SlideShare a Scribd company logo

Network security

Download as PPTX, PDF
Attaullah Khan
Attaullah Khan

TCP/IP

Engineering
1 of 13
NETWORK SECURITY Introduction We are living in the information age. • Information needs to be secured from attacks. • Information needs to be hidden from unauthorized access called confidentiality. • Protected from unauthorized change called integrity. • Available to an authorized entity when it is needed called availability. • Information is now distributed. Authorized people can send and retrieve information from a distance using computer networks. • Not only should information be confidential when it is stored; there should also be a way to maintain its confidentiality when it is transmitted from one computer to another.
• We first discuss the three major goals of information security. We then see how attacks can threaten these three goals. Finally we define a technique to implement the security goals and prevent attacks.
Security Goals Confidentiality • We need to protect our confidential information against those malicious actions that endanger the confidentiality of its information. • Confidentiality not only applies to the storage of the information, it also applies to the transmission of information. • When we send a piece of information to be stored in a remote computer or when we retrieve a piece of information from a remote computer, we need to conceal it during transmission.
Integrity • Information needs to be changed constantly. • In a bank, when a customer deposits or withdraws money, the balance of her account needs to be changed. • Integrity means that changes need to be done only by authorized entities and through authorized mechanisms.
Availability • The third component of information security is availability. • The information created and stored by an organization needs to be available to authorized entities. • Information needs to be constantly changed, which means it must be accessible to authorized entities. • The unavailability of information is just as harmful for an organization. • Imagine what would happen to a bank if the customers could not access their accounts for transactions.
Attacks • Our three goals of security i.e. confidentiality, integrity, and availability can be threatened by security attacks.
Attacks Threatening Confidentiality • Two types • Snooping refers to unauthorized access of data. • For example, a file transferred through internet may contain confidential information. An unauthorized entity may intercept the transmission and use the contents for her own benefit.
Traffic Analysis • Monitoring online traffic. • For example, she can find the electronic address (such as the e-mail address) of the sender or the receiver or she can collect pairs of requests and responses to help her guess or the nature of the transaction.
Attacks Threatening Integrity • Four types • Modification : After intercepting or accessing information, the attacker modifies the information to make it beneficial to herself. • For example, a customer sends a message to a bank to do some transaction. The attacker intercepts the message and changes the type of transaction to benefit herself. Note that sometimes the attacker simply deletes or delays the message to harm the system or to benefit from it.
• Masquerading : Masquerading or spoofing happens when the attacker copies somebody else. For example, an attacker might steal the bank card and PIN of a bank customer and pretend that she is that customer. Sometimes the attacker pretends to be the receiver entity. For example, a user tries to contact a bank, but another site pretends that it is the bank and obtains some information from the user.
• Replaying : Replaying is another attack. • The attacker obtains a copy of a message sent by a user and later tries to replay it. For example, a person sends a request to her bank to ask for payment .The attacker intercepts the message and sends it again to receive another payment from the bank.
Repudiation • It is performed by one of the two parties in the communication: the sender or the receiver. • The sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message. • An example of denial by the sender would be a bank customer asking her bank to send some money to a third party but later denying that she has made such a request. • An example of denial by the receiver could occur when a person buys a product from a manufacturer and pays for it electronically, but the manufacturer later denies having received the payment and asks to be paid.
Attacks Threatening Availability • Denial of Service : Denial of service (DoS) is a very common attack. • It may slow down or totally interrupt the service of a system. • She might send so many bogus requests to a server that the server crashes because of the heavy load. The attacker might intercept and delete a server’s response to a client, making the client believe that the server is not responding. • The attacker may also intercept requests from the clients, causing the clients to send requests many times and overload the system.

