Uploaded byMuhammadShahid677091
186 views

Network Security- Lecture-01-03-1.pdf

This document provides an introduction to a university course on network security. It outlines administrative details of the course such as the instructor, communication channels, class format, readings, and grading policy. It then defines key security concepts like confidentiality, integrity, and availability. It discusses security threats, attacks, and controls. It also provides examples of network security violations and outlines the OSI security architecture and a basic network security model. The goal is to give students an overview of fundamental network security principles.

Embed presentation

Download to read offline
Network Security (ITEC4111) Lecture-01-03 Network Security- An Introduction Course Instructor: Hafeez Ahmed University of Education Lahore (Multan campus)
Administrative • Instructor • Hafeez Ahmed, Visiting lecturer • MS-EE (Wireless Communications) • PhD (Information Security)- In progress… • Communication • Google Class Room (GCR) Joining code- jxzbfiv • https://classroom.google.com/c/MzUzMzU4NzE5NjY5?cjc=jxzbfiv • Email: hafeezahmad.vf@ue.edu.pk • Whatsapp Class Group: +92-300-6611638 University of Education Lahore (Multan campus)
Class Format • Meet two times a week • Online classes on GCR • https://classroom.google.com/c/MzUzMzU4NzE5NjY5?cjc=jxzbfiv • GCR Code: jxzbfiv • Mostly lecture format – Will attempt to have a class exercise. Will be noted on GCR. – Will attempt to make this relevant for online mode too. • Lectures video taped for online classes – All have access to tapes. Link on GCR. • Posted slides not sufficient to master material alone University of Education Lahore (Multan campus)
Class Readings • Text Book- Computer Security: Art and Science by Matt Bishop 2nd edition • Reference Book: Cryptography and Network Security Principles and Practice by William Stallings 6th Edition • Additional readings shall be provided via GCR or email University of Education Lahore (Multan campus)
Grading Policy • Mid term exam- 20% • Quiz- 3~ 5% • Assignment- 3~ 5 % • Final Project Presentation 5 % • Attendance and participation* 5 % • Final term exam 60% University of Education Lahore (Multan campus)
Security- Definition The protection afforded to an automated information system in order to attain the applicable objectives of preserving the confidentiality, integrity and availability of information system resources (includes hardware, software, firmware, information/data, and telecommunications). University of Education Lahore (Multan campus)
Security Components- CIA triad • Confidentiality – Keeping data and resources hidden – To be secured, information needs to be hidden from unauthorized access • Integrity – Data integrity (integrity) & Origin integrity (authentication) – protected from unauthorized change • Availability – Enabling access to data and resources – available to an authorized entity when it is needed University of Education Lahore (Multan campus)
e-Voting Machine (EVM)- A case study University of Education Lahore (Multan campus)
Expectations of Voting •Vote is by secret ballot •The vote should be correctly tallied; all votes cast should be counted in the election •Every eligible voter who presents themselves at the polling place should be able to vote University of Education Lahore (Multan campus) Confidentiality Integrity Availability
Threat Terms • Threat – Set of circumstances that has the potential to cause loss or harm. Or a potential violation of security. • Vulnerability – Weakness in the system that could be exploited to cause loss or harm • Attack – When an entity exploits a vulnerability on system • Control – A means to prevent a vulnerability from being exploited University of Education Lahore (Multan campus)
Classes of Threats • Disclosure – Unauthorized access to information • Deception – Acceptance of false data • Disruption – Interruption or prevention of correct operation • Usurpation – Unauthorized control of some part of a system University of Education Lahore (Multan campus)
Some Common Threats • Snooping – Unauthorized interception of information • Modification or alteration – Unauthorized change of information • Masquerading or Spoofing – An impersonation of one entity by another • Repudiation of origin – A false denial that an entity sent or created something. • Denial of receipt – A false denial that an entity received some information. University of Education Lahore (Multan campus)
More Common Threats • Delay – A temporary inhibition of service • Denial of Service – A long-term inhibition of service University of Education Lahore (Multan campus)
Taxonomy of attacks with relation to security goals University of Education Lahore (Multan campus)
More Definitions • Policy – A statement of what is and what is not allowed – Divides the world into secure and non-secure states – A secure system starts in a secure state. All transitions keep it in a secure state. • Mechanism – A method, tool, or procedure for enforcing a security policy University of Education Lahore (Multan campus)
