SlideShare a Scribd company logo

Vtu network security(10 ec832) unit 1 notes

Jayanth Dwijesh H P
Jayanth Dwijesh H P

UNIT - 1 Services, mechanisms and attacks, The OSI security architecture, A model for network security. TEXT BOOK: 1. Cryptography and Network Security, William Stalling, Pearson Education, 2003. REFERENCE BOOKS: 1. Cryptography and Network Security, Behrouz A. Forouzan, TMH, 2007. 2. Cryptography and Network Security, Atul Kahate, TMH, 2003.

Engineering
1 of 18
Download to read offline
NETWORK SECURITY (10EC832) 8th SEM E&C JAYANTHDWIJESH H P M.tech (DECS) Assistant Professor – Dept of E&CE B.G.S INSTITUTE OF TECHNOLOGY (B.G.S.I.T) B.G Nagara, Nagamangala Tq, Mandya District- 571448
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 1 NETWORK SECURITY PART-A UNIT-1 UNIT - 1 Services, mechanisms and attacks, The OSI security architecture, A model for network security. TEXT BOOK: 1. Cryptography and Network Security, William Stalling, Pearson Education, 2003. REFERENCE BOOKS: 1. Cryptography and Network Security, Behrouz A. Forouzan, TMH, 2007. 2. Cryptography and Network Security, Atul Kahate, TMH, 2003.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 2 UNIT – 1: Services, Mechanisms and Attacks, The OSI security architecture, A Model for Network Security. OVERVIEW 1. SECURITY SERVICES [DEC-2012(10M)] X.800 defines a security service as a service that is provided by a protocol layer of communicating open systems and that ensures adequate security of the systems or of data transfers. Also the RFC 2828(Internet Security Glossary version 2) defines security services as a processing or communication service that is provided by a system to give a specific kind of protection to system resources. X.800 divides these services into five categories and fourteen specific services. Shown in the fig1 and table 1. Figure 1: Security services 1.1. Authentication  The authentication service is concerned with assuring that a communication is authentic.  In the case of a single message, such as a warning or alarm signal, the function of the authentication service is to assure the recipient that the message is from the source that it claims to be from.  In the case of an ongoing interaction, such as the connection of a terminal to a host, two aspects are involved.  First, at the time of connection initiation, the service assures that the two entities are authentic, that is, that each is the entity that it claims to be.  Second, the service must assure that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties for the purposes of unauthorized transmission or reception.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 3 OR Authentication  This service provides the authentication of the Party at the other end of the line.  In connection –oriented communication, it provides authentication of the sender or receiver during the connection establishment (peer entity authentication).  In connectionless communication, it authenticates of the data (data origin authentication). Two specific authentication services are defined in X.800: a. Peer entity authentication:  Provides for the corroboration of the identity of a peer entity in an association.  Peer entity authentication is provided for use at the establishment of, or at times during the data transfer phase of, a connection.  It attempts to provide confidence that an entity is not performing either a masquerade or an unauthorized replay of a previous connection. b. Data origin authentication:  Provides for the corroboration of the source of a data unit.  It does not provide protection against the duplication or modification of data units.  This type of service supports applications like electronic mail, where there are no prior interactions between the communicating entities. 1.2. Access Control  Access control is the ability to limit and control the access to host systems and applications via communications links.  To achieve this, each entity trying to gain access must first be identified, or authenticated, so that access rights can be tailored to the individual. OR Access Control  Access control provides protection against unauthorized access to data.  The term access in this definition is very broad and can involve reading, writing, modifying, executing programs and so on.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 4 Table 1: Security Services (X.800)
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 5 1.3. Data Confidentiality  Confidentiality is the protection of transmitted data from passive attacks. With respect to the content of a data transmission, several levels of protection can be identified.  The broadest service protects all user data transmitted between two users over a period of time.  Narrower forms of this service can also be defined, including the protection of a single message or even specific fields within a message.  The other aspect of confidentiality is the protection of traffic flow from analysis. This requires that an attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic on a communications facility. OR Data Confidentiality  Data confidentiality is designed to protect data from disclosure attack.  The service as defined by X.800 is very broad and encompasses confidentiality of the whole message or part of a message and also protection against traffic analysis.  That is, it is designed to prevent snooping and traffic analysis attack. 1.4. Data Integrity  Data integrity is designed to protect data from modification, insertion, depletion and replying by an adversary. It may protect the whole message or part of the message.  As with confidentiality, integrity can apply to a stream of messages, a single message, or selected fields within a message.  