminalshavebecomei nterest
edi nsuchvulnerabil
it
ies.
.Cybersecur i
tyreferstothebodyoftechnol
ogies,
processes,andpract
icesdesi
gnedt
opr
otect
net
wor
ks,
dev
ices,
programs,anddatafr
om at t
ack,
damage, orunauthor
izedaccess
At
tacks-
Incomput
ersandcomput
ernet
wor
ksan
att
ack
i
sanyat
temptt
oexpose,
alt
er,
disabl
e,
dest
roy
,steal
orgai
nunaut hor
izedaccesstoormakeunaut
hori
zeduseofanasset..
..Acyberat
tackcan
beemployedbynat
ion-
states,
indi
vi
duals,gr
oups,
soci
etyoror
gani
zati
ons.Acyberat
t ackmayori
ginat
e
fr
om ananonymoussource.
Passiveattacks:

APassiveatt
ackattemptstolearnormakeuseofinformati
onfr
om the
system butdoesnotaff
ectsystem r
esources.Passi
veAtt
acksareinthenatur
eof
eavesdroppingonormonitor
ingoftransmissi
on.Thegoaloftheopponenti
stoobtai
n
i
nformat i
onisbeingt
ransmit
ted.TypesofPassiveatt
acksareasfoll
owing:
1-Thereleaseofmessagecont ent–
Telephonicconversati
on,anel
ectroni
cmai
lmessageoratr
ansfer
redfi
l
emaycont ai
n
sensit
iveor
conf i
dent
ialinf
ormati
on.Wewouldli
ket
opr ev
entanopponentf
rom l
ear
ningthe
www.aktutor.in
cont
ent
sof
2-Traff
icanalysis–
Supposet hatwehadawayofmaski ng(encry
ption)ofinfor
mation,sothatthe
attackerevenifcaptur
edthemessagecoul dnotext r
actanyinformati
onf r
om the
message.
Theopponentcoul ddeterminethelocati
onandi dent
it
yofcommuni cat
inghostand
couldobser v
et hefr
equencyandlengt hofmessagesbei ngexchanged.This
i
nf ormati
onmi ghtbeusefulinguessingthenatureofthecommuni cati
onthatwas
takingplace.
Activ
eattacks:

AnAct i
veatt
ackatt
emptstoaltersyst
em resourcesoreffectthei
roper
ati
ons.Acti
veat
tack
i
nvolvesomemodi fi
cati
onofthedatast
ream orcreat
ionoffalsestatement.Typesofact
iveat
tacksar
eas
fol
lowing
1-Masquerade–
Masqueradeattackt
akesplacewhenoneentitypret
endstobedi ff
erententi
ty.AMasqueradeatt
ack
i
nvolvesoneoftheotherfor
m ofact
iveatt
acks.
www.aktutor.in
2-
Replay–
I
tinv
olvest
hepassivecaptur
eofamessageandi
tssubsequentt
het
ransmi
ssi
ont
o
pr
oduceanaut
horizedeffect
.
3-Modif
icat
ionofmessages–
Itmeansthatsomeportionofamessageisalt
eredorthatmessageisdelay
edorr
eor
dered
toproduceanunauthor
isedeff
ect
.Forexample,amessagemeani ng“Al
l
owJOHNt oread
conf
identi
alfi
leX”i
smodi fi
edas“
All
owSmi thtoreadconfi
denti
alfi
leX”
.
4-Deni
alofServi
ce Itpr
eventsnormaluseofcommuni cati
onfaci
l
iti
es.Thi
sattackmayhave
aspecif
ictar
get.Forexample,anenti
tymaysuppressallmessagesdirect
edtoaparti
cul
ar
desti
nati
on.Anotherfor
m ofservi
cedenial
isthedisr
uptionofanentir
enetworkwit
herby
di
sabli
ngthenetwor korbyoverl
oadi
ngitbymessagessoast odegradeperf
ormance
hij
acking-Hijacki
ngisat ypeofnetworksecuri
tyatt
ackinwhicht heattacker
takescontrolofacommuni cati
on-justasanair
planehi
jackertakescont r
olofa
fli
ght-betweent wo enti
ti
esandmasquer adesasoneof
them.onetypeofhi j
acking(alsoknownasa mani nthemiddle
attack),
the
perpetr
atortakescontrolofanestabli
shedconnecti
onwhileiti
si nprogress.The
www.aktutor.in
attackerint
erceptsmessagesi napubli
ckeyexchangeandt henr etr
ansmi t
s
them, substi
tuti
ngt heirown publ
ickey
fortherequestedone, sot hatthetwo
origi
nalparti
esst i
llappeartobecommuni cati
ngwitheachot herdirectl
y.The
attackerusesapr ogr am t
hatappearstobet heservertothecl ientandappear s
tobet hecli
entt otheser ver
.Thisatt
ackmaybeusedsi mpl yt ogainaccesst o
themessages, ortoenablet heatt
ackertomodi f
ythem befor er et
ransmitti
ng
them. Br
owserhij
acki
ng i
safor
m ofunwant
edsoftwar
ethatmodif
iesaweb browser
's
setti
ngswi thoutauser '
sper mi ssion, t
oinjectunwant edadv ert
isi
ngi ntotheuser 'sbrowser.
A browserhi jacker
mayr eplacet heexi st
inghomepage, errorpage, orsear chengi newi t
hits
own.
Sessionhi j
acki ngofcont r
ollerat tackisoneoft hemostcommonway sofinformat i
on
l
eakageSof twar e-
Def i
nedNet wor kingisfacing,whichbr ingsaser ioust hreattocy ber
securit
y .Howev er
,theexisti
ngdef ensetechnologiesmai nlyf ocusonhowt odet ectat t
acks
andr educet heat t
acksuccessr ate.Thepaperpr oposesamet hodf rom anot herper specti
ve
tomi nimi zet hecostt hatthenet wor kundertakesandf indanopt i
mal defender'sst r
ategy
whenanat tacki sunav oi
dabl einsomecase.Themai nwor kisasf ollows.Firstofal l
,we
model st hescenar i
oofat tackanddef enseasaSt ackelbergGames, andpr ovet heopt i
mal
strat
egyi sequal t
ot heSSE( St rongSt ackelbergEquili
brium)
Di
ff
erencebet
weenact
iveandpassi
veat
tack
Basi
c Act
iveat
tackt
ri
est
ochange Passi
veat
tackt
ri
est
oreadormakeuseof
t
hesy
stem r
esour
cesoraf
fect i
nfor
mat
ionf
rom t
hesy
stem butdoesnot
t
hei
roper
ati
on. i
nfl
uencesy
stem r
esour
ces.
Modi
fi
cat
ioni
n Occur
s doesnott
akepl
ace
t
hei
nfor
mat
ion
Har
mtot
he Al
way
scausesdamaget
othe Donotcauseanyhar
m.
sy
stem sy
stem.
Thr
eatt
o I
ntegr
it
yandav
ail
abi
l
ity Conf
ident
ial
i
ty
At
tackawar
eness Theent
it
y(v
ict
im)get
s Theent
it
yisunawar
eoft
heat
tack.
www.aktutor.in
i
nfor
medaboutt
heat
tack.
Taskper
for
med Thet
ransmi
ssi
oni
scapt
ured Justneedt
oobser
vet
he
byt
heat
tacker byphy
sical
l
ycont
rol
l
ingt
he
t
ransmi
ssi
on.
por
ti
onofal
i
nk.
ERROR-
404.
ANS.
The
HTTP404,

404NotFound,

404,

PageNotFound,
or
Ser
verNotFound
err
ormessage
i
s
a Hyper
textTransf
erPr otocol

(HTTP) standardresponsecode,i
ncomput ernet
wor k
communi cat
ions,t
oi ndicat
ethatt
he browser
wasabletocommuni catewithagiv
en serv
er,but
theserv
ercouldnotf indwhatwasr equested.Further
,whentherequestedi
nfor
mat i
onisfound
butaccessisnotgrant ed,t
heserv
ermayr etur
na404er rori
fitwishestonotdi
sclosethi
s
i
nformation,
aswel l
.[
1]
Thewebsi
tehostingserverwi
ll
typi
call
ygenerat
ea" 404NotFound"webpagewhenauser
at
temptst
ofollowa brokenordeadli
nk;hencethe404err
orisoneofthemostr
ecogni
zabl
e
er
ror
sencounteredont he
Worl
dWi deWeb
confi
dent i
ali
ty
isasetofrul
esthatl
imitsaccesst oi
nformati
on,
i
ntegri
ty
i
stheassurance
thattheinfor
mat ioni
strust
wort
hyandaccur ate,
andav ail
abi
li
tyisaguarant
eeofreli
able
accesstot heinformat
ionbyauthor
izedpeople.theter
msofconf ident
ial
i
ty,
int
egri
tyand
avail
abil
i
t y.
Inf
or mationSecur i
ty
isnotal laboutsecur inginfor mationfrom unaut horized
access.I nformationSecur i
tyisbasicallythepr acticeofpr eventi
ngunaut hori
zed
access, use,disclosure,disruption,
modi f
ication,inspect i
on,recordingor
destructionofinf ormation.Informationcanbephy si
cal orelectr
ical one.
Inf
or mationcanbeany thinglikeYourdet ailsorwecansayy ourpr ofileonsoci al
medi a,yourdat ainmobi l
ephone, y
ourbi omet r
icset c.ThusI nf
ormat ionSecur i
ty
spanssomanyr esearchar easl i
keCr yptography ,Mobi leComput ing, Cy ber
Forensics, Onli
neSoci al Mediaet c.
DuringFi rstWor l
dWar ,
Mul t
i-
tierCl
assi fi
cati
onSy stem wasdev elopedkeepi ngin
mindsensi ti
vi
tyofi nfor
mat i
on.Wi t
ht hebegi nningofSecondWor ldWarf or
mal
ali
gnmentofCl assifi
cati
onSy stem wasdone.Al anTur ingwast heonewho
successf ull
ydecr yptedEni gmaMachi newhi chwasusedbyGer manst oencr y
pt
warfaredat a.
Inf
ormat
ionSecuri
typrogramsar ebui
l
dar ound3obj
ect
ives,
commonl
yknown
asCIA–Confident
ial
it
y,Integr
it
y,Avai
labi
l
ity.
1.Confi
dential
ity– meansinformationisnotdi
sclosedt ounauthor
ized
i
ndivi
duals,entit
iesandprocess.ForexampleifwesayIhav eapasswor d
formyGmai laccountbutsomeonesawwhi l
eIwasdoi ngaloginint
oGmai l
account.I
nt hatcasemypasswor dhasbeencompr omisedand
Confi
dential
ityhasbeenbr eached.
2.Int
egri
ty– meansmai nt
ainingaccuracyandcompl etenessofdata.Thi
s
meansdat acannotbeedi tedinanunauthori
zedway .Forexampleifan
www.aktutor.in
employeel eavesanor ganisati

ont henint hatcasedat aforthatempl oyeein
all
depar t
ment sli
keaccount s, shoul dbeupdat edt orefl
ectstatustoJOB
LEFTsot hatdat aiscompl eteandaccur at eandinaddi t
iontothisonl y
authori
zedper sonshoul dbeal lowedt oeditemploy eedata.
3.Av ail
abili
ty– meansi nformationmustbeav ail
ablewhenneeded.For
examplei foneneedst oaccessi nf ormationofapar ti
cularempl oy
eet o
checkwhet herempl oyeehasout st andedt henumberofl eaves,inthatcase
i
trequirescol l
aborat i
onfrom di fferentorganizati
onal t
eamsl i
kenet work
operati
ons, dev el
opmentoper ations, i
ncidentresponseandpol icy/change
management .
Denialofser vi
ceat tackisoneoft hefactorthatcanhampert heav ai
labil
i
ty
ofinfor
mat ion.
Theneedf orInformat i
onsecur ity
:
1.Protecti
ngthefuncti
onalit
yoftheorgani
sati
on:
Thedeci si
onmakerinor gani
sati
onsmustsetpoli
cyandoperat
esthei
r
organisati
onincompliancewiththecomplex,
shi
ft
ingl
egi
slat
ion,ef
fi
cient
andcapabl eappl
icat
ions.
2.Enablingthesaf eoper ationofappl i

cat i
ons:
Theor ganisat
ioni sunderi mmensepr essuretoacquir eandoper ates
i
ntegrated,effi
cientandcapabl eappl i
cat i
ons.Themoder nor ganisat i
on
needst ocreateanenv ironmentt hatsaf eguardsapplicat i
onusi ngthe
organisati
onsITsy st
ems, parti
cularl
yt hoseapplicat
iont hatser vesas
i
mpor tantelement soft hei nf
rastructureoft heorganisat ion.
3.Protecti
ngt hedat athatt heorganisationcol l
ectanduse:
Dataint heorganisationcanbei nt wof ormst hatareeit herinr estori n
mot i
on,themot i
onofdat asignifi
est hatdatai scurr
ent lyusedorpr ocessed
bythesy stem.Thev aluesoft hedat amot i
vatedtheat tackerst oseal or
corruptsthedat a.Thisi sessentialfortheintegri
tyandt hev aluesoft he
organisati
on’sdat a.I
nf ormationsecur ityensuresprotect ionodbot hdat ain
mot i
onaswel lasdat ai nrest
.
UNI
T-4
CRYPTOGRAPHY
. Cr
yptogr
aphyi
stheartandsci
enceofmaki
ngacr
ypt
osy
stem t
hati
scapabl
eof
pr
ovi
dingi
nfor
mati
onsecuri
ty.
Crypt
ographydealswiththeactualsecuringofdigi
taldat
a.Itr
eferstothedesi
gnof
mechanisms based on mat hemat ical algor
it
hms t hat provi
de fundament
al
i
nformationsecuri
tyserv
ices.Youcant hinkofcryptogr
aphyast heestabl
i
shment
ofalargetool
kitcont
aini
ngdiff
erenttechniquesinsecuri
tyappl
icati
ons.
Cr
ypt
ogr
aphy–Benef
it
s
www.aktutor.in
Cryptogr
aphyisanessenti
ali
nfor
mati
onsecur
it
ytool
.Itpr
ovi
dest
hef
ourmost
basicservi
cesofi
nfor
mati
onsecur
it
y−
 Conf
ident
ial
i
ty
− Encr
ypt
ion t
echni
que can guar
d t
he i
nfor
mat
ion and
communi
cat
ionf
rom unaut
hor
izedr
evel
ati
onandaccessofi
nfor
mat
ion.
 Aut
hent
icat
ion
−Thecr
ypt
ogr
aphi
ctechni
quessuchasMACanddi
git
alsi
gnat
ures
canpr
otecti
nfor
mat
ionagai
nstspoof
ingandf
orger
ies.
 Dat
aInt
egr
it
y −Thecr
ypt
ogr
aphi
chashf
unct
ionsar
epl
ayi
ngv
italr
olei
nassur
ing
t
heuser
saboutt
hedat
aint
egr
it
y.
 Non-
repudi
ati
on
−Thedi
git
alsi
gnat
urepr
ovi
dest
henon-
repudi
ati
onser
vicet
oguar
d
agai
nstt
hedi
sput
ethatmayar
iseduet
odeni
alofpassi
ngmessagebyt
hesender
.
Allthesef
undament
alser
vicesof
feredbycr
yptogr
aphyhasenabledt
heconductof
businessovert
henet
worksusingthecomputersy
stemsinextr
emelyef
fi
cientand
effecti
vemanner
.
Cr
ypt
ogr
aphy–Dr
awbacks
Apar
tfr
om thefourfundament
alelementsofinf
ormat
ionsecur
it
y,t
her
ear
eot
her
i
ssuest
hataff
ecttheeff
ecti
veuseofinf
ormati
on−
 Ast
rongl
yencr
ypt
ed,aut
hent
ic,anddi
git
all
ysi
gnedi
nfor
mat
ioncanbe
dif
fi
cul
tto
accessevenf
oralegi
ti
mateuser
atacruci
alti
meofdecisi
on-maki
ng.Thenetwor
k
orthecomput
ersy
stem canbeat
tackedandrender
ednon-f
uncti
onalbyani
ntr
uder
.
 Hi
ghav
ail
abi
l
ity
,
oneoft
hef
undament
alaspect
sofi
nfor
mat
ionsecur
it
y,cannotbe
ensuredthr
oughtheuseofcryptogr
aphy.Othermethodsareneededt oguard
againstt
hethr
eat
ssuchasdeni
alofserv
iceorcompl
etebreakdownofi
nfor
mation
syst
em.
 Anot
herf
undament
alneedofi
nfor
mat
ionsecur
it
yof
sel
ect
iveaccesscont
rol

