1 / 52

Computer Networks

Computer Networks. Ivan Marsic Rutgers University. Chapter 7 – Network Security Chapter 8 – Network Monitoring Chapter 9 – Internet Protocols APPENDIX: Probability Refresher. Network Security. Chapter 7. Topic : Secure Communication. Network Security Problem

neka
Télécharger la présentation

Computer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Networks Ivan Marsic Rutgers University Chapter 7 – Network Security Chapter 8 – Network Monitoring Chapter 9 – Internet Protocols APPENDIX: Probability Refresher

  2. Network Security Chapter 7

  3. Topic:Secure Communication Network Security Problem Symmetric and Public-Key Cryptosystems Cryptographic Algorithms Authentication

  4. Network Security Problem Secure/Confidential Communication ? 4

  5. Objectives of Information Security Confidentiality: information not disclosed or revealed to unauthorized persons Integrity: consistency of data—preventing unauthorized creation, modification, or destruction Availability: legitimate users are not unduly denied access to resources, including information resources, computing resources, and communication resources Authorized use: resources are not used by unauthorized persons or in unauthorized ways

  6. Message Encoding and Decoding Encoding takes a message M and produces a coded form f(M) Decoding the message requires an inverse function , such that = M.

  7. Two Basic Types of Cryptosystems Symmetric systems: both parties use the same (secret) key in encryption and decryption transformations Public-key systems (aka asymmetric systems): the parties use two related keys, one of which is secret and the other can be publicly disclosed

  8. Public-Key Cryptosystem 8

  9. Public-Key Cryptosystem - mod 9

  10. Public-Key Cryptography In RSA, receiver does the following: Randomly select two large prime numbers p and q, which always must be kept secret. Select an integer number E, known as the public exponent, such that (p 1) and E have no common divisors, and (q 1) and E have no common divisors. Determine the product n = pq, known as public modulus. Determine the private exponent, D, such that (ED 1) is exactly divisible by both (p 1) and (q 1). In other words, given E, we choose D such that the integer remainder when ED is divided by (p 1)(q 1) is 1. Release publicly the public key, which is the pair of numbers n and E, K = (n, E). Keep secret the private key, K = (n, D).

  11. Example: send the plaintext “hello world” receiver chooses p = 5 and q = 7 receiver chooses E = 5, because 5 and (5  1)(7  1) have no common factors. Also, n = pq = 35 receiver chooses D = 29, becausei.e., they are exactly divisible. receiver’s public key is K = (n, E) = (35, 5), which is made public. The private key K = (n, D) = (35, 29) is kept secret.

  12. Example, cont’d Encryption Decryption

  13. Example, cont’d While the adversary knows n and E, he or she does not know p and q, so they cannot work out (p 1)(q 1) and thereby find D.

  14. Topic:Authentication Network Security Problem Symmetric and Public-Key Cryptosystems Cryptographic Algorithms Authentication

  15. Authentication Protocol (1) Assumption: Only Sender needs to be authenticated to Receiver, not mutually. Secure communication is not enough … playback attack:

  16. Authentication Protocol (2) Solution to playback attack:

  17. Impersonation Attack PROBLEM: Public key distribution … Adversary impersonates Bank PROBLEM: Customer unaware that Adversary obtained his account info!

  18. Network Monitoring Chapter 8

  19. Packet-pair Dispersion

  20. Internet Protocols Chapter 9

  21. Visit http://en.wikipedia.org/wiki/Internet_reference_model for more details on the Internet reference model The Internet Reference Model http://en.wikipedia.org/wiki/OSI_model

  22. IPv6 Header

  23. IPv6 Address Prefix Assignments

  24. IPv6 Global Unicast Address

  25. Example IPv6 Extension Headers

  26. Format of IPv6 Extension Headers

  27. RIP Header (for IPv4)

  28. OSPF Directed Graph of an AS (a) (b)

  29. OSPF Header (for IPv4)

  30. OSPF - LSA Header

  31. eBGP and iBGP Sessions

  32. BGP Finite State Machine

  33. Detail from Figure 1-49:

  34. BGP Header & Message Formats

  35. BGP UPDATE Message

  36. Example BGP UPDATE Message

  37. BGP MULTI_EXIT_DISC (MED) Attribute

  38. Address Resolution Protocol (ARP) Need for multiple addresses, hierarchical vs. non-hierarchical

  39. Address Resolution Protocol (ARP)

  40. ARP Packet Format (for IPv4)

  41. Mobile IP

  42. SNMP

  43. Probability Refresher Appendix

  44. Jar with Black & White Balls

  45. Random Events Possible outcomes of two coin tosses: “Tree diagram” of possible outcomes of two coin tosses:

  46. Drawing from Jar/Urn Decided by Rolling a Die

  47. Probability Matrix for Ball Drawing

  48. Illustration for Bayes Theorem

  49. Poisson Process average arrival rate  = 5

More Related