A connection-oriented integrity service, one that deals with a stream of messages, assures that messages are received as sent with no duplication, insertion, modification, reordering, or replays.  The connection-oriented integrity service addresses both message stream modification and denial of service.  a connectionless integrity service, one that deals with individual messages without regard to any larger context, generally provides protection against message modification only.  We can make a distinction between service with and without recovery. Because the integrity service relates to active attacks, we are concerned with detection rather than prevention.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 6  If a violation of integrity is detected, then the service may simply report this violation, and some other portion of software or human intervention is required to recover from the violation.  Alternatively there are mechanisms available to recover from the loss of integrity of data as we will review subsequently.  The incorporation of automated recovery mechanisms is, in general, the more attractive alternative. 1.5 Nonrepudiation  Nonrepudiation prevents either sender or receiver from denying a transmitted message.  Thus, when a message is sent, the receiver can prove that the alleged sender in fact sent the message. Similarly, when a message is received, the sender can prove that the alleged receiver in fact received the message. OR Nonrepudiation  Nonrepudiation service protects against repudiation by either the sender or the receiver of the data.  In Nonrepudiation with proof of the origin, the receiver of the data can later prove the identity of the sender if denied.  In Nonrepudiation with proof of delivery, the sender of data can later prove that data were delivered to the intended recipient.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 7 2 SECURITY MECHANISMS [DEC-2011(8M)] Table 2 lists the security mechanisms. The mechanisms are divided into those that are implemented in a specific protocol layer, such as TCP or an application-layer protocol, and those that are not specific to any particular protocol layer or security service. Table 2: Security mechanisms
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 8 Mechanism Service Enciph- erment Digital signature Access control Data integrity Authentication exchange Traffic padding Routing control Notarization Peer entity authentication Y Y Y Data origin authentication Y Y Access control Y Confidentiality Y Y Traffic flow confidentially Y Y Y Data integrity Y Y Y Nonrepudiation Y Y Y Availability Y Y Table 3: Relationships between Security Services and Mechanisms 3 SECURITY ATTACKS [JUNE-2010(6M), DEC-2011(8M), JULY-2011(8M), JUNE- 2012(10M), DEC-2012(4M), JULY-2013(4M), JULY-2015(6M), JULY-2017(10M)]  A useful means of classifying security attacks is in terms of passive attacks and active attacks.  A passive attack attempts to learn or make use of information from the system but does not affect system resources.  An active attack attempts to alter system resources or affect their operation. 3.1 Passive Attacks  Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.  The goal of the opponent is to obtain information that is being transmitted.  Two types of passive attacks are the release of message contents and traffic analysis.  The release of message contents is easily understood (Figure 2(a)).A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions.  A second type of passive attack, traffic analysis, is subtler (Figure 2(b)). Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 9 location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. (a) : Release of message contents (b): Traffic analysis Figure 2: Passive Attacks
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 10  Passive attacks are very difficult to detect, because they do not involve any alteration of the data. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection. 3.2 Active Attacks  Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification Of messages, and denial of service. 1. Masquerade: -  A masquerade takes place when one entity pretends to be a different entity (Figure a).  A masquerade attack usually includes one of the other forms of active attack.  For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges. (a) Masquerade
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 11 2. Replay:-  Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect (Figure b). (b) Replay 3. Modification of messages:-  Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect (Figure c).  For example, a message meaning ―”Allow John Smith to read confidential file accounts “is modified to mean ―”Allow Fred Brown to read confidential file accounts”. (c) Modification of messages
