Computer Network Security

Download Report

Transcript Computer Network Security

Computer Security
Instructor: Dr. Bo Sun
1
Course Objectives
• Understand basic issues, concepts, principles,
and mechanisms in computer network security
–
–
–
–
–
Basic security concept
Cryptography
Authentication
Standards
Network Security
2
Course Outline
• Basic Security Concepts:
– Confidentiality, integrity, availability
– others
• Cryptography
– Secret Key Cryptography: DES, IDEA, AES, etc.
– Public Key Cryptography: RSA, Diffi-Hellman, Digital signature,
Elliptic Curve, etc.
– Modes of Operation: ECB, CBC etc.
– Hashes and Message Digests: MD5, SHA-1 etc.
• Authentication
– Basic concepts of Authentication Systems
– Password Authentication
– Security handshake pitfalls
3
Course Outline cont’d
• Network and Distributed Systems
–
–
–
–
–
–
Kerberos
Public Key Infrastructure
IPsec
SSL/TLS
Email security
Firewall
4
Introduction
5
Security Attacks
6
Security Attacks
7
Classify Security Attacks as
• passive attacks - eavesdropping on, or monitoring of,
transmissions to:
– obtain message contents, or
– monitor traffic flows
• active attacks – modification of data stream to:
–
–
–
–
masquerade of one entity as some other: man-in-the-middle
replay previous messages
modify messages in transit
denial of service
8
Information Security Concerns
• DDoS
• Worm Attacks (e.g. code red)
• Exploitation of software bugs (e.g. buffer
overflow)
• Monitoring and capture of network traffic
• Masquerade of authorized users
• …….
• http://www.cert.org/
9
Contributing Factors
• Lack of awareness of threats and risks of information
systems
• Wide-open network policies
– Many Internet sites allow wide-open Internet access
• Vast majority of network traffic is unencrypted
• Lack of security in TCP/IP
• Complexity of security management and
administration
• Exploitation of software bugs: e.g. Sendmail bugs
• Cracker skills keep improving
10
Security Objectives
Confidentiality (Secrecy):
Prevent/Detect/Deter improper disclosure of information
Availability:
Integrity:
Prevent/Detect/Deter improper
modification of information
Prevent/Detect/Deter
improper denial of access to
services provided by the
system
11
Security Mechanisms
Layered
Protection
Intrusion Prevention
(Encryption, Authentication,
etc.): Not Enough
Intrusion
Detection
Intrusion
Tolerance
Weakest Point
Security Failure
Access Control
12
Security Services
• Confidentiality: protection of any information from
being exposed to unintended entities.
– Information content
– Parties involved
– Where they are, how they communicate, how often, etc.
• Authentication: assurance that an entity of concern or
the origin of a communication is authentic - it’s what
it claims to be or from
• Integrity: assurance that the information has not been
tampered with
13
Security Services
• Non-repudiation: offer of evidence that a party is indeed the
sender or a receiver of certain information
• Access control: facilities to determine and enforce who is
allowed access to what resources, hosts, software, network
connections
• Security management: facilities for coordinating users’ service
requirements and mechanism implementations throughout the
enterprise network and across the internet
– Trust model
– Trust communication protocol
– Trust management infrastructure
14
The Internet
OSI of ISO
Internet Stack
Application
Presentation
Session
Upper Layers
Transport
Transport
Network
Internet
Data Link
Data Link
Physical
Physical
15
Layered Store-and-forward
User A
User B
Application
Transport
Network
Link
16
Virus, Worms, and Trojan Horses
• Trojan horse: instructions hidden inside an otherwise
useful program that do bad things
• Virus: a set of instructions that, when executed,
inserts copies of itself into other programs.
• Worm: a program that replicates itself by installing
copies of itself on other machines across a network.
• Trapdoor: an undocumented entry point, which can
be exploited as a security flaw
• Zombie: malicious instructions installed on a system
that can be remotely triggered to carry out some
attack with les traceability because the attack comes
from another victim.
• ….
17