also
cannotbereal
izedthroughtheuseofcr y
ptography
.Admi
nist
rat
ivecont
rol
sand
procedur
esar
er equi
redtobeexer
cisedf
orthesame.
 Cr
ypt
ogr
aphydoesnotguar
dagai
nstt
hev
ulner
abi
l
iti
esand
thr
eat
sthatemer
ge
f
rom thepoordesignofsyst
ems, pr
otocol
s,andprocedures.Theseneedt
obef
ixed
t
hroughproperdesignandsett
ingupofadef ensi
veinf
rastr
ucture.
 Cr
ypt
ogr
aphycomesatcost
.Thecosti
sint
ermsoft
imeandmoney−
o Addi
ti
onofcr
ypt
ogr
aphi
ctechni
quesi
nthei
nfor
mat
ionpr
ocessi
ngl
eadst
o
del
ay.
o Theuseofpubl
i
ckeycr
ypt
ogr
aphyr
equi
resset
ti
ngupandmai
ntenanceof
publ
i
ckeyi
nfr
ast
ruct
urer
equi
ri
ngt
hehandsomef
inanci
albudget
.
 Thesecur
it
yofcr
ypt
ogr
aphi
ctechni
quei
sbasedont
hecomput
ati
onaldi
ff
icul
tyof
mathemati
calprobl
ems.Anybr
eakthr
oughi nsol
vi
ngsuchmat hemat
icalproblems
ori
ncreasi
ngthecomputi
ngpowercanrenderacry
ptogr
aphi
ctechni
quev ul
nerable.
Secur
it
ySer
vicesofCr
ypt
ogr
aphy
The pr
imar
yobj
ect
ive ofusi
ng cr
ypt
ogr
aphyi
sto pr
ovi
de t
he f
oll
owi
ng f
our
www.aktutor.in
f
undamentali
nfor
mat i
onsecuri
tyservi
ces.Letusnow seet
hepossi
blegoal
s
i
ntendedt
obefulf
il
ledbycr
ypt
ography
.
Conf
ident
ial
i
ty
Confi
dent
ial
i
tyi sthefundamentalsecuri
tyserv
icepr
ovi
dedbycr
y pt
ogr
aphy.Iti
sa
secur
it
yservicet hatkeepst heinfor
mat i
onfrom anunaut
hor
izedperson.Itis
someti
mesref er
redtoas pr
ivacy
or
secrecy.
Confi
dent
ial
i
tycanbeachi
evedthr
oughnumer
ousmeansstart
ingf
rom phy
sical
secur
ingt
otheuseofmat
hemati
calal
gor
it
hmsf
ordat
aencr
ypti
on.
Dat
aInt
egr
it
y
Itissecuri
tyservicethatdeal
swithident
ify
inganyalter
ationt
othedat a.Thedata
maygetmodi f
iedbyanunaut hor
izedentityint
ent
ional
lyoraccidentl
y.Int
egri
ty
serviceconfir
mst hatwhetherdatai sintactornotsi nceitwasl astcreat
ed,
transmit
ted,orstoredbyanauthori
zeduser.
Dat
aintegr
it
ycannotpreventtheal
ter
ati
onofdata,butpr ov
idesameansf
or
det
ect
ingwhetherdat
ahasbeenmani
pulat
edi
nanunauthor
izedmanner
.
Aut
hent
icat
ion
Authent
icat
ion pr
ovi
des the i
dent
if
icat
ion oft
he or
igi
nat
or.Itconfi
rms t
ot he
recei
verthatthedat
ar ecei
vedhasbeensentonlybyani dent
if
iedandver
if
ied
sender.
Aut
hent
icat
ionser
vicehast
wov
ari
ant
s−
 Messageaut
hent
icat
ion
i
dent
if
iest
heor
igi
nat
oroft
hemessagewi
thoutanyr
egar
d
r
out
erorsy
stem t
hathassentt
hemessage.
 Ent
it
yaut
hent
icat
ion
i
sassur
ancet
hatdat
ahasbeenr
ecei
vedf
rom aspeci
fi
cent
it
y,say
apar
ti
cul
arwebsi
te.
Apar
tfr
om theorigi
nat
or,authent
icat
ionmayal
soprovi
deassuranceaboutother
par
ameter
srel
atedtodatasuchast hedat
eandt
imeofcreat
ion/
transmi
ssi
on.
Non-
repudi
ati
on
I
tisasecur i
tyserv
icethatensuresthatanent
it
ycannotrefusetheowner shi
pofa
previ
ouscommi tmentoranaction.Iti
sanassur
ancethattheori
ginalcreatorofthe
datacannotdenythecreat
ionort r
ansmissi
onofthesai
ddatatoar ecipientorthi
rd
part
y.
Non-repudiat
ionisapr opertythati
smostdesirabl
einsituat
ionswherethereare
chancesofadi sputeov ertheexchangeofdata.Forexample,onceanorderis
placedelectr
onicall
y,apurchasercannotdenythepurchaseorder,i
fnon-r
epudiat
ion
servi
cewasenabl edinthistrans
Component
sofaCr
ypt
osy
stem
www.aktutor.in
Thev
ari
ouscomponent
sofabasi
ccr
ypt
osy
stem ar
easf
oll
ows−
 Pl
aint
ext
.
Iti
sthedat
atobepr
otect
eddur
ingt
ransmi
ssi
on.
 Encr
ypt
ionAl
gor
it
hm.
I
tisamat
hemat
icalpr
ocesst
hatpr
oducesaci
pher
textf
orany
gi
venplai
ntextandencry
ptionkey.I
tisacrypt
ogr
aphical
gor
it
hm t
hatt
akespl
aint
ext
andanencrypt
ionkeyasinputandpr
oducesaci
pher
text
.
 Ci
pher
text
.
Iti
sthescr
ambl
ed v
ersi
on oft
hepl
aint
extpr
oduced byt
heencr
ypt
ion
al
gori
thm usi
ngaspecif
ict
heencrypt
ionkey
.Thecipher
textisnotguar
ded.I
tfl
owson
publ
i
cchannel.I
tcanbeint
ercept
edorcompromisedbyany onewhohasaccesstot
he
communicati
onchannel
.
 Decr
ypt
ionAl
gor
it
hm,

Iti
samat
hemat
icalpr
ocess,t
hatpr
oducesauni
quepl
aint
extf
or
anygivencipher
textanddecry pt
ionkey.I
tisacr yptographi
calgorit
hm thattakesa
ci
pher
textand a decrypt
ion keyasi nput,and outputsa plai
ntext.Thedecr ypt
ion
al
gori
thm essent
ial
lyr
ever
sest heencr
ypti
onalgor
ithm andisthusclosel
yrelat
edtoit.
 Encr
ypt
ion Key
.
Iti
sav
alue t
hati
s known t
othe sender
.The senderi
nput
sthe
encry
pti
onkeyint
otheencr
ypt
ional
gor
it
hm al
ongwi
tht
hepl
aint
exti
nor
dert
ocomput
e
theci
phert
ext
.
 Decr
ypt
ionKey
.
Iti
sav
aluet
hati
sknownt
other
ecei
ver
.Thedecr
ypt
ionkeyi
srel
atedt
o
theencrypt
ionkey
,butisnotalwaysident
icalt
oit
.Ther ecei
veri
nput
sthedecr
ypt
ion
keyintothedecrypt
ional
gori
thm alongwi t
hthecipher
textinor
dertocomputethe
plai
ntext
.
Foragivencr
ypt
osy
stem,
acol
l
ect
ionofal
lpossi
bledecr
ypt
ionkey
siscal
l
eda
key
space.
An i
ntercept
or
(anatt
acker)i
sanunaut hor
izedent
it
ywhoat t
emptstodeter
mine
theplaint
ext
.Hecanseet heci
pher
textandmayknowt hedecr
ypt
ional
gor
it
hm.He,
howev er,
mustneverknowthedecr
ypti
onkey .
Ty
pesofCr
ypt
osy
stems
Fundament
all
y,t
her
earet
wot ypesofcr
ypt
osyst
emsbasedont
hemanneri
nwhi
ch
encry
pti
on-
decry
pti
oni
scarr
iedoutint
hesyst
em −
 Sy
mmet
ri
cKeyEncr
ypt
ion
 Asy
mmet
ri
cKeyEncr
ypt
ion
 Sy
mmet
ri
cencr
ypt
ion
usesasi
ngl
ekeyt
hatneedst
obeshar
edamongt
hepeopl
e
whoneedt orecei
v ethemessage..Symmetricencr
ypti
on i
sat ypeofencry
ption
whereonl yonekey( asecretkey)i
susedt obothencryptanddecryptel
ect
ronic
i
nformat i
on.Theentit
iescommunicati
ngviasymmetricencry
pti
onmustexchange
thekey Per
sonsusingsymmet r
ickeyencr
ypti
onmustshareacommonkeypr iorto
exchangeofinf
ormati
on.
www.aktutor.in
 Key
sar
erecommendedt
obechangedr
egul
arl
ytopr
eventanyat
tackont
hesy
stem.
 Ar
obustmechani
sm needst
oex
istt
oexchanget
hekeybet
weent
hecommuni
cat
ing
part
ies.As key
s ar
er equi
red t
o be changed r
egul
arl
y,t
his mechani
sm becomes
expensi
veandcumbersome.
 I
nagr
oupof
n
peopl
e,t
oenabl
etwo-
par
tycommuni
cat
ionbet
weenanyt
woper
sons,
the
numberofkey
srequi
redf
orgr
oupi
s n×(
n–1)
/2.
 Lengt
hofKey(
numberofbi
ts)i
nthi
sencr
ypt
ioni
ssmal
l
erandhence,pr
ocessof
encr
ypt
ion-
decr
ypt
ioni
sfast
ert
hanasy
mmet
ri
ckeyencr
ypt
ion.
 Pr
ocessi
ngpowerofcomput
ersy
stem r
equi
redt
orunsy
mmet
ri
cal
gor
it
hm i
sless.
sot
hati
tcanbeused
TheAsy
mmet
ri
cKeyEncr
ypt
ion
Theasymmet ricencrypt
ionprocesswhere di
ff
erentkey
sareusedf orencryptingand
decr
ypti
ngthei nformati
on i
sknownasAsy mmet ri
cKeyEncrypti
on.Thought hekey s
aredif
fer
ent,theyar emat hemati
call
yrelat
edandhence,r et
rievi
ngt heplaintextby
decr
ypti
ngciphertexti
sfeasibl
e.Theprocessisdepict
edint
hefoll
owingil
lustration
www.aktutor.in
 Ev
eryuseri
nthi
ssy
stem needst
ohav
eapai
rofdi
ssi
mil
arkey
s,
pri
vat
ekey
and
publ
i
c
key.Thesekeysar
emathemati
cal
l
yrel
ated−whenonekeyi susedf
orencr
ypt
ion,t
he
othercandecr
yptt
heci
pher
tex
tbackt
otheori
ginal
plai
ntext
.
 I
trequi
rest
oputt
hepubl
i
ckeyi
npubl
i
creposi
tor
yandt
hepr
ivat
ekeyasawel
l
-guar
ded
secr
et.Hence,
thi
sschemeofencr
ypt
ioni
sal
socal
l
ed
Publ
i
cKeyEncr
ypt
ion.
 Thoughpubl
i
candpr
ivat
ekey
soft
heuserar
erel
ated,i
tiscomput
ati
onal
l
ynotf
easi
ble
t
ofi
ndonef
rom anot
her
.Thi
sisast
rengt
hoft
hisscheme.
Host
 When 1 needs t
o send dat
at Host
o 2,
he obt
ains t
he publ
i
c keyof
Host
2 f
rom
r
eposi
tor
y,encr
ypt
sthedat
a,andt
ransmi
ts.
 Host
2 useshi
spr
ivat
ekeyt
oext
ractt
hepl
aint
ext
.
 Lengt
hofKey
s(numberofbi
ts)i
nthi
sencr
ypt
ioni
slar
geandhence,t
hepr
ocessof
encr
ypt
ion-
decr
ypt
ioni
ssl
owert
hansy
mmet
ri
ckeyencr
ypt
ion.
 Pr
ocessi
ngpowerofcomput
ersy
stem r
equi
redt
orunasy
mmet
ri
cal
gor
it
hm i
shi
gher
Di
ff
erencebet
weenbl
ockandst
ream ci
pher
S.
NO BLOCKCI
PHER(
ENCRYPTI
ON) STREAM CI
PHER(
DECRYPTI
ON)
Bl
ockCi
pherConv
ert
sthepl
aint
ext St
ream Ci
pherConv
ert
sthepl
aint
i
ntoci
phert
extbyt
aki
ngpl
aint
ext
’s t
exti
ntoci
phert
extbyt
aki
ng1by
te
1. bl
ockatat
ime. ofpl
aint
extatat
ime.
Bl
ockci
pherusesei
ther64bi
tsor
2. mor
ethan64bi
ts. Whi
l
est
ream ci
pheruses8bi
ts.
Thecompl
exi
tyofbl
ockci
pheri
s Whi
l
est
ream ci
pheri
smor
e
3. si
mpl
e. compl
ex.
Bl
ockci
pherUsesconf
usi
onaswel
l Whi
l
est
ream ci
pherusesonl
y
4. asdi
ff
usi
on. conf
usi
on.
I
nbl
ockci
pher
,rev
erseencr
ypt
ed Whi
l
einst
ream ci
pher
,rev
erse
5. t
exti
shar
d. encr
ypt
edt
exti
seasy
.
6. Theal
gor
it
hm modeswhi
char
eused Theal
gor
it
hm modeswhi
char
e
www.aktutor.in
i
nbl
ockci
pherar
e:ECB(
Elect
roni
c usedi
nst
ream ci
pherar
e:CFB
CodeBook)andCBC(
CipherBl
ock (
CipherFeedback)andOFB(
Out
put
Chai
ning)
. Feedback)
.
Di
git
alsi
gnat
ure
i
sa
cry
ptogr
aphi
c v
aluet
hati
scal
cul
atedf
rom t
hedat
aanda
secretkeyknownonlybythesigner
.Inreal
worl
d,t
herecei
verofmessageneedsassur
ance
thatthemessagebelongstothesenderandheshoul
dnotbeablet
or epudi
atet
he
origi
nati
onofthatmessage.
Di
git
alSi
gnat
ure
i
sapr
ocesst
hatguar
ant
eest
hatt
hecont
ent
sofamessage
havenotbeenal
ter
edintr
ansi
t.Wheny
ou,t
heserver
,di
git
all
ysi
gnadocument
,youadda
one-
wayhash(encry
pti
on)oft
hemessagecont
entusi
ngyourpubl
i
candpri
vat
ekeypair
.
Digi
talsignat
uresarethepubli
c-keypr
imit
ivesofmessageauthent
icati
on.I
nt he
physicalworl
d,i
tiscommontousehandwr i
ttensi
gnatur
esonhandwrit
tenortyped
messages.Theyar eusedt
obindsignat
oryt
ot hemessage.
Simil
arl
y,adi
git
alsi
gnat
ureisat echni
quethatbi
ndsaperson/
ent
it
ytothedi
git
al
data.Thisbi
ndi
ngcanbei ndependentl
yveri
fi
edbyrecei
veraswellasanyt
hird
party
.
Digi
talsi
gnat
urei
sacryptogr
aphi
cval
uet
hati
scal
cul
atedf
rom t
hedat
aanda
secr
etkeyknownonl
ybythesi
gner
.
I
nr ealworl
d,therecei
verofmessageneedsassurancethatthemessagebel ongs
tothesenderandheshouldnotbeabl
etorepudi
atetheorigi
nationofthatmessage.
Thisrequi
rementi sverycruci
alinbusi
nessappl i
cat
ions,sincelikel
ihoodofa
disput
eoverexchangeddataisver
yhi
gh.
Thef
oll
owi
ngpoi
ntsexpl
aint
heent
ir
epr
ocessi
ndet
ail
−
 Eachper
sonadopt
ingt
hisschemehasapubl
i
c-pr
ivat
ekeypai
r.
 Gener
all
y,t
he key pai
rs used f
orencr
ypt
ion/
decr
ypt
ion and si
gni
ng/
ver
if
ying ar
e
di
ffer
ent.Thepri
vat
ekeyusedf orsi
gni
ngi
sref
err
edt
oast
hesi
gnat
urekeyandt
he
publi
ckeyasthever
if
icat
ionkey
.
 Si
gnerf
eedsdat
atot
hehashf
unct
ionandgener
ateshashofdat
a.
 Hashv
alueandsi
gnat
urekeyar
ethenf
edt
othesi
gnat
ureal
gor
it
hm whi
chpr
oducest
he
digi
talsi
gnatur
eongiv
enhash.Si
gnat
urei
sappendedt
othedat
aandt
henbot
har
e
senttotheveri
fi
er.
 Ver
if
ierf
eedst
hedi
git
alsi
gnat
ureandt
hev
eri
fi
cat
ionkeyi
ntot
hev
eri
fi
cat
ional
gor
it
hm.
Thev
eri
fi
cat
ional
gor
it
hm gi
vessomev
alueasout
put
.
 Ver
if
ieral
sor
unssamehashf
unct
iononr
ecei
veddat
atogener
atehashv
alue.
 Forv
eri
fi
cat
ion,
thi
shashv
alueandout
putofv
eri
fi
cat
ional
gor
it
hm ar
ecompar
ed.Based
ont
hecompar
isonr
esul
t,v
eri
fi
erdeci
deswhet
hert
hedi
git
alsi
gnat
urei
sval
i
d.
 Si
ncedi
git
alsi
gnat
urei
scr
eat
edby‘
pri
vat
e’keyofsi
gnerandnooneel
secanhav
ethi
s
key
;thesi
gnercannotr
epudi
atesi
gni
ngt
hedat
ainf
utur
e.
www.aktutor.in
Di
ff
erencebet
weenConnect
ion-
ori
ent
edandConnect
ion-
lessSer
vices:
S.
NO CONNECTI
ON-
ORI
ENTEDSERVI
CE CONNECTI
ON-
LESSSERVI
CE
Connect
ion-
ori
ent
edser
vicei
s Connect
ion-
lessser
vicei
s
1. r
elat
edt
othet
elephonesy
stem. r
elat
edt
othepost
alsy
stem.
Connect
ion-
ori
ent
edser
vicei
s Connect
ion-
lessSer
vicei
s
pr
efer
redbyl
ongandst
eady pr
efer
redbybur
sty
2. communi
cat
ion. communi
cat
ion.
Connect
ion-
ori
ent
edSer
vicei
s Connect
ion-
lessSer
vicei
snot
3. necessar
y. compul
sor
y.
Connect
ion-
ori
ent
edSer
vicei
s Connect
ion-
lessSer
vicei
snot
4. f
easi
ble. f
easi
ble.
I
nconnect
ion-
ori
ent
edSer
vice, I
nconnect
ion-
lessSer
vice,
5. Congest
ioni
snotpossi
ble. Congest
ioni
spossi
ble.
Connect
ion-
lessSer
vicedoes
Connect
ion-
ori
ent
edSer
vice notgi
vet
heguar
ant
eeof
6. gi
vest
heguar
ant
eeofr
eli
abi
l
ity
. r
eli
abi
l
ity
.
I
nconnect
ion-
lessSer
vice,
I
nconnect
ion-
ori
ent
edSer
vice, Packet
sdonotf
oll
owt
he
7. Packet
sfol
l
owt
hesamer
out
e. samer
out
e.
TLS
TLSi
sacr
ypt
ogr
aphi
cpr
otocol
thatpr
ovi
desend-
to-
endcommuni
cat
ionssecur
it
yov
er
www.aktutor.in
net
wor
ksandi
swi
del
yusedf
ori
nter
netcommuni
cat
ionsandonl
i
net
ransact
ions
Networksecuri
tyentai
l
ssecur i
ngdataagainstattackswhi
leitisintr
ansitonanetwork.To
achievethi
sgoal,manyreal-
ti
mesecur i
typrotocol
shavebeendesi gned.Ther
earepopular
standardsforr
eal-
ti
menet worksecuri
typrotocol
ssuchasS/ MIME, SSL/TLS,SSH,and
IPsec.Asmentionedearl
ier
,theseprot
ocolswor katdif
fer
entlayersofnetworki
ngmodel.
Inthelastchapt
er,wediscussedsomepopul arprotocol
st hatar
edesignedt
oprovi
de
appli
cati
onlayersecuri
ty.I
nthischapt
er,wewi l
ldiscusstheprocessofachi
evi
ngnetwor
k
securi
tyatTransportLayerandassoci
atedsecurit
ypr ot
ocols.
ForTCP/I
Pprotocolbasednetwork,
physi
calanddatali
nklayer
saretypi
call
yimplemented
i
ntheuserter
minalandnet wor
kcardhardware.TCPandIPlayersar
eimplementedinthe
oper
ati
ngsystem.AnythingaboveTCP/I
Pisimplementedasuserprocess.
Needf
orTr
anspor
tLay
erSecur
it
y
Let
'sdi
scussat
ypi
cal
Int
ernet
-basedbusi
nesst
ransact
ion.
Bobvisit
sAli
ce’
swebsi
teforsel
li
nggoods.Inaform onthewebsit
e,Bobenterst
hetypeof
goodandquanti
tydesi
red,
hisaddressandpaymentcarddet
ail
s.Bobcli
cksonSubmi tand
wait
sf ordel
i
ver
yofgoodswithdebitofpr
iceamountfr
om hisaccount
.Al
lthissoundsgood,
buti
nabsenceofnetworksecur
it
y,Bobcouldbeinforafewsurpri
ses.
 I
ftr
ansact
ionsdi
dnotuseconf
ident
ial
i
ty(
encr
ypt
ion)
,anat
tackercoul
dobt
ainhi
spay
mentcar
d
i
nfor
mat
ion.Theat
tackercant
henmakepur
chasesatBob'
sexpense.
 I
fnodat
aint
egr
it
ymeasur
eisused,
anat
tackercoul
dmodi
fyBob'
sor
deri
nter
msoft
ypeorquant
it
yof
goods.
 Last
ly,i
fnoser
veraut
hent
icat
ioni
sused,aser
vercoul
ddi
spl
ayAl
i
ce'
sfamousl
ogobutt
hesi
tecoul
d
beamal i
cioussitemaint
ainedbyanat
tacker
,whoismasquer
adi
ngasAl i
ce.Aft
err
eceiv
ingBob'
s
order
,hecouldtakeBob'smoneyandfl
ee.Orhecoul
dcar
ryoutanident
it
ythef
tbycoll
ecti
ngBob'
s
nameandcr edi
tcarddet
ail
s.
Transportl
ayersecur
ityschemescanaddresstheseproblemsbyenhanci
ngTCP/ IPbased
networkcommuni cat
ionwithconf
ident
ial
i
ty,dat
aintegri
ty,ser
veraut
hent
icat
ion,
andclient
authent
icat
ion.
Thesecur
it
yatt
hisl
ayeri
smostl
yusedtosecur
eHTTPbasedwebtransact
ionsona
net
work.Howev
er,i
tcanbeempl
oyedbyanyappli
cat
ionr
unni
ngov
erTCP.
Phi
l
osophyofTLSDesi
gn
Tr
ansportLay
erSecuri
ty(TLS)prot
ocol
soper
ateabovetheTCPlay
er.Desi
gnofthese
pr
otocol
susepopularAppli
cati
onProgr
am I
nter
faces(
API)toTCP,cal
l
ed“socket
s"for
i
nter
faci
ngwithTCPlayer
.
Appli
cati
onsarenowinter
facedtoTranspor
tSecur
it
yLayerinst
eadofTCPdirect
ly.
Transpor
tSecuri
tyLay
erprovidesasimpleAPIwi
thsocket
s,whichi
ssimi
larandanalogous
toTCP'sAPI.
www.aktutor.in
Intheabov
ediagr
am,alt
houghTLStechni
call
yresi
desbetweenappli
cat
ionandt
ranspor
t
l
ayer,f
rom t
hecommonperspecti
vei
tisatranspor
tprot
ocolthatact
sasTCPlayer
enhancedwit
hsecur
it
yservi
ces.
TLSisdesi
gnedtooperateoverTCP,therel
i
ablelayer4prot
ocol(
notonUDPpr otocol
),t
o
makedesignofTLSmuchsi mpler
,becauseitdoesn'thav
etoworryabout‘
ti
mingout’and
‘
ret
ransmit
ti
nglostdat
a’.TheTCPlayerconti
nuesdoi ngt
hatasusualwhi
chservestheneed
ofTLS.
EMAI
LSECURI
TY:
-E-
mai
lHacki
ng
Emai
lhacki
ngcanbedonei
nanyoft
hef
oll
owi
ngway
s:
Spam
Vi
rus
Phi
shi
ng
Spam
E-mail
spammi ngisanactofsendi
ng
Unsolici
tedBul
kE-
mails(UBI
)
whi
chonehasnot
askedfor.Email
spamsarethejunkmail
ssentbycommer ci
alcompani
esasan
adver
tisementofthei
rpr
oductsandser
vices.
Vi
rus
Someemail
smayincor
por
atewit
hfil
escontai
ningmal
i
ciousscr
iptwhi
chwhenr
unony
our
comput
ermayl
eadtodest
royyouri
mportantdata.
www.aktutor.in
Phi
shi
ng
Emailphi
shi
ngisanactivi
tyofsendingemail
st oausercl
aimi
ngtobealegi
ti
mat
e
ent
erpri
se.I
tsmainpurposeistostealsensi
ti
veinf
ormati
onsuchasuser
names,
passwor
ds,
andcredi
tcarddet
ail
s.
Suchemai l
scont
ainsl
inkt
owebsit
esthatar
einfect
edwithmal
wareanddir
ectt
heusert
o
enterdet
ail
satafakewebsi
tewhosel
ookandf eel
saresametol
egit
imat
eone.
E-
mai
lSpammi
ngandJunkMai
l
s
Emai lspammi ngi

