Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Published byBathsheba Wheeler Modified over 8 years ago

Similar presentations

Presentation on theme: "CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina."— Presentation transcript:

1 CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina

2 8/24/2004(C) 2004 Chin-Tser Huang2 About Me Chin-Tser Huang Ph.D. in Computer Sciences, 2003, University of Texas at Austin My second year with USC Research in network security, network protocol design and verification, distributed systems My web page can be found at http://www.cse.sc.edu/~huangct http://www.cse.sc.edu/~huangct

3 8/24/2004(C) 2004 Chin-Tser Huang3 About the Course A grad-level seminar course focusing on basics and issues in network security First half will be lectures about elements of network security, cryptography backgrounds, and introduction to network security designs Second half will be your chance to present what you have learned from key research papers

4 8/24/2004(C) 2004 Chin-Tser Huang4 Course Information Online http://www.cse.sc.edu/~huangct/CSCE 715F04/index.htm http://www.cse.sc.edu/~huangct/CSCE 715F04/index.htm List of assigned paper and useful links are available on the page Lecture slides will be available online too

5 8/24/2004(C) 2004 Chin-Tser Huang5 Why Should You Take This Course Security is an increasingly important issue You want to have basic knowledge about network security You can learn latest attacks and newest skills to counter those attacks You have a chance to implement the skills learned in the class

6 8/24/2004(C) 2004 Chin-Tser Huang6 Your Best Strategy Come to every lecture to learn basic security problems and skills to counter them Keep yourself exposed to articles related to network security to collect project ideas Read each assigned paper and write good summary for each paper Do not wait till last minute to prepare for exam or work on project Enjoy the fun!

7 8/24/2004(C) 2004 Chin-Tser Huang7 What Can Go Wrong… …when your computer y receive or is waiting for a message m? m Internet x y ?

8 8/24/2004(C) 2004 Chin-Tser Huang8 Message Loss Adversary A can discard m in its transit m x y A

9 8/24/2004(C) 2004 Chin-Tser Huang9 Message Interception Adversary A can get a copy of m when m passes by m x y m m A

10 8/24/2004(C) 2004 Chin-Tser Huang10 Message Modification Adversary A can arbitrarily modify the content of m to become m’ m x y m’ A

11 8/24/2004(C) 2004 Chin-Tser Huang11 Message Insertion Adversary A can arbitrarily fabricate a message m, pretending that m was sent by x x y m src: x dst: y A

12 8/24/2004(C) 2004 Chin-Tser Huang12 Message Replay Adversary A can replay a message m that has been sent earlier by x and received by y x y m m A

13 8/24/2004(C) 2004 Chin-Tser Huang13 Denial-of-Service Attack Adversary A can send huge amount of messages to y to block m from arriving at y x y m ……………… ????? A

14 8/24/2004(C) 2004 Chin-Tser Huang14 Type of Attacks Passive attacks Traffic analysis Message interception Active attacks Message loss Message modification Message insertion Message replay Denial-of-Service attack

15 8/24/2004(C) 2004 Chin-Tser Huang15 Network Security Services Confidentiality Integrity Authentication Anti-replay … Availability Access control Non-repudiation Anonymity

16 8/24/2004(C) 2004 Chin-Tser Huang16 Confidentiality Keep message known only to the receiver and secret to anyone else Counter message interception

17 8/24/2004(C) 2004 Chin-Tser Huang17 Integrity When receiver receives message m, receiver can verify m is intact after sent by sender Counter message modification

18 8/24/2004(C) 2004 Chin-Tser Huang18 Authentication When receiver receives message m, receiver can verify m is indeed sent by the sender recorded in m Counter message insertion

19 8/24/2004(C) 2004 Chin-Tser Huang19 Anti-replay When receiver receives message m, receiver can verify m is not a message that was sent and received before Counter message replay

20 8/24/2004(C) 2004 Chin-Tser Huang20 Availability Property of a system or a resource being accessible and usable upon demand by an authorized entity Counter denial-of-service attack

21 8/24/2004(C) 2004 Chin-Tser Huang21 Access Control Mechanism to enforce access rights to resources and data Users can access resources and data to which they have access rights Users cannot access resources and data to which they don’t have access rights

22 8/24/2004(C) 2004 Chin-Tser Huang22 Non-repudiation When receiver receives message m, receiver gets proof that sender of m ever sent m Receiver of m can show proof to third- party so that sender of m cannot repudiate

23 8/24/2004(C) 2004 Chin-Tser Huang23 Anonymity Identity of sender is hidden from receiver When receiver receives message m, receiver has no clue about sender of m

24 8/24/2004(C) 2004 Chin-Tser Huang24 Network Security Is Great… Protect messages from interception in their transit Detect and discard messages that are modified, inserted, or replayed Disallow unauthorized access to local system resource and sensitive data

25 8/24/2004(C) 2004 Chin-Tser Huang25 …But Hard To Achieve Many layers in network architecture Many different media of network connection Adversary’s location hard to determine New attacks keep emerging Cryptographic overhead

26 8/24/2004(C) 2004 Chin-Tser Huang26 Next Class Formal specification and verification of network protocols Network security tools to counter the effects of adversary actions Read Ch. 1

Download ppt "CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 211: Digital Logic Design

CSCE 211: Digital Logic Design
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Similar presentations

Ads by Google