Minimizing Information Transparency
Download as PPTX, PDF0 likes77 views
This document discusses various techniques to minimize transparency in information flow across computer networks. It begins by explaining how digital information is transmitted using the TCP/IP and OSI models. It then discusses tools like packet sniffers that can intercept network traffic. Various attacks that exploit transparency at different layers are described. Virtual private networks (VPNs) are presented as a method to secure information flow at the network layer through encryption. The document demonstrates traffic analysis with and without a VPN and discusses other strategies like Tor onion services and HTTPS. It concludes by addressing frequently asked questions about VPN services.
Minimizing Information Transparency
- 1. Minimizing Transparency In Information Flow By: Engr. Usman Arshad & Shumail Abbasi National Cyber Security Auditing and Evaluation Lab, NUST, Pakistan
- 2. Agenda “How we can minimize transparency in Information Flow?”
- 3. Sequence • How digital information is conveyed? • TCP/IP vs OSI model • Introduction to sniffer tools • Introduction to Information transparency • Famous cyber attacks • Security goals – AIC triad • Layer Wise techniques to minimize transparency • Privacy and Security through Virtual Private Networks • Pros and Cons of using VPNs • Practical Demonstration ( Comparison of information flow at packet level with and without VPN) • Q&A session
- 4. Transmission of Digital Information • Computers and digital devices connects and communicates with one another, primarily using the OSI Model or TCP/IP. • Think of TCP/IP as a book of rules, a step-by-step guide that each computer uses to know how to talk to another computer.
- 5. TCP/IP Model • It is specifically designed as a model to offer highly reliable and end-to-end byte stream over an unreliable internetwork. • The TCP/IP model is a concise version of the OSI model. • It contains four layers, unlike seven layers in the OSI model. • The layers are: • Process/Application Layer • Host-to-Host/Transport Layer • Internet Layer • Network Access/Link Layer
- 6. TCP/IP vs OSI model
- 7. Packet Encapsulation Packet Encapsulation in 5 steps : TCP/IP
- 8. Packet at Physical Layer • Physical Network Layer--Preparing the Frame for Transmission • The physical network layer on the sending host receives the frames and converts the IP addresses into the hardware addresses appropriate to the network media. • The physical network layer then sends the frame out over the network media.
- 9. Introduction to Information transparency • Digital information mostly flows in vulnerable line of communication. • This insecurity while utilizing these applications on small and large computational machines lost the confidence of net user. • The issue of transparency in information flow not just stop here; it extends towards the regime of corporate organizations which includes • Business, • Banking sectors, • Commercial firms. • The information breaches are now increasing extensively due to vast number of services available online for instance online banking and transactions.
- 10. Sniffer tools • A packet analyzer or packet sniffer is a computer program or computer hardware. • Use to intercept and log traffic that passes over a computer network or part of a network. • Following are the some currently used packet analysers available. • SolarWinds Network Performance Monitor. • Paessler PRTG Network Monitor. • Savvius Omnipeek. • tcpdump. • Wireshark.
- 11. Wireshark • Originally known as Ethereal. • Displays data from hundreds of different protocols on all major network types. • Data packets can be viewed in real-time or analyzed offline.
- 13. Transparency In TCP/IP Model • IP address spoofing. • ARP spoofing. • Port scanning. • ICMP attacks. • Packet reassembly and sequence prediction. • MitM attacks. • DoS and DDoS attacks.
- 14. Transparency at Application Layer
- 15. Transparency at Transport Layer
- 16. Transparency at Network Layer
- 17. Transparency at Network Access Layer
- 18. Some information breaches • 2011 - PlayStation Network outage, resulting in stolen credentials and incidentally causing network disruption. • Vestige (online store) – in 2010, a band of anonymous hackers has rooted the servers of the site and leaked half a gigabyte's worth of its private data. • IEEE – in September 2012, it exposed user names, plaintext passwords, and website activity for almost 100,000 of its members. • LivingSocial – in 2014, the company suffered a security breach that has exposed names, e-mail addresses and password data for up to 50 million of its users. • Adobe – in 2013, hackers obtained access to Adobe's networks and stole user information and downloaded the source code for some of Adobe programs. It attacked 150 million customers. • World Health Organization – in March 2020, hackers leaked information on login credentials from the staff members at WHO. • In response to cyberattacks, they stated that • “Ensuring the security of health information for Member States and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic.”
- 19. Security goal – AIC Triad • At a basic level, minimizing transparency refers to Privacy and security of internet client as a security goals. • Privacy — by masking things like your IP address, location, and search history, to keep them from being tracked by websites, internet browsers, cable companies, internet service providers (ISPs), and others. • Availability — that authorized users have access to the systems and the resources they need. • Confidentiality — Data confidentiality is about protecting data against unintentional, unlawful, or unauthorized access, disclosure, or theft.
- 20. Practical methods to minimize transparency • Security can be applied at every layer level of TCP/IP model • Application induced Encryption – Application Layer Security • Secure Socket Layer - Transport Layer Security • VPN – Network Layer Security • Hardware based Encryption – Physical Layer Security
- 21. Application Layer Security • Application layer encryption is a data-security solution that encrypts nearly any type of data passing through an application. • When encryption occurs at this level, data is encrypted across multiple (including disk, file, and database) layers. • Examples of security applied at application level includes applications: • Signal Private Messenger. • Wire. • Threema. • Telegram. • WhatsApp.