sanactofsendi
ngUnsoli
cit
edBul
kE-mail
s(UBI
)whi
chonehasnotasked
for.Emai l
spamsarethejunkmail
ssentbycommerci
alcompani
esasanadv
ert
isementof
theirproduct
sandservi
ces.
Spamsmaycauset
hef
oll
owi
ngpr
obl
ems:
 I
tfl
oodsy
oure-
mai
laccountwi
thunwant
ede-
mai
l
s,whi
chmayr
esul
tinl
ossofi
mpor
tante-
mai
l
sif
i
nboxi
sful
l
.
 Ti
meandener
gyi
swast
edi
nrev
iewi
nganddel
eti
ngj
unkemai
l
sorspams.
 I
tconsumest
hebandwi
dtht
hatsl
owst
hespeedwi
thwhi
chmai
l
sar
edel
i
ver
ed.
 Someunsol
i
cit
edemai
lmaycont
ainv
irust
hatcancausehar
mtoy
ourcomput
er.
Bl
ocki
ngSpams
E-mai
l Pr
otocolsaresetofr
ulesthathel
pt hecl
i
enttoproper
lyt
ransmitt
heinfor
mati
ont
oor
fr
om themai l
server.Her
einthi
st ut
ori
al,
wewi l
ldi
scussvari
ousprot
ocolssuchas
SMTP,
POP,
and I
MAP.
SMPTP
SMTP standsfor
SimpleMailTransf
erPr
otocol
.Itwasfir
stproposedi
n1982.Iti
sa
st
andardprotocolusedforsendinge-
mai
leffi
cient
lyandrel
i
ablyovert
heint
ernet
.
KeyPoi
nts:
 SMTPi
sappl
i
cat
ionl
evel
prot
ocol
.
 SMTPi
sconnect
ionor
ient
edpr
otocol
.
 SMTPi
stextbasedpr
otocol
.
 I
thandl
esexchangeofmessagesbet
weene-
mai
lser
ver
sov
erTCP/
IPnet
wor
k.
 Apar
tfr
om t
ransf
err
inge-
mai
l
,SMPTal
sopr
ovi
desnot
if
icat
ionr
egar
dingi
ncomi
ngmai
l
.
 Whenyousende-
mai
l
,youre-
mai
lcl
i
entsendsi
ttoy
oure-
mai
lser
verwhi
chf
urt
hercont
act
sthe
r
eci
pientmai
lser
verusi
ngSMTPcl
i
ent
.
 TheseSMTPcommandsspeci
fyt
hesender
’sandr
ecei
ver
’se-
mai
laddr
ess,
alongwi
tht
hemessaget
o
besend.
 Theexchangeofcommandsbet
weenser
ver
siscar
ri
edoutwi
thouti
nter
vent
ionofanyuser
.
 I
ncase,messagecannotbedel
i
ver
ed,aner
rorr
epor
tissentt
othesenderwhi
chmakesSMTPa
r
eli
abl
epr
otocol
.
www.aktutor.in
I
MAP
I
MAP st
andsfor
I
nter
netMai
lAccessPr
otocol
.
Itwasf
ir
stpr
oposedi
n1986.Ther
eexi
stf
ive
v
ersi
onsofI
MAPasf oll
ows:
1. Or
igi
nal
IMAP
2. I
MAP2
3. I
MAP3
4. I
MAP2bi
s
5. I
MAP4
KeyPoi
nts:
 I
MAPal
l
owst
hecl
i
entpr
ogr
am t
omani
pul
atet
hee-
mai
lmessageont
heser
verwi
thoutdownl
oadi
ng
t
hem ont
hel
ocal
comput
er.
 Thee-
mai
li
shol
dandmai
ntai
nedbyt
her
emot
eser
ver
.
 I
tenabl
esust
otakeanyact
ionsuchasdownl
oadi
ng,del
etet
hemai
lwi
thoutr
eadi
ngt
hemai
l
.It
enabl
esust
ocr
eat
e,mani
pul
ateanddel
eter
emot
emessagef
older
scal
l
edmai
lboxes.
 I
MAPenabl
est
heuser
stosear
cht
hee-
mai
l
s.
 I
tal
l
owsconcur
rentaccesst
omul
ti
plemai
l
boxesonmul
ti
plemai
lser
ver
s.
POP
POPstandsforPostOf
fi
ceProt
ocol
.Iti
sgeneral
lyusedtosuppor
tasi
ngl
ecl
i
ent
.Ther
ear
e
sev
eralver
sionsofPOPbutt
hePOP3i sthecurr
entstandar
d.
KeyPoi
nts
 POPi
sanappl
i
cat
ionl
ayeri
nter
netst
andar
dpr
otocol
.
 Si
ncePOPsuppor
tsof
fl
ineaccesst
othemessages,
thusr
equi
resl
essi
nter
netusaget
ime.
 POPdoesnotal
l
owsear
chf
aci
l
ity
.
 I
nor
dert
oaccesst
hemessaged,
iti
snecessar
ytodownl
oadt
hem.
 I
tal
l
owsonl
yonemai
l
boxt
obecr
eat
edonser
ver
.
 I
tisnotsui
tabl
eforaccessi
ngnonmai
ldat
a.
 POPcommandsar
egener
all
yabbr
evi
atedi
ntocodesoft
hreeorf
ourl
ett
ers.Eg.STAT.
DI
FFERENCEBETWEENI
PV4ANDI
PV6
I
Pv4has32-
bitaddr
essl
engt
h I
Pv6has128-
bitaddr
essl
engt
h
I
tSuppor
tsManual
andDHCP I
tsuppor
tsAut
oandr
enumber
ingaddr
ess
addr
essconf
igur
ati
on conf
igur
ati
on
I
nIPv
4endt
oendconnect
ion I
nIPv
6endt
oendconnect
ioni
ntegr
it
yis
www.aktutor.in
i
ntegr
it
yisUnachi
evabl
e Achi
evabl
e
I
tcangener
ate4.
29×109addr
ess Addr
essspaceofI
Pv6i
squi
tel
argei
tcan
space pr
oduce3.
4×1038addr
essspace
Secur
it
yfeat
urei
sdependenton I
PSECi
sinbui
l
tsecur
it
yfeat
urei
ntheI
Pv6
appl
i
cat
ion pr
otocol
Addr
essr
epr
esent
ati
onofI
Pv4i
n Addr
essRepr
esent
ati
onofI
Pv6i
sin
deci
mal hexadeci
mal
hashf
unct
ion takesagroupofcharacters(calledakey)andmapsittoavalueof
acer
tai
nlength(cal
leda hash
val
ueor
hash)..
..
Hashi
ng i
sdonefori
ndexi
ngandlocat
ing
i
temsindatabasesbecauseiti
seasi
ertofind
the
short
er
hash
val
uethan
the
l
ongerst
ring
A hashfuncti
on
i
samathemati
cal
funct
ion
thatconv
ert
sani
nputv
aluei
ntoacompr
essed
numericalval
ue–a
hash
or
hash
value
Dataint
egri
tycheckisamostcommonappli
cati
onofthehashfunct
ions.I
tisused
togenerat
ethechecksumsondatafi
l
es.Thi
sappli
cat
ionpr
ovi
desassurancetothe
useraboutcor
rectnessoft
hedat
a.
Thepr ocessisdepictedi nthef oll
owingi l
l
ustr
ati
on–Thei ntegri
tycheckhel psthe
usertodet ectanychangesmadet oorigi
nalfi
l
e.Ithowever,doesnotpr ovi
deany
assuranceaboutori
ginal
i
ty.Theat tacker
,inst
eadofmodify
ingfi
ledat a,canchangethe
enti
refil
eandcomput ealltogethernew hashandsendt other eceiver.Thi
sintegr
it
y
checkappli
cationi
susefulonlyiftheuserissureaboutt
heorigi
nalit
yoff il
e.
www.aktutor.in
UNI
T-5
Packetfi
lt
eri
ng i
sa f
ir
ewal l
t
echni
queusedtocont r
olnetwor
kaccessbymonit
ori
ng
outgoi
ngandincoming packets
andal
lowingthem topassorhal
tbasedont
hesourceand
desti
nati
onInter
netProtocol(I
P)addr
esses,prot
ocolsandport
s
Techopedi
aexpl
ai PacketFi
ns l
ter
ing
Dur
ingnet
workcommunicati
on,anodetr
ansmit
sapacketthati
sfi
lt
eredandmatchedwi
th
pr
edefi
nedrul
esandpol
i
cies.Oncematched,
apacketi
seit
heraccept
edordeni
ed.
Packetfil
ter
ingcheckssour ceanddest i
nat
ionIPaddresses.IfbothIPaddr essesmat ch,t
he
packetisconsideredsecureandv eri
fi
ed.Becausethesendermayusedi fferentappl
icati
ons
andprograms, packetfi
lt
eringal
socheckssour ceanddestinationprot
ocol s,suchasUser
Datagram Prot
ocol (
UDP)andTr ansmi ssi
onControlProt
ocol (TCP).Packetf i
lt
ersal
sov eri
fy
sourceanddest i
nationportaddresses.
Somepacketf i
lt
ersar
enoti
ntel
l
igentandunabletomemori
zeusedpacket
s.However,
other
packetfi
lter
scanmemori
zeprevi
ouslyusedpacketi
tems,
suchassourceanddest
inat
ionIP
addresses.
www.aktutor.in
Packetfi
lt
eri
ngisusuallyaneff
ecti
vedefenseagainstatt
acksfrom comput
ersoutsi
dea
l
ocalareanetwork(LAN) .Asmostrout
ingdevi
ceshav eintegr
atedf
ilt
eri
ngcapabi
l
iti
es,
packetfi
l
teri
ngisconsideredastandar
dandcost-effect
ivemeansofsecuri
ty.
An I
nt r
usionDet ecti
onSy stem (
IDS)isa syst
em t
hatmonitor
snetworktraf
fi
cfor
suspi
ciousacti
vi
tyandissuesaler
tswhensuchacti
vit
yisdiscover
ed.I
tisasoftware
appli
cati
onthatscansanetworkora sy
stem
forhar
mf ulacti
vi
tyorpol
icybr
eaching
Intr
usion detect
ion syst
ems (
IDS)can be cl
assi
fi
ed i
nto di
ffer
entways.The maj
or
classi
ficati
onsareActi
veandpassi
veI
DS,Net
workIntr
usi
ondetecti
onsy
stems(NI
DS)and
hostIntrusi
ondetect
ionsyst
ems(HI
DS)
Act
iveandpassi
veI
DS
Anact i
veIntr
usionDetecti
onSy st
ems( I
DS)isalso knownasI nt
rusionDetect
ionand
Preventi
onSy st
em (IDPS).I
ntrusi
onDet ecti
onandPreventi
onSystem (IDPS)isconfi
gured
toaut omati
call
yblocksuspectedattackswi t
houtanyi
nterv
enti
onr equi
redbyanoper ator
.
Int
rusionDetecti
onandPr eventi
onSy st
em ( I
DPS)hastheadvantageofpr ov
idi
ngreal-
ti
me
correcti
veacti
oninresponsetoanat t
ack.
ApassiveIDSisasystem that’
sconfi
guredt oonl ymonit
orandanaly
zenetworkt
raf
fi
c
acti
vi
tyandal
ertanoperat
ort opotent
ialvul
nerabil
it
iesandat
tacks.Apassi
veIDSi
snot
capabl
eofper
formi
nganyprotecti
veorcorr
ecti
vef uncti
onsoni
tsown.
Net
wor
kInt
rusi
ondet
ect
ionsy
stems(
NIDS)andHostI
ntr
usi
on
det
ect
ionsyst
ems(
HIDS)
NetworkI
ntr
usionDetecti
onSy st
ems(NI
DS)usuall
yconsist
sofanet workappl
i
ance(or
sensor
)wi
thaNet workInt
erf
aceCard(
NIC)oper
ati
nginpromiscuousmodeandasepar
ate
managementinter
face.The IDS i
spl
aced al
ong a net
worksegmentorboundaryand
www.aktutor.in
moni
tor
sal
ltr
aff
icont
hatsegment
.
AHostI ntrusionDetecti
onSy st
ems( HIDS)andsoftwareappl i
cati
ons(agents)i
nstal
ledon
workstati
onswhi charetobemoni t
ored.Theagent
smoni t
ort heoperat
ingsystem andwri
te
datatologf il
esand/ ortr
iggeralar
ms.AhostI ntr
usi
ondet ecti
onsy st
ems( HIDS)canonly
monitortheindivi
dualwor kst
ati
onsonwhi chtheagentsareinst al
l
edandi tcannotmonit
or
theentir
enet work.HostbasedI DSsy st
emsar eusedtomoni t
oranyintr
usionattemptson
cri
ti
calservers.
Thedr
awbacksofHostI
ntr
usi
onDet
ect
ionSy
stems(
HIDS)ar
e
•Di
ff
icul
ttoanal
yset
hei
ntr
usi
onat
tempt
sonmul
ti
plecomput
ers.
•HostI
ntr
usi
onDetecti
onSyst
ems(HI
DS)canbeverydi
ff
icul
ttomai
ntai
ninl
argenet
wor
ks
wit
hdif
fer
entoper
ati
ngsyst
emsandconf
igur
ati
ons
•HostInt
rusionDet
ect
ionSy
stems(
HIDS)canbedi
sabl
edbyat
tacker
saf
tert
hesy
stem i
s
compromised.
Knowl
edge-
based(
Signat
ure-based)I
DSandbehav
ior
-based
(
Anomal y
-based)IDS
A knowl edge-based (Signature-based)I ntr
usion Det ection Syst
ems ( IDS)r eferences a
databaseofpr eviousattacksignaturesandknownsy st
em v ul
nerabil
it
ies.Themeani ngof
wordsi gnature,whenwet alkaboutI nt r
usionDet ectionSy stems(IDS)isr ecordedev idence
ofani ntr
usionorat t
ack.Eachi ntrusionl eavesaf ootpri
ntbehind( e.g.,nat ureofdat a
packets,fai
ledat tempttor unanappl ication,f
ailedlogins, fi
l
eandf olderaccesset c.
).These
footpri
ntsarecal l
edsignat ur
esandcanbeusedt oi dentif
yandpr eventt hesameat t
acksi n
thef utur
e.Based on t hesesi gnatur esKnowl edge-based ( Si
gnature-
based)I DS i denti
fy
i
ntrusionattempt s.
Thedisadv
antagesofSignat
ure-based I
ntrusi
onDet ect
ionSystems( IDS)ar esignature
dat
abase mustbe cont
inual
ly updated and maintai
ned and Signat
ure-based I
ntrusion
Det
ecti
onSyst
ems( I
DS)mayfailtoident
if
yauni queatt
acks.
ABehav i
or-
based(Anomaly-
based)I
ntrusi
onDetect
ionSystems(IDS)r
eferencesabaseli
ne
orlear
nedpatternofnor
malsystem acti
vi
tyt
oidenti
fyacti
veint
rusi
onattempts.Dev
iat
ions
fr
om thi
sbaselineorpat
ter
ncauseanal ar
mtobet r
igger
ed.
Hi
gherf
alseal
armsar
eof
tenr
elat
edwi
thBehav
ior
-basedI
ntr
usi
onDet
ect
ionSy
stems(
IDS
Net
wor
k-basedI
ntr
usi
onDet
ect
ionSy
stem (
NIDS)
mean?
Anetwork-
basedint
rusi
ondet
ect
ionsystem (
NIDS)i
susedtomonitorand
anal
yzenetworkt
raff
ict
oprot
ectasystem f
rom net
wor
k-basedt
hreats.
ANI DSr eadsal l

