Chapter Four CS

Dilla University
College of Engineering and Technology

School of Computing and Informatics, Department of comp.sci
Welcome to CoSc 4031

Computer Security
Chapter Four
Network Security
Dilla University, Department of Computer Science

Network Security Basics
Activity: Take 10’ of your time and
discuss on the following key terms.
• Basic network terms:
– Network
– Types of network
– Network device
– Communication medium
▪ What do you think the role of big data on
network security.
Dilla University, Department of

2
Computer Science
• today, hacks, data breaches, and
cyberattacks are more common than ever
before.
• increasing number and severity of these
attacks make network security a topic of
utmost importance.
• Network security is vital to maintaining the
integrity of your data and the privacy of
your organization and employees.

3
Computer Science
• Every time Network seems to grow in
size and complexity.
• New SaaS service comes online makes
easier things for online and remote
working.
• Same is true for malwares.
• Network security is very dynamic,
methods for protecting network
changes all time.
4
Computer Science
• Network security is the process of protecting
networks against potential threats.
• Effective network security defeats a variety of

threats from entering or spreading on a network.
• It includes software and hardware designed to

detect and block malicious agents.
• Securing networks also extends to access control,

network organization, and security policies.

5
Computer Science
• Network security is the protection of networks,
their applications or services against unauthorized
access that prevents form modification, disclosure
or destruction of data.
• It also assures that the network is performing

correctly with no harmful side effects.

6
Computer Science
• Network security is the process by which digital
information assets are protected. The goals of
network security are as follows:
■ Protect confidentiality
■ Maintain integrity
■ Ensure availability
•

7
Computer Science
Network Attack
• A network attack is an attempt to gain
unauthorized access to an organization’s
network, with the objective of stealing data or
perform other malicious activity.
• When discussing network security, the three
common terms used are as follows:
– Threat
– Vulnerability
– Attack and Trust

8
Computer Science
Network Attack
• Trust and threats are two sides of the same coin.
• A threat is a potential failure scenario that you

design your system to avoid, and trust is an
assumption you make about how external actors and
internal components you build upon will behave.
• threat it can be any person or event that can cause

the damage of data or network. Threats can also
be natural for example wind, lightning, flooding or
can be accidental, such as accidentally deletion of
file.

9
Computer Science
Some Ransomware fact
• The cost of ransomware can be crippling.
• Downtime due to ransomware attacks cost US
businesses $159 billion in 2021, with payment
demands averaging $7.9 billion.
• Payment is also no guarantee that attackers will
restore app or data access.
• 24% of organizations that chose to pay attackers did

not recover their data.

10
Computer Science
Network Attack
• A threat is a malicious act that seeks to steal or
damage data or discompose the digital network or
system. Examples of threats include computer
viruses, Denial of Service (DoS) attacks, data
breaches, and even sometimes dishonest employees.
Types of Threat
• Unstructured threats: Unstructured threats consist

of mostly inexperienced individuals using easily
available hacking tools such as shell scripts and
password crackers.

11
Computer Science
Network Attack
• Structured threats: Structured threats come from
hackers who are more highly motivated and
technically competent.
• These people know system vulnerabilities and can
understand and develop exploit code and scripts.
• ➢External threats: External threats can arise from

individuals or organizations working outside of a
company.
• ➢Internal threats: Internal threats occur when
someone has authorized access to the network with
either an account on a server or physical access to
the network.
12
Computer Science
Network security threat
• Network security threats are specific attack
methods that exploit Network vulnerabilities.
• There are multiple ways to launch such attacks.
Better to include all as a part of network security
policies.
– Malwares
• Keyloggers
• Trojans
• Ransomwares
• Adware
• Spyware
• Logic bomb
• Pharming, virus, worms

13
Computer Science
Network security threat
• Botnets: clustered computer and infected with malicious agent.
• Man in the middle attack: hijacking connection b/n network
device or between a network and external device.
• Physical sabotage and surveillance: gleaning valuable
information over the shoulder in public location.
• Phishing and social engineering: send fraudulent email with
embedded link.
• ….. All the topic in the last slide of ch1
• Attack Vs Threat
•

