Professional Documents
Culture Documents
Network Security Lec 2
Network Security Lec 2
Network Security
(COMM 520)
Fourth Level
DR AHMED ZAKARIA 1
Course Timeline
Week 1 Introduction to computer and network security
Week 2 Methods of defense
DR AHMED ZAKARIA 3
Methods of defense
Anti-Virus Software
◦ Anti-virus software is a necessary part of a good security program.
◦ it can reduce an organization’s exposure to malicious programs.
◦ It will not protect an organization from an intruder who misuse a legitimate program
to gain access to a system.
◦ Anti-virus software will not protect an organization from a legitimate user who
attempts to gain access to files that he should not have access to.
DR AHMED ZAKARIA 4
Methods of defense
Access Controls
◦ Each and every computer system within an organization should have the capability to
restrict access to files based on the ID of the user attempting the access.
◦ File access controls will not prevent someone from using a system vulnerability to gain
access to the system as an administrator and thus see files on the system.
◦ To the access control system, such an attack will look like a legitimate administrator
attempting to access files to which the account is allowed access.
DR AHMED ZAKARIA 5
Methods of defense
Firewalls
◦ Firewalls are access control devices for the network and can assist in protecting an
organization’s internal network from external attacks.
◦ firewalls are border security products, meaning that they exist on the border between
the internal network and the external network.
DR AHMED ZAKARIA 6
Methods of defense
Smart Cards
◦ Authenticating an individual can be accomplished by using any combination of
something you know, something you have, or something you are.
◦ Passwords (something you know) have been used to prove the identify of an individual
to a computer system.
◦ Passwords can be guessed or the person may write it down and the password becomes
known to others.
◦ Smart cards can be used for authentication (they are something you have) and thus can
reduce the risk of someone guessing a password.
◦ if a smart card is stolen and if it is the sole form of authentication, the thief could
masquerade as a legitimate user of the network or computer system.
◦ An attack against a vulnerable system will not be prevented with smart cards as a smart
card system relies on the user actually using the correct entry path into the system.
DR AHMED ZAKARIA 7
Methods of defense
Biometrics
◦ Biometrics are yet another authentication mechanism (something you are) and thus
they too can reduce the risk of someone guessing a password.
◦ As with other strong authentication methods, for biometrics to be effective, access to a
system must be attempted through a correct entry path.
DR AHMED ZAKARIA 8
Types of Attacks
There are four primary categories of attacks:
◦ Interruption
◦ Modification
◦ Interception
◦ Fabrication
DR AHMED ZAKARIA 9
Types of Attacks
Interruption attack
◦ In an interruption attack, a network service is
made degraded or unavailable for legitimate
use.
◦ They are the attacks against the availability
◦ Unusable
◦ Destroyed
◦ denial of service (DoS)
DR AHMED ZAKARIA 10
Types of Attacks
Interruption attacks Example
◦ Overloading a server host so that it cannot
respond.
◦ Cutting a communication line.
◦ Redirecting requests to invalid destinations.
◦ Blocking access to a service by overloading
an intermediate network or network device.
DR AHMED ZAKARIA 11
Types of Attacks
Modification attack
◦ unauthorized changing of data or tempering
with services, such as alteration of data,
modification of messages, etc.
Types of modifications.
◦ Change: Change existing information.
◦ Insertion: When an insertion attack is made,
information that did not previously exist is
added.
◦ Deletion : Removal of existing information.
DR AHMED ZAKARIA 12
Types of Attacks
Modification attacks Example
◦ Modifying the contents of messages in the
network.
◦ Changing information stored in data files.
◦ Altering programs so they perform differently.
◦ Reconfiguring system hardware or network
topologies
DR AHMED ZAKARIA 13
Types of Attacks
Interception attack
◦ an unauthorized subject has gained access to
an object, such as stealing data, overhearing
others communication, etc.
◦ Interception attacks are attacks against
network the confidentiality
DR AHMED ZAKARIA 14
Types of Attacks
Interception attack Example
◦ Obtaining copies of messages for later replay.
◦ Packet sniffing and key logging to capture
data from a computer system or network.
◦ copying of files or programs.
DR AHMED ZAKARIA 15
Types of Attacks
Fabrication attack
◦ additional data or activities are generated that would normally no exist, such as adding
a password to a system, replaying previously send messages, etc.
DR AHMED ZAKARIA 16
OSI Security Architecture (ITU-T X.800)
OSI Security
◦ The OSI (Open Systems Interconnection) Security Architecture defines a systematic
approach to providing security at each layer.
◦ ITU : International Telecommunication Union
◦ It defines security services and security mechanisms that can be used at each of the
seven layers of the OSI model to provide security for data transmitted over a
network.
◦ These security services and mechanisms help to ensure the confidentiality, integrity,
and availability of the data.
◦ OSI architecture is internationally acceptable as it lays the flow of providing safety in
an organization.
DR AHMED ZAKARIA 17
OSI Security Architecture
◦ OSI Security Architecture focuses on these concepts:
DR AHMED ZAKARIA 18
OSI Security Architecture (ITU-T X.800)
Security attack:
◦ Any action that compromises the security of information owned by an organization.
◦ It is in terms of passive attacks and active attacks
Passive attack:
◦ A passive attack attempts to learn or make use
of information from the system but does not
affect system resources.
◦ A passive attacks are in the nature of
eavesdropping on, or monitoring of,
transmissions.
◦ The goal of the opponent is to obtain
information that is being transmitted.
◦ Two types of passive attacks are the release of
message contents and traffic analysis.
DR AHMED ZAKARIA 19
OSI Security Architecture (ITU-T X.800)
Passive attack:
◦ The release of message: A telephone conversation, an electronic mail message, and
a transferred file may contain sensitive or confidential information.
◦ The traffic analysis: Suppose that we had a way of masking the contents of
messages.
◦ The common technique for masking contents is encryption.
◦ If we had encryption protection in place, an opponent might still be able to observe
the pattern of these messages.
◦ The opponent could determine the location and identity of communicating hosts
and could observe the frequency and length of messages being exchanged.
◦ This information might be useful in guessing the nature of the communication that
was taking place.
DR AHMED ZAKARIA 20
OSI Security Architecture (ITU-T X.800)
Passive attack:
◦ Passive attacks are very difficult to detect, because they do not involve any alteration
of the data.
◦ Typically, the message traffic is sent and received in an apparently normal fashion
◦ the sender nor receiver is aware that a third party has read the messages or
observed the traffic pattern.
DR AHMED ZAKARIA 21
OSI Security Architecture (ITU-T X.800)
Active attacks:
◦ Active attacks involve some modification of the data stream or the creation of a false
stream and can be subdivided into four categories: masquerade, replay, modification
of messages, and denial of service.
◦ Active attacks present the opposite characteristics of passive attacks.
DR AHMED ZAKARIA 22
OSI Security Architecture (ITU-T X.800)
DR AHMED ZAKARIA 23
Thank You
DR AHMED ZAKARIA 24