1 Introduction to Network Security

Dr Kulothungan

epgp books

 

 

 

 

LEARNING OBJECTIVES:

 

•         To understand the definitions of Cryptography and Network Security

•         To understand the need for Cryptography

•         To know the basic terms related with Cryptography

•         To know the importance of cryptography in various fields.

 

 

 

1.1 Introduction to Network Security

 

Security is the state of being free from danger or threat. In other words, Security is the ability of a system to protect information or data and system resources with respect to confidentiality and integrity.

 

The main objective of security is to increase the reliability of system by preventing breaches. The measures are taken to protect computers and their contents from unauthorized use.

 

Good Security Standards follow the “90 / 10” Rule explain as 10% of security safeguards are technical and 90% of security safeguards rely on the computer user to adhere to good computing practices.

 

 

1.2 Need for Security

 

To prevent unauthorised access and protect the information from the attackers

 

Different Types of Security:

 

The security required for protecting the information can be categorised as the following:

 

Ø  Data security -Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled.

 

Ø  Computer Security– The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Malware:Malicious Software includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware.

 

Ø  Network Security– protect the network and the network-accessible resources from unauthorized access, consistent and continuous monitoring and measurement of its effectiveness.

 

 

1.3 Various Aspects of Security

 

Computer Security – generic name for the collection of tools designed to protect data and to thwart hackers.

 

It ensures that only authorized personnel have access to computer files.

Computer facilities have been physically protected for three reasons:

 

1)  To prevent theft of or damage to the hardware.

2)  To prevent theft of or damage to the information.

3)  To prevent disruption of service.

 

Computer security: Cybersecurity is the protection of computing systems and the data that they store or access.

 

Network Security – Measures to protect data during their transmission. Which means protection of computer network and its services from unauthorised modification, destruction or disclosure. Network security targets a variety of threats and stops them from entering or spreading on your network.

Internet Security – Measures to protect data during their transmission over a collection of interconnected networks.It encompasses browser security and protects against attacks over the internet(internet based threats). Example – Ecommerce Website in which transaction happens.

 

 

1.3 Cryptography

 

Cryptography (from Greek kryptós, “hidden”, and gráphein, “to write”) is, traditionally, the study of means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge — the art of encryption.

 

Cryptography helped ensure secrecy in important communications, such as those of spies, military leaders, and diplomats. In recent decades, cryptography has expanded its remit in two ways mechanisms for more than just keeping secrets: schemes like digital signatures and digital cash, for example in widespread use by many civilians, and users are not aware of it.

 

Cryptography means art of Secret Writing The process of writing or reading secret messages or codes. The art of protecting information (plain text) by transforming it (encrypting it) into an unreadable format, called cipher text(unintelligible text).Science of encoding messages so that only the sender and receiver can understand them.

 

 

1.3.1 Need for Cryptography

 

In today’s world thousands of people interact electronically every day by different means like e-mails, ATM machines, e-commerce or cellular phones. The rapid increase of information transmitted electronically resulted to an increased reliance on cryptography. The main aim of cryptographic feature designed to detect, prevent, or recover from a security attack.

 

The security attacks may either deliberately or unknowingly a particular person tries to gain the control of particular system or particular network. There are no single mechanism that will support all security required, however one particular element underlies many of the security mechanisms in use cryptographic techniques.

 

 

 

1.4 Network Security Trends

 

The current trend in security threats are shown in the figure 1.1.Threat are nothing but the danger or harm that exploits the system or network in the aspect of data or services. Spyware is a piece of software that are used to gather information from your system without your knowledge.

 

 

1.5 Network Security Applications

 

The network; Security may be applied in various fields as given:

 

Ø Web contents – Content which deals with user experience on websites. It may be a text/ images/ video/animation/sound.

 

Ø Emails communication – Electronic mail communication is an effective way of communication which helps in day today communication.

 

Ø E- Commerce application – Trading (Buying/Selling) over internet.

 

Ø Remote login – Connecting to a system from remote location through internet connection.(VPN)

   Ø Database storage – Cloud storage, Google Drive where data is stored online.

Ø Banking transaction – online banking activities need to be protected

 

 

1.6 Key Security Concepts

 

The main objectives of the network security are confidentiality, integrity,an availability as shown in the figure 1.2. These are the three key objectives and heart of security.

 

 

 

 

1.6.1 Types of Services

 

 

1.6.1.1 Confidentiality

 

Confidentiality assures that private or confidential information is not made available or disclosed to unauthorized individuals. It is an integral component of security.

 

For example when banking online user-IDs and passwords that uniquely identify data systems’ users and control access to data systems, resources, hence achieves the goal of confidentiality.

 

1.6.1.2 Privacy

 

Most Web users want to understand that personal information they share will not be shared with anyone else without their permission. Message privacy, particularly for e-commerce transactions, requires encryption.

 

1.6.1.3 Integrity

 

Is the assurance that information can only be accessed or modified by those authorized to do so. For example, if you were sending an online money transfer for Rs.10,000,but the receiver is received only Rs.100 due to the tampered information.

 

Data integrity – The integrity is the way to assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).Integrity assures that information and programs are changed only in authorized manner.If the data received isn’t the same as the data sent, you’ve got a problem! Much of networking involves working to improve data integrity.