14
Computer Science
Network Attack
Vulnerability on network
• A Vulnerabilities in network security can be summed up as the
“soft spots” that are present in every network. It is a flaw in
a system’s design, configuration mistakes, security
procedures, internal controls, etc., that can be exploited by
cybercriminals.
• It is a weakness that is inherent in every network and device.
This includes routers, switches, desktops, servers, and even
security devices themselves.
• Networks are typically plagued by one or all of three primary
vulnerabilities or weaknesses:
– Technology Vulnerabilities
– Configuration Vulnerabilities
– Security policy Vulnerabilities

15
Computer Science
Network Attack
➢Technological Weaknesses: Computer and network technologies have
intrinsic security weaknesses. These include TCP/IP protocol
weaknesses, operating system weaknesses, and network equipment
weaknesses.
Weakness
• TCP/IP protocol weaknesses: HTTP, FTP, and ICMP are inherently
insecure.
• Operating system weaknesses: Each operating system has security
problems that must be addressed. UNIX, Linux, Mac OS, Windows
Server 2012, Windows 7, Windows 8.
• Network equipment weaknesses: Various types of network equipment,
such as routers, firewalls, and switches have security weaknesses
that must be recognized and protected against. Their weaknesses
include password protection, lack of authentication, routing
protocols, and firewall holes.

16
Computer Science
Network Attack
• Hardware
• Software: insufficient testing, design flaws, memory safety
violation, input validation, etc…
• Network configuration weakness: Network administrators or
network engineers need to learn what the configuration
weaknesses are and correctly configure their computing and
network devices to compensate.
– Unsecured user account
– System accounts with easily guessed password
– Misconfigured Internet service
– Unsecured default settings within products
– Misconfigured network equipment
17
Computer Science
• Vulnerability on network
• Security Policy Weaknesses: Security policy weaknesses
can create unforeseen security threats. The network can
pose security risks to the network if users do not follow
the security policy.
• Weakness
– Lack of written security policy
– Politic
– Lack of authentication continuity
– Logical access controls not applied
– Software and hardware installation of installation and
– changes do not follow policy.
– Disaster recovery plan is nonexistent
18
Computer Science
Network Attack
Attacks on network
• An attack is an action that exploits a vulnerability or enacts
a threat. The threats use a variety of tools, scripts, and
programs to launch attacks against networks and network
devices.
Four primary classes of attacks exist:
a) Reconnaissance: Reconnaissance is the unauthorized discovery
and mapping of systems, services, or vulnerabilities. It is also
known as information gathering. Reconnaissance is somewhat
analogous to a thief casing a neighborhood for vulnerable
homes to break into, such as an unoccupied residence, easy-to-
open doors, or open windows.
b) Denial of Service (DoS): Denial of service implies that an

attacker disables or corrupts networks, systems, or services
with the intent to deny services to intended users. DoS
attacks involve either crashing the system or slowing it down
to the point that it is unusable.
19
Computer Science
Network Attack
Attacks on network
c) Viruses, Worms, and Trojan Horses:
➢Viruses are malicious software that is attached to
another program to execute a particular unwanted function
on a user’s workstation.
➢Worms is similar to virus but it does not modify the

program. It replicate itself more and more to cause slow
down the computer system.
➢Trojan horses can be used to ask the user to enter

sensitive information in a commonly trusted screen.
20
Computer Science
Network Attack
Attacks on network
d) Access Attacks: Access attacks exploit known vulnerabilities in
authentication services, FTP services, and web services to gain
entry to web accounts, confidential databases, and other sensitive
information. Access attacks can consist of the following:
i. Password Attacks: Password attacks can be implemented using
several methods, including dictionary cracking, brute-force attacks,
Trojan horse programs, IP spoofing, and packet sniffers.
ii. Man-in-the-Middle Attacks: A man-in-the-middle attack
requires that the hacker have access to network packets that come
across a network. Such attacks are often implemented using
network packet sniffers and routing and transport protocols.
iii. Phishing: Phishing is a type of social-engineering attack that
involves using e-mail or other types of messages in an attempt to
trick others into providing sensitive information, such as credit
card numbers or passwords.