Assurance • Evidence of how much to trust a system • Evidence can include: – System specifications – Design – Implementation • Mappings between the levels University of Education Lahore (Multan campus)
An example- Aspirin Assurance • Why do you trust Aspirin from a major manufacturer? – FDA certifies the aspirin recipe – Factory follows manufacturing standards – Safety seals • Analogy to software assurance University of Education Lahore (Multan campus)
The OSI security architecture • ITU-T Recommendation: X.800, Security Architecture for OSI, defines systematic approach. • The OSI security architecture is useful to managers as a way of organizing the task of providing security. • The OSI security architecture focuses on: • 1. Security attacks, • 2. Mechanisms, and • 3. Services. University of Education Lahore (Multan campus)
The OSI security architecture • Security attack: Any action that compromises the security of information owned by an organization. • Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. • Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. University of Education Lahore (Multan campus)
Security Attacks • Active attack- An active attack attempts to alter system resources or affect their operation. • Passive attack- A passive attack attempts to learn or make use of information from the system but does not affect system resources. University of Education Lahore (Multan campus)
University of Education Lahore (Multan campus) Active Attack Passive Attack Attacker needs to have physical control of the media or network. Attacker merely needs to observe the communication in the media or network. It can be easily detected. It cannot be easily detected. It affects the system. It does not affect the system. It involves a modification of data. It involves the monitoring of data. Types of active attacks are Masquerade, session replay, denial of service, distributed denial of service. Types of passive attacks are the Release of a message, traffic analysis. It does not check for loopholes or vulnerabilities. It scans the ports and network in the search of loopholes and vulnerabilities. It is difficult to prevent network from active attack. Passive attacks can be prevented.
University of Education Lahore (Multan campus)
University of Education Lahore (Multan campus)
University of Education Lahore (Multan campus)
Network and Internet Security- security violation • 1. User A transmits a file to user B. The file contains sensitive information (e.g., payroll records) that is to be protected from disclosure. User C, who is not authorized to read the file, is able to monitor the transmission and capture a copy of the file during its transmission. • 2. A network manager, D, transmits a message to a computer, E, under its management. The message instructs computer E to update an authorization file to include the identities of a number of new users who are to be given access to that computer. User F intercepts the message, alters its contents to add or delete entries, and then forwards the message to computer E, which accepts the message as coming from manager D and updates its authorization file accordingly. University of Education Lahore (Multan campus)
Network and Internet Security- security violation • 3. Rather than intercept a message, user F constructs its own message with the desired entries and transmits that message to computer E as if it had come from manager D. Computer E accepts the message as coming from manager D and updates its authorization file accordingly. • 4. An employee is fired without warning. The personnel manager sends a message to a server system to invalidate the employee’s account. When the invalidation is accomplished, the server is to post a notice to the employee’s file as confirmation of the action. The employee is able to intercept the message and delay it long enough to make a final access to the server to retrieve sensitive information. The message is then forwarded, the action taken, and the confirmation posted. The employee’s action may go unnoticed for some considerable time. University of Education Lahore (Multan campus)
Network and Internet Security- security violation • 5. A message is sent from a customer to a stockbroker with instructions for various transactions. Subsequently, the investments lose value and the customer denies sending the message. • Although this list by no means exhausts the possible types of network security violations, it illustrates the range of concerns of network security. University of Education Lahore (Multan campus)
Network Security- Model University of Education Lahore (Multan campus)
Key Points • Must look at the big picture when securing a system • Main components of security – Confidentiality – Integrity – Availability • Differentiating Threats, Vulnerabilities, Attacks and Controls • Policy vs mechanism • Assurance University of Education Lahore (Multan campus)
University of Education Lahore (Multan campus) Exercise Problem: Consider an automated teller machine (ATM) in which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.
University of Education Lahore (Multan campus) End of Lecture, Thanks! Queries?

