351 CS 92 : COMPUTER NETWORK &

SECURITY (5 UNITS)

Lecturer: Eng. Alfred Kajirunga—

Mse(ICSE). B.e(cse)
 Course Description
Introduction to Information Security:
Fundamental issues and first principles of
security and information assurance. Security
policies, models, and mechanisms related to
confidentiality, integrity, authentication,
identification, and availability issues related
to information and information systems.

2
 Course Description…
Cryptography: Basics of cryptography such
as key management and digital signatures,
etc. and network security such as PKI,
IPSec, intrusion detection and prevention.
Risk management, security assurance, and
secure design principles. Issues such as
organizational security policy, legal and
ethical issues in security, standards and
methodologies for security evaluation and
certification.

3
 Course Description…
Information protection: Techniques for the
protection and survivability of information
systems and networks. Critical infrastructure
definition, risk management, vulnerability and
risk analysis, fault and attack trees,
availability analysis, traffic restoration
schemes and survivable network design and
management techniques; critical
infrastructure simulation, CIP policy and legal
issues, SCADA systems; information security
standards including ISO 17799 or 27001/2.
4
 Course Description…
Network Security: Principles of network
security and management. Threats on the
network, Review of network vulnerabilities,
security at the link, network and transport
layers; dial-up security (PAP, CHAP, Radius,
Diameter), IPSEC, SSL, and VPNS. Email
security (PGP, S/MIME); Kerberos; X.509
certificates; AAA and mobile IP; SNMP
security; firewalls; filters and gateways;
policies and implementation of firewall
policies; stateful firewalls; firewall
appliances.
5
 Course Objectives
Objectives:
•To enable the students to get more
experience in computer network and
troubleshooting security issues by managing
networks.
1.Introduce the students to threats on IT
infrastructure including threats to computer
networks databases and applications
2.Give the students knowledge and skills of
designing security countermeasures for the
IT infrastructure
6
 Learning Outcomes
At the end of the course students are
expected:
1.Understand the concept of information
systems security and protection
2.Know and be able to apply the latest
techniques for protection and survivability of
information systems;
3.Be competent managers of networks
including developing network security policies.

7
 Course Contents…

Mode of Delivery:
• 50 Contact hours (30 lecture hours plus 20 hours of
practical) and 70 hours self-directed learning, assessment,
assignments and seminars.

Assessment: Coursework = 40%; final examination = 60% or

as per NM AIST-Arusha General Examination Regulations.

8
 References
1. Pfleeger, C. P., and S. L. Pfleeger, Security in Computing, 4th
Edition, Prentice-Hall International, 2006.
2. Stallings, W., Cryptography and Network Security, 5th
Edition, Prentice-Hall, 2011

3. Matt Bishop, Computer Security: Art and Science, 2004

4. Kaufman, C., Perlman, R. and Speciner, M. (2002) Network
Security: Private Communication in a Public World, Second
Edition, Prentice Hall PTR
5. Peterson, L. and Davie, B. (2000) Computer Networks: A
Systems Approach, 2nd Ed., Morgan Kaufmann.

9
Introduction
 Overview
Security Goals
– The need for security
– OSI Security Architecture
Attacks, services and mechanisms
– Security attacks
– Security services
Methods of Defense
– A model for Internetwork Security
– Internet standards and RFCs
11
 Computer/Information/Network
Security

• Is defined as the protection afforded

to an automated information system in
order to attain the applicable objectives
of preserving the integrity, availability
and confidentiality of information
system resources (includes hardware,
software, firmware, information/data,
and telecommunications)
12
CIA Triad

13
 Key Objectives
• Confidentiality
– Data Confidentiality-information not disclosed to
unauthorized individuals
– Privacy– individuals control how their information is
collected, stored, shared
• Integrity
– Data Integrity
– System Integrity
• Availability– service not denied to authorized users

14
 Security Goals
• Confidentiality
– Concealment of information or resources
• Integrity
– Trustworthiness of data or resources
• Availability
– Ability to use information or resources