inboundpacket sandsearchesforanysuspici
ouspatt
erns.
Whent hr eatsarediscovered,basedonitssever
it
y,thesyst
em cantakeacti
on
suchasnot if
yingadmi ni
strat
ors,orbar
ri
ngt hesour
ceIPaddr essf
rom
accessingt henetwor k.
www.aktutor.in
Net
wor
k-basedI
ntr
usi
onDet
ect
ionSy
stem (
NIDS)
Intr
usiondetecti
onsystems( I
DSs)areavail
abl
eindifferentt
ypes;thetwomain
typesar et
hehost-basedint
rusionsyst
em (HBIS)andnet wor
k-basedintr
usi
on
system (NBIS)
.Additi
onal
ly,t
her ear
eIDSsthatalsodetectmov ementsby
searchingforpart
icul
arsi
gnaturesofwell
-knownt hr
eats.
AnIDScompl iments,ori
spartof,
alar
gersecur
it
ysyst
em thatalsocont
ains
fi
rewalls,
ant
i-
v i
russoft
ware,
etc.ANIDStr
iestodet
ectmali
ciousacti
vit
ysuchas
denial
-of-
ser
viceatt
acks,por
tscansandatt
acksbymonit
oringthenetwork
tr
affi
c.
Di
ff
erencebet
weenf
ir
ewal
landI
DS
1
Fi
rewal
l I
DS
Afir
ewalli
sahar dwareand/orsof
twarewhi
chfuncti
ons AnInt
rusi
onDetect
ionSy stem (I
DS)is
i
nanet workedenvir
onmenttoblockunaut
hori
zed har
dwaredevi
ceinstall
edont henetwo
accesswhileper
mitti
ngauthori
zedcommunicat
ions. (HI
DS)todet
ectandr eportint
rusi
ona
net
work.
Afir
ewal
lcanblockanunaut
hori
zedaccesstonetwork AnIDScanonl
yrepor
tanint
rusi
on;i
tc
(
E.g.Awatchmanstandi
ngatgat
ecanbl ockat
hief) (E.
g.ACCTVcamerawhichcanaler
ta
cannotst
opi
t)
Afir
ewallcannotdet
ectsecuri
tybr
eachesfort
raf
fi
cthat I
DSi sf ul
l
ycapabl
eofint
ernalsecuri
ty
doesnotpasst hr
oughit(
E.g.agat
emancanwat chonl
y inf or
mat i
onfr
om avari
etyofsystem a
atfr
ontgate.Heisnotawareofwall-
jumper
s) resourcesandanal
yzi
ngthesy mptom
problems
Fi
rewall
doesn’
tinspectcontentofper
mit
tedtraf
fi
c.(
A I
DSkeepsacheckofov
eral
lnet
wor
k
gatemanwil
lneversuspectanempl oy
eeofthecompany
)
Noman-
poweri
srequi
redt
omanageaf
ir
ewal
l
. Anadmi
nist
rat
or(
man-
power
)isr
equi
www.aktutor.in
Fi
rewal
l I
DS
t
hreat
sissuedbyI
DS
Fi
rewall
sar
emostv i
si
blepartofanetwor
ktoan I
DSareverydiff
icul
ttobespott
edina
outsi
der
.Hence,
morev ul
nerabl
etobeatt
ackedf
irst.(
A (
especi
all
ysteal
thmodeofI DS).
gatemanwil
lbethef
ir
stpersonatt
ackedbyathi
ef!!
)
Dat
a l
i
nkl
ayeri
s t
hepr
otocol

lay
er
i
napr
ogr
am t
hathandl
est
hemov
ingofdat
aint
o
andoutofaphysi
cal
l
ink
i
nanetwork..
..Databi
tsareencoded,decodedandorgani
zedi
n
thedat
a l
i
nklay
er,bef
oretheyar
etr
ansportedasfr
amesbet weentwoadjacentnodeson
thesameLANorWAN
Dat
aLinkLayeri ssecondlayerofOSILayer
edModel .Thi
slayerisoneofthemost
compli
catedlayersandhascompl exfunct
ional
i
tiesandli
abili
ti
es.Dat
alinkl
ayer
hi
desthedetail
sofunder l
yinghardwar
eandr epresent
sit
selftoupperl
ayerasthe
medium t
ocommuni cat
e.
Datalinklayerworksbet weentwohost
swhi charedir
ect
lyconnectedinsome
sense.Thisdirectconnecti
oncouldbepoi
ntt opoi
ntorbroadcast
.Sy st
emson
broadcastnetworkaresaidtobeonsameli
nk.Theworkofdatali
nklayert
endst
o
getmor ecomplexwheni ti
sdeal
ingwi
thmult
ipl
ehostsonsi
nglecol
li
siondomai
n.
Datalinklayerisresponsibleforconv
ert
ingdat astr
eam tosignalsbitbybi tandto
sendthatov ertheunderly
inghar dwar
e.Atthereceiv
ingend,Datalinklayerpicksup
datafrom hardwarewhi char einthef
orm ofelect
ri
calsignal
s,assembl esthem ina
recognizabl
eframef ormat ,
andhandsov ertoupperlayer.
DNSSEC(
DNS)st
andsf
orDomai
nNameSy
stem
Secur
it
y Ext
ensi
ons,
andi
tisat
echnol
ogy
usedtoprotectinformat
ionont
heDomainNameSy
stem (
DNS)whi
chisusedonIPnetworks.I
t
prov
idesauthenticati
onfort
heor
igi
noft
he
DNS
dat
a,hel
pingt
osaf
eguar
dagainstat
tacksand
prot
ectdataintegrit
y
DNS is
important
becausei
tli
nksthedomai nnamet otheIP...
.Int
ernetcriminal
scanexpl
oit
theseweaknessesandar ecapableofcreat
ingfal
se
DNS r
ecords.Thesef akerecor
dscantr
ick
usersint
ov i
siti
ngfakewebsit
es,downloadi
ngmal i
cioussoftware,orworse.Thus,DNSSECwas
creat
edt osavetheday .
DomainNameSy st
em Secur
it
y Ex t
ensi
ons(DNSSEC)i
s asui
teofextensionsto
the
DNS
standar
d,whichusesdi git
alsi
gnat
urestoval
i
datetheauthenti
cityof
DNS
responses.
DNSSECprevent
sattacksthati
nj ectf
alsei
nfor
mati
oninto
DNS r
esolvers,suchas
DNS spoofi
ng,
www.aktutor.in
cachepoi
soni
ngandmani
nthemi
ddl
eat
tacks
.IPSec( IPSECURI TY)whi chwor ksatthenetworklayerisaframewor kconsi