More Related Content

PDF
Network security - OSI Security Architecture
byBharathiKrishna6
 
PPTX
Operating system security
byRamesh Ogania
 
PPT
Security Attacks.ppt
byZaheer720515
 
PPTX
Non repudiation
byJasleen Khalsa
 
PPTX
Network traffic analysis with cyber security
byKAMALI PRIYA P
 
PPTX
Topic1 substitution transposition-techniques
byMdFazleRabbi18
 
PPT
Error Detection And Correction
byRenu Kewalramani
 
PPTX
Distance Vector Routing
byShouvikDhali
 
Network security - OSI Security Architecture
byBharathiKrishna6
 
Operating system security
byRamesh Ogania
 
Security Attacks.ppt
byZaheer720515
 
Non repudiation
byJasleen Khalsa
 
Network traffic analysis with cyber security
byKAMALI PRIYA P
 
Topic1 substitution transposition-techniques
byMdFazleRabbi18
 
Error Detection And Correction
byRenu Kewalramani
 
Distance Vector Routing
byShouvikDhali
 

What's hot

PPTX
9780840024220 ppt ch09
byKristin Harrison
 
PPT
Monoalphabetic Substitution Cipher
bySHUBHA CHATURVEDI
 
PPTX
Active and Passive Network Attacks
byPradipta Poudel
 
PPTX
Tools and methods used in cybercrime
bypatelripal99
 
PPT
13 asymmetric key cryptography
bydrewz lin
 
PPTX
Transposition Cipher
bydaniyalqureshi712
 
PPTX
Cryptography ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
Cloud Computing & Distributed Computing
byAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
PPTX
Cryptography.ppt
bykusum sharma
 
PDF
Algorithmic problem solving
byPrabhakaran V M
 
PPTX
Confusion and Diffusion.pptx
bybcanawakadalcollege
 
PDF
Security and Viruses
byAmrit Kaur
 
PPTX
Basic Dynamic Analysis of Malware
byNatraj G
 
PPTX
Cryptography
bysubodh pawar
 
PPTX
Cryptography
bySagar Janagonda
 
PPTX
Firewall and its types and function
byNisarg Amin
 
PPTX
Public Key Cryptography
byGopal Sakarkar
 
PDF
Concurrent/ parallel programming
byTausun Akhtary
 
PPTX
Cryptography
bySidharth Mohapatra
 
PPTX
Computer Network - Network Layer
byManoj Kumar
 
9780840024220 ppt ch09
byKristin Harrison
 
Monoalphabetic Substitution Cipher
bySHUBHA CHATURVEDI
 
Active and Passive Network Attacks
byPradipta Poudel
 
Tools and methods used in cybercrime
bypatelripal99
 
13 asymmetric key cryptography
bydrewz lin
 
Transposition Cipher
bydaniyalqureshi712
 
Cryptography ppt
byOECLIB Odisha Electronics Control Library
 
Cloud Computing & Distributed Computing
byAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Cryptography.ppt
bykusum sharma
 
Algorithmic problem solving
byPrabhakaran V M
 
Confusion and Diffusion.pptx
bybcanawakadalcollege
 
Security and Viruses
byAmrit Kaur
 
Basic Dynamic Analysis of Malware
byNatraj G
 
Cryptography
bysubodh pawar
 
Cryptography
bySagar Janagonda
 
Firewall and its types and function
byNisarg Amin
 
Public Key Cryptography
byGopal Sakarkar
 
Concurrent/ parallel programming
byTausun Akhtary
 
Cryptography
bySidharth Mohapatra
 
Computer Network - Network Layer
byManoj Kumar
 

Similar to Network Security- Lecture-01-03-1.pdf

PDF
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
PDF
CRYPTOGRAPHY & NETWORK SECURITY
byJyothishmathi Institute of Technology and Science Karimnagar
 