 

System integrity-This assures that a system performs its intended function free from deliberate or inadvertent unauthorized manipulation.

 

 

1.6.1.4 Availability

 

Availability are mainly needs to ensure the services are available to the end user whenever it is required.

 

1.6.1.5 Nonrepudiation

 

Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.

 

1.6.1.6 Authentication

 

Entity authentication

 

the assurance that a given entity is involved and currently active in a communication session (sometimes referred to as identification).

 

Data integrity the assurance that data has not been altered in an unauthorised (or accidental) manner since the time that the data was last created, transmitted or stored by an authorised user.

 

Data origin authentication

 

the assurance that a given entity was the original source of some data (sometimes referred to as message authentication).

 

1.7 Example for types of Services

 

•         confidentiality – student grades

•         integrity – patient information

•        availability – authentication service

•         authenticity – admission ticket

•         non-repudiation – stock sell order

 

 

1.8 Aspects of Security

 

The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as

 

1.8.1 Security attack

 

If any actions that compromise the system in related to security components.

 

1.8.2 Security mechanism

 

A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.

 

1.8.2 Security service

 

A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.

 

 

1.9 Threats and Attacks (RFC 2828)

 

1.9.1 Threat

 

The threats are a potential for violation of security, which exists in the circumstance, capability, action, or event that could breach security and causes harmful to the system. Hence, a threat is a possible danger that might exploit a vulnerability of the system.

 

1.9.2Attack

 

An attack on system security is actually derives from an intelligent threat mechanism. The goal of the attacker is to deliberate attempt to evade security services and violate the security policy of a system.

 

 

1.9.2.1 Security Attack

 

Any action that tries to compromises the security of information owned by an organization information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems often threat & attack used to mean same thing have a wide range of attacks can focus of generic types of attacks.

 

 

1.9.2.1 Passive attack

 

Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The attacker attempting to break the system solely based upon observed data as shown in figure 1.3 (i.e. the ciphertext)

 

 

Interception –The attacker routinely monitors network traffic. Intercept missions can occur for years without the knowledge of the intercept parties.

 

 

 

Traffic Analysis – A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target.

 

Interruption – An unauthorized party gains access to an asset. This is an attack on confidentiality. Unauthorized party could be a person, a program or a computer. e.g., wiretapping to capture data in the network, illegal copying of files.

 

 

1.9.2.2 Active attack

 

These attacks involve some modification of the data stream or the creation of a false stream as shown in figure 1.4. The hacker attempts to make changes to data on the target or data via route to the target.

 

Fabrication – This sort of attack usually inserts new information, or records extra information on a file. It is mainly used to gain access to data or a service.

 

Replay- Replay attacks are the network attacks in which an attacker spies the conversation between the sender and receiver and takes the authenticated information e.g. sharing key and then contact to the receiver with that key. In Replay attack the attacker gives the proof of his identity and authenticity. For example: Suppose in the communication of two parties A and B; A is sharing his key to B to prove his identity but in the meanwhile Attacker C eavesdrop the conversation between them and keeps the information which are needed to prove his identity to B. Later C contacts to B and prove its authenticity.

 

Modification – If the legitimate messages are altered or deleted during the transmission in real time, then it needs a “man in the middle”.

 

 

1.10 Handling Attacks

 

List of merits and demerits of passive and active attacks

 

Passive attacks – focus on Prevention

 

•         More dangerous

•         Easy to stop

•         Hard to detect

•         Hard to stop

•         Easy to detect

 

 

1.11 Security Service

 

It enhances security of data processing systems and information transfers of an organization intended to counter security attacks. Using one or more security mechanisms often replicates functions normally associated with physical documents which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed

 

 

 

1.12 Symmetric and public key algorithms

 

Encryption/Decryption methods fall into two categories.

 

a.      Symmetric key and

b.      Public key

 

In symmetric key algorithms, the encryption and decryption keys are known both to sender and receiver. The encryption key is shared and the decryption key is easily calculated from it. In many cases, the encryption and decryption keys are the same.

In public key cryptography, encryption key is made public, but it is computationally infeasible to find the decryption key without the information known to the receiver.

 

 

1.13 Model for Network Security

 

A message is to be transferred from one party to another across some sort of internet. The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. A logical information channel is established by defining a route through the internet from source to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals

 

 

Using this model requires us to:

 

1.      design a suitable algorithm for the security transformation.

2.      generate the secret information (keys) used by the algorithm.

3.      develop methods to distribute and share the secret information.

4.      specify a protocol enabling the principals to use the transformation and secret information for a security service.

 

 

 

 

Using this model requires us to:

 

•         select appropriate gatekeeper functions to identify users

•         implement security controls to ensure only authorised users access designated information or resources

•         trusted computer systems may be useful to help implement this model

 

 

1.14 Various Areas- Importance of Security

 

•         Cloud Computing

•         Wireless Networks

•         Data Analytics

•         Social Networking

•         Internet of Things

 

Summary

 

  • Outlined the different definitions of Cryptography.
  • Explained the various attacks and need for security.
  • Discussed different applications of Network security.
  • Models for network (access) security.
  • Explored the role of cryptography in the various fields.
you can view video on Introduction to Network Security