New version page

WUSTL CSE 574S - Network Security Concepts: Review

Documents in this Course
Figures

Figures

11 pages

Concept

Concept

8 pages

Mobile IP

Mobile IP

30 pages

Load more
Upgrade to remove ads
Upgrade to remove ads
Unformatted text preview:

11-1©2005 Raj JainCSE574sWashington University in St. LouisNetwork SecurityNetwork SecurityConcepts: ReviewConcepts: ReviewRaj Jain Washington University in Saint LouisSaint Louis, MO [email protected] slides are available on-line at:http://www.cse.wustl.edu/~jain/cse574-06/11-2©2005 Raj JainCSE574sWashington University in St. LouisOverviewOverview Types of security attacks and solutions Secret Key and Public Key Encryption Hash Functions  Message Authentication Code (MAC) Digital Signature and Digital Certificates RSA Public Key Encryption11-3©2005 Raj JainCSE574sWashington University in St. LouisTypes of Security AttacksTypes of Security Attacks Denial of Service (DoS) DoS by Flooding: Lots of packets from one node to victim.DoS on DNS or root name servers.ARP flooding, ping broadcasts, TCP SYN flooding. DoS by Forging: Send incorrect routing message Distributed DoS (DDoS): Lots of packets from multiple nodes to victimAttackerVictim11-4©2005 Raj JainCSE574sWashington University in St. LouisSecurity Attacks (Cont)Security Attacks (Cont) Sniffing: Listen to unencrypted traffic Replay: Record and reuse messages later Traffic Redirection: Poison ARP tables in routers. Reaction: Send spurious packets; monitor the response. Challenge-response authentication. Jamming: RF interference. Rogue AP: Man-in-the-middle attacks. Easily deployed in public areas.Fake SSID Fraud: Criminal deception. E.g., identity theft DNS query and responses are in clear. Can be spoofed by a man-in-the-middle. DNS cache poisoning. BGP routing messages can be spoofed..11-5©2005 Raj JainCSE574sWashington University in St. LouisSecurity Attacks (Cont)Security Attacks (Cont) Trojan Horse: Programs with hidden functionality. Could be triggered when a specific time or condition. Trap Doors: Backdoor. Code segment to circumvent access control. Virus: A program that reproduces by introducing a copy of itself in other programs. Jump to Viral code and return to beginning. Worms: Creates copies of itself on other machines. Unlike virus, worms do not require user action.Morris worm spread by finding IP addresses on the machine. Slammer worm sent UDP packets to cause buffer overflow. Buffer Overflow: Overwrite code segments and execute code in data space. Many programming languages do enforce bound checking.11-6©2005 Raj JainCSE574sWashington University in St. LouisSecurity Attacks (Cont)Security Attacks (Cont) Covert Communications Channel: Hidden channel.  Capture electromagnetic radiations from keyboards, screens, and processors.  Pizza deliveries to White House Steganography or Information Hiding: Lower bits of pictures or music files. Reverse Engineering: dismantling and inspecting to infer internal function and structure. Code dumping and decompiling Scavenging: Acquisition of data from residue. Searching through rubbish bins. Buffer space in memory, deleted files on disks, bad blocks on disks Cryptanalysis: Find encryption key, encryption method, or clear text. Get plain-text and cipher text pairs.11-7©2005 Raj JainCSE574sWashington University in St. LouisSecurity SolutionsSecurity Solutions Audits: May including testing by a red team. Keep good system logs. Formal methods: Used to verify no human errors in the code and protocols. Attack Graphs: Show paths that an attacker can take to get access  Security Automata: Security policies expressed as finite state machines. Encryption: Secret key and public key Steganography: Digital water marking. Information hidden in images, sound, or video can be used to find the origin of data.11-8©2005 Raj JainCSE574sWashington University in St. LouisSecurity Solutions (Cont)Security Solutions (Cont) Obfuscation: Make a concept confusing and difficult to understand. Common in politics. Write programs so that they can not be reverse engineered. Virus Scanners Proof Carrying Code: Mobile code contains a proof that it is safe. Sandboxing: Limiting access Firewalls: Scan and filter network traffic. Red/black separation: Handle sensitive and insensitive data on different machines. Secure Hardware: Temperproof. Physical security.11-9©2005 Raj JainCSE574sWashington University in St. LouisSecurity RequirementsSecurity Requirements Integrity: Received = sent? Availability: Legal users should be able to use. Ping continuously  No useful work gets done. Confidentiality and Privacy: No snooping or wiretapping Authentication: You are who you say you are. A student at Dartmouth posing as a professor canceled the exam. Authorization = Access Control Only authorized users get to the data No repudiation: Neither sender nor receiver can deny the existence of a message11-10©2005 Raj JainCSE574sWashington University in St. LouisSecret Key EncryptionSecret Key Encryption Also known as symmetric encryption Encrypted_Message = Encrypt(Key, Message) Message = Decrypt(Key, Encrypted_Message) Example: Encrypt = division 433 = 48 R 1 (using divisor of 9)11-11©2005 Raj JainCSE574sWashington University in St. LouisPublic Key Public Key EncryptionEncryption Invented in 1975 by Diffie and Hellman Encrypted_Message = Encrypt(Key1, Message) Message = Decrypt(Key2, Encrypted_Message)Text CiphertextCiphertext TextKey1Key211-12©2005 Raj JainCSE574sWashington University in St. LouisPublic Key EncryptionPublic Key Encryption RSA: Encrypted_Message = m3mod 187 Message = Encrypted_Message107mod 187 Key1 = <3,187>, Key2 = <107,187> Message = 5 Encrypted Message = 53= 125 Message = 125107mod 187 = 5= 125(64+32+8+2+1) mod 187 = {(12564mod 187)(12532mod 187)...(1252mod 187)(125 mod 187)} mod 18711-13©2005 Raj JainCSE574sWashington University in St. LouisModular ArithmeticModular Arithmetic xy mod m = (x mod m) (y mod m) mod m x4mod m = (x2mod m)(x2mod m) mod m xijmod m = (ximod m)jmod m 125 mod 187 = 125 1252mod 187 = 15625 mod 187 = 104 1254mod 187 = (1252mod 187)2mod 187 = 1042 mod 187 = 10816 mod 187 = 157 1258mod 187 = 1572mod 187 = 152 12516mod 187 = 1522 mod 187 = 103 12532mod 187 = 1032mod 187 = 137 12564 mod 187 = 1372mod 187 = 69 12564+32+8+2+1 mod 187 = 69×137×152×104×125 mod 187 = 18679128000 mod 187 = 511-14©2005 Raj JainCSE574sWashington University in St. LouisPublic Key (Cont)Public Key (Cont) One key is private and the other is public Message =


View Full Document
Download Network Security Concepts: Review
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Network Security Concepts: Review and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Network Security Concepts: Review 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?