[go: up one dir, main page]
Scribd
Upload
45 views65 pages

Chapter 1

Uploaded by

Abiraahm
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
45 views65 pages

Chapter 1

Uploaded by

Abiraahm
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 65

Chapter-1:

Introduction to Computer and Network

Security

11/17/2022 Computer and Network Security 1 By: Mechal T.


Outline

 What is Security?

 Why Security?

 Security Policy and Mechanism

 Security trend

 Sources and consequences of risks

 Types of Vulnerabilities

 Security criteria
 Security attack types

 Security services, mechanisms and model


11/17/2022 Computer and Network Security 2 By: Mechal T.
Chapter Objectives

 At the end of this chapter, students will be able to understand:


 What security mean and why do we need to study security

 Different types of risks

 Different Security attack types

 Security criteria

 Security services and mechanisms

 Security Models and the different security dimensions

11/17/2022 Computer and Network Security 3 By: Mechal T.


What is Security?
 Security is about:
• Threats (bad things that may happen, e.g. your money getting
stolen)
• Vulnerabilities (weaknesses in your defenses, e.g. your front door
being made of thin wood and glass)
• Attacks (ways in which the threats may be actualized,
• e.g. a thief breaking through your weak front door while you
and the neighbors are on holiday)

11/17/2022 Computer and Network Security 4 By: Mechal T.


What is Security?...
 Security:

“The most secure

computers are those

not connected

to the Internet and

shielded from any interference”


11/17/2022 Computer and Network Security 5 By: Mechal T.
What is Security?...
 Computer security is about provisions and
policies adopted to protect information and
property from theft, corruption, or natural
disaster while allowing the information and
property to remain accessible and productive
to its intended users.

 Security of computers against intruders


(e.g.,hackers) and malicious software (e.g.,
viruses).

11/17/2022 Computer and Network Security 6 By: Mechal T.


What is Security?...

 Network security on the other hand deals with provisions and

policies adopted to prevent and monitor unauthorized access, misuse,

modification, or denial of the computer network and network-

accessible resources.

11/17/2022 Computer and Network Security 7 By: Mechal T.


Why Security?...

• Good Security Standards follow the “90 / 10” Rule:

• 10% of security safeguards are technical and

• 90% of security safeguards rely on the computer user (“YOU”) to

adhere to good computing practices .

11/17/2022 Computer and Network Security 8 By: Mechal T.


Why Security?...

• Example: The lock on the door is the 10%. You remembering to lock

the lock, checking to see if the door is closed, ensuring others do not

open the door, keeping control of the keys, etc. is the 90%.

• You need both parts for effective security.

11/17/2022 Computer and Network Security 9 By: Mechal T.


Why Security?...
 What Does This Mean for Me?

 This means that everyone who uses a computer or mobile device


needs to understand how to keep their computer, devices and data
secure.

 Information Security is everyone’s responsibility and that is why we


study computer and network security.

11/17/2022 Computer and Network Security 10 By: Mechal T.


Security Policy and Mechanism

• A security policy is a statement of what is, and what is not,

allowed.

• A security mechanism is a method, tool, or procedure for

enforcing a security policy.

11/17/2022 Computer and Network Security 11 By: Mechal T.


Security Trends

 In 1994, the Internet Architecture Board (IAB) issued a report

entitled "Security in the Internet Architecture" (Request for

Comments/RFC 1636).

 The report stated the general consensus that the Internet needs more

and better security, and it identified key areas for security

mechanisms.

11/17/2022 Computer and Network Security 12 By: Mechal T.


Security Trends…

 Among these were:

 the need to secure the network infrastructure from unauthorized

monitoring and control of network traffic and

 the need to secure end-user-to-end-user traffic using

authentication and encryption mechanisms.

11/17/2022 Computer and Network Security 13 By: Mechal T.


Security Trends…
 Internet-related vulnerabilities over a 10-year period.

These include:
• Security weaknesses in the OS of
attached computers (e.g., Windows,
Linux) as well as
• Vulnerabilities in Internet routers and
other network devices.

11/17/2022 Computer and Network Security 14 By: Mechal T.


Who are the attackers?