15
 Security Goals

Confidentiality

Integrity Availability

16
 Confidentiality
• Need for keeping information secret arises
from use of computers in sensitive fields such
as government and industry
• Access control mechanisms, such as
cryptography, support confidentiality
– Example: encrypting income tax return
• Lost through unauthorized disclosure of
information

17
 Integrity
• Often requires preventing unauthorized
changes
• Includes data integrity (content) and origin
integrity (source of data also called
authentication)
• Include prevention mechanisms and detection
mechanisms
– Example: Newspaper prints info leaked from White
House and gives wrong source
• Includes both correctness and trustworthiness
• Lost through unauthorized modification or
destruction of information 18
 Availability
• Is an aspect of reliability and system design
• Attempts to block availability, called denial of
service attacks (DoS) are difficult to detect
– Example: bank with two servers –one is blocked, the
other provides false information
• Ensures timely and reliable access to and use
of information
• Lost through disruption of access to
information or information system
19
 Authenticity and
Accountability
Two additional objectives:
•Authenticity- being genuine and able to be
verified or trust; verifying that users are who
they say they are
•Accountability-actions of an entity can be
traced uniquely to that entity; supports
nonrepudiation, deterrence, fault isolation,
intrusion-detection and prevention.

20
 Insecurity and Levels of
Impact
• We can define 3 levels of impact from
a security breach:
– Low
– Moderate
– High

21
 Security Breach
Low Impact
• Loss has limited adverse effect
• For example:
– Effectiveness of the functions of an
organization are noticeably reduced
– Results in minor damage to organizational
assets
– Results in minor financial loss
– Results in minor harm to individuals

22
 Security Breach
Moderate Impact
• Loss may have serious adverse effect on
organizational operations, assets or individuals.
• For example:
– Effectiveness of the functions of an
organization are significantly reduced
– Results in significant damage to organizational
assets
– Results in significant financial loss
– Results in significant harm to individuals
23
 Security Breach
High Impact
• Loss is expected to have severe or catastrophic adverse
effect on organizational operations, assets or individuals.
• For example:
– Effectiveness of the functions of an organization are
reduced so that the organization cannot perform its
primary function(s).
– Results in major damage to organizational assets
– Results in major financial loss
– Results in severe or catastrophic harm to individuals,
involving loss of life or serious life-threatening
injuries
24
 Examples of Security
Requirements
• Confidentiality – student grades
– High confidentiality - grades
• Only available to students, parents and employees
(who need it to do their job)
– Moderate confidentiality –enrollment
– Low confidentiality – Directory information
• Lists of departments, faculty, students
• Available to the public
• Often published on Web site

25
 Examples of Security
Requirements
• Integrity- patient information
– High requirement for integrity
• –Medical database, if falslified or inaccurate, could
cause harm ( allergies, etc.)
– Medium requirement for integrity
• Web site that offers a forum for discussion of
medical topics, not for research
– Low requirement for integrity
• Anonymous poll (such as a patient satisfaction)

26
 Examples of Security
Requirements
Availability - The more critical a component or
service is, the higher the level of availability
required:
•High availability- authentication service
– Interruption of service results in being unable to
access computing resources
•Moderate availability- College web site
– Provides information but is not critical
•Low availability- online phone directory
– Other sources of information are available 27
 The Need for Security
• Motivation: Why do we need security?

• Increased reliance on Information technology with or with

out the use of networks

• The use of IT has changed our lives drastically.

• We depend on E-mail, Internet banking, and several other

governmental activities that use IT

• Increased use of E-Commerce and the World wide web on

the Internet as a vast repository of various kinds of
information (immigration databases, flight tickets, stock
markets etc.) 28
 The Need for Security…
• Computer Security - the collection of
tools designed
– to protect data and
– to thwart hackers
• Network security or internet security-
security measures needed to protect
data during their transmission

29
 Security Concerns
• Damage to any IT-based system or activity can result
in severe disruption of services and losses
• Systems connected by networks are more prone to
attacks and also suffer more as a result of the
attacks than stand-alone systems (Reasons?)

• Concerns such as the following are common:

– How do I know the party I am talking to on the network is
really the one I wanted to talk to?
– How can I be assured that no one else is listening and
learning the data that I send over a network
– Can I ever stay relaxed that no hacker can enter my network
and play havoc?
30
 Concerns continued…

• Is the web site I am downloading information

from a legitimate one, or a fake?