Recommended

Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network securitysneha padhiar
 
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Atika Zaimi
 
Information security introduction
Information security introductionInformation security introduction
Information security introductionG Prachi
 
Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Don Kim
 
Class 16
Class 16Class 16
Class 16Dr. Ajith Sundaram
 
Automated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsAutomated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsLionel Briand
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
Network security ppt
Network security pptNetwork security ppt
Network security pptshashi712
 

Recommended

Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network securitysneha padhiar
 
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Atika Zaimi
 
Information security introduction
Information security introductionInformation security introduction
Information security introductionG Prachi
 
Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Don Kim
 
Class 16
Class 16Class 16
Class 16Dr. Ajith Sundaram
 
Automated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsAutomated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsLionel Briand
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
Network security ppt
Network security pptNetwork security ppt
Network security pptshashi712
 
Cryptography Network Security Introduction
Cryptography Network Security IntroductionCryptography Network Security Introduction
Cryptography Network Security IntroductionAlwyn Rajiv
 
CRYPTOGRAPHY AND NETWORK SECURITY.pptx
CRYPTOGRAPHY AND NETWORK SECURITY.pptxCRYPTOGRAPHY AND NETWORK SECURITY.pptx
CRYPTOGRAPHY AND NETWORK SECURITY.pptxbhavyag24
 
ch1-1.ppt
ch1-1.pptch1-1.ppt
ch1-1.pptNayyabMirTahir
 
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptxCH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptxsangeeta borde
 
Attacks Types
Attacks TypesAttacks Types
Attacks TypesRajuPrasad33
 
cyber-warfare.pptx
cyber-warfare.pptxcyber-warfare.pptx
cyber-warfare.pptxHanzalahKhan8
 
Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introductionDr.Florence Dayana
 
Chapter-I introduction
Chapter-I introductionChapter-I introduction
Chapter-I introductionDr.Florence Dayana
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptxBisharSuleiman
 
Network Security
Network SecurityNetwork Security
Network Securitymoviebro1
 
INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxBHUt6
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfkrishnapriya673257
 
Topic6 Security Attacks.pptx
Topic6 Security Attacks.pptxTopic6 Security Attacks.pptx
Topic6 Security Attacks.pptxSufyanArshad11
 
Unit 3B.pdf
Unit 3B.pdfUnit 3B.pdf
Unit 3B.pdfTuhinUtsabPaul
 
3-UnitV_security.pptx
3-UnitV_security.pptx3-UnitV_security.pptx
3-UnitV_security.pptxSubhadipDutta36
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyUmangThakkar26
 
Security Threats
Security ThreatsSecurity Threats
Security ThreatsYasmeen Shaikh
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxRizwanBasha12
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 

More Related Content

Similar to Network security

Cryptography Network Security Introduction
Cryptography Network Security IntroductionCryptography Network Security Introduction
Cryptography Network Security IntroductionAlwyn Rajiv
 
CRYPTOGRAPHY AND NETWORK SECURITY.pptx
CRYPTOGRAPHY AND NETWORK SECURITY.pptxCRYPTOGRAPHY AND NETWORK SECURITY.pptx
CRYPTOGRAPHY AND NETWORK SECURITY.pptxbhavyag24
 
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptxCH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptxsangeeta borde
 
Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptxBisharSuleiman
 
Network Security
Network SecurityNetwork Security
Network Securitymoviebro1
 
INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxBHUt6
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfkrishnapriya673257
 
Topic6 Security Attacks.pptx
Topic6 Security Attacks.pptxTopic6 Security Attacks.pptx
Topic6 Security Attacks.pptxSufyanArshad11
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyUmangThakkar26
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxRizwanBasha12
 

Similar to Network security (20)

Cryptography Network Security Introduction
Cryptography Network Security IntroductionCryptography Network Security Introduction
Cryptography Network Security Introduction
 
CRYPTOGRAPHY AND NETWORK SECURITY.pptx
CRYPTOGRAPHY AND NETWORK SECURITY.pptxCRYPTOGRAPHY AND NETWORK SECURITY.pptx
CRYPTOGRAPHY AND NETWORK SECURITY.pptx
 
ch1-1.ppt
ch1-1.pptch1-1.ppt
ch1-1.ppt
 
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptxCH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
 
cyber-warfare.pptx
cyber-warfare.pptxcyber-warfare.pptx
cyber-warfare.pptx
 
Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commerce
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introduction
 
Chapter-I introduction
Chapter-I introductionChapter-I introduction
Chapter-I introduction
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptx
 
Network Security
Network SecurityNetwork Security
Network Security
 
INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptx
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdf
 
Topic6 Security Attacks.pptx
Topic6 Security Attacks.pptxTopic6 Security Attacks.pptx
Topic6 Security Attacks.pptx
 
