Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

By Md Emran Mazumder Ottawa University Student no:
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Lecture 1: Overview modified from slides of Lawrie Brown.
Network Attacks Mark Shtern.
Hackers They can u Read the data files u Run the application programs u Modify some files which may cause damages Individuals who gain unauthorized access.
CSA 223 network and web security Chapter one
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
APA of Isfahan University of Technology In the name of God.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
1 Guide to Network Defense and Countermeasures Chapter 2.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
بسم الله الرحمن الرحيم Islamic University of Gaza Electrical & Computer Engineering Department Prepared By : Eman Khaled El-mashharawi Miriam Mofeed El-Mukhallalati.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
 Jaden Terry.  To obtain privacy and protect data from other people. o Businesses Customer/Employee information Credit card numbers To gain a competitive.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
CHAPTER 9 Sniffing.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 5: Basic Security.
Information Security in Distributed Systems Distributed Systems1.
Chap1: Is there a Security Problem in Computing?.
Security fundamentals Topic 6 Securing the network infrastructure.
Understanding Protocol Security LESSON Security Fundamentals.
Lesson 20. E-commerce Software Intershop Enfinity WebSphere Commerce Professional Edition Microsoft Commerce Server 2002.
Network Security Introduction
MIPv6Security: Dimension Of Danger Unauthorized creation (or deletion) of the Binding Cache Entry (BCE).
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
Chapter 6 Discovering the Scope of the Incident Spring Incident Response & Computer Forensics.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Securing Access to Data Using IPsec Josh Jones Cosc352.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
Threat Modeling for Cloud Computing
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
DDoS Attacks on Financial Institutions Presentation
Wireless Network Security
Network Attacks Dylan Small.
Information and Network Security
Network Security: IP Spoofing and Firewall
Internet of Things Vulnerabilities
Presentation transcript:

Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011

Roadmap Definition Different Forms of Attacks Prevention Conclusion Questions??

Definition What is a network attack? Passive Active

Different Types of Attack Eavesdropping Data Modification Identity Spoofing (IP Address Spoofing) Password Based Attacks Denial of Service Attack Man-In-The-Middle-Attack Compromised-Key Attack Sniffer Attack Application-Layer Attack

Eavesdropping Majority of network communications occur in an unsecured or “cleartext” format. Allows attacker to “listen in” or read the network traffic. Known as Sniffing or Snooping Biggest security issue faced by network administrators in an enterprise.

Eavesdropping (cont.) Prevention In order to prevent the eavesdropping of data traversed on your network, you must have strong encryption services based on cryptography.

Identity Spoofing Computers are identified in an operating system or network by a valid IP Address. Possible for IP Address to be falsely assumed (identity spoofing). Special Programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet. After gaining access with a valid IP, attacker can modify, delete or reroute your data, As well as perform a number of other attacks.

Data Modification Step One – Read Data Step Two – Alter Data Modify data in the packet without the knowledge of the sender or receiver. Example: Purchase Requisitions, exchange of items, amounts and billing information

Password Based Attacks Access Rights to a computer or network resources are determined by who you are (username and password) If an attacker gains access to a valid user account he is able to do whatever that user can do Obtain lists of valid user and computer names and network information. Modify server and network configurations, including access controls and routing tables. Modify, reroute, or delete your data.

Denial of Service Attack Prevents normal use of computer or network by valid users (Unlike Password Based Attack) After gaining access to the network Randomize the attention of your internal Information Systems staff so that they do not see the intrusion immediately, which allows the attacker to make more attacks during the diversion. Send invalid data to applications or network services, which causes abnormal termination or behavior of the applications or services. Flood a computer or the entire network with traffic until a shutdown occurs because of the overload. Block traffic, which results in a loss of access to network resources by authorized users.

Man-In-The-Middle Attack Attacker is monitoring, capturing and controlling data sent between you and the person whom you are communicating with transparently At low levels of communication on the network layer, computers might not be able to determine with whom they are exchanging data. Attacker assumes your identity and attempts to gather as much information as possible, while the person you’re communicating with thinks it is you.

Compromised-Key Attack Definition: Key – A secret code or number that is needed to interpret secured information. Obtaining a Key: Difficult and Resource- Intensive, but possible. Attacker can use key to gain access on a secured communication without the knowledge of either party. Can also use key to attempt computation of additional keys, which would lead to access to other secure communications.

Sniffer Attack Definition: Sniffer – An application or device that can read, monitor, and capture network data exchanges and read network packets. If packets aren’t encrypted, the Sniffer provides a full view of the data inside the packets. Using a Sniffer, an attacker is capable of: Analyzing your network and gain information to eventually cause your network to crash or to become corrupted. Read your communications.

Application-Layer Attack Targets application servers by deliberately causing a fault in the server’s operating system or applications. Results in the attacker gaining the ability to bypass normal access controls. Capable of the same damages as a man-in-the-middle attack

Application-Layer (cont.) Once the attacker has gained access, he can do any of the following: Read, add, delete, or modify your data or operating system. Introduce a virus program that uses your computers and software applications to copy viruses throughout your network. Introduce a Sniffer program to analyze your network and gain information that can eventually be used to crash or to corrupt your systems and network. Abnormally terminate your data applications or operating systems. Disable other security controls to enable future attacks.

Prevention Always have some type of security plan in place. Have some sort of encryption service based on cryptography. Make sure all applications are up-to- date in order to have as little vulnerabilities as possible.

Video Denial of Service Attack - Example

Resources "Common Types of Network Attacks." Microsoft TechNet: Resources for IT Professionals. Web. 24 Feb "Strengthen Application Defenses to Prevent Network Attacks | TechRepublic." TechRepublic - A Resource for IT Professionals. Web. 24 Feb "Network Security Types of Attack Passive Attack Active." Complete Computer Networking Notes Guides Tutorials. Web. 24 Feb

Questions Questions??