Data & Network Security Mrs. Iqra Shahid Lecturer Department of Computer Science iqrasatar@gmail.com

Instructor MS Computer Science from UOL (Sargodha Campus). BS Computer Science from UET Lahore. Have 3 research papers published. Pre-coding Techniques (OFDMA) Distributed Denial of Service (Network Security) Multi-Level Queue and Real time Scheduling (Operating System)

Students Introduction

Introduction to Course

Teaching Procedure Lectures Discussion Assignments Surprise Quizzes Midterm Presentation Final Exam

Marks Distribution Class Participation 05% Assignments 05% Surprise Quizzes 10% Midterm 30% Presentation 10% Final Exam 40%

Prerequisites Data Communication & Networks Computer Networks

Textbook Cryptography and Network Security, William Stallings, 5th Edition, Pearson Education, 2011 Cryptography & Network Security, Behrouz A. Frouzen Security in Computing, Charles P. Pfleeger, Fourth Edition, Pearson Education, 2011. Online readings

Objectives of the lecture To define Security To define three security goals To define security attacks that threaten security goals To define security services and how they are related to the three security goals To define security mechanisms to provide security services To introduce two techniques, cryptography an steganography, to implement security mechanisms. 1.#

Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. —The Art of War, Sun Tzu

Background Information Security requirements have changed in recent times. Traditionally provided by physical and administrative mechanisms. Computer use requires automated tools to protect files and other stored information. Use of networks and communications links requires measures to protect data during transmission.

Computer Security The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications). [NIST 1995]

Definitions Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers. Network Security - measures to protect data during their transmission. Internet Security - measures to protect data during their transmission over a collection of interconnected networks.

Aim of Course Our focus is on Data & Network Security Which consists of measures to prevent, detect, deter and correct security violations that involve the transmission & storage of information.

Security Trends

Security Goals This section defines three security goals. Confidentiality Integrity Availability

Confidentiality Confidentiality is probably the most common aspect of information security. We need to protect our confidential information. An organization needs to guard against those malicious actions that endanger the confidentiality of its information.

Integrity Information needs to be changed constantly. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms.

Availability The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities.

Examples of Security Requirements Confidentiality – student grades integrity – patient information Availability – authentication service

Levels Of Impact 3 levels of impact from a security breach Low Moderate High

OSI Security Architecture ITU-T X.800 “Security Architecture for OSI” Defines a systematic way of defining and providing security requirements. For us it provides a useful, if abstract, overview of concepts we will study.

Aspects of Security Consider 3 aspects of information security: Security Attack Security Mechanism Security Service

Security Attack Any action that compromises the security of information owned by an organization. Information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems. Often threat & attack used to mean same thing.

Security Attack The three goals of security - confidentiality, integrity, and availability can be threatened by security attacks. Attacks Threatening Confidentiality Attacks Threatening Integrity Attacks Threatening Availability Passive versus Active Attacks

Taxonomy of Attacks

Attacks Threading Confidentiality Snooping refers to unauthorized access to or interception of data. Traffic analysis refers to obtaining some other type of information by monitoring online traffic.

Attacks Threatening Integrity Modification means that the attacker intercepts the message and changes it. Masquerading or spoofing happens when the attacker impersonates somebody else. Replaying means the attacker obtains a copy of a message sent by a user and later tries to replay it. Repudiation means that sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message.

Attacks Threatening Availability Denial of service (DoS) is a very common attack. It may slow down or totally interrupt the service of a system.

Passive Attacks (i) Release of Message Contents

Passive Attacks (ii) Traffic Analysis

Passive Attacks (Cont…) Passive attacks do not affect system resources Eavesdropping, monitoring Two types of passive attacks Release of message contents Traffic analysis Passive attacks are very difficult to detect Message transmission apparently normal No alteration of the data Emphasis on prevention rather than detection By means of encryption

Active Attacks (i) Masquerade

Active Attacks (ii) Replay

Active Attacks (iii) Modification of Messages

Active Attacks (iv) Denial of Service

Active Attacks (Cont…) Active attacks try to alter system resources or affect their operation Modification of data, or creation of false data Four categories Masquerade Replay Modification of messages Denial of service: preventing normal use A specific target or entire network Difficult to prevent The goal is to detect and recover

Passive versus Active Attacks