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 12 4. Denial of service:-  The denial of service prevents or inhibits the normal use or management of communications facilities (Figure d).  This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination.  Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance. (d) Denial of service Figure 3: Active Attacks  Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success.  It is quite difficult to prevent active attacks absolutely because of the wide variety of potential physical, software, and network vulnerabilities.  Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them. If the detection has a deterrent effect, it may also contribute to prevention.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 13 4 THE OSI SECURITY ARCHITECTURE The OSI security architecture is useful to managers as a way of organizing the task of providing security. The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as  Security attack: Any action that compromises the security of information owned by an organization.  Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.  Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. 5 A MODEL FOR NETWORK SECURITY AND NETWORK ACESS SECURITY MODEL [DEC-2010(5M), JUNE-2010(6M), DEC-2011(4M), JUNE- 2012(10M),DEC-2012(6M), JULY-2013(6M),JAN-2014(8M), JAN-2015(6M),JAN-2016(10M), JULY- 2017(10M)] FIG 4:-  A message is to be transferred from one party to another across some sort of Internet service.  The two parties, who are the principals in this transaction, must cooperate for the exchange to take place.  A logical information channel is established by defining a route through the Internet from source to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals.  Security aspects come into play when it is necessary or desirable to protect the information transmission from an opponent who may present a threat to confidentiality, authenticity, and so on.  All the techniques for providing security have two components:  A security-related transformation on the information to be sent. Examples:- include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 14  Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception.  A trusted third party may be needed to achieve secure transmission. For example, a third party may be responsible for distributing the secret information to the two principals while keeping it from any opponent. Or a third party may be needed to arbitrate disputes between the two principals concerning the authenticity of a message transmission. Figure 4: Model for Network Security  This general model shows that there are four basic tasks in designing a particular security service: 1. Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent cannot defeat its purpose. 2. Generate the secret information to be used with the algorithm. 3. Develop methods for the distribution and sharing of the secret information. 4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 15 FIG 5:- Figure 5: Network Access Security Model The security mechanisms needed to cope with unwanted access fall into two broad categories (see above Figure 1.4).The first category might be termed a gatekeeper function. It includes password-based login procedures that are designed to deny access to all but authorized users and screening logic that is designed to detect and reject worms, viruses, and other similar attacks. Once either an unwanted user or unwanted software gains access, the second line of defense consists of a variety of internal controls that monitor activity and analyze stored information in an attempt to detect the presence of unwanted intruders.
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 16 QUESTION BANK –NETWORK SECURITY UNIT-1 MAY/JUNE-2010 1. Draw the model of network security and explain briefly. [MAY/JUNE-2010(6M)] 2. Classify the various security attacks and define them. [MAY/JUNE-2010(6M)] DEC-2010 1. With a neat block diagram, describe the model for network security. [DEC-2010(5M)] 2. Explain the types of attack on encrypted messages. [DEC-2010(5M)] JUNE/JULY-2011 1. Define security attacks and briefly define categorized of passive and active security attacks. [JUNE/JULY-2011(8M)] DEC-2011 1. List the example of security attacks each of which has arisen in a number of real world cases. [DEC-2011(8M)] 2. Give the table showing relationship b/w security services and mechanisms. [DEC- 2011(8M)] JUNE-2012 1. Define passive and active security attacks. Discuss the functioning of following attacks with diagram: 1) Masquerade 2) Replay 3) Modification of messages 4) Denial of service. [JUNE-2012(10M)] 2. With a neat block diagram, discuss the functioning of network security model. List four basic tasks of designing security model. [JUNE-2012(10M)] DEC-2012 1. Explain how security services can be categorized. [DEC-2012(10M)] 2. Draw the model of network security and explain briefly. [DEC-2012(6M)] 3. Classify the various security attacks. [DEC-2012(4M)] JUNE/JULY-2013 1. Draw the model of network security. Explain it briefly. [JUNE/JULY-2013(6M)] 2. Distinguish passive and active attacks. With a figure explain masquerade attack. [JUNE/JULY-2013(4M)] JAN -2014 1. Explain the model for network security. [DEC/JAN -2014(8M)] JUN/JULY-2014 1. Differentiate b/w active and passive attacks. [JUN/JULY-2014(4M)]
NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 17 2. Explain the different categories of security services. [JUN/JULY-2014(6M)] 3. Draw the block diagram of network security model and explain it. Mention basic tasks in designing a particular security services. [JUN/JULY-2014(10M)] JAN-2015 1. With a neat block diagram, explain the model for network security. [DEC/JAN- 2015(6M)] 2. Briefly explain the categories of security attacks. [DEC/JAN-2015(6M)] JUN/JULY-2015 1. Explain X-800 security mechanism, in details. [JUN/JULY-2015(10M)] 2. Differentiate b/w active and passive attacks. [JUN/JULY-2015(4M)] DEC/JAN-2016 1. With a neat block diagram, discuss the functioning of network security model. List four basic tasks of designing security model. [DEC/JAN-2016(10M)] JUN/JULY-2017 1. With a neat block diagram, discuss the functioning of network security model. List four basic tasks of designing security model. [JUN/JULY-2017(10M)] 2. Define passive and active security attacks. Discuss the functioning of following attacks with diagram: 1) Masquerade 2) Replay 3) Modification of messages 4) Denial of service. [JUN/JULY-2017(10M)]

