Network security # Lecture 1

CSC8 – NETWORK
SECURITY
KABUL EDUCATION UNIVERSITY
C O M P U T E R S C I E N C E D E P A R T M E N T
L E C T U R E R : I S L A H U D D I N J A L A L
M A S T E R I N C Y B E R S E C U R I T Y
9/16/2017 KABUL EDUCATION UNIVERSITY 1

First week course outlines
Overview of network security
◦ Network security background
◦ Definitions
◦ How security became an issue
◦ Areas of security
◦ Security as a process
◦ Attacks, services and mechanisms
◦ Security goals
◦ Network models

Class Policy
A student must reach the class-room in time. Late comers may join the class but are not entitled
to be marked present.
Attendance shall be marked at the start of the class and students failing to secure 75%
attendance will not be allowed to sit in final exam.
The assignment submission deadline must be observed. In case of late submission, ten percent
may be deducted from each day.
Those who are absent on the announcement date of the assignment/test. Must get the
topic/chapter of test/assignment confirmed through their peers.
Mobile phones must be switched-off in the class-rooms.

Grading Evaluation for Network Security
Internal Evaluation
Midterm Exam 20%
Attendance 5%
Assignment/Presentations 5%
Quizzes/Tests 10%
Total Internal Evaluation 40%
Final-term Examination
Final-term Exam 60%
Total Marks 100%

What is Security?
Dictionary.com says:
◦ 1. Freedom from risk or danger; safety.
◦ 2. Freedom from doubt, anxiety, or fear; confidence.
◦ 3. Something that gives or assures safety, as:
◦ 1. A group or department of private guards: Call building security if a visitor acts suspicious.
◦ 2. Measures adopted by a government to prevent espionage, sabotage, or attack.
◦ 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary
or assault: Security was lax at the firm's smaller plant.
…etc.

Why Do We Need Network Security?
Protect vital information while still allowing access to those who need it
◦ Trade secrets, medical records, etc.
Provide authentication and access control for resources
Guarantee availability of resources
◦ Ex: 5 9’s (99.999% reliability)
Safeguard Network from threats include internal and external threats. Internal threats are the
most serious. These threats often occur because best practices are not followed. For example,
blank or default passwords are used, or in-house developers use insecure programming
practices. External threats typically rely on technical methods to attack the network

Network Security Background
Information Security requirements have changed in recent times
Traditionally provided by physical and administrative mechanisms
◦ Such as file locked in a file room
◦ Access only for authorized user
Now, computer requires automated tools to protect files and other stored information
The use of networks requires measures to protect data during transmission

Definitions
Network Security is the process of taking physical and software preventative measures to
protect the underlying networking infrastructure from unauthorized access, misuse,
malfunction, modification, destruction, or improper disclosure, thereby creating a secure
platform for computers, users and programs to perform their permitted critical functions within
a secure environment.
Networking infrastructure:
◦ Server
◦ Database/Information (files, data, communication media)
◦ User accounts/passwords
◦ Configurations/settings
◦ etc

How Security Became an Issue
People and businesses depend greatly on computer technology and automation in many
different aspects of their lives.
Examples:
◦ public utilities,
◦ military defense systems,
◦ financial institutions,
◦ medical equipment,

How Security Became an Issue
With the increasing exposure to computing and processing, the individuals who used computers
learned more about using the technology and getting the most out of it.
However, the good things in life often have a darker side. Taking technology down from the
pedestal of the mainframe and putting it into so many individuals’ hands led to a lot of issues
that never had to be dealt with in the mainframe days.

How Security became an Issue
Now there were thousands of people not versed and experienced in computing who had much
more access to important data and processes.
Barriers and protection mechanisms were not in place to protect employees and systems from
mistakes, so important data got corrupted accidentally, and individual mistakes affected many
other systems instead of just one.

Network Models
According to the IT security terms, there are two network models:
1. Closed network model
2. Open network model

Closed Network Model
Advantages:
◦ Strong security
◦ Strict security policy
◦ Typically implemented in corporate environments
◦ Easy support and monitoring
Disadvantages:
◦ Low flexibility (no WLANs, no external connection)
◦ No external access for business partner
◦ No connection from public networks

Open Network Model
Advantages:
◦ External access
◦ Business advantages
◦ Flexible for users
◦ Internet access
Disadvantages:
◦ This is the required model for modern enterprise
◦ Hard to support, secure, and monitor
◦ Many potential threats
◦ Require strict security policy and disaster recovery
plan

Needed Balance
The need for e-business, mobile commerce, wireless communication and Internet applications
continue to grow
Finding the balance between being isolated and being open, will be critical, along with the
ability to distinguish the good guys from the bad guys.

Security Goals
Confidentiality
AvailabilityIntegrity

Security Goals
Confidentiality: prevent unauthorized access
Integrity: prevent unauthorized modification
Availability: prevent a loss of access to resources by the authorized user

Security as a Process
•A single product cannot provide complete security for an organization. Usually more than one
security mechanisms are used and integrated in an organization:
1. Every computer system should be capable of restricting access to files based on the ID of the
user
– Authorization
2. An anti-virus software
– Help to detect/clean the system from malicious software that want to gain access to a system

3. Firewalls are access control devices for a network.
– Exist between the internal and external networks.
– However, they will not prevent an attacker, using an allowed connection, from attacking a system, for
example an attacker from the inside.
4. Intrusion detection systems (IDS) could identify when someone is doing something wrong
and stop them.
– However, they will not detect legitimate users who may have access to inappropriate information.