PDF
BAIT1103 Chapter 1
bylimsh
 
PPT
Information Security Introduction Unit 1
byLokeshSaiKumarDasari2
 
PDF
Ch01 NetSec5e.pdf
byMohammadAbusaa3
 
PPT
Network and Information Security unit 1.ppt
byVivekananda Gn
 
PPTX
Network security # Lecture 1
byKabul Education University
 
PDF
Cryptography and Network Security ppt . pdf
by22cc005
 
PPTX
Ch01 NetSec5e.pptx
byAwais725629
 
PPTX
Ch1 Cryptography network security slides.pptx
bysalutiontechnology
 
PDF
Network security main
byYogeshDhamke2
 
PPTX
Introduction to Cryptography
byUmangThakkar26
 
PPTX
computer networks security detailed explained
byAlhajiBaturey
 
PPTX
02 fundamental aspects of security
byGemy Chan
 
PPTX
information security.pptx
byAwais725629
 
PPTX
abc.pptx
byBhargaviGorde1
 
PPT
cryptographic security
byPriyamvada Singh
 
PPT
ch01_nemo-Pendahuluan.ppt
byYusufYusufKurniawan
 
PPTX
sc.pptx
byWorknehEdimealem
 
PPT
Lecture1 Introduction
byrajakhurram
 
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
CRYPTOGRAPHY & NETWORK SECURITY
byJyothishmathi Institute of Technology and Science Karimnagar
 
BAIT1103 Chapter 1
bylimsh
 
Information Security Introduction Unit 1
byLokeshSaiKumarDasari2
 
Ch01 NetSec5e.pdf
byMohammadAbusaa3
 
Network and Information Security unit 1.ppt
byVivekananda Gn
 
Network security # Lecture 1
byKabul Education University
 
Cryptography and Network Security ppt . pdf
by22cc005
 
Ch01 NetSec5e.pptx
byAwais725629
 
Ch1 Cryptography network security slides.pptx
bysalutiontechnology
 
Network security main
byYogeshDhamke2
 
Introduction to Cryptography
byUmangThakkar26
 
computer networks security detailed explained
byAlhajiBaturey
 
02 fundamental aspects of security
byGemy Chan
 
information security.pptx
byAwais725629
 
abc.pptx
byBhargaviGorde1
 
cryptographic security
byPriyamvada Singh
 
ch01_nemo-Pendahuluan.ppt
byYusufYusufKurniawan
 
sc.pptx
byWorknehEdimealem
 
Lecture1 Introduction
byrajakhurram
 

Recently uploaded

PDF
AI SEO: Optimizing Content with Intelligent Algorithms
byIndeedseo
 
PDF
Online Digital Marketing Training in Hyderabad.pdf
bysriyabojagari1
 
PDF
How Search Engines Work: From Crawling to Ranking
byshreyaeta12
 
PDF
Common Causes of Duplicate Content and How They Impact SEO
byshreyaeta12
 
PDF
Google Ads: A Beginner’s Guide to Online Advertising
bytakepay23
 
PDF
How Web Design Impacts Content Marketing 2026.pdf
byDesign Studio UI UX
 
PDF
2026 BookMovement Book Club Promotions.pdf
byBookMovement
 
PDF
Best Practices for Acquiring LinkedIn Accounts in 2026.pdf
byBuy Old Facebook Accounts
 
PDF
Coca-Cola Marketing Case Study – Final PPT.pdf
byHeba Adel
 
PPT
The external environment of a business - Principles of Marketing
byKhalilUllahSafi3
 