Recommended

Network security 10EC832 vtu notes
Network security 10EC832 vtu notesNetwork security 10EC832 vtu notes
Network security 10EC832 vtu notesJayanth Dwijesh H P
 
Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Jayanth Dwijesh H P
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniquesuniversity of education,Lahore
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
DSS
DSSDSS
DSSSubashiniRathinavel
 
Module 13 (web based password cracking techniques)
Module 13 (web based password cracking techniques)Module 13 (web based password cracking techniques)
Module 13 (web based password cracking techniques)Wail Hassan
 

Recommended

Network security 10EC832 vtu notes
Network security 10EC832 vtu notesNetwork security 10EC832 vtu notes
Network security 10EC832 vtu notesJayanth Dwijesh H P
 
Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Jayanth Dwijesh H P
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniquesuniversity of education,Lahore
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
DSS
DSSDSS
DSSSubashiniRathinavel
 
Module 13 (web based password cracking techniques)
Module 13 (web based password cracking techniques)Module 13 (web based password cracking techniques)
Module 13 (web based password cracking techniques)Wail Hassan
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Digital signature
Digital signatureDigital signature
Digital signatureHossain Md Shakhawat
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptographyanusachu .
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distributionRiya Choudhary
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 
IP Security
IP SecurityIP Security
IP SecurityDr.Florence Dayana
 
Session tracking In Java
Session tracking In JavaSession tracking In Java
Session tracking In Javahoneyvachharajani
 
Query processing
Query processingQuery processing
Query processingRavinder Kamboj
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication CodeKeval Bhogayata
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.pptPrabhat Kumar
 
Data mining primitives
Data mining primitivesData mining primitives
Data mining primitiveslavanya marichamy
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail securityDr.Florence Dayana
 
Topic:Terminal handling & polling
Topic:Terminal handling & pollingTopic:Terminal handling & polling
Topic:Terminal handling & pollingDr Rajiv Srivastava
 
Intruders
IntrudersIntruders
Intruderstechn
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Unit 1
Unit 1Unit 1
Unit 1Vinod Kumar Gorrepati
 
Unit 1
Unit 1Unit 1
Unit 1KRAMANJANEYULU1
 

More Related Content

What's hot

X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptographyanusachu .
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distributionRiya Choudhary
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication CodeKeval Bhogayata
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.pptPrabhat Kumar
 
Topic:Terminal handling & polling
Topic:Terminal handling & pollingTopic:Terminal handling & polling
Topic:Terminal handling & pollingDr Rajiv Srivastava
 
Intruders
IntrudersIntruders
Intruderstechn
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 

What's hot (20)

X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanisms
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distribution
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU Lucknow
 
IP Security
IP SecurityIP Security
IP Security
 
Session tracking In Java
Session tracking In JavaSession tracking In Java
Session tracking In Java
 
Query processing
Query processingQuery processing
Query processing
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication Code
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.ppt
 
Data mining primitives
Data mining primitivesData mining primitives
Data mining primitives
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
 
Topic:Terminal handling & polling
Topic:Terminal handling & pollingTopic:Terminal handling & polling
Topic:Terminal handling & polling
 
Intruders
IntrudersIntruders
Intruders
 
block ciphers
block ciphersblock ciphers
block ciphers
 

Similar to Vtu network security(10 ec832) unit 1 notes

Information Security Management
Information Security ManagementInformation Security Management
Information Security ManagementBhadra Gowdra
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Securing information in wireless sensor networks
Securing information in wireless sensor networksSecuring information in wireless sensor networks
Securing information in wireless sensor networkseSAT Publishing House
 
Security Analysis and Improvement for IEEE 802.11i
Security Analysis and Improvement for IEEE 802.11iSecurity Analysis and Improvement for IEEE 802.11i
Security Analysis and Improvement for IEEE 802.11iinventionjournals
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
 
A Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdfA Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdfRhonda Cetnar
 
Information Security using Cryptography and Image Processing
Information Security using Cryptography and Image ProcessingInformation Security using Cryptography and Image Processing
Information Security using Cryptography and Image Processingijsrd.com
 
Network Security
Network SecurityNetwork Security
Network Securitymoviebro1
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyManjunath G
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction SecurityMeet Soni
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionIOSR Journals
 
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCENETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCEkarthikasivakumar3
 

Similar to Vtu network security(10 ec832) unit 1 notes (20)

Unit 1
Unit 1Unit 1
Unit 1
 
Unit 1
Unit 1Unit 1
Unit 1
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 
Unit 1
Unit 1Unit 1
Unit 1
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Securing information in wireless sensor networks
Securing information in wireless sensor networksSecuring information in wireless sensor networks
Securing information in wireless sensor networks
 
Security Analysis and Improvement for IEEE 802.11i
Security Analysis and Improvement for IEEE 802.11iSecurity Analysis and Improvement for IEEE 802.11i
Security Analysis and Improvement for IEEE 802.11i
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Security services
Security servicesSecurity services
Security services
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
 
A Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdfA Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdf
 
Information Security using Cryptography and Image Processing
Information Security using Cryptography and Image ProcessingInformation Security using Cryptography and Image Processing
Information Security using Cryptography and Image Processing
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction Security
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
 
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCENETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
 

More from Jayanth Dwijesh H P

Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)Jayanth Dwijesh H P
 
VTU Network & cyber security (1-5 Module) Full notes
VTU Network & cyber security (1-5 Module) Full notesVTU Network & cyber security (1-5 Module) Full notes
VTU Network & cyber security (1-5 Module) Full notesJayanth Dwijesh H P
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...Jayanth Dwijesh H P
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...Jayanth Dwijesh H P
 
VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...
VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...
VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...Jayanth Dwijesh H P
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...Jayanth Dwijesh H P
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...Jayanth Dwijesh H P
 
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesVTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesJayanth Dwijesh H P
 
Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Jayanth Dwijesh H P
 
Vtu network security(10 ec832) unit 2 notes..
Vtu network security(10 ec832) unit 2 notes..Vtu network security(10 ec832) unit 2 notes..
Vtu network security(10 ec832) unit 2 notes..Jayanth Dwijesh H P
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notesJayanth Dwijesh H P
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notesJayanth Dwijesh H P
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notesJayanth Dwijesh H P
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notesJayanth Dwijesh H P
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notesJayanth Dwijesh H P
 

More from Jayanth Dwijesh H P (15)

Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)
 
VTU Network & cyber security (1-5 Module) Full notes
VTU Network & cyber security (1-5 Module) Full notesVTU Network & cyber security (1-5 Module) Full notes
VTU Network & cyber security (1-5 Module) Full notes
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-5 notes(15...
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-4 notes(15...
 
VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...
VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...
VTU E&C,TCE CBCS[NEW]5th Sem Information Theory and Coding Module-3 notes(15&...
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-2 notes(15...
 
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...
VTU E&C,TCE CBCS[NEW] 5th Sem Information Theory and Coding Module-1 notes(15...
 
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesVTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notes
 
Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.
 
Vtu network security(10 ec832) unit 2 notes..
Vtu network security(10 ec832) unit 2 notes..Vtu network security(10 ec832) unit 2 notes..
Vtu network security(10 ec832) unit 2 notes..
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -1notes
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -5 notes
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -3 notes
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -4 notes
 
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notesVTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notes
VTU CBCS E&C 5th sem Information theory and coding(15EC54) Module -2notes
 

Recently uploaded

IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and usesDevarapalliHaritha
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfme23b1001
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 

Recently uploaded (20)

IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and uses
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
young call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Serviceyoung call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Service
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdf
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 

