Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security 4/21/2019 Raj Rajarajan.

Published byสมรัตน์ พันธุเมธา Modified over 5 years ago

Similar presentations

Presentation on theme: "Network Security 4/21/2019 Raj Rajarajan."— Presentation transcript:

1 Network Security 4/21/2019 Raj Rajarajan

2 Security Attacks 4/21/2019 Raj Rajarajan

3 Security Attacks Interruption: This is an attack on availability
Interception: This is an attack on confidentiality Modification: This is an attack on integrity Fabrication: This is an attack on authenticity 4/21/2019 Raj Rajarajan

4 Security Goals Confidentiality Integrity Availability 4/21/2019
Raj Rajarajan

5 4/21/2019 Raj Rajarajan

6 4/21/2019 Raj Rajarajan

7 4/21/2019 Raj Rajarajan

8 Electronic mail security
4/21/2019 Raj Rajarajan

9 Pretty Good Privacy (PGP)
Philip R. Zimmerman is the creator of PGP. PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications. 4/21/2019 Raj Rajarajan

10 Why Is PGP Popular? It is availiable free on a variety of platforms.
Based on well known algorithms. Wide range of applicability Not developed or controlled by governmental or standards organizations 4/21/2019 Raj Rajarajan

11 Compression PGP compresses the message after applying the signature but before encryption The compression algorithm used is ZIP 4/21/2019 Raj Rajarajan

12 Segmentation and Reassembly
Often restricted to a maximum message length of 50,000 octets. Longer messages must be broken up into segments. PGP automatically subdivides a message that is too large. The receiver strip of all headers and reassemble the block. 4/21/2019 Raj Rajarajan

13 IP Security 4/21/2019 Raj Rajarajan

14 IP Security Overview IPSec is not a single protocol. Instead, IPSec provides a set of security algorithms plus a general framework that allows a pair of communicating entities to use whichever algorithms provide security appropriate for the communication. 4/21/2019 Raj Rajarajan

15 IP Security Overview Applications of IPSec
Secure branch office connectivity over the Internet Secure remote access over the Internet Establsihing extranet and intranet connectivity with partners Enhancing electronic commerce security 4/21/2019 Raj Rajarajan

16 IP Security Scenario 4/21/2019 Raj Rajarajan

17 IP Security Overview Benefits of IPSec IPSec can assure that:
Transparent to applications (below transport layer (TCP, UDP) Provide security for individual users IPSec can assure that: A router or neighbour advertisement comes from an authorized router A redirect message comes from the router to which the initial packet was sent A routing update is not forged 4/21/2019 Raj Rajarajan

18 IPSec Services Access Control Connectionless integrity
Data origin authentication Rejection of replayed packets Confidentiality (encryption) Limited traffic flow confidentiality 4/21/2019 Raj Rajarajan

19 Before applying AH ** The IPv6 header includes extensions that allow a packet to specify a mechanism for authenticating its origin, for ensuring data integrity, and for ensuring privacy 4/21/2019 Raj Rajarajan

20 Transport Mode (AH Authentication)
4/21/2019 Raj Rajarajan

21 Tunnel Mode (AH Authentication)
4/21/2019 Raj Rajarajan

22 WEB Security 4/21/2019 Raj Rajarajan

23 Web Security Considerations
The WEB is very visible. Complex software hide many security flaws. Web servers are easy to configure and manage. Users are not aware of the risks. 4/21/2019 Raj Rajarajan

24 Security facilities in the TCP/IP protocol stack
4/21/2019 Raj Rajarajan

25 SSL and TLS Secure Sockets Layer (SSL) was originated by Netscape
Transport Layer Security (TLS) working group was formed within IETF First version of TLS can be viewed as an SSLv3.1 4/21/2019 Raj Rajarajan

26 SSL Architecture 4/21/2019 Raj Rajarajan

27 SSL Record Protocol Operation
4/21/2019 Raj Rajarajan

28 SSL Record Format 4/21/2019 Raj Rajarajan

29 Handshake Protocol The most complex part of SSL.
Allows the server and client to authenticate each other. Negotiate encryption, MAC algorithm and cryptographic keys. Used before any application data are transmitted. 4/21/2019 Raj Rajarajan

30 Handshake Protocol Action
4/21/2019 Raj Rajarajan

31 Transport Layer Security (TLS)
The same record format as the SSL record format. Defined in RFC 2246. Similar to SSLv3. Differences in the: version number message authentication code alert codes cipher suites client certificate types certificate_verify and finished message cryptographic computations 4/21/2019 Raj Rajarajan

32 Secure Electronic Transactions (SET)
An open encryption and security specification. Protect credit card transaction on the Internet. Companies involved: MasterCard, Visa, IBM, Microsoft, Netscape, RSA, Terisa and Verisign Not a payment system. Set of security protocols and formats. 4/21/2019 Raj Rajarajan

33 SET Services Provides a secure communication channel in a transaction.
Provides trust by the use of X.509v3 digital certificates. Ensures privacy. 4/21/2019 Raj Rajarajan

34 SET Overview Key Features of SET: Confidentiality of information
Integrity of data Cardholder account authentication Merchant authentication 4/21/2019 Raj Rajarajan

35 SET Participants 4/21/2019 Raj Rajarajan

36 Sequence of events for transactions
The customer opens an account. The customer receives a certificate. Merchants have their own certificates. The customer places an order. The merchant is verified. The order and payment are sent. The merchant request payment authorization. The merchant confirm the order. The merchant provides the goods or service. The merchant requests payments. 4/21/2019 Raj Rajarajan

37 The Stages of a Network Intrusion
1. Scan the network to: • locate which IP addresses are in use, • what operating system is in use, • what TCP or UDP ports are “open” (being listened to by Servers). 2. Run “Exploit” scripts against open ports 3. Get access to Shell program which is “suid” (has “root” privileges). 4. Download from Hacker Web site special versions of systems files that will let Cracker have free access in the future without his cpu time or disk storage space being noticed by auditing programs. 5. Use IRC (Internet Relay Chat) to invite friends to the feast. 4/21/2019 Raj Rajarajan 37

38 Virus Structure 4/21/2019 Raj Rajarajan

39 Advanced Antivirus Techniques
4/21/2019 Raj Rajarajan

Download ppt "Network Security 4/21/2019 Raj Rajarajan."

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Cryptography and Network Security

Cryptography and Network Security
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.

Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
Chapter 8 Web Security.

Chapter 8 Web Security.
1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden Revised by Andrew.

1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden Revised by Andrew.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.

Web Security : Secure Socket Layer Secure Electronic Transaction.

Similar presentations

Ads by Google