sti
ngof
pr
otocolsandal gori
thmsforprotecti
ngdatathr
oughanun- t
rust
ednetwor ksuchastheinternet
.
I
PSecpr ovidesdatasecur
ityi
nv ari
ousway ssuchasencry pti
ngandauthent i
cat
ingdata,
pr
otecti
onagai nstmasqueradi
ngandmani pul
ati
on.IPSecisacompl exframewor kconsi
stingof
manyset t
ings,whichiswhyitprovidesapowerfulandfl
exiblesetofsecurit
yfeatur
esthatcan
beused.
Di
fferencebet
weenMACAddr
essandI
P
Address
Both MACAddr ess and IPAddr ess
areusedtouniquelydefi
nesadevi
ceont he
i
nternet.NI
CCar d’sManuf actur
erprovi
destheMACAddr ess,ont
heotherhand
I
nternetServi
cePr oviderpr ovi
desIPAddress.
Themai ndif
ferencebet weenMACandI Paddressisthat,MACAddressisused
toensurethephy sicaladdressofcomput er.I
tuni
quelyidenti
fi
est
hedev i
cesona
network.Whil
eI Paddr essar eusedtouniquel
yidenti
fi
estheconnecti
onof
networkwiththatdev icetakepar ti
nanetwork.
Let
’sseet
hedi
ff
erencebet
weenMACAddr
essandI
PAddr
ess:
S.
NO MACADDRESS I
PADDRESS
MACAddr
essst
andsf
orMedi
a I
PAddr
essst
andsf
orI
nter
net
1. AccessCont
rol
Addr
ess. Pr
otocol
Addr
ess.
MACAddr
essi
sasi
xby
te I
PAddr
essi
sei
therf
ourby
te
2. hexadeci
mal
addr
ess. (
IPv
4)orsi
xby
te(
IPv
6)addr
ess.
Adev
iceat
tachedwi
thMACAddr
ess Adev
iceat
tachedwi
thI
PAddr
ess
3. canr
etr
iev
ebyARPpr
otocol
. canr
etr
iev
ebyRARPpr
otocol
.
4. NI
CCar
d’sManuf
act
urerpr
ovi
dest
he I
nter
netSer
vicePr
ovi
derpr
ovi
des
MACAddr
ess. I
PAddr
ess.
www.aktutor.in
MACAddr
essi
susedt
oensur
ethe I
PAddr
essi
sthel
ogi
cal
addr
essof
5. phy
sical
addr
essofcomput
er. t
hecomput
er.
f
ir
ewal
li
sa
net
wor
ksecur
it
y dev
icet
hatmoni
tor
sincomi
ngandout
goi
ng
networktraff
icandpermitsorblocksdata
packet
s basedonasetofsecur i
ty
rul
es.Itspurposeist
oest abli
shabarri
erbetweenyourinter
nalnetworkand
i
ncomi ngtraff
icfr
om externalsour
ces(suchastheinter
net)inordert
oblock
malici
oust r
affi
cli
kevir
usesandhacker s.
Ty
pesofFi
rewal
l
s
Pr
oxyf
ir
ewal
l
Anearlytypeoff i
rewalldevi
ce,apr oxyfi
rewallservesast hegat
eway
fr
om onenet wor ktoanotherforaspeci f
icappl
ication.Proxyserv
ers
canprovideaddi t
ional
functionali
tysuchascont entcachingand
securi
tybypr eventi
ngdirectconnectionsfr
om out sidethenetwork.
Howev er
, t
hisalsomayi mpactt hroughputcapabil
iti
esandt he
appli
cati
onst heycansuppor t.
St
atef
uli
nspect
ionf
ir
ewal
l
Nowt houghtofasa“ t
radit
ional
”fir
ewall,ast atef
ul i
nspect i
onfir
ewal l
al
lowsorblockstraf
ficbasedonst ate,port,andpr otocol
.I tmonitors
al
lactiv
ityf
rom t
heopeni ngofaconnect i
onunt il
itisclosed.Filt
ering
deci
sionsaremadebasedonbot hadmi ni
strator-
definedr ulesaswel l
ascontext,
whichreferstousinginformationf r
om pr evi
ous
connecti
onsandpacket sbelongi
ngt othesameconnect ion.
Uni
fi
edt
hreatmanagement(
UTM)f
ir
ewal
l
AUTM devi
cety
picall
ycombines,
inaloosel
ycoupl
edway,t
he
f
unct
ionsofastat
efuli
nspect
ionfi
rewal
lwit
hint
rusi
onpr
event
ion
www.aktutor.in
and
ant
ivi
rus.I
tmayalsoi
ncl
udeaddi
ti
onal
servi
cesandoft
encl
oud
management.UTMsfocusonsi
mpli
ci
tyandeaseofuse.
Seeour
UTM devi
ces.
Next
-gener
ati
onf
ir
ewal
l(NGFW)
Fi
rewall
shaveevolv
edbey ondsi
mplepacketf il
teri
ngandst ateful
i
nspecti
on.Mostcompaniesaredeployi
ng next-generat
ionf i
rewalls
to
bl
ockmoder nt
hreatssuchasadvancedmal war eandappl ication-
l
ayeratt
acks.
Accordi
ngtoGart
ner,I
nc.’
sdefi
nit
ion,anext-generati
onf i
rewal lmust
i
nclude:
I
nternet,somet i
mescall
edsimply"t
heNet,
"isaworldwidesyst
em of
computernetworks--anet
workofnetworksi
nwhichusersatanyonecomput
er
can,
iftheyhavepermissi
on,geti
nfor
mationf
rom anyothercomputer(
and
someti
mest alkdir
ectl
ytousersatot
hercomputer
s
Al
thoughtheI nt
erneti
soneofman'sgreat
est
cr
eations,
italsohasmanydisadv
antages,sev
eral
of
whichareli
stedinthefol
l
owingsect
ions.
Bul
l
ying,
trol
l
s,st
alker
s,andcr
ime
Any
onewhohasspentt
imeont
heI
nter
nethas
encount
ered
tr
oll
s orabusi
vepeopl
e.Anot
her
i
ssuet
hathasi
ncr
easedov
ert
hey
ear
s
i
s cy
ber
bul
l
ying.
Wi
thpeopl
eshar
ingi
nfor
mat
ionont
heI
nter
net
,
st
alker
smayexper
iencel
essdi
ff
icul
tyf
indi
ng
per
sonal
inf
ormat
ionaboutot
her
sthr
ough
v
ari
ousmeans.
Hi
ddenpl
acesont
heI
nter
netandt
he
deep
web
canal
sobeapl
acef
orcr
imi
nal
stoconduct
busi
nesswi
thoutasmuchf
earofbei
ngcaught
.
Agl
obal
audi
enceal
sogi
vescr
imi
nal
smor
e
www.aktutor.in
way
stosol
i
citt
hei
rgoods.
 Comput
ercr
imei
nfor
mat
ionandal
i
stoft
he
t
ypesofcomput
ercr
ime.
Por
nogr
aphi
candv
iol
enti
mages
I
nourdi
git
alage,
ther
eisanear
lyani
nfi
nit
e
amountofcont
entont
heI
nter
net
.Whi
l
ether
e
ar
eamazi
ngr
esour
ces,
suchas
Wiki
pedi
a,l
ess
desi
rabl
econt
ental
soexi
sts.Consequent
ly,
user
scanacci
dent
all
ycomeacr
ossv
iol
entor
por
nogr
aphi
cimagest
hatt
heymaynotwantt
o
v
iew.
Addi
cti
on,
timewast
er,
andcausesdi
str
act
ions
Sur
fi
ngandpl
ayi
nggamesont
heI
nter
netcan
qui
ckl
ybecomev
eryaddi
cti
ve.Doi
ngsocanl
ead
t
ospendi
ngal
otoff
ri
vol
oust
imeont
heI
nter
net
,
i
nst
eadofdoi
ngsomet
hingpr
oduct
ive.Ont
his
samenot
e,t
heI
nter
netcanhamperwor
kpl
ace
pr
oduct
ivi
tyaswel
l
.
Nev
erbei
ngabl
etodi
sconnectf
rom wor
k
TheI
nter
neti
sgr
eatf
orgi
vi
ngi
tsuser
sthe
abi
l
ityt
owor
kfr
om any
wher
e.Howev
er,
youmay
beexpect
edt
obeav
ail
abl
etowor
katanyt
ime
oft
heday
,ev
eni
fyouhadnotpr
evi
ousl
yagr
eed
t
obeav
ail
abl
e.
www.aktutor.in
Forexampl
e,y
oumaybeathomeandgeta
not
if
icat
iont
haty
ouhav
erecei
vedani
mpor
tant
wor
k-r
elat
ede-
mai
landt
henendupwor
kingon
t
hecont
entoft
hate-
mai
lwi
thoutget
ti
ngpai
d.
I
dent
it
ythef
t,hacki
ng,
vir
uses,
andcheat
ing
Wi
thaccesst
obi
l
li
onsofcomput
ers,
comput
er
hacker
sandmal
i
cioususer
scanhackaccount
s
andst
eal
per
sonal
inf
ormat
iont
hatcoul
dbe
usedf
ori
dent
it
ythef
t.TheI
nter
netal
so
connect
sal
lcomput
erst
oeachot
her
,so
hacker
scanscanmi
l
li
onsofcomput
ersand
qui
ckl
yident
if
ywhatcomput
ersar
evul
ner
abl
eto
at
tack.
TheI
nter
netal
soenabl
esst
udent
stocheaton
t
hei
rst
udi
es,
orf
indot
her
sont
heI
nter
nett
odo
t
hei
rhomewor
k.
 Howt
opr
otecty
our
sel
fwhi
l
eont
heI
nter
net
.
Spam andadv
ert
isi
ng
I
t'
sgr
eatt
hatt
heI
nter
netcanf
aci
l
itat
ereachi
ng
amuchwi
deraudi
encet
hant
radi
ti
onal
adv
ert
isi
ngmet
hods(
e.g.
,newspaper
,TV,
and
r
adi
o).Howev
er,
becausedi
git
aladv
ert
isi
ngcan
besentonamassi
vescal
e,y
oumi
ghtseemor
e
spam i
nyouri
nboxt
hanj
unkmai
li
nreal
li
fe.
 Howt
ost
opspam.
www.aktutor.in
Af
fect
sfocusandpat
ience
Thesi
tesweuseont
heI
nter
netev
erydayhav
e
an"
inst
antgr
ati
fi
cat
ion"ef
fect
.Theyal
so
pr
esentanendl
essmenuoft
hingst
othi
nkabout
andexper
ienceatanymoment
,ondemand.
Get
ti
ngi
nfor
mat
iont
hiswayr
ewar
dsf
ast
-paced
t
hinki
ngt
hatshi
ft
sfocusqui
ckl
y,whi
chaf
fect
s
y
ouri
nter
act
ionsi
ngener
al,
maki
ngy
oumor
e
i
mpat
ientandl
essf
ocusedony
ouract
ivi
ti
es.Tr
y
t
obal
ancet
hisnat
ural
eff
ectwi
tht
imeaway
f
rom soci
almedi
aandf
ocusedonmor
e
pr
oduct
iver
eal
-l
if
eact
ivi
ti
esl
i
keexer
ciseor
cl
eani
ng.
Depr
essi
on,
lonel
i
ness,
andsoci
ali
sol
ati
on
Soci
alnet
wor
king
sit
escanal
sol
eadt
o
depr
essi
onasmanypeopl
etendt
ocompar
e
t
hei
rli
veswi
thot
her
s.TheI
nter
netandonl
i
ne
gamesf
aci
l
itat
ecommuni
cat
ionwi
thot
her
s.
Al
thoughy
oumayf
indnewconnect
ionsar
ound
t
hewor
ld,
youmayal
sof
indy
our
sel
f
di
sconnect
ingf
rom t
hosei
nyourr
eal
li
fe.
Heal
thi
ssuesandobesi
ty
Aswi
thwat
chi
ngTV,
spendi
ngt
oomucht
imeon
t
hecomput
ersur
fi
ngt
heI
nter
netorpl
ayi
ng
gamescanal
sol
eadt
oobesi
tyandanunheal
thy
l
i
fest
yle.
Acomput
eral
sor
equi
resal
otofr
epet
it
ive
www.aktutor.in
mov
ementt
hatcanl
eadt
o car
pal
tunnel
sy
ndr
ome.
Forexampl
e,mov
ingy
ourhandf
rom
y
our
key
boar
d t
oa
mouse
andt
ypi
ngar
eal
l
r
epet
it
iveact
ions,
whi
chcancausei
njur
ies.
Taki
ngbr
eaks,
keepi
ngt
hepr
oper
post
ure,
and
under
standi
ngcomput
er
ergonomi
cs
canal
lhel
p
del
ayorpr
eventt
hesei
njur
ies.
 Howt
opr
otecty
ourey
eswhenusi
nga
comput
er.
Buy
ingt
hingst
haty
oudon'
tneed
TheI
nter
netr
educest
hebar
ri
ersf
orconsumer
s
t
omakepur
chases,
souser
smayf
ind
t
hemsel
vespur
chasi
ngpr
oduct
swi
thoutput
ti
ng
mucht
houghti
ntowhet
hert
heyshoul
d.Al
so,
for
somepeopl
e,buy
ingi
temsont
heI
nter
netcan
becomesoaddi
cti
vet
hati
tcausesser
iousdebt
.
UNI
T-3
Thr
eat
stoI
nfor
mat
ionSecur
it
y
InI
nformationSecuri
tythr
eat
scanbemanyli
keSof
twareatt
acks,t
heftof
i
ntel
lectual
propert
y,i
denti
tyt
hef
t,t
hef
tofequi
pmentori
nfor
mat i
on,sabot
age,
andinformati
onextort
ion.
Threat
canbeany t
hingthatcantakeadv antageofavulnerabi
lit
ytobreach
securit
yandnegat iv
elyalt
er,er
ase,harm objectorobj
ectsofinterest.
Softwareat t
acks meansattackbyViruses,Wor ms,Tr
ojanHor sesetc.Many
usersbelievethatmalware,vi
rus,worms, botsareal
lsamet hings.Buttheyar
e
notsame, onl
ysimil
ari
tyisthattheyallaremalici
oussoftwarethatbehave
dif
ferentl
y.
Mal
war
e i
sacombi
nat
ionof2t
erms-Mal
i
ciousandSof
twar
e.SoMal
war
e
www.aktutor.in
basicallymeansmal icioussof twar et hatcanbeani ntrusivepr ogr am codeora

anythingt hati sdesi gnedt oper f
orm mal i
ciousoper at ionsonsy stem.Mal ware
canbedi videdi n2cat egor ies:
1.I nfectionMet hods
2.Mal war eAct i
ons
Malwar eont he basisofI nfect ion Met hodar efollowi ng:
1.Vi rus– Theyhav et heabi lit
yt or eplicat ethemsel v esbyhooki ngt hem tothe
progr am ont hehostcomput erlikesongs, videoset candt hent heyt ravel
all
ov ertheI nternet .TherCr eeperVi ruswasf ir
stdet ectedonARPANET.
Exampl esi ncludeFi l
eVi rus,Macr oVi rus,BootSect orVirus, St ealthVi r
us
etc.
2.Wor ms– Wor msar eal sosel fr eplicat i
ngi nnat ur ebutt heydon’ thook
themsel vest othepr ogr am onhostcomput er.Bi ggestdi fferencebet ween
virusandwor msi st hatwor msar enet wor kawar e.Theycaneasi l
yt r
avel
from onecomput ertoanot heri fnet wor kisav ailableandont het arget
machi net heywi l
l notdomuchhar m, theywi llforexampl econsumehar d
diskspacet hussl owi ngdownt hecomput er.
3.Tr ojan– TheConceptofTr ojani scompl etelydi fferentfrom t hev ir
usesand
wor ms.ThenameTr ojander ivedf r
om t he‘ TrojanHor se’ talei nGr eek
my t
hol ogy, whichexpl ai nshowt heGr eekswer eabl etoent ert hef orti
fi
ed
cityofTr oybyhi dingt hei rsol diersi nabi gwoodenhor segi v
ent ot he
Trojansasagi f
t .TheTr ojanswer ev eryfondofhor sesandt rust edt hegift
blindly.Int heni ght ,t
hesol di
er semer gedandat tackedt heci tyfrom t he
i
nsi de.
Theirpurposei
stoconcealt
hemsel
vesinsi
dethesoftwarethatseem
l
egit
imat eandwhenthatsof
twarei
sexecutedtheywi
lldotheirt
askof
ei
thersteali
ngi
nfor
mationoranyot
herpurposeforwhichtheyaredesi
gned.
Theyof tenpr ovidebackdoorgat ewayf ormal i

ciouspr ogr amsormal evolent
userst oent eryoursy stem andst eal yourv al
uabledat awi thouty our
knowledgeandper mission.Exampl esi ncl
udeFTPTr ojans, ProxyTr ojans,
Remot eAccessTr ojanset c.
4.Bots–: canbeseenasadv ancedf or m ofwor ms.Theyar eaut omat ed
processest hataredesi gnedt oint eractov ertheinternetwi thoutt heneedof
humani nteracti
on.Theycanbegoodorbad.Mal i
ciousbotcani nfectone
hostandaf terinfecti
ngwi l
lcreateconnect iontot hecent ral serverwhi ch
will
prov idecommandst oallinfect edhost sat t
achedt ot hatnet wor k
call
ed Bot net.
Mal
wareont he basisofAct ions:
1.Adwar e– Adwar ei snotexact lymal iciousbutt heydobr eachpr ivacyoft he
users.Theydi splayadsoncomput er’sdeskt opori nsidei ndi vidual
programs.Theycomeat tachedwi thf reetousesof twar e, thusmai nsour ce
ofrevenuef orsuchdev elopers.Theymoni toryouri nterest sanddi spl ay
rel
evantads.Anat t
ackercanembedmal i
ciouscodei nsidet hesof twar eand
adwar ecanmoni toryoursy stem act ivi
tiesandcanev encompr omi sey our
machi ne.
2.Spywar e– Itisapr ogram orwecansayasof twaret hatmoni torsy our
www.aktutor.in
acti
vi
ti
esoncomput erandrev
ealcoll
ectedinfor
mationtointer
est
edpar
ty.
Spywarearegener
all
ydroppedbyTrojans,v
irusesorwor ms.Oncedr
opped
theyi
nstal
l
sthemselvesandsitssi
l
entlytoavoiddetect
ion.
Oneoft hemostcommonexampl eofspy war eisKEYLOGGER.Thebasi cj