Vtu network security(10 ec832) unit 1 notes

  • 1. NETWORK SECURITY (10EC832) 8th SEM E&C JAYANTHDWIJESH H P M.tech (DECS) Assistant Professor – Dept of E&CE B.G.S INSTITUTE OF TECHNOLOGY (B.G.S.I.T) B.G Nagara, Nagamangala Tq, Mandya District- 571448
  • 2. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 1 NETWORK SECURITY PART-A UNIT-1 UNIT - 1 Services, mechanisms and attacks, The OSI security architecture, A model for network security. TEXT BOOK: 1. Cryptography and Network Security, William Stalling, Pearson Education, 2003. REFERENCE BOOKS: 1. Cryptography and Network Security, Behrouz A. Forouzan, TMH, 2007. 2. Cryptography and Network Security, Atul Kahate, TMH, 2003.
  • 3. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 2 UNIT – 1: Services, Mechanisms and Attacks, The OSI security architecture, A Model for Network Security. OVERVIEW 1. SECURITY SERVICES [DEC-2012(10M)] X.800 defines a security service as a service that is provided by a protocol layer of communicating open systems and that ensures adequate security of the systems or of data transfers. Also the RFC 2828(Internet Security Glossary version 2) defines security services as a processing or communication service that is provided by a system to give a specific kind of protection to system resources. X.800 divides these services into five categories and fourteen specific services. Shown in the fig1 and table 1. Figure 1: Security services 1.1. Authentication  The authentication service is concerned with assuring that a communication is authentic.  In the case of a single message, such as a warning or alarm signal, the function of the authentication service is to assure the recipient that the message is from the source that it claims to be from.  In the case of an ongoing interaction, such as the connection of a terminal to a host, two aspects are involved.  First, at the time of connection initiation, the service assures that the two entities are authentic, that is, that each is the entity that it claims to be.  Second, the service must assure that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties for the purposes of unauthorized transmission or reception.
  • 4. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 3 OR Authentication  This service provides the authentication of the Party at the other end of the line.  In connection –oriented communication, it provides authentication of the sender or receiver during the connection establishment (peer entity authentication).  In connectionless communication, it authenticates of the data (data origin authentication). Two specific authentication services are defined in X.800: a. Peer entity authentication:  Provides for the corroboration of the identity of a peer entity in an association.  Peer entity authentication is provided for use at the establishment of, or at times during the data transfer phase of, a connection.  It attempts to provide confidence that an entity is not performing either a masquerade or an unauthorized replay of a previous connection. b. Data origin authentication:  Provides for the corroboration of the source of a data unit.  It does not provide protection against the duplication or modification of data units.  This type of service supports applications like electronic mail, where there are no prior interactions between the communicating entities. 1.2. Access Control  Access control is the ability to limit and control the access to host systems and applications via communications links.  To achieve this, each entity trying to gain access must first be identified, or authenticated, so that access rights can be tailored to the individual. OR Access Control  Access control provides protection against unauthorized access to data.  The term access in this definition is very broad and can involve reading, writing, modifying, executing programs and so on.
  • 5. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 4 Table 1: Security Services (X.800)
  • 6. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 5 1.3. Data Confidentiality  Confidentiality is the protection of transmitted data from passive attacks. With respect to the content of a data transmission, several levels of protection can be identified.  The broadest service protects all user data transmitted between two users over a period of time.  Narrower forms of this service can also be defined, including the protection of a single message or even specific fields within a message.  The other aspect of confidentiality is the protection of traffic flow from analysis. This requires that an attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic on a communications facility. OR Data Confidentiality  Data confidentiality is designed to protect data from disclosure attack.  The service as defined by X.800 is very broad and encompasses confidentiality of the whole message or part of a message and also protection against traffic analysis.  That is, it is designed to prevent snooping and traffic analysis attack. 1.4. Data Integrity  Data integrity is designed to protect data from modification, insertion, depletion and replying by an adversary. It may protect the whole message or part of the message.  As with confidentiality, integrity can apply to a stream of messages, a single message, or selected fields within a message.  A connection-oriented integrity service, one that deals with a stream of messages, assures that messages are received as sent with no duplication, insertion, modification, reordering, or replays.  The connection-oriented integrity service addresses both message stream modification and denial of service.  a connectionless integrity service, one that deals with individual messages without regard to any larger context, generally provides protection against message modification only.  We can make a distinction between service with and without recovery. Because the integrity service relates to active attacks, we are concerned with detection rather than prevention.
