Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 19 views

    Chapter 1 Introduction

    Uploaded by

    Nurlign Yitbarek
    This document discusses information assurance and security. It outlines key topics including what security is, security trends, sources and consequences of risks, types of vulnerabilities, security criteria, security attack types, and security services and mechanisms. Security aims to protect information and systems from threats, vulnerabilities, and attacks while ensuring access for intended users. The document covers common computer and network security concepts.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd

    Chapter 1 Introduction

    Uploaded by

    Nurlign Yitbarek
    19 views30 pages
    This document discusses information assurance and security. It outlines key topics including what security is, security trends, sources and consequences of risks, types of vulnerabilities, security criteria, security attack types, and security services and mechanisms. Security aims to protect information and systems from threats, vulnerabilities, and attacks while ensuring access for intended users. The document covers common computer and network security concepts.

    Original Description:

    introduction to security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document discusses information assurance and security. It outlines key topics including what security is, security trends, sources and consequences of risks, types of vulnerabilities, security criteria, security attack types, and security services and mechanisms. Security aims to protect information and systems from threats, vulnerabilities, and attacks while ensuring access for intended users. The document covers common computer and network security concepts.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    19 views30 pages

    Chapter 1 Introduction

    Uploaded by

    Nurlign Yitbarek
    This document discusses information assurance and security. It outlines key topics including what security is, security trends, sources and consequences of risks, types of vulnerabilities, security criteria, security attack types, and security services and mechanisms. Security aims to protect information and systems from threats, vulnerabilities, and attacks while ensuring access for intended users. The document covers common computer and network security concepts.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    of 30

    • Information Assurance and Security

    1
    OUTLINE

    • What is Security?
    • Security trend
    • Sources and consequences of risks
    • Types of Vulnerabilities
    • Security criteria
    • Security attack types
    • Security services and mechanisms

    2
    computer and network security

    What is Security?
    Security is about
    • Threats (bad things that may happen, e.g. your
    money getting stolen)
    • Vulnerabilities (weaknesses in your defenses, e.g.
    your front door being made of thin wood and glass)
    • Attacks (ways in which the threats may be
    actualized,
    • e.g. a thief breaking through your weak front door
    while you and the neighbors are on holiday)

    3
    computer and network security…

    “The most secure


    computers are those
    not connected
    to the Internet and
    shielded
    from any interference”

    4
    computer and network security…
    Computer security is about provisions
    and policies adopted to protect
    information and property from theft,
    corruption, or natural disaster
     while allowing the information and
    property to remain accessible and
    productive to its intended users.
    security of computers against intruders
    (e.g.,hackers) and malicious software
    (e.g., viruses).

    5
    computer and network security…
    Network security on the other hand deals with provisions
    and policies adopted to prevent and monitor unauthorized
    access, misuse, modification, or denial of the computer
    network and network-accessible resources.

    6
    WHO ARE THE ATTACKERS?
    Vandals (Hackers, crackers) driven by intellectual challenge.

    Insiders: employees or customers seeking revenge or gain informal benefits

    Natural disasters: flooding, fire, storms, earthquake…

    Criminals seeking financial gain.

    Organized crime seeking gain or hiding criminal activities.

    Organized terrorist groups or nation states trying to influence national policy.

    Foreign agents seeking information (spying) for economic, political, or military


    purposes.

    Tactical countermeasures intended to disrupt military capability.

    Large organized terrorist groups

    Cyber attacks

    7
    WHAT ARE THE VULNERABILITIES?
    Physical vulnerabilities (Eg. Computer can be stolen)
    Natural vulnerabilities (Eg. Earthquake)
    Hardware and Software vulnerabilities (Eg. Failures)
    Media vulnerabilities (Eg. Hard disks can be stolen)
    Communication vulnerabilities (Ex. Wires can be tapped)
    Human vulnerabilities (Eg. Insiders)
    Poorly chosen passwords
    Software bugs (non reliability of software)
     buffer overflow attacks

    8
    CONSEQUENCES…

    Failure/End of service
    Reduction of QoS, down to Denial of Service (DDoS)
    Internal problems in the enterprise
    Trust decrease from partners (client, providers, share-
    holders)
    Technology leakage
    Human consequences (personal data, sensitive data -
    medical, insurances, …)

    9
    SECURITY CRITERIA (IN DETAIL)
    •To understand the types of threats to security that exist,
    first we need to have a definition of security
    requirements.
    •In this section, different security requirements are
    presented.

    Availability
    •It requires that computer and network assets are only
    available to authorized parties.
    • computer and network should provide all the designated
    services in the presence of all kinds of security attack.

    10
    SECURITY CRITERIA...
    Integrity
    It requires that messages should be modified or altered only
    by authorized parties.
     Modification includes writing, changing, deleting, and creating the
    message that is supposed to be transmitted across the network.