ob
ofkeyloggeri stor ecor duserkey strokeswi thtimest amp.Thuscapt ur
ing
i
nterestingi nf
ormat ionl i
keuser name, passwor ds,creditcar ddetailsetc.
3.Ransomwar e– Itist ypeofmal war ethatwi llei
therencr y ptyourfilesorwi l
l
l
ocky ourcomput ermaki ngi ti
naccessi bl
eei therpar t
iall
yorwhol ly.Thena
screenwi llbedispl ay edaski ngformoneyi .e.ransom i nexchange.
4.Scarewar e– I
tmasquer adesasat ooltohel pfixy oursy stem butwhent he
softwarei sexecut edi twi ll
infecty oursystem orcompl et elydestroyi t
.The
softwarewi l
ldi
spl ayamessaget ofri
ghteny ouandf orcet ot akesome
acti
onl i
kepayt hem t of i
xy oursy stem.
5.Rootkits– aredesi gnedt ogai nr ootaccessorwecansayadmi nistrat
ive
pri
vil
egesi nt heusersy st em.Oncegai nedt her ootaccess, theexpl oit
ercan
doany thingf r
om st ealingpr i
vatef i
lestoprivatedat a.
6.Zombi es– Theywor ksi mi l
art oSpy ware.Infect i
onmechani sm issamebut
theydon’ tspyandst eal informat ionrathertheywai tforthecommandf rom
hackers.
.
 Technol ogywi t
hweaksecur i
ty– Wi ththeadv ancementi nt echnol ogy ,with
everypassi ngdayanewgadgeti sbei ngr eleasedi nthemar ket .Butv ery
fewar ef ullysecur edandf oll
owsI nformat i
onSecur i
typr inciples.Si ncet he
mar ketisv erycompet iti
v eSecur ityfact oriscompr omi sedt omakedev ice
mor eupt odat e.Thisleadst ot hef tofdat a/i nf ormat ionf rom t hedev ices
 Social medi aat t
acks– I
nt hiscy bercr iminal si dentifyandi nfectacl usterof
websi test hatper sonsofapar ti
cul arorgani sat ionv i
sit,tost eal i
nf ormat ion.
 Mobi leMal war e–Ther eisasay i
ngwhent her ei saconnect ivityt oI nternet
therewi llbedangert oSecur i
ty.Samegoest oMobi l
ephoneswher egami ng
applicationsar edesi gnedt ol urecust omert odownl oadt hegameand
unintentional lytheywi llinstallmal war eorv irusi nthedev ice.
 Outdat edSecur i
tySof twar e– Wi t
hnewt hreat semer gingev ery day ,updat i
on
i
nsecur itysof twar eisapr erequi sitetohav eaf ullysecur edenv ironment .
 Corpor atedat aonper sonal dev ices– Theseday sev eryor gani zat ion
foll
owsar uleBYOD.BYODmeansBr i
ngy ourowndev icel i
keLapt ops,
Tabletst ot hewor kplace.Cl ear l
yBYODposeaser i
oust hreatt osecur ityof
databutduet opr oduct i
v i
tyissuesor gani zat ionsar ear guingt oadoptt his.
 Social Engi neer i
ng– isthear tofmani pulat ingpeopl esot hatt heygi veup
theirconf ident i
alinformat ionl i
kebankaccountdet ails,passwor det c.These
cri
mi nalscant ri
cky oui ntogi vi
ngy ourpr ivat eandconf i
dent ial infor mat i
on
ortheywi llgainy ourt rustt ogetaccesst oy ourcomput ert oi nst alla
mal i
cioussof twar e-thatwi l
lgivet hem cont rol ofy ourcomput er.For
exampl eemai lormessagef rom y ourf r
iend, thatwaspr obabl ynotsentby
yourf r
iend.Cr iminal canaccessy ourf r
iendsdev iceandt henbyaccessi ng
thecont actl isthecansendi nfect edemai l andmessaget oal lcont acts.
Sincet hemessage/emai lisfrom aknownper sonr ecipientwi lldef inately
www.aktutor.in
checkthel
i
nkorat
tachmenti
nthemessage,
thusuni
ntent
ional
l
yinf
ect
ing
thecomputer
.
accesscont
rol
Accesscont
roli
sasecur i
tyt
echniquethatregul
ateswhoorwhatcan
vi
eworuseresourcesinacomput i
ngenv i
ronment.Iti
safundamental
concepti
nsecur
itythatmini
mizesriskt
ot hebusi
nessororgani
zat
ion.
Therearetwotypesofaccesscont r
ol:
physicalandlogical
.Physi
cal
accesscontr
olli
mi t
saccesst ocampuses,buil
dings,r
oomsand
physi
calITassets.Logical
accesscontr
oll
imitsconnect i
onsto
computernetworks,system f
il
esanddata.
Tosecur eaf aci

li
ty,or
ganizati
onsuseel ectronicaccesscontr ol
syst
emst hatrel
yonusercr edential
s,accesscar dreader
s,auditi
ng
andrepor tstotr
ackempl oyeeaccesst orest r
ictedbusinesslocati
ons
andpr opriet
aryareas,
suchasdat acenters.Someoft hesesy st
ems
i
ncorpor ateaccesscontrolpanelstorestr
ictent rytoroomsand
buil
dingsaswel lasalarmsandl ockdowncapabi l
it
iestoprevent
unauthor i
zedaccessoroper ati
ons.
Accesscont rolsy stemsper f

orm
i
dent i
fi
cation aut hent i
cati
on and author i
zati
on ofusersandent it
iesby
evaluati
ngr equiredl ogincr edenti
alst hatcaninclude passwords,
personal i
dent i
ficationnumber s(PINs) ,
biometri
c scans,securi
ty
tokensorot her aut henticati
onf act
or s.
Mul t
if
actorauthenticati
on,
whichr equirestwoormor eauthenticationfactors,isoft
enan
i
mpor tantpar tofl ay er
eddef enset opr otectaccesscont r
ol sy
stems.
Thesesecur i
tycont
rol
swor kbyi dent
if
yingani ndi
vi
dual orenti
ty,
veri
fyi
ngthatthepersonorapplicati
oniswhoorwhati tclaimstobe,
andauthorizi
ngtheaccesslevelandsetofact i
onsassociatedwith
theusernameorI Paddress.Di
rectoryservicesandprotocols,
i
ncludi
ngt heLocalDir
ectoryAccessPr otocol(LDAP)andt he
Securi
ty
www.aktutor.in
Asserti
onMar kupLanguage (
SAML) ,
prov
ideaccesscont
rol
sfor
authent
icat
ingandaut hori
zingusersandenti
ti
esandenabli
ngthem
toconnecttocomput erresources,
suchasdistr
ibut
edappli
cat
ions
andwebser vers.
Organizati
onsusedif
ferentaccesscont
rolmodel
sdependi
ngont
hei
r
compl i
ancerequir
ementsandt hesecur
it
ylev
elsofi
nfor
mati
on
technologytheyaret
ryi
ngtopr ot
ect.

Ty
pesofaccesscont
rol
Themai
nty
pesofaccesscont
rol
are:
 Mandat oryaccesscont r
ol (
MAC) :Asecur i
tymodel i
nwhi ch
accessr i
ghtsar eregul atedbyacent ralauthor
it
ybasedonmul ti
ple
l
evelsofsecur ity.Oftenusedi ngovernmentandmi lit
ar y
envi
ronment s,classificationsareassignedt osyst
em r esources
andtheoper atingsy stem orsecur i
tykernel,gr
antsordeni es
accesst othoser esour ceobj ect
sbasedont heinf
ormat ion
securi
tyclearanceoft heuserordev i
ce.Forexampl e,
Secur i
ty
EnhancedLi nux isani mpl ementati
onofMACont heLi nux
operat
ingsy stem.
 Discreti
onaryaccesscont r
ol(DAC) :
Anaccesscontrolmethodin
whichowner soradmi ni
str
ator
soft hepr otect
edsystem,dataor
resourcesetthepol i
ciesdefi
ningwhoorwhati sauthori
zedto
accesst heresource.Manyoft hesesystemsenabl eadminist
rat
ors
toli
mi tthepropagationofaccessr i
ghts.Acommoncr i
ti
cism of
DACsy stemsisal ackofcentr
alizedcont r
ol.
 Role-basedaccesscont r
ol (
RBAC) :
Awidelyusedaccesscont r
ol
mechani sm thatrest
ri
ctsaccesst ocomput erresour cesbasedon
i
ndividualsorgroupswi t
hdef i
nedbusinessf unctions- -executi
ve
l
evel,engineerlevel1--r
atherthantheidentit
iesofi ndividualuser
s.
Ther ole-
basedsecur i
tymodel rel
i
esonacompl exst ructureofrol
e
assignment s,r
oleauthori
zati
onsandr olepermi ssionsdev el
oped
www.aktutor.in
usi
ngr
oleengi
neer
ingt
oregul
ateempl
oyeeaccesst
osy st
ems.
RBACsyst
emscanbeusedtoenfor
ceMACandDACf r
ameworks.
 Rule-basedaccesscont rol
:
Asecur i
tymodeli
nwhi chthesystem
admi ni
strat
ordef i
nestherulesthattogover
naccesst oresource
objects.Oft
ent heserulesarebasedonconditi
ons,suchast i
meof
dayorl ocat
ion.Iti
snotuncommont ousesomef orm ofbothrul
e-
basedaccesscont rol
andr ol
e-basedaccesscont
roltoenforce
accesspol i
ciesandpr ocedures.
 Att
ribute-basedaccesscontr
ol (
ABAC):
Amet hodol
ogythat
managesaccessr ight
sbyev al
uati
ngasetofr ul
es,
pol
iciesand
rel
ationshipsusingtheatt
ri
butesofusers,
systemsand
envi
ronment al
conditi
ons.
Useofaccesscont
rol
Thegoal ofaccesscont rol istomi nimizether iskofunaut horized

accesst ophy si
calandl ogi calsystems.Accesscont r
ol i
sa
fundament alcomponentofsecur i
tycompl iancepr ogramst hat
ensuressecur it
ytechnologyandaccesscont rolpoli
ciesarei nplace
toprotectconf i
denti
alinf ormat i
on, suchascust omerdat a.Most
organizationshav einfrast ruct
ur eandpr ocedur esthatli
mi taccesst o
networ ks,comput ersyst ems, appli
cations,fi
lesandsensi t
ivedat a,
suchasper sonall
yidentifiableinformat i
onandi nt
ell
ectual property
.
Accesscontrolsy
stemsarecompl exandcanbechal l
engingt o
managei ndynamicITenvi
ronment st
hatinvol
veon-pr
emi ses
systemsandcloudservi
ces.Aftersomehigh-pr
ofi
lebreaches,
technol
ogyvendorshaveshif
tedawayf rom
singl
esign-on syst
emsto
unifi
edaccessmanagement ,whichoff
ersaccesscontrol
sf oron-
premisesandcloudenvi
ronment s.
I
mpl
ement
ingaccesscont
rol
Accesscont
roli
saprocessthati
sintegr
atedi
ntoanorgani
zat
ion'sI
T
envi
ronment
.Itcani
nvol
veidenti
tyandaccessmanagementsystems.
www.aktutor.in
Thesesyst
emsprovi
deaccesscontrolsof
tware,auserdat
abase,
and
managementtool
sforaccesscont
rolpoli
cies,
audi
ti
ngand
enfor
cement.
Wi
ndowsNT-
-AccessCont
rol
WindowsNTsuppor t
smul ti
plef i
lesy stems, butthepr otecti
oni ssueswe
wil
lconsi derareonlyassoci atedwi t
hone: NTFS.I nNTt hereisthenotion
ofani t
em, whichcanbeaf il
eoradi rectory.Eachi tem hasanowner .An
owneri susual l
ythet hi
ngthatcr eatedt heitem.I tcanchanget heaccess
controlli
st,all
owot heraccount stochanget heaccesscont rolli
stand
al
lowot heraccount st obecomeowner .Ent ri
esint heACLar eindivi
duals
andgr oups.Not ethatNTwasdesi gnedf orgroupsofmachi nesona
network, t
hus, adisti
ncti
oni smadebet weenl ocalgr oups(def i
nedona
part
icularwor kstati
on)andgl obal groups( domai nwi de).Asi nglename
canther eforemeanmul ti
plethings.
NTFSi sstruct
uredsot hatafil
eisasetofpr oper
ties,thecontent
softhe
fi
lebeingjustoneoft hosepropert
ies.AnACLi sapr opertyofanit
em.The
ACLitselfisali
stofent r
ies:
(userorgroup,permissions).NTFS
permissi
onsar eclosertoextendedpermissionsi
nUNI Xt hant
othe9
modebi ts.Thepermissionofferarichsetofpossibil
it
ies:
 R-
-read
 W--wri
te
 X-
-execute
 D-
-delet
e
 P-
-modifytheACL
 O-
-makecur r
entaccountt
henewowner(
"t
akeowner
shi
p")
UNI
Xusesaccesscont
rol
li
sts.Auserl
ogsi
ntoUNI
Xandhasar
ight
t
ostartprocessest
hatmaker equest
s.Aprocessis" bi
gger"t
hanasubject
,
manydomai nsmaycor r
espondt oasingleprocess.Eachprocesshasan
i
dent
it
y (
uid).Thi
sui
di sobtainedfrom t
hefi
lethatstoresuserpasswor
ds:
/
etc/
passwd.Anent ryin/etc/passwd
Themaindi
ff
erencesbet
weenWi
ndowsandUni
xar
eas
fol
lows:
1.
Unixi
saCommandLi
neUserI
nter
faceandWi
ndowsi
sGr
aphi
cUserI
nter
face
oper
ati
ngsy
stem.
www.aktutor.in
2.Uni
xiscommandbasedandWi
ndowsi
smenubasedoper
ati
ngsy
stem.
3.Wi
ndowsi
sev
entdr
ivenwher
east
hisf
eat
urei
sabsenti
nUni
xoper
ati
ngsy
stem.
4.Fi
l
esy
stem i
nUni
xis(
STD.
ERR,
STD.
IO)
,andi
nWi
ndowsi
tis(
FAT32,
NTFS)
.
5.I
nUni
xmul
ti
processi
ngi
spossi
blewher
easi
tisnotpossi
blei
nWi
ndows.
6.I
ntermsofsecuri
ty,Uni
xismor
esecur
ethanWi
ndowsaswecanr
est
ri
ctt
he
per
missionofeachuser.
7.Wi
ndowsoper
ati
ngsy
stem suppor
tpl
ugandpl
ayandt
hisf
eat
urei
snotav
ail
abl
e
i
nUnix.
8.Wi
ndowsi
sli
censedoper
ati
ngsy
stem andUni
xisf
reesour
ceoper
ati
ngsy
stem.
Br
owseri
sol
ati
oni
sacy
ber
secur
it
ymodel
usedt
ophy
sical
l
yisol
atean
i
nternetuser swebbr owserandt heirbrowsi ngact ivit
yawayf rom thelocalmachine
andnet wor k,i
tist heunderl
yingmodel andt echnol ogyt hatsupportsaremote
browsingpl atf
or m.Accordingt oGartner, mor ethan50%ofent er
priseswil
lacti
vely
begint oi
sol at
et heiri
nter
netbr owsingt or educet hei mpactofcy beratt
acksover
thenextt hreey ears(Gart
nerBI TReport2016) .Gar tnerarealsorecommendi ng
browseri solat
iont echnol
ogiesasoneoft hemostef fecti
veway sthatanenter
prise
canr educewebbasedat tacks.Withthisi nmi nd,letst akeacloserlookatexactl
y
whatbr owseri solati
onisandwhyr emot ebr owseri solati
onisbeingadoptedso
quicklybysecur i
tyconsci
ousor ganizations.
Browseri solati
onwasani nvent
ionborneoutofnecessi ty
,ourcurr
entsecurit
ytools
(ant
i-v
irus, f
irewall
,i
ntrusiondetectionandprevention)arefai
li
ngtoprotectusfrom
malwar e,ransomwar eandbr owserbasedcy berattacks.Browserbasedattacksare
i
ncreasingi nf r
equency ,
wi thGartnerest
imatingthat98%ofext er
nalinfor
mat i
on
securi
tyat tacksarecar r
iedoutov erthepubli
cinternetandofthoseat t
acks80%of
them aret argeteddir
ectlyatenduser sthroughtheirbrowsersastheyuset he
i
nternetnor mal l
y.
Ov ert
imeandbeneat ht heweightofregularcy berat
tacksmanyor gani
zat
ions
reali
zedthattheirbrowser s(al
ongwi thal
l oftheassoci at
edbr owsingact
ivi
tyand
ri
sk)donotr eall
yneedt obeconnect edtot hei
rinternalnetworksandinfr
astruct
ure.
I
nf acttheyreali
zedt hatlett
ingthei
rusersbr owset heinternetfr
om thei
rwork
machi nes(ortheiri
nternalnetworks)wasabadi deafrom acy ber
securi
ty
perspecti
ve.
Websecur
it
y
alsoknownas“
Cyber
secur
it
y”i
nvol
vespr
otect
ingwebsi
te
or web
applicat
ionbydetecti
ng,pr
event
ingandrespondi
ngtoatt
acks.Websi
tes
and web appli
cati
onsarejustaspronet
o secur
it
y br
eachesasphysi
calhomes,
stores,
andgov ernmentlocati
ons.
TheThr
eeSecur
it
yGoal
sAr
eConf
ident
ial
i
ty,
Int
egr
it
y,andAv
ail
abi
l
ity
www.aktutor.in
Al
li
nfor
mat
ionsecur
it
ymeasur
est
ryt
oaddr
essatl
eastoneoft
hreegoal
s:
 Pr
otecttheconfi
denti
ali
tyofdat
a
 Pr
eservetheint
egri
tyofdata
 Pr
omot etheavai
labi
li
tyofdataf
oraut
hor
izeduse
Thesegoal
sfor
mtheconf
ident
ial
i
ty,
int
egr
it
y,av
ail
abi
l
ity(
CIA)t
ri
ad,
thebasi
sofal
lsecur
it
y
pr
ogr
ams(
see
Figur
e2.
1).I
nfor
mat
ionsecur
it
ypr
ofessi
onal
swhocr
eat
epol
i
ciesandpr
ocedur
es
(
oft
enr
efer
redt
oasgov
ernancemodel
s)mustconsi
dereachgoal
whencr
eat
ingapl
ant
opr
otecta
comput
ersy
stem.
Fr
amebust
ingandcl
ickj
acki
ngpr
event
ion
Cli
ckjacking al
lowsanat tackert otr
icky ourusersintocl
icki
ngparts
ofyouri nt
erfacewithouttheirconsent .Asimpl ewayt odescri
be
describethisis,anattackerwi l
lembedy ourappli
cationi
nt hei
rsi
te
asani frame.Ont opoft heiframet heycanshowacompl et
ely
di
fferentinterf
ace.You’rethinkingyou’reclicki
ngbut t
onsony our
owni nterf
ace, whi
leinfacty ouar ehit
tingthe‘Deletemyaccount’
buttoninf orexampleGMai l
.
Becauset hi
stechni
quecomplet
elyoper
ateswithfr
ames,i
tcanbe
ci
rcumv entedbyusi
nga‘Framebusti
ng’techni
que.Asabonus,
thi
s
wil
lalsodisall
owforexampleDi
ggtostealandmonetizey
our
content
.
www.aktutor.in
Render
ing-
Renderi
ngi st
heprocessi nvolvedint
hegener at
ionofat wo-dimensionalorthree-
dimensionali
magefrom amodel bymeansofappl i
cationprograms.Render ingi
s
mostlyusedinarchi
tecturaldesigns,
videogames, andanimat edmov ies,
simulat
ors,TVspeci
al effectsanddesignvisual
izat
ion.Thetechniquesand
feat
uresusedv ar
yaccor dingtotheproject
.Renderinghelpsincreaseeffi
ciency
andreducecostindesign.
Therearetwocategor
iesofr
ender
ing:pr
e-r
enderi
ngandreal
-t
imerender
ing.The
str
iki
ngdiff
erencebet
weenthetwoli
esinthespeedatwhichthecomput
ation
andfinal
i
zati
onofimagestakespl
ace.
 Real -TimeRender ing: Thepr ominentr enderingtechniqueusingin

