Network Security

Prepared by
Jesna J S
Assistant Professor TKMCE
 Network Security
• Any action intended to safeguard the integrity and usefulness of your
data and network is known as network security.
• Network security is the practice of protecting a computer network
from unauthorized access, misuse, or attacks.
• It involves using tools, technologies, and policies to ensure that data
traveling over the network is safe and secure, keeping sensitive
information away from hackers and other threats.
 Computer Security
The protection afforded to an automated information system in order to
attain the applicable objectives of preserving the integrity, availability,
and confidentiality of information system resources (includes hardware,
software, firmware, information/ data, and telecommunications).
 Key objectives of Network security
CONFIDENTIALITY , INTEGRITY , AVAILABILITY
CIA TRIAD
Confidentiality
Confidentiality: This term covers two related concepts:
• Data confidentiality: Assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
• Privacy: Assures that individuals control or influence what
information related to them may be collected and stored and by whom
and to whom that information may be disclosed.
Integrity
Integrity: This term covers two related concepts:
• Data integrity: Assures that information and programs are changed
only in a specified and authorized manner.
• System integrity: Assures that a system performs its intended function
in an unimpaired manner, free from deliberate or inadvertent
unauthorized manipulation of the system.
Availability
• Availability: Assures that systems work promptly and service is not
denied to authorized users
• Confidentiality: Preserving authorized restrictions on information access
and disclosure, including means for protecting personal privacy and
proprietary information. A loss of confidentiality is the unauthorized
disclosure of information.
• Integrity: Guarding against improper information modification or
destruction, including ensuring information nonrepudiation and
authenticity. A loss of integrity is the unauthorized modification or
destruction of information.
• Availability: Ensuring timely and reliable access to and use of
information. A loss of availability is the disruption of access to or use of
information or an information system.
 Passive attacks & Active attacks
Passive attacks
• A passive attack attempts to learn or make use of information from the
system but does not affect system resources.
• Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions.
• These are very difficult to detect, because they do not involve any
alteration of the data
• The goal of the opponent is to obtain information that is being
transmitted.
• Two types of passive attacks are the release of message contents and
traffic analysis
• The release of message contents is easily understood.
• A telephone conversation, an electronic mail message, and a transferred file may
contain sensitive or confidential information.
• We would like to prevent an opponent from learning the contents of these
transmissions.
 Traffic Analysis
• Suppose that we had a way of masking the contents of messages or other
information traffic so that opponents, even if they captured the message,
could not extract the information from the message.
• The common technique for masking contents is encryption.
• If we had encryption protection in place, an opponent might still be able to
observe the pattern of these messages.
• The opponent could determine the location and identity of communicating
hosts and could observe the frequency and length of messages being
exchanged.
Active attacks
• Active attacks involve some modification of the data stream or the
creation of a false stream and can be subdivided into four categories:
1. Masquerade
2. Replay
3. Modification of messages
4. Denial of service.
Masquerade
• A masquerade takes place when one entity pretends to be a different entity.
• A masquerade attack usually includes one of the other forms of active attack.
• For example, authentication sequences can be captured and replayed after a
valid authentication sequence has taken place, thus enabling an authorized
entity with few privileges to obtain extra privileges by impersonating an entity
that has those privileges.
Replay
• Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.
 Modification of messages
• Modification of messages simply means that some portion of a legitimate
message is altered, or that messages are delayed or reordered, to produce an
unauthorized effect.
• For example, a message meaning “Allow John Smith to read confidential file
accounts” is modified to mean “Allow Fred Brown to read confidential file
accounts.”
Denial of service
• The denial of service prevents or inhibits the normal use or management of
communications facilities.
• This attack may have a specific target; for example, an entity may suppress
all messages directed to a particular destination.
• Another form of service denial is the disruption of an entire network, either
by disabling the network or by overloading it with messages so as to degrade
performance.
 The Challenges of Computer Security
1. Security may appear straightforward, with key requirements like
confidentiality, authentication, nonrepudiation, and integrity, but the
mechanisms to achieve them are often complex and require deep
reasoning to understand.
2. Security mechanisms must account for potential attacks, which often
exploit unexpected weaknesses by approaching the problem from a
different perspective.
3. Security mechanisms are often complex and counterintuitive, as
their necessity becomes clear only when considering the various
aspects of potential threats.
4. After designing security mechanisms, it’s crucial to determine their
placement—both physically (e.g., specific network points) and
logically (e.g., appropriate layers in architectures like TCP/IP).
5. Security mechanisms require more than algorithms; they need secure
management of secrets like encryption keys and depend on protocols.
Issues like unpredictable network delays can complicate mechanisms
reliant on time limits.
6. Computer and network security is a constant battle where attackers
exploit single weaknesses, while designers must address all
vulnerabilities to ensure complete security.
7. There is a natural tendency on the part of users and system managers
to perceive little benefit from security investment until a security
failure occurs.
8. Security requires regular, even constant, monitoring, and this is
difficult in today’s short-term, overloaded environment.
9. Security is still too often an afterthought to be incorporated into a
system after the design is complete rather than being an integral part
of the design process.
10. Many users and even security administrators view strong security as
an impediment to efficient and user-friendly operation of an
information system or use of information.
NETWORK SECURITY MODEL
• A message is to be transferred from one party to another across some sort
of Internet service. The two parties, who are the principals in this
transaction, must cooperate for the exchange to take place.
• A logical information channel is established by defining a route through
the Internet from source to destination and by the cooperative use of
communication protocols (e.g., TCP/IP) by the two principals.
• All the techniques for providing security have two components:
1. A security-related transformation on the information to be sent.
Examples include the encryption of the message, which scrambles
the message so that it is unreadable by the opponent, and the
addition of a code based on the contents of the message, which can
be used to verify the identity of the sender.
2. Some secret information shared by the two principals and, it is
hoped, unknown to the opponent. An example is an encryption key
used in conjunction with the transformation to scramble the
message before transmission and unscramble it on reception.
• A trusted third party may be needed to achieve secure transmission.
For example, For distributing the secret information to the two
principals while keeping it from any opponent.
• This general model shows that there are four basic tasks in designing a
particular security service:
1. Design an algorithm for performing the security-related
transformation. The algorithm should be such that an opponent
cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret
information.
4. Specify a protocol to be used by the two principals that makes use of
the security algorithm and the secret information to achieve a
particular security service.