Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)"— Presentation transcript:

1 Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)

2 2 Learning Objectives n Discuss security goals n Discuss defense systems against – Intercepting confidential messages – DoS attacks – Malware attacks

3 3 Security Goals nIf eavesdropping and message alteration attacks succeed, in which of the following ways the victims could be affected? a)Data files stored on hard drives might be deleted b)Data files stored on hard drives might be altered c)Data being transmitted could be altered d)Data being transmitted could be intercepted and used by the attacker e)Users might not be able to get network services for a certain period of time f)The network might slow down Confidentiality = Main goal of implementing defense systems against eavesdropping and message alteration.

4 4 Security Goals nIf a malware attack succeeds, in which of the following ways the victims could be affected? a)Data files stored on hard drives might be deleted b)Data files stored on hard drives might be altered c)Data being transmitted could be altered d)Data being transmitted could be intercepted and used by the attacker e)Users might not be able to get network services for a certain period of time f)The network might slow down Integrity = Main goal of implementing defense systems against malware attacks.

5 5 Security Goals nIf a DoS attack succeeds, in which of the following ways the victims could be affected? a)Data files stored on hard drive might be deleted b)Data files stored on hard drives might be altered c)Data being transmitted could be altered d)Data being transmitted could be intercepted and used by the attacker e)Users might not be able to get network services for a certain period of time f)The network might slow down Availability = Main goal of implementing defense systems against DoS attacks.

6 6 Security Goals n CIA is the key word in implementing security – C onfidentiality of communications – I ntegrity of data – A vailability of network services and resources

7 7 Encryption-Decryption techniques n Cryptography is the study of creating and using encryption and decryption techniques. Plaintext is the data before any encryption has been performed Ciphertext is the data after encryption has been performed The key is the unique piece of information that is used to create ciphertext and decrypt the ciphertext back into plaintext

8 8 Encryption-Decryption techniques n Key = COMPUTER SCIENCE n Plaintext = this is the account number you have requested n Algorithm based on Vigenere matrix

9 9 Encryption-Decryption techniques 1) Look at the first letter in the plaintext (T) 2) Look at the corresponding key character immediately above it (C) 3) C tells us to use row C of Vigenere matrix to perform alphabetic substitution for plaintext character T 4) Go to column T in row C and find the cipher character V 5) Repeat Steps 1 through 4 for every character of the plaintext. COMPUTERSCIENCECOMPUTERSCIENCECOMPUTERSCIENCE Thisistheaccountnumberyouhaverequested

10 10 Encryption and Decryption techniques n Encryption algorithm cannot be kept secret n Key must be kept secret PlaintextEncryptionCiphertextDecryptionPlaintext Algorithm Key Algorithm Key TransmittedOriginal Message Original Message

11 11 Encryption: Key Length n Key can be “guessed” by exhaustive search – Try all possible keys – See which one decrypts the message n Long keys make exhaustive search difficult – If length is n bits, 2 n tries may be needed – If key length is 8 bits, only 256 tries maximum – Usually, Key Length ≥ 56 bits Assume a key is 56 bits. If it takes 0.00024 seconds to try each key, how long will it take to try all possible keys? What if 10000 computers are working together to try all key combinations?

12 12 Encryption-Decryption methods n Symmetric key encryption method – Use a single key for Encryption-Decryption – Examples: Data Encryption Standard (DES), 3DES n Public/Private key encryption method – Use different keys for Encryption-Decryption – Examples: RSA, Elliptical curve cryptosystem

13 13 Symmetric Encryption-Decryption n Symmetric key must be distributed secretly between partners n When Partner A sends to Partner B n Partner A encrypts with the key, partner B decrypts with the key n When Partner B send to Partner A n Partner B encrypts with the key, partner A decrypts with the key PlaintextEncryptionCiphertextDecryptionPlaintext 1010010101Transfer $5,000 Transfer $5,000

14 14 Symmetric Encryption-Decryption n Advantages: n Simple enough for fast Encryption-Decryption n Fast enough for long messages n Disadvantages: n Need a different Symmetric key for each partner (or other partners could read messages) n If N partners, need N*(N-1)/2 keys. PlaintextEncryptionCiphertextDecryptionPlaintext 1010010101Transfer $5,000 Transfer $5,000

15 15 Public/Private key Encryption- Decryption n Each partner has a private key (kept secret) and a public key (shared with everybody) n Sending n Partner A encrypts with the public key of Partner B n Partner B encrypts with the public key of Partner A n Receiving n Each receiver decrypt with its own private key Encrypt with Party B’s Public Key Partner A Partner B Decrypt with Party B’s Private Key

