Top Banner
1 Topics in Network Security Topics in Network Security ELEN689 ELEN689 - - 604 604 Narasimha Reddy
24
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Attacks Attacks AND Attacks!

1

Topics in Network SecurityTopics in Network SecurityELEN689ELEN689--604604

Narasimha Reddy

Page 2: Attacks Attacks AND Attacks!

2

Course Outline

• Topics in network and systems security• I am here to learn just as much as you are• Tentative course topics at

http://ee.tamu.edu/~reddy/ee689_06.html• Course schedule, reading list will be on the

same web site

Page 3: Attacks Attacks AND Attacks!

3

Course Outline

• Will have 2-3 home works -25%• One topic/survey presentation of 30 minutes

per team -25%• One large project unrelated to presentation -

40%• Class participation important -10%

Page 4: Attacks Attacks AND Attacks!

4

Course Outline

• Many security courses already on campus• This one will have a research focus

– Biased by interests of the faculty– Will introduce some basic concepts, ideas– Fairly wide coverage of topics

Page 5: Attacks Attacks AND Attacks!

5

OutlineOutline

• Attacks, services and mechanisms• Security attacks• Security services• Methods of Defense• A model for Internetwork Security• DOS Attack mechanisms

Page 6: Attacks Attacks AND Attacks!

6

Attacks, Services and Attacks, Services and MechanismsMechanisms

• Security Attack: Any action that compromises the security of information.

• Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.

• Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.

Page 7: Attacks Attacks AND Attacks!

7

Page 8: Attacks Attacks AND Attacks!

8

Security Attacks

Page 9: Attacks Attacks AND Attacks!

9

Security Attacks

Page 10: Attacks Attacks AND Attacks!

10

Security Attacks

Page 11: Attacks Attacks AND Attacks!

11

Security Attacks

Page 12: Attacks Attacks AND Attacks!

12

Security Attacks

Page 13: Attacks Attacks AND Attacks!

13

Security Attacks

Page 14: Attacks Attacks AND Attacks!

14

Denial of Service Attacks

• Various forms• UDP flood -- overrun the end server with

lots of packets• TCP SYN attack -- don’t complete the 3-

way handshake of TCP• ICMP Flood -- overload end server CPU

with many packets

Page 15: Attacks Attacks AND Attacks!

15

Denial of Service Attacks

• ICMP Directed Broadcast: Send ICMP echo request to broadcast addresses, broadcast directed towards the victim

• DNS Flood: Request a zone transfer• CGI Flood: Keep web server CPU busy• Fragmentation attack: Send fragments of

incomplete packets, buffers exhausted.

Page 16: Attacks Attacks AND Attacks!

16

Security AttacksSecurity Attacks

Page 17: Attacks Attacks AND Attacks!

17

Security AttacksSecurity Attacks

• Interruption: This is an attack on availability

• Interception: This is an attack on confidentiality

• Modification: This is an attack on integrity

• Fabrication: This is an attack on authenticity

Page 18: Attacks Attacks AND Attacks!

18

Security GoalsSecurity Goals

Integrity

Confidentiality

Availability

Page 19: Attacks Attacks AND Attacks!

19

Security ServicesSecurity Services• Confidentiality (privacy)

• Authentication (who created or sent the data)

• Integrity (has not been altered)

• Non-repudiation (the order is final)

• Access control (prevent misuse of resources)

• Availability (permanence, non-erasure)

– Denial of Service Attacks

– Virus that deletes files

Page 20: Attacks Attacks AND Attacks!

20

Page 21: Attacks Attacks AND Attacks!

21

Page 22: Attacks Attacks AND Attacks!

22

Methods of Methods of DefenceDefence

• Encryption• Software Controls (access limitations

in a data base, in operating system protect each user from other users)

• Hardware Controls (smartcard)• Policies (frequent changes of

passwords)• Physical Controls• Firewall based access restrictions

Page 23: Attacks Attacks AND Attacks!

23

Some Terminology

• Worm –self-replicating program that can propagate without human help

• Virus – self-replicating program that requires human action

• Trojan –malicious code hidden in an apparently harmless piece of code

• Backdoor – leaves infected machine vulnerable for future attacks

• Spam – Unwanted, unsolicited email• More definitions here

Page 24: Attacks Attacks AND Attacks!

24

Tentative course topics

• Encryption • Traffic Analysis• Denial of Service Attacks• End host security

– Buffer overflows, rootkits,

• Miscellaneous topics (You!!)