1 / 24

Introduction to Network Systems Security

Introduction to Network Systems Security. Mort Anvari. About the Course. A grad-level seminar course focusing on basics and issues in network security First half will be lectures about elements of network security, cryptography backgrounds, and introduction to network security designs

branxton
Download Presentation

Introduction to Network Systems Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction toNetwork Systems Security Mort Anvari

  2. About the Course • A grad-level seminar course focusing on basics and issues in network security • First half will be lectures about elements of network security, cryptography backgrounds, and introduction to network security designs • Second half will be your chance to present what you have learned from key research papers

  3. Why Should You Take This Course • Security is an increasingly important issue • You want to have basic knowledge about network security • You can learn latest attacks and newest skills to counter those attacks • You have a chance to implement the skills learned in the class

  4. Your Best Strategy • Come to every lecture to learn basic security problems and skills to counter them • Keep yourself exposed to articles related to network security to collect project ideas • Read each assigned paper and write good summary for each paper • Do not wait till last minute to prepare for exam or work on project • Enjoy the fun!

  5. What Can Go Wrong… • …when your computer y receive or is waiting for a message m? ? Internet m x y

  6. Message Loss • Adversary A can discard m in its transit A m x y

  7. Message Interception • Adversary A can get a copy of m when m passes by m A m m x y

  8. Message Modification • Adversary A can arbitrarily modify the content of m to become m’ A m m’ x y

  9. Message Insertion • Adversary A can arbitrarily fabricate a message m, pretending that m was sent by x src: x dst: y A m x y

  10. Message Replay • Adversary A can replay a message m that has been sent earlier by x and received by y m A m x y

  11. … … … … … Denial-of-Service Attack • Adversary A can send huge amount of messages to y to block m from arriving at y A m ????? x y

  12. Passive attacks Traffic analysis Message interception Active attacks Message loss Message modification Message insertion Message replay Denial-of-Service attack Type of Attacks

  13. Confidentiality Integrity Authentication Anti-replay … Availability Access control Non-repudiation Anonymity Network Security Services

  14. Confidentiality • Keep message known only to the receiver and secret to anyone else • Counter message interception

  15. Integrity • When receiver receives message m, receiver can verify m is intact after sent by sender • Counter message modification

  16. Authentication • When receiver receives message m, receiver can verify m is indeed sent by the sender recorded in m • Counter message insertion

  17. Anti-replay • When receiver receives message m, receiver can verify m is not a message that was sent and received before • Counter message replay

  18. Availability • Property of a system or a resource being accessible and usable upon demand by an authorized entity • Counter denial-of-service attack

  19. Access Control • Mechanism to enforce access rights to resources and data • Users can access resources and data to which they have access rights • Users cannot access resources and data to which they don’t have access rights

  20. Non-repudiation • When receiver receives message m, receiver gets proof that sender of m ever sent m • Receiver of m can show proof to third-party so that sender of m cannot repudiate

  21. Anonymity • Identity of sender is hidden from receiver • When receiver receives message m, receiver has no clue about sender of m

  22. Network Security Is Great… • Protect messages from interception in their transit • Detect and discard messages that are modified, inserted, or replayed • Disallow unauthorized access to local system resource and sensitive data

  23. …But Hard To Achieve • Many layers in network architecture • Many different media of network connection • Adversary’s location hard to determine • New attacks keep emerging • Cryptographic overhead

  24. Next Class • Formal specification and verification of network protocols • Network security tools to counter the effects of adversary actions

More Related