i
nter act i
vegr aphicsandgami ngwher eimagesmustbecr eat
edatar apid
pace.Becauseuseri nt eracti
onishi ghinsuchenv i
ronment s,
real-
ti
me
i
magecr eationisrequi red.Dedicatedgr aphicshardwar eandpre-compi ling
oft heav ai
lableinformat i
onhasi mpr ovedt heperformanceofr eal
-ti
me
render i
ng.
 Pre- Render ing:
Thisr ender i
ngtechni queisusedi nenv i
ronmentswher e
speedi snotaconcer nandt heimagecal culat
ionsareper f
ormedusi ng
mul ti-corecent r
al processi ngunitsratherthandedi catedgraphics
hardwar e.Thi srender i
ngt echniquei smost lyusedinani mati
onandv isual
effect s,wher ephot oreal i
sm needst obeatt hehigheststandardpossi ble.
cr
oss-
sit
erequestf
orger
y(CSRF)
Inthi
ssecti
on,we'
l
lexpl
ainwhatcross-
siterequestforger
yis,descri
besome
examplesofcommonCSRFv ulner
abil
it
ies,andexplainhowt opreventCSRF
att
acks.
www.aktutor.in
Whati
sCSRF?
Cross-
sit
erequestforger
y( al
soknownasCSRF)i sawebsecuri
tyv ul
ner
abili
ty
thatal
l
owsanat tackertoinduceuser st
operfor
m act
ionsthatt
heydonoti ntend
toperf
orm.Ital
lowsanat tackertopartl
ycir
cumventt
hesameor igi
npolicy
,
whichisdesi
gnedt opreventdif
ferentwebsi
tesfr
om i
nterf
eri
ngwi t
heachot her.
Whati
sthei
mpactofaCSRFat
tack?
InasuccessfulCSRFatt
ack, t
heatt
ackercausesthevi
cti
m usertocarryoutan
acti
onunintent
ional
l
y.Forexample,t
hismightbetochangetheemai laddr
esson
thei
raccount,t
ochangetheirpassword,
ortomakeaf undstransfer
.Depending
onthenatureoftheacti
on,theatt
ackermightbeablet
ogainf ul
lcontr
oloverthe
www.aktutor.in
user
'saccount.I
fthecompr omiseduserhasapri
vi
legedrol
ewi t
hint
he
appl
icat
ion,t
hentheattackermightbeabletot
akefullcont
rol
ofallt
he
appl
icat
ion'
sdataandfunct i
onali
ty.
HowdoesCSRFwor
k?
ForaCSRFat
tackt
obepossi
ble,
thr
eekeycondi
ti
onsmustbei
npl
ace:
 Ar elevantact i
on.
Ther eisanact ionwi thi
ntheappl i
cati
onthatt heatt
acker
hasar easont oi nduce.Thismi ghtbeapr i
vil
egedact i
on(suchas
modi fyingper missi onsforotheruser s)oranyact iononuser -speci
fi
cdata
(suchaschangi ngt heuser'sownpasswor d).
 Cooki e-basedsessi onhandling. Performingtheact i
oninvolvesissui
ngone
ormor eHTTPr equest s,
andt heappl i
cati
onrel i
essolelyonsessi on
cooki estoi dentifytheuserwhohasmadet her equests.Ther eisnoother
mechani sm inpl acef ortr
ackingsessi onsorv al
idati
nguserr equests.
 Nounpr edictabler equestparamet ers.
Therequest sthatperformt he
actiondonotcont ainanyparamet er
swhosev aluestheattackercannot
deter mineorguess.Forex ampl e, whencausi ngausert ochanget hei
r
passwor d,thefunct ionisnotv ulnerabl ei
fanat tackerneedst oknowt he
valueoft heexistingpasswor d.
Cr
oss-
sit
escr
ipt
ing
Descr
ipt
ion
Cross-si
tescri
pti
ngisat y
peofcomput ersecurit
yvulner
abil
it
ytypical
lyfoundi
nweb
appli
cati
ons.XSSenablesat t
acker
stoinjectcl
ient-
sidescr
ipt
sintowebpagesv i
ewedby
otherusers.Across-
sit
escr i
pti
ngvul
nerabil
it
ymaybeusedbyat tackerstobypassaccess
control
ssuchast hesame- or
igi
npoli
cy
Cross-
sit
escript
ing
(XSS)isasecuritybr
eachthattakesadvantageof
dynamical
lygenerat
edWebpages.I nan
XSS at
tack,aWebappl icat
ionissent
witha
scri
pt t
hatacti
vateswhenitisreadbyanunsuspectinguser '
sbrowseror
byanapplicat
ionthathasnotprotectedi
tsel
fagainst
cr
oss-si
tescript
ing.
Uni
t-
2
Software-
based FaultIsolati
on (
SFI)i
sa
software-i
nst
rument
ationtechniqueat
themachine-codelev el f
orestabl
ishi
ngl
ogicalprot
ecti
ondomainswi thi
na
process..
..I
nSFI ,
prot ectiondomainsst
aywi t
hinthesameprocess,incurr
ingl
ow
overheadwhenswi tchi ngbetweendomains.
Def
ini
ti
onof
:faul
t
isol
ati
on.f
aul
t
isol
ati
on.Det
ermi
ningt
hecauseofapr
obl
em.
www.aktutor.in
Al
soknownas" f
aultdiagnosis,
"thet
erm mayref
ert
ohardwareorsof
tware,
but
al
waysdeal
swi t
hmet hodst hatcan
i
sol
ate
thecomponent
,devi
ceorsof
tware
modul
ecausingthe
error.
A VM i
san i
solated
envi
ronmentwi t
haccesst oasubsetofphysicalr
esourcesof
thecomputersystem.Each VM appearstoberunningonthebarehardware,
givi
ngtheappearanceofmul t
ipl
einstancesofthesamecomput er,t
houghallare
suppor
tedbyasi ngl
ephy si
calsyst
em.
Aker nel-
moder oot
kitalt
erscomponent swithi
nthecomput eroperat
ingsystem's
core,knownast hekernel.Someoft heserootki
tsresembledevicedr
iversor
l
oadabl emodules,gi
v i
ngt hem unrestri
ctedaccesstothetargetcomputer.These
rootkit
sav oi
ddetect
ionbyoper atingatt hesamesecurit
ylevelastheOS.
Exampl esincl
udeFU, Knark,Adore,RkitandDaI OS.
Boot
kit
Abootkitisat y
peofkernel
-moder ootki
tthati
nfectsthemast erbootrecord,
vol
umebootr ecor
dorbootsectiondur i
ngcomput erstar
tup.Themal war el
oader
per
sist
st hroughthet
ransit
iontoprotectedmodewhent hekernel hasloadedand
i
sthusabl etosubver
tthekernel.Examplesincl
udeOl masco,Rov nixandSt oned
Bootki
t.
User
-modeRoot
kit
Theuser -
moder ootkitreplacesexecut ablesandsy stem li
brariesandmodi fi
es
thebehav i
orofapplicati
onpr ogrammingi nterf
aces.I talt
erst hesecur i
ty
subsystem anddisplaysf alseinformationtoadmi nistr
atorsoft hetarget
comput er
.Itcaninterceptsy stem call
sandf i
l
terout putinor dertohide
processes,fi
les,
system dr ivers,net
wor kports,registrykeysandpat hs,and
system servi
ces.Exampl esoft hi
stypeofr ootki
tincl udeVanqui sh,Aphexand
HackerDef ender.
Vi
rt
ual
Root
kit
Avir
tual
, orhy
pervisor,
root
kithost
sthetargetOSasav i
rtualmachi ne,
enabli
ng
i
ttoint
ercepthardwarecall
smadebyt heor i
ginalOS.Ther ootkitdoesnothave
tomodif
yt hekerneltosubvertt
heoperat
ingsy st
em.Sof ar,thistypeofroot
kiti
s
onl
yapr oofofconcept.
Fi
rmwar
eRoot
kit
Af i
rmwarer ootki
tusesdev iceorpl atfor
mf ir
mwar etocr
eateaper sistent
malwareimagei ntherouter,networkcar d,harddri
veorthebasici
nput /output
system (
BIOS) .Therootkiti
sabl etor emainhiddenbecausefir
mwar ei snot
usuall
yinspectedforcodei ntegrit
y.Theser ootkit
scanbeusedf orlegiti
mat e
purposes,suchasant i
-thefttechnologypr ei
nstall
edinBI
OSi magesbyt hevendor
,
buttheycanal sobeexpl oit
edbycy bercri
minals.Exampl
esincl
udeCl oakerand
www.aktutor.in
VGAr
oot
kit
.
Root
ingoutRoot
kit
s
SowhatcanI
Tadmi
nist
rat
orsduet
ocount
ert
het
hreat
sposedbyr
oot
kit
s?
Pr
event
ingRoot
kitI
nfect
ions
I
nt hei
rchapteri
nthe I
nformationSecur
it
yManagementHandbook, Si
xthEdi
ti
on,
Volume2, secur
it
yresearcher
sE.EugeneSchultzandEdwardRayrecommend
thatent
erpri
sesconsiderthefoll
owingmeasur
estopreventr
ootki
tinf
ecti
ons:
 usingi nt
rusiondet ecti
onandpr ev ent
iontoolssuchasr oot
kitscanner
s
 applyingv ul
nerabili
typat chesinat i
melymanner
 configuri
ngsy stemsaccor di
ngtosecur i
tyguidel
inesandli
mi t
ingserv
ices
thatcanr unont hesesy stems
 adher i
ngt otheleastpr i
v i
legeprinciple
 deploy i
ngf i
rewallsthatcananal y zenetworkt raf
fi
cattheapplicat
ionl
ayer
 usingst r
ongaut hent i
cation
 performingr egularsecur it
ymaint enance
 l
imi t
ingtheav ail
abi l
it
yofcompi l
erpr ogramst hatroot
kit
sexploit
Det
ect
ingRoot
kit
s
Onceani nfecti
ont akesplace,t
hingsgett r
icky.Ther esearcherscauti
onthat
detectingandr emov ingar oot
kiti
sdiffi
cult.Howev er,arootkitcanbedetect
ed
bytrainedi nvesti
gatorsandanal y
sistool
s, suchasr ootkitscanners,whi
ch
uncov ercluest othepresenceoft herootki
t.Maj orsecurit
yf i
rms,suchas
Symant ec,KasperskyLabandI ntelSecurit
y(McAf ee),offerrootki
tscanner
sto
enterprisecustomer s.
Someoft hetel
l
tal
esignsthataroot
kiti
spr
esenti
ncl
udeunexplai
nedchangesi
n
tar
getsystems,st
rangef
il
esinthehomedir
ector
yofrootorunusual
network
acti
vi
ty.
Cr y
ptographerandcomput erprogrammerThomasPor ninnotedthattherootki
t
needst omai ntainanentr
ypathf ort
heat t
acker,
creati
nganoppor t
unityfor
detection.Ina post I
on nf
ormationSecurit
yStackExchange,Porni
nr ecommends
thatITadmi nistr
atorsr
ebootthecomput eronal i
veCDorUSBkeyandt hen
i
nspectt hehar ddisk."
Ift
hesamef i
l
esdonotl ookidenti
cal
,wheninspect ed
from theout side( t
heOSbootedonal iv
eCD)andf rom thei
nside,t
hent hisi
sa
ratherdefinitesignoffoulpl
ay,"hewr ot
e.
Anothercontr
ibutort
ot heInf
ormat ionSecuri
tyStackExchangewhogoesbyt he
monikeruser2213explainedthatanot herwaytodetectarootki
tistouse
spur
iousdevicecodesondev i
cest hatdonotnormal l
yrespondtothecodes."
If
yougetanythingotherthantherelev ant'
Noti
mplement ed'er
rorcodeonyour
syst
em, somet hi
ngstrangeisgoingon. "
www.aktutor.in
User2213alsosuggestedmount i
ngthesystem dr
iveonadif
ferentPCtoseeif
anincorr
ectfi
lesystem si
zeorunexpectedfil
escomeup.Thiscouldbean
i
ndicati
onofar ootki
t."
Unfor
tunatel
y,t
herearen'
tgener
icr
edflagsforr
ootki
tsi
n
general-
-thebattl
eismorecat-and-
mouse,"thewrit
ernot
ed.
Remov
ingRoot
kit
s
Remov i
ngar ootki
tisachal
lengebecauseitrunswi thaf ul
lsetofsy st
em
pri
vil
eges, whichmeansitcouldhavedoneany t
hingtothesy stem.Schultzand
Rayr ecommendmaki nganimagebackupandt henr ebuil
dingt hecompr omised
system usingt heor
igi
nali
nstal
lat
ionmedia;otherwise,themal ici
ouscodeor
unaut hor
izedchangescouldconti
nueevenaf tertherootkitis" del
eted.
"Securi
ty
patchest henneedtobeinstall
edandav ul
nerabilit
yscanper formed.
I
nsum, thebeststrategyt odealwithr ootki
tthreatsistostoptherootki
tfr
om
i
nfectingcomput ersiny ournetworkt hroughsecur i
tybestpracti
cessuchas
patchmanagementandr egularmaintenance, andspecial
izedtoolssuchas
rootki
tscanner sandf i
rewal l
s.Shouldy ourcomput ersbecomei nf
ectedanyway,
youneedt or ebui
ldthecompr omisedcomput erfrom thegroundupt oensure
thattherootkiti
seradicat ed.
A
rootkit
i
samalicioussoft
warethatal
lowsanunaut hori
zedusertohave
pr
ivi
legedaccesstoacomput erandtorestri
ctedareasofi t
ssoft
war e.
A
rootkit
maycontainanumberofmal i
cioustoolssuchaskey l
oggers,banki
ng
cr
edentialst
eal
ers,passwordst
ealer
s,antiv
irusdisabler
s,andbotsforDDoS
at
tacks.
Buf
ferOv
erf
lowAt
tack
A buf fer
isat empor aryareaf ordatastor age.Whenmor edat a( t
hanwas
originallyallocatedt obest ored)getsplacedbyapr ogram orsy stem pr ocess, t
he
extradat aov erfl
ows.I tcausessomeoft hatdat at oleakouti ntoot herbuf fers,
whi chcancor ruptorov er
wr i
tewhat ev
erdat at heywer ehol ding.
Ina buffer-overflowat tack,
theextradat asomet imeshol dsspeci fi
cinst r
uct i
ons
foract ionsi ntendedbyahackerormal icioususer ;
forexampl e,t
hedat acould
tri
ggerar esponset hatdamagesf il
es,changesdat aorunv eil
spr i
vate
i
nf ormat ion.
Attackerwoul duseabuf f
er -
overfl
owexpl oi
ttot akeadv antageofapr ogr am that
i
swai tingonauser ’sinput.Ther earetwot y
pesofbuf ferov erfl
ows: stack-based
andheap- based.Heap- based, whicharedi ff
iculttoexecut eandt hel east
commonoft het wo, at
tackanappl i
cationbyf loodingthememor yspace
reser vedf orapr ogram.St ack-basedbuf ferover fl
ows,whi char emor ecommon
amongat tacker s,exploitappl i
cati
onsandpr ogramsbyusi ngwhati sknownasa
stack:
www.aktutor.in
Conf
inement

isamechani
sm f
orenf
orci
ngt
he
pri
nci
ple
ofl
east
pri
vi
lege.Thepr obl
em isthatthe
conf
ined
processneedstotransmi tdatato
anotherprocess...
.The conf
inement
mechanism mustdist
inguishbet ween
tr
ansmi ssi
onofaut hor
izeddataandthetransmissi
onofunauthorizeddat a.
Uni
xisacomputerOperatingSystem whichiscapableofhandlingactivitiesfrom
mult
ipl
euser
satthesameti
me.Thedevel
opmentofUni
xst
art
edar
ound1969atAT&TBel
l
LabsbyKenThompsonandDenni
sRit
chie
TheUni
xoperat
ingsy
stem i
sasetofpr
ogr
amst
hatactasal
i
nkbet
weent
he
comput
erandt
heuser
.
Thecomputerpr
ogr
amsthatall
ocat
ethesyst
em r
esour
cesandcoordinateallt
he
det
ail
soft
hecomputer
'si
nter
nal
siscal
ledt
he
oper
ati
ngsyst
em
orthe kernel
.
User
scommunicatewiththekernel
throughaprogr
am knownast he
shel
l.Theshel
l
i
sacommandl inei
nterpret
er;itt
ranslat
escommandsent eredbyt heuserand
conv
ert
sthem i
ntoalanguagethatisunderst
oodbytheker
nel.
Themai
nconceptt
hatuni
tesal
lthev
ersi
onsofUni
xist
hef
oll
owi
ngf
ourbasi
cs−
 Ker
nel