21
Computer Science
ZNTA(Don’t trust anyone ever!)
• Continues monitoring and validation: always there is

attackers around you, no users and machines should
be automatically trusted.
• Least Privilege
• Device access control: how many device try to access
your network?
• Microsegmentation

22
Computer Science
Cover up our vulnerability
• Update software as soon as possible

• Ensure complete network visibility
• Secure your perimeter: firewall, vpn encryption, MFA
• physical network security
• Anti-virus and anti-malware tools
• training, everyday up to date
• Actively detect DDoS attack: packet monitoring tool
• Etc.

23
Computer Science
Network Protocol
• Network Protocol is a set of rules that govern
communications between devices connected on a
network.
• They include mechanisms for making connections, as
well as formatting rules for data packaging for
messages sent and received.
• Several computer network protocols have been
developed each designed for specific purposes. The
popular and widely used protocols are TCP/IP with
associated higher- and lower level protocols.

24
Computer Science
THE TCP/IP PROTOCOL STACK
• Communication on the Internet is based on the Transmission
Control Protocol/Internet Protocol (TCP/IP) protocol suite.
• The Internet protocol suite, commonly known as TCP/IP, is a
framework for organizing the set of communication protocols
used in the Internet and similar computer networks
according to functional criteria.
• The strategic importance of networks was first realized in the
development of local-area networks (LANs) that shared
printers and hard drives. The importance of networks
increased in a second phase with the development of worldwide
applications such as e-mail and file transfers.
• Now TCP/IP is seen as the de jure standard for Internet
communication, enabling millions of users to communicate
globally.

25
Computer Science

26
Computer Science
• protocol is required when two entities need to
communicate.
• When communication is not simple, we may divide the
complex task of communication into several layers. In
this case, we may need several protocols, one for each
layer.
• Let us use a scenario in communication in which the
role of protocol layering may be better understood.
We use two examples. In the first example,
communication is so simple that it can occur in only
one layer.

27
Computer Science
• Assume Maria and Ann are neighbors with a lot of
common ideas. However, Maria speaks only Spanish,
and Ann speaks only English. Since both have learned
the sign language in their childhood, they enjoy
meeting in a cafe a couple of days per week and
exchange their ideas using signs. Occasionally, they
also use a bilingual dictionary. Communication is face
to face and Happens in one layer as shown in Figure 2.

28
Computer Science
Figure 2.1 Example 2.1
Dilla University,
Department of Computer 29
Science
• Now assume that Ann has to move to another town
because of her job. Before she moves, the two meet
for the last time in the same cafe. Although both are
sad, Maria surprises Ann when she opens a packet
that contains two small machines. The first machine
can scan and transform a letter in English to a secret
code or vice versa. The other machine can scan and
translate a letter in Spanish to the same secret code
or vice versa. Ann takes the first machine; Maria
keeps the second one. The two friends can still
communicate using the secret code, as shown in
Figure 2.2.
30
Computer Science
Figure 2.2 Example 2.2
Dilla University,
Science
THE OSI Model
• Established in 1947, the International Standards
Organization (ISO) is a multinational body dedicated
to worldwide agreement on international standards.
Almost three-fourths of countries in the world are
represented in the ISO.
• An ISO standard that covers all aspects of network

communications is the Open Systems Interconnection
(OSI) model. It was first introduced in the late
1970s.

32
Computer Science
Note
ISO is the organization;

OSI is the model.
Dilla University,
Science
Figure 2.3 The OSI model
Dilla University,
Science
Figure 2.4 OSI layers
Dilla University,
Science
Figure 2.5 An exchange using the OSI model
Dilla University,
Science
Note
The physical layer is responsible for

moving individual bits from one
(node) to the next.
Dilla University,
Science
Figure 2.6 Summary of OSI Layers
Dilla University,
Science
TCP/IP PROTOCOL SUITE
• The TCP/IP protocol suite was developed prior to the

OSI model. Therefore, the layers in the TCP/IP
protocol suite do not match exactly with those in the
OSI model. The original TCP/IP protocol suite was
defined as four software layers built upon the
hardware. Today, however, TCP/IP is thought of as a
five-layer model with the layers named similarly to
the ones in the OSI model.