 In computer and computer networks, an attacker is the individual or

organization who performs the malicious activities to destroy,

expose, alter, disable, steal or gain unauthorized access to or make

unauthorized use of an asset.

 Attackers use every tools and techniques they would try and attack us

to get unauthorized access.

11/17/2022 Computer and Network Security 15 By: Mechal T.


Who are the attackers?...

 Basically, there are four main types of attackers:

11/17/2022 Computer and Network Security 16 By: Mechal T.


Who are the attackers?...

1. Cyber Criminals

 Cybercriminals are individual or group of people who use technology

to commit cybercrime with the intention of stealing sensitive

company information or personal data and generating profits.

 In today's, they are the most prominent and most active type of

attacker.

11/17/2022 Computer and Network Security 17 By: Mechal T.


Who are the attackers?...

2. Hacktivists

 Hacktivists are individuals or groups of hackers who carry out

malicious activity to promote a political agenda, religious belief, or

social ideology.

 They are not like cybercriminals who hack computer networks to

steal data for the cash.

 They see themselves as fighting injustice.


11/17/2022 Computer and Network Security 18 By: Mechal T.
Who are the attackers?...

3. State-sponsored Attacker

 These attackers have particular objectives aligned with either the

political, commercial or military interests of their country of origin.

 The government organizations have highly skilled hackers and

specialize in detecting vulnerabilities and exploiting these before the

holes are patched. It is very difficult to defeat these attackers due to

the vast resources they use.


11/17/2022 Computer and Network Security 19 By: Mechal T.
Who are the attackers?...

4. Insider Threats

 The insider threat is a threat to an organization's security or data that

comes from within.

 These type of threats are usually occurred from employees or former

employees, but may also arise from third parties, including

contractors, temporary workers, employees or customers.

11/17/2022 Computer and Network Security 20 By: Mechal T.


Who are the attackers?...

4. Insider Threats

 Insider threats can be categorized in to three:

11/17/2022 Computer and Network Security 21 By: Mechal T.


Who are the attackers?...

4.1. Malicious

 Malicious threats are attempts by an insider to access and potentially

harm an organization's data, systems or IT infrastructure.

 These insider threats are often attributed to dissatisfied employees or

ex-employees who believe that the organization was doing something

wrong with them in some way, and they feel justified in seeking

revenge.
11/17/2022 Computer and Network Security 22 By: Mechal T.
Who are the attackers?...

4.2. Accidental

 Accidental threats are threats which are accidently done by insider

employees.

 In this type of threats, an employee might accidentally delete an

important file or inadvertently share confidential data with a business

partner going beyond company’s policy or legal requirements.

11/17/2022 Computer and Network Security 23 By: Mechal T.


Who are the attackers?...

4.3. Negligent

 These are the threats in which employees try to avoid the policies of

an organization put in place to protect endpoints and valuable data.

 For example, if the organization have strict policies for external file

sharing, employees might try to share work on public cloud

applications so that they can work at home.

11/17/2022 Computer and Network Security 24 By: Mechal T.


Who are the attackers?...

 Note: In addition to the above mentioned attackers, it should be

noted that Natural disasters: flooding, fire, storms, earthquake… can

be an attacker.

11/17/2022 Computer and Network Security 25 By: Mechal T.


What are the vulnerabilities?

 Physical vulnerabilities (Eg. Computer can be stolen)

 Natural vulnerabilities (Eg. Earthquake)

 Hardware and Software vulnerabilities (Eg. Failures)

 Media vulnerabilities (Eg. Hard disks can be stolen)

 Communication vulnerabilities (Ex.Wires can be tapped)

 Human vulnerabilities (Eg. Insiders)

11/17/2022 Computer and Network Security 26 By: Mechal T.


What are the vulnerabilities?...
 Poorly chosen passwords

 Software bugs (non reliability of software)

 Automatically running active content: active-x, scripts, Java programs


(applet)

 Open ports

 Incorrect configuration

 File permissions

 Administrative privileges
11/17/2022 Computer and Network Security 27 By: Mechal T.
What are the vulnerabilities?...
 Untrained users/system administrators

 Trap doors (intentional security holes)

 Unencrypted communication

 Limited Resources (i.e.TCP connections)

11/17/2022 Computer and Network Security 28 By: Mechal T.


