Professional Documents
Culture Documents
1 Introduction
1 Introduction
Secure Communications
Introduction to Security in
Communication Networks
5
Layers of OSI model (II)
Source: www.tcpipguide.com 8
End-to-End (e2e) communications?
Client Server
Web browser Web server
TCP TCP
9
Security definitions and concepts
IETF, NIST, ITU-T
Security Definitions
Gives rise to
Threat
Exploits
Agent
Threat Leads to
Vulnerability
Risk
Directly affects
Asset
Can damage
Exposure Causes
Countermeasure
Can be safeguarded by
Impact
Medium Medium
Risk
13
The security requirements CIA Triad
Computer Security
“The protection afforded to an
automated information system
in order to attain the applicable
objectives of preserving the
integrity, availability and
confidentiality of information
system resources (includes
hardware, software, firmware,
information/data, and
telecommunications)”
http://csrc.nist.gov/publications/fips/fips199/FIPS-PUB-199-final.pdf
14
Main security requirements
• Confidentiality:
– Preserving authorized restrictions on information
access and disclosure, including means for protecting
personal data and proprietary information.
• Integrity:
– Guarding against information modifications or
destruction, including ensuring information non-
repudiation and authenticity.
• Availability:
– Ensuring timely and reliable access and use of
information
15
Additional concepts
Authenticity Accountability
• Verifying that users • The security goal
are who they say that generates the
they are and that requirement for
each input arriving at actions of an entity
the system came to be traced
from a trusted source uniquely to that entity
16
Security Attacks vs. Security Requirements
Availability Confidentiality
Integrity Authenticity
17
Security attacks, mechanisms & services
• Security Attack:
– Any active or passive action that compromises the security of
information in some way.
• Security Mechanism:
– A process / device that is designed to detect, prevent or recover from a
security attack.
• Security Service:
– A service intended to counter security attacks, typically by implementing
one or more mechanisms.
u Authentication (AuthN):
v The assurance that the communicating entity is the one it
claims to be.
u Access Control or Authorization (AuthZ):
v The prevention of unauthorized use of a resource:
ü Who can have access to a resource,
ü under what conditions access can occur,
ü what those accessing the resource are allowed to do
u Data Confidentiality:
v The protection of data from unauthorized disclosure
u Data Integrity:
v The assurance that data received are exactly as sent by an
authorized entity (i.e., contains no modification, insertion,
deletion or replay).
u Non-Repudiation:
v Provides protection against denial by one of the entities
involved in a communication of having participated in all/part
of the communication.
19
Security Mechanisms (X.800) (&II)
Security
Mechanisms
(X.800)
20
Security Services vs. Mechanisms (X.800)
http://www.itu.int/rec/T-REC-X.800-199103-I/e
21
2
network security assessments (X.805 )
u Systematic, organized
22
3
ITU-T Rec. X.805 (10/2003)
23
Model for Network Security
Alice Bob
Eve / Mallory
24
Security Model for Network Access
25
Passive Attacks (I)
• Eavesdropping or monitoring
transmissions
• The goal of the opponent is to
obtain information that is being
transmitted
• Hard to detect, so emphasis on
prevention
26
Passive Attacks (&II)
27
Active Attacks (I)
An Active Attack attempts to alter system resources
or affect their operation:
u Involves some modification of the data
stream or the creation of a false stream.
u Difficult to prevent because of the wide
variety of potential physical, software,
and network vulnerabilities.
u Goal is to detect attacks and to recover
from any disruption or delays caused by
them.
28
Active Attacks (&II)
• Some portion of a
legitimate message is
Modification
altered, or messages
of
are delayed or
messages
reordered to produce
an unauthorized effect
• Prevents or inhibits
Denial of the normal use or
Service management of
(DoS) communications
facilities
29
Network communications attacks
(in)Security in TCP/IP
u TCP/IP was initially developed for research and academia, and
originally included no built-in strong security capabilities.
31
Reconnaissance attacks
u Port Scanning is a process that reveals the TCP ports on which a host is
listening for Internet traffic. Open ports provide a hole through which a
system cracker can launch an attack.
u Countermeasures:
v On all hosts close all ports not in use, by shutting down the services
(applications or OS daemons) that run on those ports.
v Block traffic for all unnecessary ports using a firewall on your edge
router, which acts as a proxy and hiding the servers’ actual IP
addresses from the Internet.
32
Packet Sniffing or Eavesdropping
network
35
Replay Attack (I)
36
Replay Attack (II)
u Later, the attacker retransmits (replays) the message to the original
destination host
v The attacker does not have to be able to read a message to replay it.
v Usually, used to gain access to resources by replaying an
authentication message
Examples: SYN Flood, UDP Flood attack, Smurf attack, Ping of Death.
38
TCP Syn Flooding Attack
u Attacker sends many connection requests with spoofed source addresses.
u Victim allocates resources for each request
v Connection state maintained until timeout (half-open connections)
u Once resources exhausted, requests from legitimate clients are denied.
u Common pattern: it costs nothing to TCP initiator to send a connection request, but TCP
responder must allocate state for each request (asymmetry!)
Countermeasure: TCP
Syn+ACK Cookies to do not
allocate state until final ACK
is received (for anti-spoofing)
40
Reflected/amplified DDoS attack
u The attacker takes advantage of or connection-less protocols (e.g. ICMP, UDP),
bouncing an attack off of innocent servers using a spoofed source address
(victim).
u Amplification: Short requests, large responses (e.g. DNS, NTP).
42