39
Computer Science
Figure 2.7 Layers in the TCP/IP Protocol Suite
Dilla University,
Science
Figure 2.8 TCP/IP and OSI model
Dilla University,
Science
Figure 2.9 A private internet
Dilla University,
Science
Figure 2.10 Communication at the physical layer
Legend Source Destination

A R1 R3 R4 B
Physical Physical
layer layer
Link 1 Link 3 Link 5 Link 6
011 ... 101

01
1.
..
10
1
011 ... 101 011 ... 101
Dilla University,
Science
Note
The unit of communication at the

physical layer is a bit.
Dilla University,
Science
Figure 2.11 Communication at the data link layer
Legend Source Destination D Data H Header

A R1 R3 R4 B
Data link Data link
Physical Physical
Link 1 Link 3 Link 5 Link 6
D2 H2
Frame
D2 ame
Fr
H2
D2 H2 D2 H2
Frame Frame
Dilla University,
Science
Note
The unit of communication at the data

link layer is a frame.
Dilla University,
Science
Figure 2.12 Communication at the network layer
Legend Source Destination D Data H Header

A R1 R3 R4 B
Network Network
Data link Data link
Physical Physical
D3 H3
Datagram
D3 H3
Datagram
Dilla University,
Science
Note

network layer is a datagram.
Dilla University,
Science
Figure 2.13 Communication at transport layer
A Legend Source Destination D Data H Header B

Transport Transport
R1 R3 R4
Network Network
Data link Data link
Physical Physical
D4 H4
Segment
D4 H4
Segment
Dilla University,
Science
Note

transport layer is a segment, user
datagram, or a packet, depending on the
specific protocol used in this layer.
Dilla University,
Science
Figure 2.14 Communication at application layer
A B
Application Legend Source Destination D Data H Header Application
Transport Transport
R1 R3 R4
Network Network
Data link Data link
Physical Physical
D5 D5
Message
D5 D5
Dilla University,
Message
Science
Note

application layer is a message.
Dilla University,
Science
Figure 2.15 Addresses in the TCP/IP protocol suite
Dilla University,
Science
• Internet Protocol
• IP stands for the Internet Protocol that deals with the routing
of packets from one host to another in a network. A host can
be any digital device with a communications interface. It may be
a computer, a smartphone, a router, etc. IP is the part that
obtains the address to which data is sent.
• Following are the responsibilities of this protocol: assume
• IP Addressing: IP addresses are used by the internet and
higher layers to identify the device and to provide internetwork
routing.
• Host-to-host communication: It determines the path through
which the data is to be transmitted.
• Data Encapsulation and Formatting: An IP protocol ensures
that the data is sent and received securely, it encapsulates the
data into message known as IP datagram.
• Routing: When IP datagram is sent over the same local network
such as LAN, MAN, WAN, it is known as direct delivery. When
source and destination are on the distant network, then the IP
datagram is sent indirectly.

54
Computer Science
Transmission Control Protocol (TCP)
• TCP, which stands for Transmission Control Protocol, has the job
of ensuring that the data packets delivered by the IP protocol
did arrive at their destination. TCP is responsible for data
delivery once that IP address has been found.
• TCP is a reliable protocol as it detects the error and
retransmits the damaged frames. Therefore, it ensures all
the segments must be received and acknowledged before the
transmission is considered to be completed and a virtual circuit
is discarded.
• At the sending end, TCP divides the whole message into smaller
units known as segment, and each segment contains a sequence
number which is required for reordering the frames to form an
original message.
• At the receiving end, TCP collects all the segments and reorders
them based on sequence numbers.

