Download presentation
Presentation is loading. Please wait.
1
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture 4: An Introduction to Security Dr. Kemal Akkaya E-mail: kemal@cs.siu.edu
2
Kemal AkkayaWireless & Network Security 2 Network Security Principles Availability: means ensuring that the service offered by the node will be available to its users when expected despite denial of service attacks (DoS). Confidentiality: ensures that certain information is never disclosed to unauthorized entities. Authentication: enables a node to ensure the identity of the peer node it is communicating with. Integrity: means ensuring that the node/data has not been maliciously altered. Non-repudiation: ensures that the origin of a message cannot deny having sent the message. Authorization: means permission of access to use certain resources
3
Kemal AkkayaWireless & Network Security 3 Attacks Classification and violation
4
Kemal AkkayaWireless & Network Security 4 Definitions Snooping: Capturing packets (Airsnoop) Selfishness: Do not participate (forwarding, services etc.) Wormhole: Replaying messages Blackhole: A malicious node falsely advertises good paths Byzantine: Compromised node(s) create loops, drop packets to hinder routing Information disclosure: Malicious node give information to unauthorized nodes about network topology, routing etc. Resource consumption: Sending unnecessary packets to consume energy, bandwidth of nodes Routing: Unnecessary update of routing tables, caches etc. Session hijacking: Capturing the session between two parties Repudiation: Denial of participation in the communication Device tampering: Capturing, damaging physical device Man-in-the middle: Listening communication between two parties and impersonate SYN flooding: TCP related DDOS: Distributed Denial of Service
5
Kemal AkkayaWireless & Network Security 5 Risks DoS Flood Captured Email, Logins, Passwords, etc. Trusted Station authorized to use company network Evil Twin AP pretends to be Trusted AP connected to company network Neighbor AP accidental associations from Trusted Stations Malicious Station may attack Trusted APs or Trusted Stations Company Network Company Network Unauthorized AP backdoor access to company network AdHoc Station accidental associations with Trusted Stations This slide is a courtesy of Philip LaViscount, CISSP
6
Kemal AkkayaWireless & Network Security 6 Security Services Security attack ConfidentialityInterception Message AuthenticationModification, Impersonation Digital SignaturesFabrication Access ControlMasquerading AvailabilityDenial of Service
7
Kemal AkkayaWireless & Network Security 7 Encryption Algorithms The strength of the encryption is dependent mostly on the size of the secret key. Encryption algorithms employed today are almost impossible to break except by brute force that involves searching through all possible keys. Public key algo.Secret key algo. Share key?NoYes SpeedSlowFast Key length1024 or more80 or more
8
Kemal AkkayaWireless & Network Security 8 Breaking Encryption Algorithms Secret Key Length RSA key length Time to break Memory Requirement 56430< 5 minutesTrivial 80760600 months4GB 9610203 million years 170GB 128162010 16 years120TB Cost of breaking different encryption algorithms with different key lengths
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.