Computer and Network Security Rabie A. Ramadan

Organization of the Course (Cont.) 2 Textbooks William Stallings, “Cryptography and Network Security,” Fourth Edition Behrouz A. Forouzan, “Cryptography and Network Security,” 2008 Edition Charles P. Pfleeger and Shari L. Pfleeger, “Security in Computing,” third addition

Course Contents 3 Introduction to Cryptography Authentication Functions Symmetric Key-Exchange Protocols Asymmetric Key-Distribution and Cryptography Network Layer Security Transport Layer Security Introduction to wireless network security

Exams 4 Do not worry about the exam as long as : You are attending Done with your project Done with your presentation Assignments are delivered

Projects or Term Papers 5 There will be a term project Only 2 persons per project You can select your own project after my approval Project report must follow IEEE format Deadline of the projects proposal is two weeks from today Suggested Projects and Term Papers

Table of Contents 6 Introduction Security Goals Attacks Services and Mechanisms Security mechanisms Techniques

Introduction 7 The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. —The Art of War, Sun Tzu

Introduction 8 In old days, to be secure, Information maintained physically on a secure place Few authorized persons have access to it (confidentiality) Protected from unauthorized change (integrity) Available to authorized entity when is needed (availability) Nowadays, Information are stored on computers Confidentiality are achieved  few authorized persons can access the files. Integrity is achieved  few are allowed to make change Availability is achieved  at least one person has access to the files all the time

Introduction 9 Achieving Confidentiality, Integrity, availability is a challenge: Distributed information Could be captured while it is transmitted Could be altered Could be blocked

Security Goals 10 Confidentiality Ensures that computer-related assets are accessed only by authorized parties. Sometimes called secrecy or privacy. Integrity Assets can be modified only by authorized parties or only in authorized ways. Availability assets are accessible to authorized parties at appropriate times. The opposite is denial of service.

Security Goals 11 Strong protection is based on Goals relations

Goals are Applied to 12 Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks

Our Aim of this Part 13 Our main concern is: Network and Internet Security Protecting the information while it is transmitted Will touch the computer security Presentations Assignments Projects

Threats, vulnerability, and Attacks 14 Crossing the water to the right is a Threat to the man. Ex. (Computer) software failures Crossing the water through the wall crack is a Vulnerability. Ex. (Computer) Open ports Somebody or another system destroyed the wall is an Attack Ex. (Computer) sending an overwhelming set of messages to another system to block it.

Attacks 15 Passive Attacks Attempts to learn or make use of information from the system but does not affect system resources. Eavesdropping or monitoring of transmissions Active Attacks Attempts to alter system resources or affect their operation.

Passive Attacks 16 Release of message contents / snooping

Passive Attacks (Cont.) 17 Traffic Analysis/ spoofing Passive Attacks are hard to be detected

Active Attacks 18 Masquerade One entity pretends to be a different entity

Active Attacks (Cont.) 19 Replay Attack Passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

Active Attacks (Cont.) 20 Modification Attack Some portion of a legitimate message is altered, or that messages are reordered, to produce an unauthorized effect

Active Attacks (Cont.) 21 Denial of Service Prevents or inhibits the normal use or management of communications facilities

Group Activities 22 Which of the following attacks is a threat to which of the security goals? AttacksSecurity Goals ModificationConfidentiality MasqueradingIntegrity Traffic AnalysisAvailability Denial of service Replaying Snooping

Answer 23 Security Attacks Snooping Traffic Analysis Modification Masquerading Replaying Denial of Service ConfidentialityIntegrityAvailability