55
Computer Science
• The primary goal of network security are Confidentiality,
Integrity, and Availability.
• These three pillars of Network Security are often represented
as CIAA models.
• Confidentiality: The function of confidentiality is to protect
precious business data from unauthorized persons.
Confidentiality part of network security makes sure that the
data is available only to the intended and authorized persons.
• Integrity: The function of integrity is to make sure that the
data is reliable and is not changed by unauthorized persons.
• Availability: The function of availability in Network Security is
to make sure that the data, network resources/services are
continuously available to the legitimate users, whenever they
require it.
• Authenticity

56
Computer Science
Network security protocol
Security at Application Layer
• Since the application layer is the closest
layer to the end user, it provides hackers
with the largest threat surface.
• Poor app layer security can lead to
performance and stability issues, data theft,
and in some cases the network being taken
down.
• ➢Examples of application layer attacks
include distributed denial-of-service attacks
(DDoS) attacks, HTTP floods, SQL injections,
cross-site scripting, parameter tampering,
and Slowloris attacks.
57
Computer Science
• Security measures used at this layer are application
specific. Different types of application would need
separate security measures.
• It is considered that designing a cryptographically sound
application protocol is very difficult and implementing it
properly is even more challenging.
• Hence, application layer security mechanisms for
protecting network communications are preferred to be
only standards-based solutions that have been in use for
some time.
➢An example of application layer security protocol
▪ HTTPS
▪ SMIME (Secure Multipurpose Internet Mail Extensions)
▪ DNSSEC
▪ Wireless Encryption - WEP, WPA, WPA2

58
Computer Science
Web security
• Web application security (also known as Web AppSec) is the idea of
building websites to function as expected, even when they are under
attack. The concept involves a collection of security controls
engineered into a Web application to protect its assets from
potentially malicious agents.
Majority of Web Application Attacks
• SQL Injection: This happens when a hacker submits destructive
code into an input form. If your systems fail to clean this
information, it can be submitted into the database, changing,
deleting, or revealing data to the attacker.
• XSS (Cross Site Scripting): In an XSS attack, an attacker injects
a piece of malicious code onto a trusted website or web-based app.
• Path Traversal: This attack, also known as directory traversal,
allows the bad actor to manipulate paths to folders outside the web
root folder, which can then be used to access web application files,
directories and commands.
• DDoS attacks: These attacks happen when an attacker bombards a
server with web requests.

59
Computer Science
Protecting Website Attack
• A company’s ability to use online resources to capture and store
customer data has many benefits, but it also opens the door to
malicious attackers. there are methods that provide analysis and
protection for servers and databases. They include the
following:
– Automated vulnerability scanning and security testing. These programs
help you to find, analyze, and mitigate vulnerabilities, often before actual
attacks occur.
– Web Application Firewalls (WAFs). These operate on the application layer
and use rules and intelligence about known breach tactics to restrict access
to applications.
– Secure Development Testing (SDT). This instruction is designed for all
security team members, including testers, developers, architects, and
managers. It assists the task force in establishing a baseline and developing
a practical, dynamic approach to preventing website attacks and minimizing
the consequences of breaches that cannot be stopped.

60
Computer Science
E-mail Security
• E-mail is vital for today's commerce, as well a convenient
medium for communications among ordinary users. But, e-mail is
very public, exposed at every point from the sender's
workstation to the recipient's screen.
• Email security is the practice of preventing email-based cyber

attacks, protecting email accounts from takeover, and securing
the contents of emails. Email security is multifaceted and may
require several different layers of protection.
• It spans protecting inboxes from takeover, protecting domains

from spoofing, stopping phishing attacks, preventing fraud,
blocking malware delivery, filtering spam, and using encryption
to protect the contents of emails from unauthorized persons

61
Computer Science
E-mail Security
• Some of the common types of email attacks include:
• List Linking: it involves enrolling hundreds of targeted user to
send bulk email.
• E-mail Sniffing and Spoofing: Packet sniffers are able to
collect all of the unencrypted data traveling on a network. E-mail
Spoofing is a way of tampering with e-mail communications.
• Phishing: Email phishing attacks may direct users to a fake
webpage that collects credentials, or simply pressure the user
to send the information to an email address secretly controlled
by the attacker.
• E-mail Spamming: collection of e-mail that you don’t like or did
not request.
• Malware: Types of malware delivered over email include
spyware, scareware, adware, and ransomware, among others.
• Account takeover: Attackers take over email inboxes from
legitimate users for a variety of purposes.