    Integrity guarantees that no modification, addition, or


    deletion is done to the message;
    The altering of message can be malicious or accidental.

    11
    SECURITY CRITERIA...
    Confidentiality
    It requires that the message can only be accessible for reading by
    authorized parties.
    It also requires that the system should verify the identity of a user.

    Authentication
    It means that correct identity is known to communicating parties.
    This property ensures that the parties are genuine not impersonator.

    Authorization
    This property gives access rights to different types of users.
     For example a network management can be performed by network
    administrator only.

    12
    COMPUTER AND NETWORK
    SECURITY
    ATTACKS
    Categories of Attacks
     Interruption: An attack on availability

     Interception: An attack on confidentiality

     Modification: An attack on integrity

     Fabrication: An attack on authenticity

    13
    COMPUTER AND NETWORK SECURITY
    ATTACKS…
    Categories of Attacks/Threats
    Source

    Destination
    Normal flow of information
    Attack

    Interruption Interception

    Modification Fabrication
    14
    EXAMPLES OF THREATS

    15
    SECURITY ATTACK TYPES
    The attacks can also be classified by the following criteria.
     Passive or active,
     Internal or external,
     At different protocol layers.
    Passive vs. active attacks
    •A passive attack attempt to learn or make use of the information
    without changing the content of the message and disrupting the
    operation of the communication.
    •Examples of passive attacks are:
    -- Eavesdropping , traffic analysis, and traffic monitoring.

    16
    SECURITY ATTACK TYPES…

    Active attack attempts to interrupt, modify, delete,


    or fabricate messages or information thereby
    disrupting normal operation of the network.

    Some examples of active attacks include:


     Jamming, impersonating, modification, denial of service
    (DoS), and message replay.

    17
    PASSIVE ATTACKS
    Passive attacks do not affect system resources
     Eavesdropping, monitoring
     The goal of the opponent is to obtain information that is being
    transmitted

    Two types of passive attacks


     Release of message contents
     Traffic analysis

    Passive attacks are very difficult to detect


     Message transmission apparently normal
     No alteration of the data
     Emphasis on prevention rather than detection
     By means of encryption

    18
    PASSIVE ATTACKS (1)
    RELEASE OF MESSAGE CONTENTS

    19
    PASSIVE ATTACKS (2)
    TRAFFIC ANALYSIS

    20
    ACTIVE ATTACKS
    Active attacks try to alter system resources or
    affect their operation
     Modification of data, or creation of false data
    Four categories
     Masquerade of one entity as some other
     Replay previous message
     Modification of messages
     Denial of service (DoS): preventing normal use
     A specific target or entire network

    Difficult to prevent
     The goal is to detect and recover

    21
    ACTIVE ATTACKS (1)
    MASQUERADE

    22
    ACTIVE ATTACKS (2)
    REPLAY

    23
    ACTIVE ATTACKS (3)
    MODIFICATION OF MESSAGES

    24
    ACTIVE ATTACKS (4)
    DENIAL OF SERVICE

    25
    SECURITY ATTACK TYPES…
    Internal vs. External attacks
    External attacks are carried out by hosts that don’t
    belong to the network domain, sometimes they are
    called outsider.
     E.g.it can causes congestion by sending false routing
    information thereby causes unavailability of services.
    In case of internal attack, the malicious node from the
    network gains unauthorized access and acts as a genuine
    node and disrupts the normal operation of nodes.
    They are also known as insider.

    26
    COMMON SECURITY ATTACKS AND THEIR
    COUNTERMEASURES
    Finding a way into the network
     Firewalls

    Exploiting software bugs, buffer overflows


     Intrusion Detection Systems

    Denial of Service
     access filtering, IDS

    TCP hijacking
     IPSec

    Packet sniffing
     Encryption (SSL, HTTPS)

    Social problems
     Education

    27
    SECURITY SERVICES (X.800)
    Authentication - assures that communicating entity is the
    one claimed
     have both peer-entity & data origin authentication

    Access Control - prevention of the unauthorized use of a


    resource
    Data Confidentiality –protection of data from
    unauthorized disclosure
    Data Integrity - assurance that data received is as sent by
    an authorized entity
    Non-Repudiation - protection against denial by one of the
    parties in a communication
    Availability – resource accessible/usable
    28
    SECURITY MECHANISM
    Feature designed to detect, prevent, or recover from a security
    attack
    no single mechanism that will support all services required
    however one particular element underlies many of the security
    mechanisms in use:
     Cryptographic techniques

    hence our focus on this course

    29
    10 Q n e
    te r O
    ha p
    o f C
    En d

    30

    You might also like