PDF
10 KIM H SPBM Understanding Product Management.pdf
byRajesh Satpathy, Regional College of Management (RCM), Bhubaneswar
 
PPTX
4 Marinr Domestic Legal environment July 2013.pptx
byadnanoperation4
 
PDF
CL 6 KIM H SPBM - New Perspectives on Marketing.pdf
byRajesh Satpathy, Regional College of Management (RCM), Bhubaneswar
 
PDF
The Ultimate Guide to Buying LinkedIn Accounts_ Top 25 Sites for 2026.pdf
byBuy Old Gmail Accounts
 
DOCX
Buying Google Ads Accounts_ A Conservative Guide for Everyday.docx
byUSAALLHUB Digital Marketer in 2026
 
DOCX
How to Get a Verified Telegram Account_ A Complete Buying 2026.docx
byDigital marketimg USA
 
PDF
Your Guide to Buying Verified Snapchat Accounts This Year.pdf
byallseoit
 
DOCX
Top 19 Locations to Purchase Used Gmail Accounts in the US.docx
byBuy Old Gmail Accounts
 
PDF
Best Web Development Company in Delhi Expert Solutions for Modern Websites.pdf
bydigiboy279
 
DOCX
How to Effectively Manage Snapchat Ads Accounts.docx
byBuy Old Facebook Accounts
 
AI SEO: Optimizing Content with Intelligent Algorithms
byIndeedseo
 
Online Digital Marketing Training in Hyderabad.pdf
bysriyabojagari1
 
How Search Engines Work: From Crawling to Ranking
byshreyaeta12
 
Common Causes of Duplicate Content and How They Impact SEO
byshreyaeta12
 
Google Ads: A Beginner’s Guide to Online Advertising
bytakepay23
 
How Web Design Impacts Content Marketing 2026.pdf
byDesign Studio UI UX
 
2026 BookMovement Book Club Promotions.pdf
byBookMovement
 
Best Practices for Acquiring LinkedIn Accounts in 2026.pdf
byBuy Old Facebook Accounts
 
Coca-Cola Marketing Case Study – Final PPT.pdf
byHeba Adel
 
The external environment of a business - Principles of Marketing
byKhalilUllahSafi3
 
10 KIM H SPBM Understanding Product Management.pdf
byRajesh Satpathy, Regional College of Management (RCM), Bhubaneswar
 
4 Marinr Domestic Legal environment July 2013.pptx
byadnanoperation4
 
CL 6 KIM H SPBM - New Perspectives on Marketing.pdf
byRajesh Satpathy, Regional College of Management (RCM), Bhubaneswar
 
The Ultimate Guide to Buying LinkedIn Accounts_ Top 25 Sites for 2026.pdf
byBuy Old Gmail Accounts
 
Buying Google Ads Accounts_ A Conservative Guide for Everyday.docx
byUSAALLHUB Digital Marketer in 2026
 
How to Get a Verified Telegram Account_ A Complete Buying 2026.docx
byDigital marketimg USA
 
Your Guide to Buying Verified Snapchat Accounts This Year.pdf
byallseoit
 
Top 19 Locations to Purchase Used Gmail Accounts in the US.docx
byBuy Old Gmail Accounts
 
Best Web Development Company in Delhi Expert Solutions for Modern Websites.pdf
bydigiboy279
 