Unit 3B.pdf
Unit 3B.pdfUnit 3B.pdf
Unit 3B.pdf
 
3-UnitV_security.pptx
3-UnitV_security.pptx3-UnitV_security.pptx
3-UnitV_security.pptx
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Security Threats
Security ThreatsSecurity Threats
Security Threats
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptx
 

Recently uploaded

FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdfKamal Acharya
 
Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01KreezheaRecto
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Christo Ananth
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICSUNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICSrknatarajan
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLManishPatel169454
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 

Recently uploaded (20)

FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICSUNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
 

Network security

  • 1. NETWORK SECURITY Introduction We are living in the information age. • Information needs to be secured from attacks. • Information needs to be hidden from unauthorized access called confidentiality. • Protected from unauthorized change called integrity. • Available to an authorized entity when it is needed called availability. • Information is now distributed. Authorized people can send and retrieve information from a distance using computer networks. • Not only should information be confidential when it is stored; there should also be a way to maintain its confidentiality when it is transmitted from one computer to another.
  • 2. • We first discuss the three major goals of information security. We then see how attacks can threaten these three goals. Finally we define a technique to implement the security goals and prevent attacks.
  • 3. Security Goals Confidentiality • We need to protect our confidential information against those malicious actions that endanger the confidentiality of its information. • Confidentiality not only applies to the storage of the information, it also applies to the transmission of information. • When we send a piece of information to be stored in a remote computer or when we retrieve a piece of information from a remote computer, we need to conceal it during transmission.
  • 4. Integrity • Information needs to be changed constantly. • In a bank, when a customer deposits or withdraws money, the balance of her account needs to be changed. • Integrity means that changes need to be done only by authorized entities and through authorized mechanisms.
  • 5. Availability • The third component of information security is availability. • The information created and stored by an organization needs to be available to authorized entities. • Information needs to be constantly changed, which means it must be accessible to authorized entities. • The unavailability of information is just as harmful for an organization. • Imagine what would happen to a bank if the customers could not access their accounts for transactions.
  • 6. Attacks • Our three goals of security i.e. confidentiality, integrity, and availability can be threatened by security attacks.
  • 7. Attacks Threatening Confidentiality • Two types • Snooping refers to unauthorized access of data. • For example, a file transferred through internet may contain confidential information. An unauthorized entity may intercept the transmission and use the contents for her own benefit.
  • 8. Traffic Analysis • Monitoring online traffic. • For example, she can find the electronic address (such as the e-mail address) of the sender or the receiver or she can collect pairs of requests and responses to help her guess or the nature of the transaction.
  • 9. Attacks Threatening Integrity • Four types • Modification : After intercepting or accessing information, the attacker modifies the information to make it beneficial to herself. • For example, a customer sends a message to a bank to do some transaction. The attacker intercepts the message and changes the type of transaction to benefit herself. Note that sometimes the attacker simply deletes or delays the message to harm the system or to benefit from it.
  • 10. • Masquerading : Masquerading or spoofing happens when the attacker copies somebody else. For example, an attacker might steal the bank card and PIN of a bank customer and pretend that she is that customer. Sometimes the attacker pretends to be the receiver entity. For example, a user tries to contact a bank, but another site pretends that it is the bank and obtains some information from the user.
  • 11. • Replaying : Replaying is another attack. • The attacker obtains a copy of a message sent by a user and later tries to replay it. For example, a person sends a request to her bank to ask for payment .The attacker intercepts the message and sends it again to receive another payment from the bank.
  • 12. Repudiation • It is performed by one of the two parties in the communication: the sender or the receiver. • The sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message. • An example of denial by the sender would be a bank customer asking her bank to send some money to a third party but later denying that she has made such a request. • An example of denial by the receiver could occur when a person buys a product from a manufacturer and pays for it electronically, but the manufacturer later denies having received the payment and asks to be paid.
  • 13. Attacks Threatening Availability • Denial of Service : Denial of service (DoS) is a very common attack. • It may slow down or totally interrupt the service of a system. • She might send so many bogus requests to a server that the server crashes because of the heavy load. The attacker might intercept and delete a server’s response to a client, making the client believe that the server is not responding. • The attacker may also intercept requests from the clients, causing the clients to send requests many times and overload the system.