1 Topics in Network Security Topics in Network Security ELEN689 ELEN689 - - 604 604 Narasimha Reddy
Jul 15, 2015
1
Topics in Network SecurityTopics in Network SecurityELEN689ELEN689--604604
Narasimha Reddy
2
Course Outline
• Topics in network and systems security• I am here to learn just as much as you are• Tentative course topics at
http://ee.tamu.edu/~reddy/ee689_06.html• Course schedule, reading list will be on the
same web site
3
Course Outline
• Will have 2-3 home works -25%• One topic/survey presentation of 30 minutes
per team -25%• One large project unrelated to presentation -
40%• Class participation important -10%
4
Course Outline
• Many security courses already on campus• This one will have a research focus
– Biased by interests of the faculty– Will introduce some basic concepts, ideas– Fairly wide coverage of topics
5
OutlineOutline
• Attacks, services and mechanisms• Security attacks• Security services• Methods of Defense• A model for Internetwork Security• DOS Attack mechanisms
6
Attacks, Services and Attacks, Services and MechanismsMechanisms
• Security Attack: Any action that compromises the security of information.
• Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
• Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
7
8
Security Attacks
9
Security Attacks
10
Security Attacks
11
Security Attacks
12
Security Attacks
13
Security Attacks
14
Denial of Service Attacks
• Various forms• UDP flood -- overrun the end server with
lots of packets• TCP SYN attack -- don’t complete the 3-
way handshake of TCP• ICMP Flood -- overload end server CPU
with many packets
15
Denial of Service Attacks
• ICMP Directed Broadcast: Send ICMP echo request to broadcast addresses, broadcast directed towards the victim
• DNS Flood: Request a zone transfer• CGI Flood: Keep web server CPU busy• Fragmentation attack: Send fragments of
incomplete packets, buffers exhausted.
16
Security AttacksSecurity Attacks
17
Security AttacksSecurity Attacks
• Interruption: This is an attack on availability
• Interception: This is an attack on confidentiality
• Modification: This is an attack on integrity
• Fabrication: This is an attack on authenticity
18
Security GoalsSecurity Goals
Integrity
Confidentiality
Availability
19
Security ServicesSecurity Services• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
20
21
22
Methods of Methods of DefenceDefence
• Encryption• Software Controls (access limitations
in a data base, in operating system protect each user from other users)
• Hardware Controls (smartcard)• Policies (frequent changes of
passwords)• Physical Controls• Firewall based access restrictions
23
Some Terminology
• Worm –self-replicating program that can propagate without human help
• Virus – self-replicating program that requires human action
• Trojan –malicious code hidden in an apparently harmless piece of code
• Backdoor – leaves infected machine vulnerable for future attacks
• Spam – Unwanted, unsolicited email• More definitions here
24
Tentative course topics
• Encryption • Traffic Analysis• Denial of Service Attacks• End host security
– Buffer overflows, rootkits,
• Miscellaneous topics (You!!)