• How do I ensure that the person I just did a

financial transaction wont deny having done it
tomorrow or at a later time?

• I want to buy some thing online, but I don’t

want to let them charge my credit card
before they deliver the product to me
31
 That is why…

• ..we need security

– To safeguard the confidentiality, integrity,
authenticity and availability of data transmitted
over insecure networks
– Internet is not the only insecure network in this
world
– Many internal networks in organizations are prone
to insider attacks
– In fact, insider attacks are greater both in terms
of likelihood of happening and damage caused

32
https://

33
 However, in reality
• Security is often over looked (not one of the top criteria)
• Availability, efficiency and performance tend to be the
ones
• Buggy implementations
• Systems too complex in nature and rich in features can be
filled with security holes
• Incorporation of security into networks, not growing with
the rapidly growing number and size of networks
• Attacking is becoming so common and easy – there are
books clearly explaining how to launch them
• Security and attacks are a perpetual cat-and-mouse play.
The only way to avoid attacks is to keep up-to-date with
latest trends and stay ahead of malicious netizens

34
 The Good News...

• There a lot of techniques for defense

• Educating people on security solves
many problems
– About threats and on the existence of
security mechanisms, qualified personnel,
usability and economics
• We will study a lot of systems and
network defenses
– Certainly not all !!!
35
 Computer Security
Challenges
Computer Security is both fascinating and
complex:
1.not simple
2.must consider potential attacks
3.procedures used counter-intuitive
4.involve algorithms and secret info
5.must decide where to deploy mechanisms

36
 Computer Security
Challenges
6. battle of wits between attacker/administrator
7. not perceived to be a benefit until it fails
8. requires regular monitoring
9. too often an after-thought
10. regarded as impediment to efficient and user
friendly use of system
These difficulties will be explored
throughout the course.
37
 OSI Security Architecture

• ITU-T Recommendation X.800 Security

Architecture for OSI which defines a
systematic approach to assessing and providing
security
• International Telecommunications Union (ITU)
is a United Nations sponsored agency that
develops standards relating to
telecommunications and to Open system
Interconnection (OSI)

38
 OSI Model

• 7 Layer Model
• Describes the protocols and details of
transmitting data at each layer
• “Please do not throw sausage pizza away.”

39
 7 Layer OSI Model

Layer Functions
7 Application How application uses network

6 Presentation How to represent & display data

5 Session How to establish communication

4 Transport How to provide reliable delivery (error checking,

sequencing, etc.)

3 Network How addresses are assigned and packets are

forwarded

2 Data Link How to organize data into frames & transmit

1 Physical How to transmit “bits” 40

 OSI Network Stack and Attacks

email,Web,NFS Sendmail, FTP, NFS bugs,

application chosen-protocol and
version-rollback attacks
presentation
RPC RPC worms, portmapper exploits
session
TCP SYN flooding, RIP attacks,
transport sequence number prediction
IP IP smurfing and other
network
802.11 address spoofing attacks
data link WEP attacks
physical

y as secure as the single weakest layer… 41

 OSI Security Architecture

ITU-T X.800 “Security Architecture for

OSI” defines a systematic way of defining
and providing security requirements
•for us it provides a useful, if not
abstract, overview of concepts we will
study
•The OSI security architecture focuses
on security attacks, mechanisms and
services 42
 Aspects of Security

• consider 3 aspects of information security:

– security attack
– security mechanism
– security service
• Threat - a potential for violation of security or a
possible danger that might exploit a vulnerability
• Attack - an assault on system security- an intelligent
act that is a deliberate attempt to evade security
services and violate the security policy of a system.
43
 Attacks, Services and
Mechanisms
• Security Attack: Any action (active or
passive) that compromises the security of
information.
• Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
• Security Service: A service that enhances
the security of data processing systems and
information transfers. A security service
makes use of one or more security mechanisms
44
Security Threats/Attacks

45
 Security Attacks

• Interruption: This is an attack on

availability
– Disrupting traffic
– Physically breaking communication line
• Interception: This is an attack on
confidentiality
– Overhearing, eavesdropping over a
communication line