62
Computer Science
E-mail Security
Email security best practices, including:
• Use a Strong Password:
• Turn on Multi-Factor Authentication (MFA):
• Deploy Data Loss Prevention (DLP) Solutions:
• Implement Phishing Email Filtering:
• Scan for Malicious Attachments:
• Train Employees:
• Perform Frequent Security Monitoring:

63
Computer Science
Security at Transport Layer
• Security measures at this layer can be used to protect the data in a
single communication session between two hosts.
Security threats
• Fingerprinting: A TCP segment may be sent to a system and the
response analyzed to find out the host’s OS, network configuration,
hardware devices, and more information.
• TCP/UDP Flooding Attack: A kind of denial of service attack. The
attacker overwhelms the victim by sending a huge amount of pings.
• SYN Flood: The TCP/IP protocol suite relies on the use of multiple
timers during the lifetime of a session.
• TCP Sequence Prediction Attack: TCP uses sequence numbers to
ensure that the packets are received in order.
• Session hijacking: This kind of attack occurs after a source and
destination computer have established a communications link. A third
computer disables the ability of one the computers to communicate.

64
Computer Science
Security at Internet Layer
• Security measures at this layer can be applied to all applications; thus,
they are not application-specific.
• All network communications between two hosts or networks can be
protected at this layer without modifying any application. These types
of attacks can be performed remotely.
• IP Address Spoofing: The attacker replaces the IP address of the

sender, or in some rare cases the destination, with a different address.
• ICMP Ping Flood: Blocking ICMP packets that exceed a certain limit
size is the only solution to protect against this vulnerability.
• Man-in-the-middle attacks: This attack occurs when a hacker places
himself or herself between the source and destination computer in such
a way that neither notices his or her existence. Meanwhile, the
attacker can modify packets or simply view their contents.

65
Computer Science
Security at Network Layer (Switch Security)
• Switches provide LAN connectivity and majority of threats come from

internal LAN-
• ARPs/ARP spoofing: A TCP/IP protocol for determining the hardware
address (or physical address) of a node on a local area network
connected to the Internet) cache stores MAC addresses of computers.
Address Resolution Protocol (ARP) spoofing is targeted to switch to
forward packets to a different VLAN.
• MAC Flooding: MAC address flooding occurs when the MAC table of a
switch reaches its capacity and then floods. A malicious user can sniff
the flooded traffic to gather network sensitive information.
• Spanning Tree Attacks: STP attack begins with a physical attack by a
malicious user who inserts an unauthorized switch.
• DHCP Starvation Attack: Broadcasting vast number of DHCP requests
with spoofed MAC address simultaneously.

66
Computer Science
Security at Physical Layer
• The Physical layer is responsible for encoding and transmission of data
over network communications media. It operates with data in the form
of bits that are sent from the Physical layer.
• Network vulnerabilities/threats which occur at this level are the
following:
• Access Control: Permitting only authorized personnel to access.
Restricting access to critical servers and using strong passwords can
prevent many attacks.
• Damage data bits: Damaged data is any data that you can no longer
use for its intended purpose.
• Environmental issues: Environmental issues at the Physical layer include
fire, smoke, water, dust, and ventilation .
• Disconnection of Physical Links: Physical disconnection means the
removal or absence of pipes, fittings, or fixtures that connect a
waterworks directly or indirectly to any other water system.
• Backup: Backup refers to the copying of physical or virtual files or
databases to a secondary location for preservation in case of equipment
failure or catastrophe. The process of backing up data is pivotal to a
successful disaster recovery plan.

67
Computer Science
Security at Physical Layer
• The physical layer can only be directly attacked when the
attacker has physical access to the hardware.
• However, during an attack to the upper layers, cutting

power from your physical devices (e.g. unplugging the
cable) is often a recommended security measure.
• Protection of the physical layer mainly involves preventing

physical access via monitoring (e.g. camera surveillance) by
adding keycards, passwords, biometric-based security,
and/or other security protocols.