How to Effectively Manage Snapchat Ads Accounts.docx
byBuy Old Facebook Accounts
 

Network Security- Lecture-01-03-1.pdf

  • 1.
    Network Security (ITEC4111) Lecture-01-03 Network Security- AnIntroduction Course Instructor: Hafeez Ahmed University of Education Lahore (Multan campus)
  • 2.
    Administrative • Instructor • HafeezAhmed, Visiting lecturer • MS-EE (Wireless Communications) • PhD (Information Security)- In progress… • Communication • Google Class Room (GCR) Joining code- jxzbfiv • https://classroom.google.com/c/MzUzMzU4NzE5NjY5?cjc=jxzbfiv • Email: hafeezahmad.vf@ue.edu.pk • Whatsapp Class Group: +92-300-6611638 University of Education Lahore (Multan campus)
  • 3.
    Class Format • Meettwo times a week • Online classes on GCR • https://classroom.google.com/c/MzUzMzU4NzE5NjY5?cjc=jxzbfiv • GCR Code: jxzbfiv • Mostly lecture format – Will attempt to have a class exercise. Will be noted on GCR. – Will attempt to make this relevant for online mode too. • Lectures video taped for online classes – All have access to tapes. Link on GCR. • Posted slides not sufficient to master material alone University of Education Lahore (Multan campus)
  • 4.
    Class Readings • TextBook- Computer Security: Art and Science by Matt Bishop 2nd edition • Reference Book: Cryptography and Network Security Principles and Practice by William Stallings 6th Edition • Additional readings shall be provided via GCR or email University of Education Lahore (Multan campus)
  • 5.
    Grading Policy • Midterm exam- 20% • Quiz- 3~ 5% • Assignment- 3~ 5 % • Final Project Presentation 5 % • Attendance and participation* 5 % • Final term exam 60% University of Education Lahore (Multan campus)
  • 6.
    Security- Definition The protectionafforded to an automated information system in order to attain the applicable objectives of preserving the confidentiality, integrity and availability of information system resources (includes hardware, software, firmware, information/data, and telecommunications). University of Education Lahore (Multan campus)
  • 7.
    Security Components- CIAtriad • Confidentiality – Keeping data and resources hidden – To be secured, information needs to be hidden from unauthorized access • Integrity – Data integrity (integrity) & Origin integrity (authentication) – protected from unauthorized change • Availability – Enabling access to data and resources – available to an authorized entity when it is needed University of Education Lahore (Multan campus)
  • 8.
    e-Voting Machine (EVM)-A case study University of Education Lahore (Multan campus)
  • 9.
    Expectations of Voting •Voteis by secret ballot •The vote should be correctly tallied; all votes cast should be counted in the election •Every eligible voter who presents themselves at the polling place should be able to vote University of Education Lahore (Multan campus) Confidentiality Integrity Availability
  • 10.
    Threat Terms • Threat– Set of circumstances that has the potential to cause loss or harm. Or a potential violation of security. • Vulnerability – Weakness in the system that could be exploited to cause loss or harm • Attack – When an entity exploits a vulnerability on system • Control – A means to prevent a vulnerability from being exploited University of Education Lahore (Multan campus)
  • 11.
    Classes of Threats •Disclosure – Unauthorized access to information • Deception – Acceptance of false data • Disruption – Interruption or prevention of correct operation • Usurpation – Unauthorized control of some part of a system University of Education Lahore (Multan campus)
  • 12.
    Some Common Threats •Snooping – Unauthorized interception of information • Modification or alteration – Unauthorized change of information • Masquerading or Spoofing – An impersonation of one entity by another • Repudiation of origin – A false denial that an entity sent or created something. • Denial of receipt – A false denial that an entity received some information. University of Education Lahore (Multan campus)
  • 13.
    More Common Threats •Delay – A temporary inhibition of service • Denial of Service – A long-term inhibition of service University of Education Lahore (Multan campus)
  • 14.
    Taxonomy of attackswith relation to security goals University of Education Lahore (Multan campus)
  • 15.
    More Definitions • Policy –A statement of what is and what is not allowed – Divides the world into secure and non-secure states – A secure system starts in a secure state. All transitions keep it in a secure state. • Mechanism – A method, tool, or procedure for enforcing a security policy University of Education Lahore (Multan campus)
  • 16.
    Assurance • Evidence ofhow much to trust a system • Evidence can include: – System specifications – Design – Implementation • Mappings between the levels University of Education Lahore (Multan campus)
  • 17.