− Theker
neli
sthehear
toft
heoper
ati
ng sy
stem.I
tint
eract
swi
tht
he
www.aktutor.in
har
dwareandmostoft
het
asksl
i
kememor
ymanagement
,taskschedul
i
ngandf
il
e
management
.
 Shel
l
−Theshel
list
heut
il
it
ythatpr
ocessesy
ourr
equest
s.Wheny
out
ypei
na
commandaty ourtermi
nal,t
heshelli
nter
pret
sthecommandandcal
lst
heprogram
thatyouwant .Theshellusesstandar
dsy nt
axforal
lcommands.CShel
l,Bourne
ShellandKornShel lar
ethemostf amousshell
swhichareav
ail
abl
ewit
hmostof
theUnixvar
iants.
 CommandsandUt
il
it
ies
−Ther
ear
evar
iouscommandsandut
il
it
ieswhi
chy
oucan
makeuseofi nyourdaytodayacti
vi
ti
es. cp,
mv,
cat
and gr
ep,
etc.ar
efewexampl
es
ofcommandsandut i
li
ti
es.Ther
eareov er250st andar
dcommandspl usnumer
ous
other
sprovidedthrough3rd
par
tysoftwar e.Al
lt hecommandscomeal ongwit
h
vari
ousopt
ions.
 Fi
l
esandDi
rect
ori
es
−Al
lthedat
aofUni
xisor
gani
zedi
ntof
il
es.Al
lfi
l
esar
ethen
or
ganizedint
odir
ect
ori
es.Thesedi
rect
ori
esar
efur
theror
gani
zedi
ntoat
ree-
li
ke
st
ruct
urecall
edt
he
nUni
x,t
her
ear
ethr
eebasi
cty
pesoff
il
es−
 Or
dinar
yFi
l
es
−Anor
dinar
yfi
l
eisaf
il
eont
hesy
stem t
hatcont
ainsdat
a,t
ext
,or
pr
ogr
am i
nst
ruct
ions.I
nthi
stut
ori
al,
youl
ookatwor
kingwi
thor
dinar
yfi
l
es.
 Di
rect
ori
es
−Di
rect
ori
esst
orebot
hspeci
alandor
dinar
yfi
l
es.Foruser
sfami
l
iarwi
th
Wi
ndowsorMacOS,
Uni
xdi
rect
ori
esar
eequi
val
entt
ofol
der
s.
 Speci
alFi
l
es
−Somespeci
alf
il
espr
ovi
deaccesst
ohar
dwar
esuchashar
ddr
ives,
CD-ROM dri
ves,modems,andEt
her
netadapt
ers.Ot
herspeci
alf
il
esaresimil
arto
al
iasesorshor
tcut
sandenabl
eyout
oaccessasingl
efi
l
eusingdi
ff
erentnames.
Chr
oot
onUni
xoper
ati
ngsy
stemsi
sanoper
ati
ont
hatchangest
heappar
ent
r
ootdi
rect
oryf
orthecur
rentr
unni
ngprocessandit
schil
dren.Aprogram t
hatisrun
i
nsuchamodifi
edenvir
onmentcannotnamefil
esout
sidethedesignat
eddirect
ory
t
ree
Conf
inement
The conf i
nementpr oblem deals with prev enting a pr ocess fr
om t aki
ng
disal
lowedact ions.Consi deraclient/
serversi tuati
on:t hecli
entsendsadat a
requestt otheser ver ;t
heser verusest hedat a,per formssomef unction,and
sendst her esults( data)backt ot hecl i
ent.I nt hiscaset heconf i
nement
problem deal swithpr event
ingaser verfrom l eaki nginformati
ont hatt he
useroft hatser vice considers conf i
dential.Access cont r
olaf f
ectst he
functionoft heser veri n2way sGoalofser v icepr ov i
der1.Theser vermust
ensuret hatther esour cesitaccessesonbehal foft heclienti
ncludeonl y
thoser esour cesthatt hecl i
entisaut hori
zedt oaccess.Goaloft heser vi
ce
user
2.Theservermustensur
ethati
tdoesnotr
eveal
thecl
i
ent
’sdat
atoanyot
her
enti
tynotauthor
izedt
oseethecl
ient
’s
DEFI
NITI
ON
www.aktutor.in
t
hreatmodel
i
ng


Threatmodel i
ngi saprocedur eforopt imi zi
ngnet worksecur it
yby
i
dent i
fyi
ngobj ect
ivesandv ulner
abili
ties, andthendef ining
countermeasur estoprevent,ormi t
igatet heef fectsof,threatstothe
system.Int hi
scont ext
,athreatisapot ent i
aloractual adverseevent
thatmaybemal i
ci
ous( suchasa denial-of -
serv
ice at
tack)or
i
ncidental(suchast hefail
ureofast oragedev i
ce),andt hatcan
compr omisetheasset sofanent erpr i
se.
Thekeyt ot hr
eatmodel ingistodet er
mi newher ethemostef f ort
shouldbeappl iedtokeepasy stem secur e.Thisisav ar i
ablet hat
changesasnewf actor
sdev elopandbecomeknown, applicationsare
added,remov ed,orupgraded, anduserr equirement sev olve.Thr eat
model i
ngisani terat
iveprocesst hatconsi st
sofdef i
ningent erprise
assets,i
dent i
fyi
ngwhateachappl i
cati
ondoeswi t
hr espectt ot hese
assets,cr
eat i
ngasecur ityprofi
l
ef oreachappl ication,identi
fy i
ng
potenti
althreats,pri
ori
ti
zingpot enti
althreats,anddocument ing
adverseev entsandt heactionstakenineachcase.
Thr
eatmodel
i
ngmet
hodol
ogi
esf
orI
Tpur
poses
Conceptual
ly,athreatmodeli
ngpr acti
ceflowsf r
om amet hodology.Numer ous
thr
eatmodel i
ngmet hodologi
esar eavail
ableforimplement ati
on.Ty pi
call
y,thr
eat
modelinghasbeeni mplement edusingoneoff ourapproachesi ndependently,
asset-
centr
ic,at
tacker-
centri
c,andsoftware-centr
ic.Basedonv ol
umeof
publi
shedonlinecontent,
thefourmet hodologiesdiscussedbelowar ethemost
wellknown.
STRI
DEmet
hodol
ogy
The
STRI DE
approachtothr
eatmodeli
ngwasi ntr
oducedin1999atMi crosoft
,
prov
idingamnemoni cf
ordevel
operstofi
nd'threatst
oourpr oduct
s'.
[9]
STRIDE,
Patt
ernsandPr acti
ces,
andAsset/ent
rypointwereamongstt hethreatmodel ing
approachesdevelopedandpubl
ishedbyMicrosof t
.Refer
encesto"the"Mi crosof
t
www.aktutor.in
met
hodol
ogycommonl
ymeanSTRI
DEandDat
aFl
owDi
agr
ams.
P.
A.S.
T.A.
ThePr ocessf orAt tackSimul ationandThr eatAnal ysis(PASTA)i sasev en-step,
ri
sk-cent r
icmet hodol ogy.
[10] I
tpr ov idesasev en-stepprocessforal igning
businessobj ectivesandt echni cal requir
ement s,takingintoaccountcompl i
ance
i
ssuesandbusi nessanal ysi s.Thei ntentoft hemet hodistoprov i
deady nami c
thr
eati dent i
ficati
on, enumer ation, andscor ingpr ocess.Oncet het hreatmodel i
s
compl etedsecur itysubjectmat t
erexper t
sdev el
opadet ail
edanal ysisoft he
i
dent i
fiedt hreats.Finally,
appr opriat esecur i
tycont rolscanbeenumer ated.Thi s
methodol ogyi sintendedt opr ovideanat tacker -
cent r
icviewoft heappl icati
on
andinf rastructuref r
om whi chdef ender scandev elopanasset -centricmi ti
gation
str
ategy .
Tr
ike
Thefocusoft heTr ikemet hodology [
11]
i
susi ngt hreatmodel sasar i
sk-
managementt ool.Wi t
hinthisframewor k,t
hr eatmodel sareusedt osati
sfythe
securi
tyaudit
ingpr ocess.Thr eatmodel sar ebasedona“ requirement smodel.”
Therequir
ement smodel est
ablishest hest akeholder-def
ined“ acceptabl
e”level
ofri
skassignedt oeachassetcl ass.Analysisoft herequirement smodel yiel
dsa
thr
eatmodel from whi cht hr
eatsar eenumer atedandassi gnedr i
skvalues.The
completedthreatmodel isusedt oconst r
uctar iskmodel basedonasset ,rol
es,
acti
ons,andcal culatedriskexposur e.
VASTE
VASTi sanacr onymf orVisual,
Agile,andSi mpleThreatmodel ing.[
12]The
under l
yingpr i
ncipleofthismet hodologyi st
henecessit
yofscal ingt het hreat
model ingpr ocessacr osstheinfrastructureandenti
reSDLC, andi ntegratingit
seaml esslyintoanAgi l
esof t
war edev elopmentmethodol ogy.Themet hodology
seekst opr ovideactionableoutputsf ort heuni
queneedsofv ariousst akeholders:
applicationarchi t
ect
sanddev elopers, cyber
secur
it
yper sonnel,andseni or
execut i
ves.Themet hodologypr ovidesauni queappli
cationandi nfrastructur
e
visuali
zat i
onschemesucht hatthecr eat i
onanduseoft hreatmodel sdonot
requirespeci f
icsecur i
tysubjectmat terexperti
se.
Gener
all
yaccept
edI
Tthr
eatmodel
i
ngpr
ocesses
AllIT-r
elat edthreatmodel i
ngpr ocessesst artwithcreatingav isual
represent ati
onoft heappl i
cationand/ori nfr
astructurebeinganal yzed.The
application/inf rastruct
urei sdecomposedi ntovar i
ousel ement stoaidi nthe
analysis.Oncecompl et
ed,thev isualrepresentat
ionisusedt oidentif
yand
enumer atepot entialthr
eats.Fur theranalysi
soft hemodel regardingrisks
associat edwi t
hi dent i
fi
edt hreats,pri
orit
izati
onoft hreats,andenumer ati
onof
theappr opri
atemi ti
gati
ngcont r
ol sdependsont hemet hodologicalbasisforthe
threatmodel pr ocessbei ngut i
li
z ed.
Vul
ner
abi
l
ity
:asof
twar
edef
ectwi
thsecur
it
yconsequences
www.aktutor.in
Thr
eat
:apot
ent
ial
dangert
othesof
twar
e
At
tack:
anat
temptt
odamageorgai
naccesst
othesy
stem
Expl
oit
:a successf
ulat
tack Tr
ustBoundar
y:wher
ethe l
eveloft
rust
changesf
ordat
aorcode
Conf
ident
ial
i
ty
Conf i
dent ialit
y referst opr otecti
ngi nformat i
onf rom bei ngaccessedby
unaut horizedpar ties.Inot herwor ds, onlythepeopl ewhoar eauthor
izedtodoso
cangai naccesst osensi ti
v edat a.Imagi neyourbankr ecords.Youshoul dbeabl e
toaccesst hem, ofcour se, andempl oyeesatt hebankwhoar ehelpi
ngy ouwi t
ha
transactionshoul dbeabl et oaccesst hem, butnooneel seshoul d.Afail
ur et
o
mai ntai
nconf i
dent ialit
ymeanst hatsomeonewhoshoul dn'thaveaccesshas
managedt ogeti t,throughi ntent i
onal behaviororbyacci dent.Suchaf ai
lureof
conf i
dent i
al i
ty,commonl yknownasa breach, typical l
ycannotber emedied.Once
thesecr ethasbeenr eveal ed,there'snowayt oun- reveal i
t.Ifyourbankrecords
arepost edonapubl icwebsi te,ev eryonecanknowy ourbankaccountnumber ,
balance, etc. ,
andt hati nfor mationcan' tbeer asedf rom theirmi nds,
paper s,
comput ers, andot herpl aces.Near l
yallthemaj orsecur i
tyincidentsreportedin
themedi at odayi nvolvemaj orlossesofconf ident ialit
y.
So, i
nsummar y, abr eachofconf i
dent i
alit
ymeanst hatsomeonegai nsaccesst o
i
nf ormat i
onwhoshoul dn' thav eaccesst oit.
I
ntegr
it
y
I
ntegrity r
eferstoensur i
ngtheaut hentici
tyofinformation—t hatinformat ioni snot
alt
ered, andthatt hesour ceoft heinformationisgenuine.I maginet haty ouhav ea
websiteandy ousel lproduct sonthatsi t
e.Nowi maginet hatanat tackercanshop
ony ourwebsi teandmal i
ciouslyalterthepricesofyourpr oduct
s, sot hatt heycan
buyany t
hingf orwhat everpricetheychoose.Thatwoul dbeaf ailureofi ntegrit
y,
becausey ourinformat i
on—int hiscase, t
hepr i
ceofapr oduct—hasbeenal ter
ed
andy oudi dn'tauthorizethi
sal ter
ation.Anotherex ampleofaf ai
lur eofint egri
tyis
wheny out r
yt oconnectt oawebsi teandamal i
ciousat tackerbet weeny ouand
thewebsi teredirectsy ourtraff
ictoadi ff
erentwebsi t
e.Int hiscase, thesi teyou
aredirectedt oisnotgenui ne.
www.aktutor.in
Av
ail
abi
l
ity
Av ai
labil
it
y meansthati
nfor
mationisaccessi
blebyauthori
zeduser s.
I
fan
attackerisnotabletocompromisethefi
rsttwoelementsofinfor
mat ionsecur
it
y
(seeabov e)theymayt r
ytoexecut
eattacksli
kedenialofser
vicethatwouldbri
ng
downt heserver
,makingthewebsit
eunav ai
l
abletolegi
ti
mateuser sduetolackof
availabil
i
ty.

Computer System Security Notes ALL UNITS

Uploaded by

Copyright:

Available Formats

You might also like

Computer System Security Notes ALL UNITS

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Computer System Security Notes ALL UNITS

Uploaded by

Copyright:

Available Formats

www.aktutor.

mar ketplacev ul ner abi l

employeel eavesanor ganisati

2.Enablingthesaf eoper ationofappl i

Emai lspammi ngi

ANI DSr eadsal l

.IPSec( IPSECURI TY)whi chwor ksatthenetworklayerisaframewor kconsi

basicallymeansmal icioussof twar et hatcanbeani ntrusivepr ogr am codeora

Theyof tenpr ovidebackdoorgat ewayf ormal i

Oneoft hemostcommonexampl eofspy war eisKEYLOGGER.Thebasi cj

Tosecur eaf aci

Accesscont rolsy stemsper f

Thegoal ofaccesscont rol istomi nimizether iskofunaut horized

 Real -TimeRender ing: Thepr ominentr enderingtechniqueusingin

You might also like