5. Smartcards can be used for authentication
– but cannot prevent misuse if lost or stolen.
6. Biometric systems can be used to reduce the risk of someone guessing a password.
– There are biometric scanners for verifying fingerprints, retina/iris, palm vein, hand geometry, facial
geometry, and voice.
– Issues on the precision of the devices

Examples of Biometric Technologies
 Fingerprint
Identification
• Iris Recognition • Retina Scan• Palm Vein
Identification
• Hand Geometry
Identification
• Speaker
Identification
(voice recognition)
• Face
Identification

7. With a policy management system, an organization can be made aware of any system that
does not conform to policy.
– However, policy management may not consider vulnerabilities in systems or misconfigurations of
application software.

8. Vulnerability scanning can help identify potential entry points of intruders.
– However, it will not detect legitimate users with inappropriate access or intruders already in the system.
9. Encryption will protect information in storage and in transit.
– However, encryption systems will not differentiate between legitimate and illegitimate users, if both
present the same keys to the encryption algorithm.
10. Physical security will not protect the system from attacks by those using legitimate access or
attacks through the network

Attacks, Services and Mechanisms
•Three aspects of Information Security:
1. Security Attack: Any action that compromise the security of information
2. Security Mechanisms: A mechanism that is designed to detect, prevent, or recover from a
security attack
3. Security Service: A service that enhances the security of data processing systems and
information transfers. A security service makes use of one or more security mechanisms

Security Attack Categories
Interruption
- Attack on availability
- An asset of the system is destroyed or becomes unavailable or unusable
- Examples: The destruction of hardware (disk or wire),
the cutting of a communication line, or swamping/flooding a
computer communication link with packets.

Security attack categories
Interception
- Attack on confidentiality
- This happens when any unauthorized unit gains access to an
asset
- Examples: Wiretapping to capture data in a network
and the unauthorized copying of files or programs

Security Attack categories
Modification
- Attack on integrity
- An unauthorized party gain access to the asset and
make some changes to it
- Examples: Changing data files, altering a
program so that it performs differently, modifying
the contents of a message

Security Attack Categories
Fabrication
- Attack on authenticity
- If an unauthorized party gains access to the asset and
insert a counterfeit object into the system
- Examples: The insertion of spurious messages in a
network or the insertion of records in data files.

Security Attacks
•Passive attacks: This is an attack on the network in the nature of eavesdropping or monitoring of
transmission of data
– Aims to learn or make use of information from the system but does not affect system resources.
– Difficult to detect, measures are available to prevent their success.
• Active attacks: This involves modification of the data in transmission or the creation of a false
stream.
– Attempts to alter system resources or a affect their operation
– Difficult to prevent, measures available to detect and recover from destruction
• Active and passive security threats

Security Attacks
Passive threats
Release of
message content
Traffic
analysis
Active threats
Masquerade
Replay
Modification of
Message content DoS
 Active and passive security threats

Passive attacks
Release of message content:
◦ Content of a message are read.
◦ A message may be carrying sensitive or confidential data.
◦ For example: A telephone conversation, email messages, or confidential information

Passive attacks
Traffic analysis:
◦ An intruder makes inferences by observing message patterns
◦ Can be done even if messages are encrypted
◦ Inferences: Location and identity of hosts

Active Attacks
Masquerade: An entity pretends to be some other entity.
◦ Example: An entity captures an authentication sequence and replays it later to impersonate the original
entity
Replay: Involves the passive capture of a data unit and its subsequent retransmission to produce
an unauthorized effect
Modification: A portion of a legitimate message altered to produce an undesirable effect
Denial of service: Inhibits normal use of computer and communications resources and facilities

Security Mechanisms
In order to detect, prevent, or recover from these security attacks, we use security mechanisms
There is no single mechanism which will provide all the services or perform all the functions
mentioned
A variety of mechanisms are used to detect and prevent certain attacks, and to provide certain
functions and services

Security Mechanisms
Encryption
Software Controls (access limitations in a database, in operating system protect each user from
other users)
Hardware Controls (smart card)
Policies (frequent changes of passwords)
Physical Controls
Information flowing over an secure communications channel, for example: Virtual Private
Network (VPN)

Security Services
Enhance security of data processing systems and information transfers of an
organization
Intended to counter security attacks
Using one or more security mechanisms
Often replicates functions normally associated with physical documents, for
example:
◦ signatures, dates, protection from disclosure, tampering, destruction; be notarized or
witnessed; be recorded or licensed

Security Services
A classification of security services:
- Confidentiality (privacy)
- Authentication (who created or sent the data)
- Integrity (has not been altered)
- Non-repudiation (the order is final)
- Access control (prevent misuse of resources)
- Availability (permanence, non-erasure)
• Denial of Service Attacks, Virus that deletes files

Other Issues: Legal Issues and Privacy Concerns
For many businesses today, one of the biggest reasons to create and follow a security policy is
compliance with the law.
If a business is running a publicly held e-business and a catastrophic attack seriously impairs the
business, a lawsuit is possible.

Other Issues: Wireless Access and Wirless LANs
WiFi connections do not respect firewalls the way wired connections do.
Implementation of Wireless LANs or other wireless technologies bring additional security
threats.

IT staff-shortage
The IT staffing shortage is especially evident in the security field.
To solve this problem, many enterprises are increasingly outsourcing day-to-day security
management tasks.
Clearly, there is a demand for skilled network security professionals.

Information Security Organizations
CERT/CC
US-CERT
SANS Institute
(ISC)2
Common Criteria
FIPS
ICSA Labs

References
Pfleeger, C. Security in Computing. Prentice Hall, 1997.
Certified Information Systems Security Professional (CISSP), All-in-One Exam Guide, Fifth Edition
Network Management- Prof. Dr.-Ing. Alexandru Soceanu

END
Thanks for hearing…………………….

Network security # Lecture 1

More Related Content

What's hot (20)

Similar to Network security # Lecture 1 (20)

More from Kabul Education University (20)

Recently uploaded (20)

Network security # Lecture 1