- 22. Transport Layer Security • Transport Layer Security, the successor of the now-deprecated Secure Sockets Layer. • Cryptographic protocol designed to provide communications security over a computer network. • Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol. • Common applications that employ TLS include • Web browsers • Instant messaging • E-mail • Voice over IP. • Full featured toolkits of TLS and SSL protocols are provided by • OpenSSL • CERT+ • GEO Trust SSL
- 23. TLS Packet
- 24. TLS Packet
- 25. Network Layer Security • Purpose: To hide Real IP address. • Several unique security vulnerabilities. • Mostly, Up till network layer; packet is encrypted and in some cases, not, then, • Virtual headers from transport layers to data link layer are appended. • A whole server-client authenticated and encrypted channel and system is established. • Considered to be best approach to apply at Network layer for securing its transparency of information it contains: • Virtual private networks. • Relay Services. • Proxy Servers.
- 26. Physical Layer Security • Explores the possibility of achieving perfect-secrecy data transmission among intended network nodes. • Malicious nodes that eavesdrop upon the transmission obtain zero information. • Lock pick sets, wiretapping equipment, and scanners are easy for an attacker to acquire. • Attackers with basic computer skills can use wireless hacking tools or acquire security equipment for disassembly and analysis. • Usage is limited to military grade radio communication. • The ELCRODAT products from Rohde & Schwarz protect voice and data communications in digital and analog networks of armed forces and government authorities for all German and NATO security classifications. ELCRODAT 4-2 ELCRODAT 5-4 ELCRODAT 6-2
- 27. Privacy and Security through Virtual Private Networks • A virtual private network (VPN) features: • Online privacy and anonymity. • Private network from a public internet connection. • VPNs mask internet protocol (IP) address making online actions virtually untraceable. • VPN services establish secure and encrypted connections to provide greater privacy than even a secured Wi-Fi hotspot.
- 28. Different Types of VPNs • Based on encryption: • Encrypted VPNs • Non-encrypted VPNs • Based on OSI model: • Data link layer VPNs • Network layer VPNs • Application layer VPNs • Based on business functionality: • Intranet VPNs • Extranet VPNs
- 29. How VPN service can be deployed?
- 30. How VPN protocol works?
- 32. VPN Protocols
- 34. Pros and Cons of using VPNs • Pros • Protect your online identity. • Bypass geo-blocking. • Prevent bandwidth throttling. • Bypass firewalls. • Better online gaming experience. • Secure torrenting. • Protected file sharing. • Cons • Clients logging at VPN server. • Sometimes slow internet speed. • VPN blocker technology exists. • VPN connection may drop. • Not built for all devices. • VPN server may be compromised. • Illegal in some terrains.
- 35. Traffic With and Without VPN
- 36. Practical Demonstration ( Comparison of information flow at packet level with and without VPN) • TCP/IP traffic analysis using Wireshark without VPN. • TCP/IP traffic analysis using Wireshark with VPN.
- 37. Some Frequently Asked Questions about VPN’s available in market • Do they respect your privacy? • Do they run the most current protocol? • Do they set data limits? • Where are the servers located? • Will you be able to set up VPN access on multiple devices? • How much will it cost? If price is important to you, then you may think that a free VPN is the best option. If you compare paid vs. free options, you may find that free VPNs: • don’t offer the most current or secure protocols. • don’t offer the highest bandwidth and connection speeds to free users. • do have a higher disconnection rate. • don’t have as many servers in as many countries globally. • don’t offer support.
- 38. Other Possible Strategies • Tor Onion services. • Tor and VPN together. • Proxy Servers. • HTTPS everywhere. • Wire Guard. • Hotsopt Shield
- 40. Tor and VPN Together
- 41. Proxy Servers • A computer system or router that functions as a relay between client and server.
- 42. HTTPS everywhere • HTTPS Everywhere is a free and open-source browser extension. • Designed for Google Chrome, Microsoft Edge, Mozilla Firefox, Opera, Brave, Vivaldi and Firefox for Android. • Developed collaboratively by The Tor Project and the Electronic Frontier Foundation.
- 43. WireGuard • A communication protocol and free and open-source software. • Implements encrypted virtual private networks. • Designed with the goals of ease of use, high speed performance, and low attack surface. • New designed and in reviewing phase. • Designed by Jason A. Donenfeld: An independent security researcher and software developer.
- 44. HotSpot Shield • An internationally popular free VPN service. • Until 2019 operated by AnchorFree, Inc. and at January 2006 is operated by Aura. • Uses its propriety protocols. • Intercepts user traffic and collects substantial data on users. • Contradicts the company's promise to offer complete anonymity. • A 14-page complaint filed by the Center for Democracy and Technology. • Center for Democracy & Technology is a Washington, D.C.-based nonprofit organization. • Mission is to strengthen individual rights and freedoms. • It defines promoting, influencing technology policy and the architecture of the Internet.
- 45. Best VPNs in 2021