    An example- AspirinAssurance • Why do you trust Aspirin from a major manufacturer? – FDA certifies the aspirin recipe – Factory follows manufacturing standards – Safety seals • Analogy to software assurance University of Education Lahore (Multan campus)
  • 18.
    The OSI securityarchitecture • ITU-T Recommendation: X.800, Security Architecture for OSI, defines systematic approach. • The OSI security architecture is useful to managers as a way of organizing the task of providing security. • The OSI security architecture focuses on: • 1. Security attacks, • 2. Mechanisms, and • 3. Services. University of Education Lahore (Multan campus)
  • 19.
    The OSI securityarchitecture • Security attack: Any action that compromises the security of information owned by an organization. • Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. • Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. University of Education Lahore (Multan campus)
  • 20.
    Security Attacks • Activeattack- An active attack attempts to alter system resources or affect their operation. • Passive attack- A passive attack attempts to learn or make use of information from the system but does not affect system resources. University of Education Lahore (Multan campus)
  • 21.
    University of EducationLahore (Multan campus) Active Attack Passive Attack Attacker needs to have physical control of the media or network. Attacker merely needs to observe the communication in the media or network. It can be easily detected. It cannot be easily detected. It affects the system. It does not affect the system. It involves a modification of data. It involves the monitoring of data. Types of active attacks are Masquerade, session replay, denial of service, distributed denial of service. Types of passive attacks are the Release of a message, traffic analysis. It does not check for loopholes or vulnerabilities. It scans the ports and network in the search of loopholes and vulnerabilities. It is difficult to prevent network from active attack. Passive attacks can be prevented.
  • 22.
    University of EducationLahore (Multan campus)
  • 23.
    University of EducationLahore (Multan campus)
  • 24.
    University of EducationLahore (Multan campus)
  • 25.
    Network and InternetSecurity- security violation • 1. User A transmits a file to user B. The file contains sensitive information (e.g., payroll records) that is to be protected from disclosure. User C, who is not authorized to read the file, is able to monitor the transmission and capture a copy of the file during its transmission. • 2. A network manager, D, transmits a message to a computer, E, under its management. The message instructs computer E to update an authorization file to include the identities of a number of new users who are to be given access to that computer. User F intercepts the message, alters its contents to add or delete entries, and then forwards the message to computer E, which accepts the message as coming from manager D and updates its authorization file accordingly. University of Education Lahore (Multan campus)
  • 26.
    Network and InternetSecurity- security violation • 3. Rather than intercept a message, user F constructs its own message with the desired entries and transmits that message to computer E as if it had come from manager D. Computer E accepts the message as coming from manager D and updates its authorization file accordingly. • 4. An employee is fired without warning. The personnel manager sends a message to a server system to invalidate the employee’s account. When the invalidation is accomplished, the server is to post a notice to the employee’s file as confirmation of the action. The employee is able to intercept the message and delay it long enough to make a final access to the server to retrieve sensitive information. The message is then forwarded, the action taken, and the confirmation posted. The employee’s action may go unnoticed for some considerable time. University of Education Lahore (Multan campus)
  • 27.
    Network and InternetSecurity- security violation • 5. A message is sent from a customer to a stockbroker with instructions for various transactions. Subsequently, the investments lose value and the customer denies sending the message. • Although this list by no means exhausts the possible types of network security violations, it illustrates the range of concerns of network security. University of Education Lahore (Multan campus)
  • 28.
    Network Security- Model Universityof Education Lahore (Multan campus)
  • 29.
    Key Points • Mustlook at the big picture when securing a system • Main components of security – Confidentiality – Integrity – Availability • Differentiating Threats, Vulnerabilities, Attacks and Controls • Policy vs mechanism • Assurance University of Education Lahore (Multan campus)
  • 30.
    University of EducationLahore (Multan campus) Exercise Problem: Consider an automated teller machine (ATM) in which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.
  • 31.
    University of EducationLahore (Multan campus) End of Lecture, Thanks! Queries?