  • 7. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 6  If a violation of integrity is detected, then the service may simply report this violation, and some other portion of software or human intervention is required to recover from the violation.  Alternatively there are mechanisms available to recover from the loss of integrity of data as we will review subsequently.  The incorporation of automated recovery mechanisms is, in general, the more attractive alternative. 1.5 Nonrepudiation  Nonrepudiation prevents either sender or receiver from denying a transmitted message.  Thus, when a message is sent, the receiver can prove that the alleged sender in fact sent the message. Similarly, when a message is received, the sender can prove that the alleged receiver in fact received the message. OR Nonrepudiation  Nonrepudiation service protects against repudiation by either the sender or the receiver of the data.  In Nonrepudiation with proof of the origin, the receiver of the data can later prove the identity of the sender if denied.  In Nonrepudiation with proof of delivery, the sender of data can later prove that data were delivered to the intended recipient.
  • 8. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 7 2 SECURITY MECHANISMS [DEC-2011(8M)] Table 2 lists the security mechanisms. The mechanisms are divided into those that are implemented in a specific protocol layer, such as TCP or an application-layer protocol, and those that are not specific to any particular protocol layer or security service. Table 2: Security mechanisms
  • 9. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 8 Mechanism Service Enciph- erment Digital signature Access control Data integrity Authentication exchange Traffic padding Routing control Notarization Peer entity authentication Y Y Y Data origin authentication Y Y Access control Y Confidentiality Y Y Traffic flow confidentially Y Y Y Data integrity Y Y Y Nonrepudiation Y Y Y Availability Y Y Table 3: Relationships between Security Services and Mechanisms 3 SECURITY ATTACKS [JUNE-2010(6M), DEC-2011(8M), JULY-2011(8M), JUNE- 2012(10M), DEC-2012(4M), JULY-2013(4M), JULY-2015(6M), JULY-2017(10M)]  A useful means of classifying security attacks is in terms of passive attacks and active attacks.  A passive attack attempts to learn or make use of information from the system but does not affect system resources.  An active attack attempts to alter system resources or affect their operation. 3.1 Passive Attacks  Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.  The goal of the opponent is to obtain information that is being transmitted.  Two types of passive attacks are the release of message contents and traffic analysis.  The release of message contents is easily understood (Figure 2(a)).A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions.  A second type of passive attack, traffic analysis, is subtler (Figure 2(b)). Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the
  • 10. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 9 location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. (a) : Release of message contents (b): Traffic analysis Figure 2: Passive Attacks
  • 11. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 10  Passive attacks are very difficult to detect, because they do not involve any alteration of the data. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection. 3.2 Active Attacks  Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification Of messages, and denial of service. 1. Masquerade: -  A masquerade takes place when one entity pretends to be a different entity (Figure a).  A masquerade attack usually includes one of the other forms of active attack.  For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges. (a) Masquerade
  • 12. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 11 2. Replay:-  Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect (Figure b). (b) Replay 3. Modification of messages:-  Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect (Figure c).  For example, a message meaning ―”Allow John Smith to read confidential file accounts “is modified to mean ―”Allow Fred Brown to read confidential file accounts”. (c) Modification of messages
  • 13. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 12 4. Denial of service:-  The denial of service prevents or inhibits the normal use or management of communications facilities (Figure d).  This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination.  Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance. (d) Denial of service Figure 3: Active Attacks  Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success.  It is quite difficult to prevent active attacks absolutely because of the wide variety of potential physical, software, and network vulnerabilities.  Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them. If the detection has a deterrent effect, it may also contribute to prevention.