What are the consequences?
 Failure/End of service

 Reduction of Quality of Service (QoS), down to Denial of Service


(DoS).

 Internal problems in the enterprise

 Trust decrease from partners (client, providers, share-holders)

 Technology leakage

 Human consequences (personal data, sensitive data - medical,


insurances, …)

11/17/2022 Computer and Network Security 29 By: Mechal T.


Security Criteria

 Security Evaluation Criteria are usually presented as a set of

parameter thresholds that must be met for a system to be evaluated

and deemed acceptable.

 These criteria are established based on a Threat Assessment to

establish the extent of the data sensitivity, the security policy, and the

system characteristics.

11/17/2022 Computer and Network Security 30 By: Mechal T.


Security Criteria

 Security is expressed in terms of:

 Availability

 Integrity

 Confidentiality

 Authentication

 Note: Authentication is a foundations of security. In its absence, all


security properties can be violated
11/17/2022 Computer and Network Security 31 By: Mechal T.
Security Criteria…

1. Availability

 It requires that computer and network assets are only available to

authorized parties.

 Computer and network should provide all the designated services in

the presence of all kinds of security attack.

11/17/2022 Computer and Network Security 32 By: Mechal T.


Security Criteria…

2. Integrity

 It requires that messages should be modified or altered only by

authorized parties.

 Modification includes writing, changing, deleting, and creating the

message that is supposed to be transmitted across the network.

 Integrity guarantees that no modification, addition, or deletion is

done to the message.


11/17/2022 Computer and Network Security 33 By: Mechal T.
Security Criteria…

3. Confidentiality

 It requires that the message can only be accessible for reading by

authorized parties.

 It also requires that the system should verify the identity of a user.

11/17/2022 Computer and Network Security 34 By: Mechal T.


Security Criteria…

4. Authentication

 It means that correct identity is known to communicating parties.

 This property ensures that the parties are genuine not impersonator.

11/17/2022 Computer and Network Security 35 By: Mechal T.


Security Attack Types

 Categories of Attacks

 Interruption: An attack on Availability

 Modification: An attack on Integrity

 Interception: An attack on Confidentiality

 Fabrication: An attack on Authenticity

11/17/2022 Computer and Network Security 36 By: Mechal T.


Security Attack Types…

 Attacks…
Source

Normal flow of information Destination

Attack

Interruption Interception

Modification Fabrication

11/17/2022 Computer and Network Security 37 By: Mechal T.


Security Attack Types…

 The attacks can also be classified by the following criteria.

 Passive or active,

 Internal or external,

 At differentTCP/IP protocol Layers

11/17/2022 Computer and Network Security 38 By: Mechal T.


Security Attack Types…
1. Passive vs. Active attacks

 A passive attack is a network attack in which a system is monitored


and sometimes scanned for open ports and vulnerabilities.

 The purpose of a passive attack is to gain information about the


system being targeted; it does not involve any direct action on the
target.

 These kind of attacks attempt to learn or make use of the information


without changing the content of the message and disrupting the
operation of the communication.
11/17/2022 Computer and Network Security 39 By: Mechal T.
Security Attack Types…
1. Passive vs. Active attacks

 Passive attacks include active reconnaissance and passive


reconnaissance.

 In a computer security context, reconnaissance is the act of exploring


a system or network in order to gather information before
conducting a full attack.

 Example: traffic analysis and monitoring, Eavesdropping

11/17/2022 Computer and Network Security 40 By: Mechal T.


Security Attack Types…

1. Passive vs. active attacks…

 Passive attacks do not affect system resources and they are very

difficult to detect because:

 Message transmission apparently normal

 No alteration of the data

 Emphasis on prevention rather than detection

 By means of encryption
11/17/2022 Computer and Network Security 41 By: Mechal T.
Security Attack Types…

1. Passive vs. active attacks…

 Active attack attempts to interrupt, modify, delete, or fabricate

messages or information thereby disrupting normal operation of the

network.

 Some examples of active attacks include: Jamming, impersonating,

modification, denial of service (DoS).

 Difficult to prevent.The goal is to detect and recover


11/17/2022 Computer and Network Security 42 By: Mechal T.
Security Attack Types…
2. Internal vs. External attacks

 External attacks are carried out by hosts that don’t belong to the
network domain, sometimes they are called outsider.