16 16 Public/Private key Encryption- Decryption n Advantages: n Once the message is encrypted, nobody can decrypted it except the receiver n Simplicity of key exchange: No need to exchange public key securely n Disadvantages: n Complex: Requires many computer processing cycles to do Public Encryption-Decryption n Can only be used to encrypt small messages Encrypt with Party B’s Public Key Partner A Partner B Decrypt with Party B’s Private Key

17 17 Summary Questions 3) Jason sends a message to Kristin using public key encryption. (a) What key will Jason use to encrypt the message? (b) What key will Kristin use to decrypt the message? (c) What key will Kristin use to encrypt the reply? (d) What key will Jason use to decrypt the reply? (e) Can the message and reply be long messages? Explain. (a) (b) (c) (d) (e) 4) Does public key encryption have a problem with secure key exchange for the public key? Explain.

18 18 What is common to malware attacks? n Malware or content attack messages – Include illicit content in the data filed of the message IP-H TCP-H UDP-HApplication Layer Message Defense systems for protecting against malware attacks are designed to filter Application layer messages. Are Anti-Virus Programs or Application Firewalls.

19 19 What is common to DoS messages? n Most DoS messages – Include Heading fields that might hide false identity IP-H TCP-H UDP-HApplication Layer Message Defense systems for protecting against DoS attacks are designed to check message headers. Could be Firewalls or Intrusion Detection Systems

20 20 Firewall? n A security system that implement an access control policy between two networks – Usually between the corporate network and an external network. n A firewall limits n The types of messages that enters a network n The types of messages that leaves the network

21 21 Kinds of Firewall n All firewalls – Examine parts (fields) of incoming messages – Permit or deny access based on a list of rules n Based on the way they operate, there are – Packet Filter firewalls – Application (proxy) firewalls

22 22 Packet Filter Firewall Packet Filter Firewall IP-H TCP-H UDP-HApplication Message IP-HICMP Message Arriving Packets Permit Deny Corporate NetworkThe Internet Examines content of IP header, TCP header, UDP header, and content of ICMP supervisory messages

23 23 Packet Filter Firewall: Common rules n IP headers include IP addresses – A company could decide to block messages with specific IP addresses. So, the firewall could be configured to do so. n TCP headers include port numbers that indicate which application service is desired – A company could decide to block any outsider from trying to telnet into the company. So, it could configure its firewall to stop all incoming message requesting port 23 – A company could decide to stop outgoing messages requesting Usenet (port 119) IF Interface = External And Destination port = 23 And Destination IP address <> 172.16.x.x THEN DENY Example of rule for denying access Telnet (remote login): port 23 Usenet (newsgroup service): port 119 E-Mail (SMTP): port 25 Web browsing: port 80 Typical TCP port numbers

24 24 Application (Proxy) Firewall n Application firewalls, also known as Proxy firewalls – Examine Application layer messages to check for illicit content n Application firewalls and Packet filter firewalls are complementary – In terms of what part of a message they examine. IP-H TCP-H UDP-HApplication layer message

25 25 Application (Proxy) Firewalls SMTP (E-Mail) Proxy FTP Proxy Application Firewall HTTP Proxy Browser Webserver Application 1. HTTP Request Client PC Webserver 2. Examined HTTP Request 3. HTTP Response 4. Examined HTTP Response Acts like a server program to a client program, and like a client program to a server program

26 26 Application (Proxy) Firewalls n Intercept messages from clients to a server and intercept messages from a server to its clients n Read Application layer messages to scan for illicit content n IF illicit content detected, the message is discarded n Multiple types of application proxy programs because – Different application programs have different characteristics to examine.

27 27 Intrusion Detection Systems n Software or hardware device that – Capture network activity data in log files – Generate alarms in case of suspicious activities

28 28 Summary Questions 1. What are the three main security goals Answer: See slide #6 2. What parts of incoming messages do packet filter firewalls examine? Answer: See slide #22 3. a) What parts of incoming messages do application firewalls examine? b) What do they look for? Answer: a) Application layer messages. b) They look for illicit content. 4. What is an IDS? What it is used for?

Download ppt "Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)"

Similar presentations

DMZ (De-Militarized Zone)

DMZ (De-Militarized Zone)
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Access Control and Site Security (Part 1) Thursday 1/17/2008) © Abdou Illia – Spring 2008.

Access Control and Site Security (Part 1) Thursday 1/17/2008) © Abdou Illia – Spring 2008.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Definition : Computer Virus A computer program with the characteristic feature of being able to generate copies of itself, and thereby spread. Additionally.

Definition : Computer Virus A computer program with the characteristic feature of being able to generate copies of itself, and thereby spread. Additionally.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : 97077200 7 August 1999 The Chinese University.

Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Similar presentations

Ads by Google