  • 14. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 13 4 THE OSI SECURITY ARCHITECTURE The OSI security architecture is useful to managers as a way of organizing the task of providing security. The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as  Security attack: Any action that compromises the security of information owned by an organization.  Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.  Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. 5 A MODEL FOR NETWORK SECURITY AND NETWORK ACESS SECURITY MODEL [DEC-2010(5M), JUNE-2010(6M), DEC-2011(4M), JUNE- 2012(10M),DEC-2012(6M), JULY-2013(6M),JAN-2014(8M), JAN-2015(6M),JAN-2016(10M), JULY- 2017(10M)] FIG 4:-  A message is to be transferred from one party to another across some sort of Internet service.  The two parties, who are the principals in this transaction, must cooperate for the exchange to take place.  A logical information channel is established by defining a route through the Internet from source to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals.  Security aspects come into play when it is necessary or desirable to protect the information transmission from an opponent who may present a threat to confidentiality, authenticity, and so on.  All the techniques for providing security have two components:  A security-related transformation on the information to be sent. Examples:- include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender.
  • 15. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 14  Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception.  A trusted third party may be needed to achieve secure transmission. For example, a third party may be responsible for distributing the secret information to the two principals while keeping it from any opponent. Or a third party may be needed to arbitrate disputes between the two principals concerning the authenticity of a message transmission. Figure 4: Model for Network Security  This general model shows that there are four basic tasks in designing a particular security service: 1. Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent cannot defeat its purpose. 2. Generate the secret information to be used with the algorithm. 3. Develop methods for the distribution and sharing of the secret information. 4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
  • 16. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 15 FIG 5:- Figure 5: Network Access Security Model The security mechanisms needed to cope with unwanted access fall into two broad categories (see above Figure 1.4).The first category might be termed a gatekeeper function. It includes password-based login procedures that are designed to deny access to all but authorized users and screening logic that is designed to detect and reject worms, viruses, and other similar attacks. Once either an unwanted user or unwanted software gains access, the second line of defense consists of a variety of internal controls that monitor activity and analyze stored information in an attempt to detect the presence of unwanted intruders.
  • 17. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 16 QUESTION BANK –NETWORK SECURITY UNIT-1 MAY/JUNE-2010 1. Draw the model of network security and explain briefly. [MAY/JUNE-2010(6M)] 2. Classify the various security attacks and define them. [MAY/JUNE-2010(6M)] DEC-2010 1. With a neat block diagram, describe the model for network security. [DEC-2010(5M)] 2. Explain the types of attack on encrypted messages. [DEC-2010(5M)] JUNE/JULY-2011 1. Define security attacks and briefly define categorized of passive and active security attacks. [JUNE/JULY-2011(8M)] DEC-2011 1. List the example of security attacks each of which has arisen in a number of real world cases. [DEC-2011(8M)] 2. Give the table showing relationship b/w security services and mechanisms. [DEC- 2011(8M)] JUNE-2012 1. Define passive and active security attacks. Discuss the functioning of following attacks with diagram: 1) Masquerade 2) Replay 3) Modification of messages 4) Denial of service. [JUNE-2012(10M)] 2. With a neat block diagram, discuss the functioning of network security model. List four basic tasks of designing security model. [JUNE-2012(10M)] DEC-2012 1. Explain how security services can be categorized. [DEC-2012(10M)] 2. Draw the model of network security and explain briefly. [DEC-2012(6M)] 3. Classify the various security attacks. [DEC-2012(4M)] JUNE/JULY-2013 1. Draw the model of network security. Explain it briefly. [JUNE/JULY-2013(6M)] 2. Distinguish passive and active attacks. With a figure explain masquerade attack. [JUNE/JULY-2013(4M)] JAN -2014 1. Explain the model for network security. [DEC/JAN -2014(8M)] JUN/JULY-2014 1. Differentiate b/w active and passive attacks. [JUN/JULY-2014(4M)]
  • 18. NETWORK SECURITY 10EC832 Dept. of ECE, BGSIT, BG Nagara, Mandya Page 17 2. Explain the different categories of security services. [JUN/JULY-2014(6M)] 3. Draw the block diagram of network security model and explain it. Mention basic tasks in designing a particular security services. [JUN/JULY-2014(10M)] JAN-2015 1. With a neat block diagram, explain the model for network security. [DEC/JAN- 2015(6M)] 2. Briefly explain the categories of security attacks. [DEC/JAN-2015(6M)] JUN/JULY-2015 1. Explain X-800 security mechanism, in details. [JUN/JULY-2015(10M)] 2. Differentiate b/w active and passive attacks. [JUN/JULY-2015(4M)] DEC/JAN-2016 1. With a neat block diagram, discuss the functioning of network security model. List four basic tasks of designing security model. [DEC/JAN-2016(10M)] JUN/JULY-2017 1. With a neat block diagram, discuss the functioning of network security model. List four basic tasks of designing security model. [JUN/JULY-2017(10M)] 2. Define passive and active security attacks. Discuss the functioning of following attacks with diagram: 1) Masquerade 2) Replay 3) Modification of messages 4) Denial of service. [JUN/JULY-2017(10M)]