 E.g. It can causes congestion by sending false routing information


thereby causes unavailability of services.

 In case of internal attack, the malicious node from the network gains
unauthorized access and acts as a genuine node and disrupts the
normal operation of nodes.They are also known as insider.

11/17/2022 Computer and Network Security 43 By: Mechal T.


Security Attack Types…
3. At different TCP/IP protocol Layers

11/17/2022 Computer and Network Security 44 By: Mechal T.


Common security attacks and their countermeasures

 Finding a way into the network


 Firewalls

 Exploiting software bugs, buffer overflows


 Intrusion Detection Systems

 Denial of Service
 Access filtering, IDS

 TCP hijacking
 IPSec

11/17/2022 Computer and Network Security 45 By: Mechal T.


Common security attacks and their countermeasures…

 Packet sniffing
 Encryption (SSL, HTTPS)

 Social problems
 Education

11/17/2022 Computer and Network Security 46 By: Mechal T.


Security Services

 X.800:

 “a service provided by a protocol layer of communicating open


systems, which ensures adequate security of the systems or of data
transfers”

 RFC 2828:

 “a processing or communication service provided by a system to give


a specific kind of protection to system resources”

11/17/2022 Computer and Network Security 47 By: Mechal T.


Security Services (X.800)…
 Authentication - assures that communicating entity is the one claimed.

 Access Control - prevention of the unauthorized use of a resource.

 Data Confidentiality –protection of data from unauthorized disclosure.

 Data Integrity - assurance that data received is as sent by an authorized


entity.

 Non-Repudiation - protection against denial by one of the parties in a


communication.

 Availability – resource accessible/usable.

11/17/2022 Computer and Network Security 48 By: Mechal T.


Security Mechanism

 Security mechanisms are features designed to detect, prevent, or

recover from a security attack.

 No single mechanism that will support all services required.

 However one particular element underlies many of the security

mechanisms in use.

 Hence Cryptographic techniques will be our focus on this course

11/17/2022 Computer and Network Security 49 By: Mechal T.


Security Mechanism (X.800)

 Specific security mechanisms:

 Ciphering/deciphering, digital signatures, data integrity,


authentication exchange, routing control, …

 Firewall, proxy server

 Access control, Intrusion detection system

11/17/2022 Computer and Network Security 50 By: Mechal T.


Security Model

 A Network Security Model exhibits how the security service has

been designed over the network to prevent the opponent from

causing a threat to the confidentiality or authenticity of the

information that is being transmitted through the network.

 Any security service would have the three components discussed

below:

11/17/2022 Computer and Network Security 51 By: Mechal T.


Security Model

 1. Transformation of the information which has to be sent to the

receiver. So, that any opponent present at the information channel is

unable to read the message.

 This indicates the encryption of the message.

 It also includes the addition of code during the transformation of the

information which will be used in verifying the identity of the

authentic receiver.
11/17/2022 Computer and Network Security 52 By: Mechal T.
Security Model

 2. Sharing of the secret information between sender and receiver of

which the opponent must not any clue.

 Yes, we are talking of the encryption key which is used during the

encryption of the message at the sender’s end and also during the

decryption of message at receiver’s end.

11/17/2022 Computer and Network Security 53 By: Mechal T.


Security Model

 3. There must be a trusted third party which will distribute the secret
information to both sender and receiver.

 While designing the network security model, designer must also


concentrate on developing the methods to distribute the key to the
sender and receiver.

 An appropriate methodology must be used to deliver the secret


information to the communicating parties without the interference of
the opponent.

11/17/2022 Computer and Network Security 54 By: Mechal T.


Security Model

 Model for Network Security

11/17/2022 Computer and Network Security 55 By: Mechal T.


Security Model…Eight Security Dimensions
1. Access Control Security Dimension

 The Access Control Security Dimension ensures that only authorized


personnel or devices are allowed access to network elements, stored
information, information flows, services and applications.

 In addition, Role-BasedAccess Control (RBAC) provides different access


levels to guarantee that individuals and devices can only gain access to and
perform operations on network elements, stored information, and
information flows that they are authorized for.

