1 / 36

Network Security

Network Security. 14. Lecture. A brief history of the world. Lecture’s outline. Security Attacks Malware--- attacks on integrity and privacy Viruses, Trojan Horses, Spyware and Key-loggers Spoofing attacks--- attacks on authenticity URL, DNS, IP, MAC, Email/ Caller ID spoofing

werner
Télécharger la présentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security 14 Lecture

  2. A brief history of the world

  3. Lecture’s outline • Security Attacks • Malware---attacks on integrity and privacy • Viruses, Trojan Horses, Spyware and Key-loggers • Spoofing attacks---attacks on authenticity • URL, DNS, IP, MAC, Email/ Caller ID spoofing • Network-based attacks---attacks on availability • DoS attack, worms • Social engineering attacks • Phishing, greetings card, lottery win, etc.

  4. Security Attacks

  5. Security Attacks • Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended receiver and should be unintelligible to all others. • Authentication The receiver is sure of the sender’s identity and that an imposter has not sent the message.

  6. Security Attacks • Integrity The data must arrive at the receiver exactly as it was sent by the original sender. There must be no changes in transmission, either accidental or malicious. • Non-repudiation: A receiver must be able to prove that a received message came from a specified sender. The sender must not be able to deny sending a message that it has, in fact, sent.

  7. Motivation for security attacks Source: “Computer Networks” by Andrew Tanenbaum

  8. a The software that is written for malicious purposes Malware Viruses Worms Trojan Horses Spyware Keyloggers

  9. Reproduced with permission. Please visit www.SecurityCartoon.com for more material

  10. Viruses • A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels.

  11. Designing A Virus • Locate the first executable instruction in the target program • Replace the instruction with an instruction to jump to the memory location next to the last instruction of the target system • Insert the virus code for execution at the end • Insert an instruction after virus code that simulates the first instruction • Then jump to the second instruction of original code

  12. The first computer virus Brain Virus (Pakistani Flu) 1986 Credit: http://en.wikipedia.org/wiki/Brain_(computer_virus)

  13. Virus vs. Worm

  14. Propagation effect of worms After slammer worm Before slammer worm Credit:YasharGanjali; www.caida.org

  15. Key-loggers and Spyware

  16. b where the attacker impersonates some one else Spoofing Attacks Emailspoofing URL spoofing DNS spoofing IP spoofing MAC spoofing

  17. b.1 Email Spoofing (phishing)

  18. b.2 URL Spoofing (phishing)

  19. 1 https://webmail.niit.edu.pk/src/login.php GenuineURL; Site: niit.edu.pk; directory: src; file: login.php

  20. https://webmail.niit.org.pk/src/login.php https://webmail.niit.org.pk/src/login.php 2 The second-level domain is .org and not .edu; faked website HACKED HACKED HACKED Victim.ID **************

  21. https://webmail.niit.edu.tk/src/login.php https://webmail.niit.edu.tk/src/login.php The first-level domain is .tkand not .pk; faked website 3 HACKED HACKED HACKED Victim.ID **************

  22. https://202.128.111.87/src/login.php https://202.125.111.57/src/login.php The IP address does not correspond to webmail.niit.edu.pk; faked website HACKED HACKED HACKED Victim.ID 4 **************

  23. b.3 DNS Spoofing b.4 b.5 IP Spoofing MAC Spoofing

  24. DNS spoofing DNS Request WWW WWW Tell me the IP address of www.niit.edu.pk?

  25. DNS spoofing DNS Reply WWW WWW The IP address of www. niit.edu.pkis 110.125.157.198 The IP address of www.niit.edu.pkis 110.125.157.198 Fake NIIT site

  26. MAC/ IP spoofing Private network 192.168.1.0/24 00:aa:bb:cc:dd:ee:ff .254 … Malicious node .1 .254 A malicious node can pretend to be another node 00:aa:bb:cc:dd:ee:ff

  27. c where the attacker pretends to be something he/she/it is not Network-based attacks Worms Denial of Service attacks

  28. Denial of Service attacks

  29. d Targets the weakest component of a security system---the users Social Engineering

  30. Non-technical hacking

  31. Greeting card phishing

  32. Lottery winning phishing

  33. ? Questions/ Confusions? ? ?

More Related