46
 Security Attacks (continued)

• Modification: This is an attack on

integrity
– Corrupting transmitted data or tampering
with it before it reaches its destination
• Fabrication: This is an attack on
authenticity
– Faking data as if it were created by a
legitimate and authentic party

47
 Threats

• Disclosure – unauthorized access to

information
• Deception – acceptance of false data
• Disruption- interruption or prevention
of correct operation
• Usurpation- unauthorized control of
some part of a system

48
 Examples of Threats

• Snooping, intercepting information

(“passive” wiretapping)
• Modification or alteration of
information by “active” wiretapping
• Masquerading or spoofing
• Repudiation of origin
• Delay or denial of service

49
 Passive and Active Attacks

• Security attacks are usually classified as

passive or active:
• Passive- attempts to learn or make use
of information from the system, but
does not affect system resources.
• Active- attempts to alter system
resources or affect their operation.

50
 Passive and active attacks…

• Passive attacks- goal to obtain information

– No modification of content or fabrication
– Eavesdropping to learn contents or other
information (transfer patterns, traffic flows etc.)
• Release of message contents
• Traffic analysis
• Active attacks- modification of content and/or
participation in communication to
• Impersonate legitimate parties (Masquerade)
• Replay or retransmit
• Modify the content in transit
• Launch denial of service attacks
51
Passive Attacks

52
Passive Attacks

53
Active Attacks

54
Active Attacks

55
Summary of Passive and Active Threats

56
 Safeguards and
Vulnerabilities
• A Safeguard is a countermeasure to protect
against a threat

• A weakness in an IT resource or a safeguard

is called a vulnerability

57
 Services and Mechanisms
• A security policy is a statement of what is
and what is not allowed.
• A security service is a measure to address a
threat
– E.g. authenticate individuals to prevent
unauthorized access
• A security mechanism is a means to provide
a service
– E.g. encryption, cryptographic protocols

58
 Security Services
– enhance security of data processing systems
and information transfers of an organization
– are intended to counter security attacks
– use one or more security mechanisms
– often replicate functions normally associated
with physical documents
• which, for example, have signatures, dates; need
protection from disclosure, tampering, or
destruction; are notarized or witnessed; are
recorded or licensed
59
 Security Services
• (X.800) defines a security service as a service
provided by the protocol layer of a
communicating system, that ensures adequate
security of the systems or data transfers
• 6 Categories
– Authentication
– Availability
– Access Control
– Data confidentiality
– Data Integrity and
60
– Nonrepudiation
 Security services

• RFC 2828 defines a security service

as “a processing or communication
service provided by a system to give a
specific kind of protection to system
resources”
• Security services implement security
policies and are implemented by
security mechanisms.

61
 Security Services
• Authentication (who created or sent the data)
• Access control (prevent misuse of resources)
• Confidentiality (privacy)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
62
 Security Services
Examples
• Authentication
– Ensuring the proper identification of entities and origins of
data before communication
• have both peer-entity & data origin authentication
• Access control
– Preventing unauthorized access to system resources
• Data confidentiality
– Preventing disclosure to unauthorized parties
• Data integrity
– Preventing corruption of data
• Non-repudiation
– Collecting proof to prevent denial of participation in transaction or
communication
• Availability
– Protection against denial-of-service

63
 Security Mechanism

• features designed to detect, prevent, or

recover from a security attack
• no single mechanism that will support all
services required
• however one particular element underlies
many of the security mechanisms in use:
– cryptographic techniques
• hence our focus on this topic
64
 Security Mechanisms
Examples
• Two types
– Specific mechanisms existing to provide certain
security services
• E.g. encryption used for authentication
• Other examples: encipherment, digital signatures, access
controls, data integrity, authentication exchange, traffic
padding, routing control, notarization
– Pervasive mechanisms which are general mechanisms
incorporated into the system and not specific to a
service
• E.g. security audit trail
• Other examples: trusted functionality, security labels,
event detection, security audit trails, security recovery
65
 Model for Network Security

• Basic tasks
– Design an algorithm that opponent cannot
defeat
– Generate the secret information to be used
with the algorithm
– Develop methods for distributing secret
information
– Specify a protocol to be used
• May need a trusted third party to assist
66
Model for Network Security

67
 Security Models

• There are other security related situations that

do not fit into this model
Alternatively:
• A Network Access Security Model reflects the
concern for protecting an information system
from unwanted access, for example by hackers
or malware (malicious programs).