 Examples: password, firewall

11/17/2022 Computer and Network Security 56 By: Mechal T.


Security Model…Eight Security Dimensions
2. Authentication Security Dimension

 The Authentication Security Dimension serves to confirm the identities of


communicating entities.

 Authentication ensures the validity of the claimed identities of the entities


participating in communication (e.g. person, device, service or application)
and provides assurance that an entity is not attempting a masquerade or
unauthorized replay of a previous communication.

 Examples: shared secret key, digital signature, digital certificate


 Digital signatures create a virtual fingerprint that is unique to a person or entity and
are used to identify users and protect information in digital messages or documents.
11/17/2022 Computer and Network Security 57 By: Mechal T.
Security Model…Eight Security Dimensions
3. Non-repudiation Security Dimension

 The Non-repudiation Security Dimension provides Assurance that the


sender of information is provided with proof of delivery and the recipient is
provided with proof of the sender's identity, so neither can later deny having
processed the information.

 It ensures the availability of evidence that can be presented to a third party


and used to prove that some kind of event or action has taken place.

 Example: Digital Signature

11/17/2022 Computer and Network Security 58 By: Mechal T.


Security Model…Eight Security Dimensions
4. Data Confidentiality Security Dimension

 The Data Confidentiality Security Dimension protects data from


unauthorized disclosure.

 Data Confidentiality ensures that the data content cannot be understood by


unauthorized entities.

 Example: Encryption, access control lists, and file permissions are methods
often used to provide data confidentiality.

11/17/2022 Computer and Network Security 59 By: Mechal T.


Security Model…Eight Security Dimensions
5. Communication Security Dimension

 The Communication Security Dimension ensures that information flows


only between the authorized end points (the information is not diverted or
intercepted as it flows between these end points).

 It ensures that information flows from source to destination.

 Ex:Virtual Private Network(VPN), Multiprotocol Label Switching(MPLS)


 VPN describes the opportunity to establish a protected network connection
when using public networks.

 MPLS, is a networking technology that routes traffic using the shortest path
based on “labels,” rather than network addresses.
11/17/2022 Computer and Network Security 60 By: Mechal T.
Security Model…Eight Security Dimensions
6. Data Integrity Security Dimension

 The Data Integrity Security Dimension ensures the correctness or accuracy


of data.

 The data is protected against unauthorized modification, deletion, creation,


and replication and provides an indication of these unauthorized activities.

 Examples: MD5, digital signature, anti-virus software


 MD5(Message Digest Algorithm) is a cryptographic protocol used for
authenticating messages as well as content verification

11/17/2022 Computer and Network Security 61 By: Mechal T.


Security Model…Eight Security Dimensions
7. Availability Security Dimension

 The Availability Security Dimension ensures that there is no denial of


authorized access to network elements, stored information, information
flows, services and applications due to events impacting the network.

 Disaster recovery solutions are included in this category.

 Examples IDS/IPS, network redundancy.

 Network redundancy is process of providing multiple paths for traffic,


so that data can keep flowing even in the event of a failure.

11/17/2022 Computer and Network Security 62 By: Mechal T.


Security Model…Eight Security Dimensions
8. Privacy Security Dimension

 The Privacy Security Dimension provides for the protection of information


that might be derived from the observation of network activities.

 It Ensures that identification and network use is kept private

 Examples of this information include web-sites that a user has visited, a


user's geographic location, and the IP addresses and DNS names of devices
in a Service Provider network.

 Examples: Network AddressTranslator (NAT), encryption


 NAT It's a way to map multiple local private addresses to a public one before
transferring the information so that the private addresses will not be made public.

11/17/2022 Computer and Network Security 63 By: Mechal T.


Security Model…Eight Security Dimensions
 Quiz: A hacked computer can be used to… (select all that apply)

a) Record keystrokes and steal passwords.


b) Send spam and phishing emails.
c) Harvest and sell email addresses and passwords.
d) Access restricted or personal information on your computer
or other systems that you have access to.

e) Infect other systems.


f) Hide programs that launch attacks on other computers.

11/17/2022 Computer and Network Security 64 By: Mechal T.


Thank You

11/17/2022 Computer and Network Security By: Mechal T. 65

You might also like