Presentation is loading. Please wait.

Presentation is loading. Please wait.

NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.

Published byMiranda Ashe Modified over 9 years ago

Similar presentations

Presentation on theme: "NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility."— Presentation transcript:

1 NS-H0503-02/11041 Attacks

2 NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable Security rests on confidentiality, authenticity, integrity, and availability

3 NS-H0503-02/11043 Security Goals Integrity Confidentiality Avaliability

4 NS-H0503-02/11044 Security Threats and Attacks A threat is a potential violation of security. –Flaws in design, implementation, and operation. An attack is any action that violates security. –Active adversary. Common threats: –Snooping/eavesdropping, alteration, spoofing, repudiation of origin, denial of receipt, delay and denial of service.

5 NS-H0503-02/11045 Types of Attacks Passive ThreadsActive Threads Release of Message Contents Traffic Analysis MasqueradeReplayModification of Message Contents Denial of Service

6 NS-H0503-02/11046 Attacks, Services and Mechanisms Security Attack: –Any action that compromises the security of information. Security Mechanism: –A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: – A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.

7 NS-H0503-02/11047 Security Attacks Interruption: –attack on availability Interception: –attack on confidentiality Modfication: –attack on integtrity Fabrication: –attack on authenticity

8 NS-H0503-02/11048 Security Attacks

9 NS-H0503-02/11049 Eavesdropping - Message Interception Attack on Confidentiality Unauthorized access to information Packet sniffers and wiretappers Illicit copying of data and programs SR Eavesdropper

10 NS-H0503-02/110410 Tampering With Messages Integrity Attack Stop the flow of the message Delay and optionally modify the message Release the message again SR Perpetrator

11 NS-H0503-02/110411 Fabrication Authenticity Attack Unauthorized assumption of other’s identity Generate and distribute objects under this identity SR Masquerader: from S

12 NS-H0503-02/110412 Attack on Availability Destroy hardware (cutting fiber) or software Modify software in a subtle way (alias commands) Corrupt packets in transit Blatant denial of service (DoS): –Crashing the server –Overwhelm the server (use up its resource) SR

13 NS-H0503-02/110413 Threat Examples - IP Spoofing A common first step to many threats. Source IP address cannot be trusted! IP PayloadIP Header SRC: source DST: destination SRC: 128.59.10.8 DST: 130.207.7.237 Is it really from Columbia University?

14 NS-H0503-02/110414 Routers Only Care About Destination 128.59.10.xx 130.207.xx.xx Rtr src:128.59.10.8 dst:130.207.7.237 Columbia Georgia Tech 36.190.0.xxRtr src:128.59.10.8 dst:130.207.7.237 Stanford

15 NS-H0503-02/110415 Why Should I Care? Attack packets with spoofed IP address help hide the attacking source. A smurf attack launched with your host IP address could bring your host and network to their knees. Higher protocol layers (e.g., TCP) help to protect applications from direct harm, but not enough.

16 NS-H0503-02/110416 Current IPv4 Infrastructure No authentication for the source Various approaches exist to address the problem: –Router/firewall filtering –TCP handshake

17 NS-H0503-02/110417 Router Filtering 36.190.0.xx Rtr src:128.59.10.8 dst:130.207.7.237 Stanford Hey, you shouldn’t be here! Decide whether this packet, with certain source IP address, should come from this side of network. Not standard - local policy.

18 NS-H0503-02/110418 Router Filtering Very effective for some networks (ISP should always do that!) –At least be sure that this packet is from some particular subnet Problems: –Hard to handle frequent add/delete hosts/subnets or mobileIP –Upsets customers should legitimate packets get discarded –Need to trust other routers

19 NS-H0503-02/110419 TCP Handshake client server SYN seq=x SYN seq=y, ACK x+1 ACK y+1 connection established

20 NS-H0503-02/110420 TCP Handshake 128.59.10.xx 130.207.xx.xx Rtr Columbia Georgia Tech 36.190.0.xxRtr src:128.59.10.8 dst:130.207.7.237 Stanford x seq=y, ACK x+1 The handshake prevents the attacker from establishing a TCP connection pretending to be 128.59.10.8

21 NS-H0503-02/110421 TCP Handshake Very effective for stopping most such attacks Problems: –The attacker can succeed if “y” can be predicted –Other DoS attacks are still possible (e.g., TCP SYN-flood)

22 NS-H0503-02/110422 IP Spoofing & SYN Flood X establishes a TCP connection with B assuming A’s IP address A B X (1) SYN Flood (2) predict B’s TCP seq. behavior SYN(seq=m),src=A (3)(4)SYN(seq=n)ACK(seq=m+1) (5) ACK(seq=n+1)

23 NS-H0503-02/110423 Vulnerability A vulnerability (or security flaw) is a specific failure of the security controls. Using the failure to violate the site security: exploiting the vulnerability; the person who does this: an attacker. It can be due to: –Lapses in design, implementation, and operation procedures. –Even security algorithms/systems are not immune! We will go over some examples in this course.

24 NS-H0503-02/110424 IP Protocol-related Vulnerabilities Authentication based on IP source address –But no effective mechanisms against IP spoofing Consequences (possible exploits) –Denial of Service attacks on infrastructures, e.g. IP Spoofing and SYN Flood Smurf and Fraggle attacks OSPF Max Sequence

25 NS-H0503-02/110425 Methods of Defence Encryption Software Controls (access limitations in a data base, in operating system protect each user from other users) Hardware Controls (smartcard) Policies (frequent changes of passwords) Physical Controls

26 NS-H0503-02/110426 Impact of Attacks Theft of confidential information Unauthorized use of –Network bandwidth –Computing resource Spread of false information Disruption of legitimate services All attacks can be related and are dangerous!

27 NS-H0503-02/110427 The Security Life Cycle The iterations of –Threats –Policy –Specification –Design –Implementation –Operation and maintenance

Download ppt "NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility."

Similar presentations

An Overview of Computer and Network Security Nick Feamster CS 6262 Spring 2009.

An Overview of Computer and Network Security Nick Feamster CS 6262 Spring 2009.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.

ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
1 Network Security Ola Flygt Växjö University +46 470 70 86 49.

1 Network Security Ola Flygt Växjö University
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
An Overview of Computer and Network Security CS535, TE/CS 536 Network Security Spring 2005 – Lecture 2.

An Overview of Computer and Network Security CS535, TE/CS 536 Network Security Spring 2005 – Lecture 2.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Manajemen Jaringan dan Network Security Pertemuan 26 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.

Manajemen Jaringan dan Network Security Pertemuan 26 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.
Blekinge Institute of Technology, Sweden

Blekinge Institute of Technology, Sweden
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
1 Pertemuan 26 Manajemen Jaringan dan Network Security Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.

1 Pertemuan 26 Manajemen Jaringan dan Network Security Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Similar presentations

Ads by Google