simple overview-on-network-security-issues-tarek gaber-2014
TRANSCRIPT
This project is funded by Structural Funds of the European Union (ESF) and state budget of the Czech Republic
Simple Overview on Network Security Issues
Dr. Tarek Gaber Computer Science Department,
VSB-Technical University of Ostrava, Czech
Faculty of Computers & Informatics
Suez Canal University, Ismailia, Egypt
Lecture Objectives
To learn the importance of providing security for any network
To know techniques and algorithms used to achieve security in networks
Lecture Outlines
What is the Problem
Security Fundamentals
Algorithms to achieve security services
Security, functionality, and ease of use
What is the Problem?
• The Internet as a network is
– a shared resources,
– used by competing businesses, mutually unfriendly governments, and opportunistic criminals.
• What consequences if there is no security services?
Security Threat Example
• Suppose you are using a credit card to order an item from a website, an adversary would
– eavesdrop on your network communication,
– reading your messages to obtain your credit card information.
34% of WiFi users take no special measures to protect themselves accessing WiFi network
Threat Countermeasure • Encryption,
– Locking the exchanged messages so that preventing an attacker from understanding the message contents. • This in know as confidentiality.
- Taking the concept a step farther, concealing the
quantity or destination of communication is called • traffic confidentiality
Is Encryption Enough?
• An attacker who can’t read an encrypted message may still be able to modify a few bits in it,
– resulting in a completely different item or message.
– E.g. changing 0001 to 1010
• So, encryption alone is not enough.
– What are possible solutions?
Message Tampering Solution • Data Integrity: It is a technique to detect any
tampering with exchanging messages.
• The adversary could alternatively get a copy of your
message and then transmit it again as a replay attack.
Another Security Attack
• Imagine these websites are not accessible for minutes :
– Amazon.com
– Ebay.com
– Others
• When customers are unable to access a website, this could happen because it is being overwhelmed by fake requests
– This is know as Denial of Service (DoS) attacks
Internet Without Security Services
• There will be NO
– E-Commerce
– E-Banking
– E-ticket
– E-health
– …
– …
So, how these service can be secured?
Security Fundamentals: CIA security model
unauthorized access is
prevented
network performs its
tasks without interruption
message cannot be
modified by attackers
Typical Attacks to CIA Model • Confidentiality:
– Eavesdropping : unauthorized message reception
• Integrity: – man-in-the-middle: unauthorized message modification
• Availability: – denial-of-service : attempt to disrupt transmission or service
References • William, Stallings, and William Stallings. Cryptography and
Network Security, 4/E. Pearson Education India, 2006.
• http://techathon.mytechlabs.com/web-application-security-testing/
• http://www.privatewifi.com/csid-recommends-using-a-vpn-to-stop-man-in-the-middle-attacks/
• http://techathon.mytechlabs.com/web-application-security-testing/
• http://en.kryptotel.net/encryption.html