68
Computer Science
Wireless security
• Wireless security is protecting computers, smartphones,
tablets, laptops and other portable devices along with the
networks they are connected to, from threats and
vulnerabilities associated with wireless computing.
• The wireless security can be delivered through different
methods such as:
• Hardware-based: where routers and switches are fabricated

with encryption measures protects all wireless communication.
• Wireless setup of IDS and IPS: helps in detecting, alerting,
and preventing wireless networks and sends an alarm to the
network administrator in case of any security breach.
• Wireless security algorithms: such as WEP, WPA, WPA2, and
WPA3.

69
Computer Science
Wireless security
• There are four wireless security protocols currently
available.
• Wired Equivalent Privacy (WEP)
• Wi-Fi Protected Access (WPA)
• Wi-Fi Protected Access 2 (WPA 2)
• Wi-Fi Protected Access 3 (WPA 3)

70
Computer Science
Wireless security
Wired Equivalent Privacy (WEP)
• WEP was developed for wireless networks and
approved as a Wi-Fi security standard in September
1999. It was the first security protocol ever put in
practice. It has become outdated but is still used in
modern times with older devices.
• WEP uses a data encryption scheme that is based on a

combination of user- and system-generated key
values. However, it is widely known that WEP is the
least secure network type as hackers have developed
tactics of reverse-engineering and cracking the
encryption system.

71
Computer Science
Wireless security
Wi-Fi Protected Access (WPA)
• Wi-Fi Protected Access (WPA) was developed to deal
with the flaws that were found with the WEP
protocol. WPA offers features such as the Temporal
Key Integrity Protocol (TKIP) which was a dynamic
128-bit key that was harder to break into than WEP’s
static, unchanging key.
• It also introduced the Message Integrity Check,

which scanned for any altered packets sent by
hackers, the Temporal Key Integrity Protocol (TKIP),
and the pre-shared key (PSK), among others, for
encryption.

72
Computer Science
Wireless security
Wi-Fi Protected Access 2 (WPA2)
• The 802.11i wireless security standard based protocol

was introduced in 2004. The most important
improvement of WPA2 over WPA was the usage of
the Advanced Encryption Standard (AES).
• AES is approved by the U.S. government for

encrypting the information classified as top secret,
so it must be good enough to protect home networks.

73
Computer Science
Wireless security
Wi-Fi Protected Access 3 (WPA3)
• Wi-Fi Protected Access 3 (WPA3) is the latest and
the third iteration of this family developed under Wi-
Fi Alliance.
• It has personal and enterprise security-support

features and uses 384-bit Hashed Message
Authentication Mode, 256-bit Galois / Counter Mode
Protocol (GCMP-256) well as Broadcast/Multicast
Integrity Protocol of 256-bit. WPA3 also provides
perfect forward secrecy mechanism support.

74
Computer Science

Chapter Four CS

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter Four CS

Uploaded by

Copyright:

Available Formats

Dilla University

College of Engineering and Technology

Welcome to CoSc 4031

Dilla University, Department of Computer Science

Dilla University, Department of

Dilla University, Department of

• Effective network security defeats a variety of

• It includes software and hardware designed to

• Securing networks also extends to access control,

Dilla University, Department of

• It also assures that the network is performing

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

• A threat is a potential failure scenario that you

• threat it can be any person or event that can cause

Dilla University, Department of

• 24% of organizations that chose to pay attackers did

Dilla University, Department of

• Unstructured threats: Unstructured threats consist

Dilla University, Department of

• ➢External threats: External threats can arise from

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

b) Denial of Service (DoS): Denial of service implies that an

➢Worms is similar to virus but it does not modify the

➢Trojan horses can be used to ask the user to enter

Dilla University, Department of

• Continues monitoring and validation: always there is

Dilla University, Department of

• Update software as soon as possible

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

• An ISO standard that covers all aspects of network

Dilla University, Department of

ISO is the organization;

The physical layer is responsible for

• The TCP/IP protocol suite was developed prior to the

Dilla University, Department of

Legend Source Destination

011 ... 101

011 ... 101 011 ... 101

The unit of communication at the

Legend Source Destination D Data H Header

The unit of communication at the data

Legend Source Destination D Data H Header

Data link Data link

The unit of communication at the

A Legend Source Destination D Data H Header B

Data link Data link

The unit of communication at the

Data link Data link

The unit of communication at the

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of

Dilla University, Department of