68
 Two Types of Program
Threats
• Information access threats
– Intercept or modify data on behalf of users who
should not have access to that data.
– E.g. corruption of data by injecting malicious code
• Service threats
– Exploit service flaws in computers to inhibit use by
legitimate users.
• Viruses and worms are examples of software
attacks.

69
General Security
Access Model

70
 Model for Network Access
Security
• Security mechanisms for controlling unwanted
access fall into two categories.
• Using this model requires us to:
1. select appropriate gatekeeper functions to identify
users (for example, password-based login procedures)
2. implement security controls to ensure only authorised
users access designated information or resources
(for example, monitor activities and analyze stored
information to detect the presence of intruders.
These two categories when taken togather they make
it possible to achieve a mechanism for—AAA

71
 Fundamental threats [McGibney04]

• Information leakage
– Disclosure to unauthorized parties
– Prince Charles mobile phone calls, 1993
• Integrity violation
– Corruption of data or loss of data
– Coca-Cola website defaced with slogans, 1997
• Denial of service
– Unavailability of system/service/network
– Yahoo!, 2000, 1Gbps
• Illegitimate use
– Morris Internet worm spread to 5% of machines on the
Internet, 1988

72
 Methods of Defense

• Encryption
• Software Controls
– (access limitations in a data base, in operating
system protect each user from other users)
• Hardware Controls
– (smartcard)
• Policies
– (frequent changes of passwords)
• Physical Controls

73
 Internet standards and
RFCs
• National Institute of Standards and
Technology (NIST)
• The Internet Society (ISOC)
– Internet Architecture Board (IAB)
– Internet Engineering Task Force (IETF)
– Internet Engineering Steering Group (IESG)
– These organizations developed standards,
published as Request for Comments (RFC)

74
Internet RFC Publication Process

75
 Policies and Mechanisms
• Policy says what is, and is not, allowed
– This defines “security” for the
site/system/etc.
• Mechanisms enforce policies
• Composition of policies
– If policies conflict, discrepancies may
create security vulnerabilities

76
 Goals of Security
• Prevention
– Prevent attackers from violating security
policy
• Detection
– Detect attackers’ violation of security policy
• Recovery
– Stop attack, assess and repair damage
– Continue to function correctly even if attack
succeeds

77
 Trust and Assumptions
Underlie all aspects of security:
•Policies
– Unambiguously partition system into
states—secure and insecure states
– Correctly capture security requirements
•Mechanisms
– Assumed to enforce policy
– Support mechanisms work correctly
78
 Security Assurance
Achieved through:
•Specification
– Requirements analysis
– Statement of desired functionality
•Design
– How system will meet specification
•Implementation
– Programs/systems that carry out design
79
 Operational Issues
• Cost-Benefit Analysis
– Is it cheaper to prevent or detect or
recover?
• Risk Analysis
– Should we protect something?
– How much should we protect this thing?
• Laws and Customs
– Are desired security measures illegal?
– Will people do them?
80
 Human Issues
• Organizational Problems
– Power and responsibility
– Financial benefits
• People problems
– Outsiders and insiders
– Social engineering

81
 Tying Together
Threats
Policy
Specification

Design

Implementation

Operation

82
 Outline of Course
• Part One - Introduction
• Part Two–Use of Cryptographic algorithms and
security protocols to provide security over the
Internet. Topics include: key management,
authentication, as well as transport-level,
wireless, email and IP security
• Part Three-Deals with security facilities to
protect against threats, including intruders,
viruses and worms.

83
 Summary
• topic roadmap
• security concepts:
– confidentiality, integrity, availability
• X.800 security architecture
• security attacks, services, mechanisms
• models for network (access) security
• Standards organizations
• Security Policies & Mechanisms
84