Embed Size (px)
DESCRIPTION
network security
Citation preview
Security Threats/Attacks
• BY ::Prof Yogesh Doulatramani
VIT College
Security Attacks
Informationsource
Informationdestination
Normal Flow
2
Security Attacks
Informationsource
Informationdestination
Interruption
Attack on availability(ability to use desired information or
resources)3
Security Attacks
Informationsource
Informationdestination
Interception
Attack on confidentiality
(concealment of information)4
Security Attacks
Informationsource
Informationdestination
Fabrication
Attack on authenticity(identification and assurance of origin of information)
5
Security Attacks
Informationsource
Informationdestination
Modification
Attack on integrity(prevention of unauthorized changes)Network
Security 6
Threats and Attacks
• Threat - a potential for violation of security or a possible danger that might exploit a vulnerability
• Attack - an assault on system security- an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system.
7
Security Security Threats/AttacksThreats/Attacks
8
Security AttacksSecurity Attacks
• Interruption: This is an attack on availability– Disrupting traffic– Physically breaking communication
line• Interception: This is an attack on
confidentiality– Overhearing, eavesdropping over a
communication line
9
Security Attacks (continued)
• Modification: This is an attack on integrity– Corrupting transmitted data or
tampering with it before it reaches its destination
• Fabrication: This is an attack on authenticity– Faking data as if it were created by a
legitimate and authentic party
10
Examples of Threats
• Snooping intercepting information (“passive” wiretapping)
• Modification or alteration of information by “active” wiretapping
• Masquerading or spoofing• Repudiation of origin• Delay or denial of service
11
Safeguards and Vulnerabilities
• A Safeguard is a countermeasure to protect against a threat
• A weakness in a safeguard is called a vulnerability
12
Passive and Active Attacks• Security attacks are usually classified
as passive or active:• Passive- attempts to learn or make
use of information from the system, but does not affect system resources.
• Active- attempts to alter system resources or affect their operation.
13
Passive and active attacks• Passive attacks- goal to obtain information
– No modification of content or fabrication– Eavesdropping to learn contents or other
information (transfer patterns, traffic flows etc.) • Release of message contents• Traffic analysis
• Active attacks- modification of content and/or participation in communication to
• Impersonate legitimate parties (Masquerade)• Replay or retransmit• Modify the content in transit• Launch denial of service attacks
14
15
Summary of Passive and Active Threats
Passive Attacks
16
Passive Attacks
17
Active Attacks
18
Active Attacks
19
20
Passive Threats
• Release of a message contents: Contents of a message are read.> A message may be carrying sensitive or
confidential data.• Traffic analysis: An intruder makes inferences by observing
message patterns.> Can be done even if messages are
encrypted.> Inferences: location and identity of hosts.
21
Active Threats
• Masquerade: An entity pretends to be some other
entity. Example: An entity captures an
authentication sequence and replays it later to impersonate the original entity.
• Replay:Involves capture of a data unit and
its retransmission to produce an unauthorized effect.
22
Active Threats
• Modification of messages:A portion of a legitimate message has
been altered to produce an undesirable effect.
• Denial of service:Inhibits normal use of computer and
communications resources.> Flooding of computer network.>Swamping of CPU or a server.
