Information Security

Unit-1
Security Attacks

J Saritha
Assistant Professor

SREENIDHI INSTITUTE OF SCIENCE & TECHNOLOGYY

YAMNAMPET, GHATKESAR 501 301, RANGA REDDY DIST.
 Information Security

It can be defined as “measures adopted to

prevent the unauthorized use, misuse,
modification or denial of use of knowledge,
facts, data or capabilities”.
 Unit 1
• UNIT – I:
• Security Attacks
(Interruption, Interception, Modification and
Fabrication),
Security Services
(Confidentiality, Authentication, Integrity, Non-
repudiation, Access Control and Availability)
Mechanisms,
A model for Internetwork security,
Internet Standards and RFCs.
 Unit 2
• UNIT – II: Conventional Encryption
Principles, Conventional encryption
algorithms: DES, TDES, AES, cipher block
modes of operation, location of encryption
devices, key distribution, Approaches of
Message Authentication, Secure Hash
Functions: SHA1 and HMAC.
 Unit 3
• UNIT – III: Public key cryptography
principles, public key cryptography
algorithms: RSA, DIFFIE HELLMAN,
digital signatures, digital Certificates,
Certificate Authority and key management
• Kerberos, X.509 Directory Authentication
Service. Email privacy: Pretty Good
Privacy (PGP) and S/MIME.
 Unit 4
• UNIT – IV- IP Security Overview, IP
Security Architecture, Authentication
Header, Encapsulating Security Payload,
Combining Security Associations and Key
Management.
 Unit 5
• UNIT – V- Web Security Requirements,
Secure Socket Layer (SSL) and Transport
Layer Security (TLS), Secure Electronic
Transaction (SET). Intruders, Viruses and
related threats
 Unit 6
• UNIT – VI: Firewall Design principles,
Trusted Systems. Intrusion Detection
Systems.
 Attacks, Services and
Mechanisms
• Security Attack: Any action that
compromises the security of information.
• Security Mechanism: A mechanism
that is designed to detect, prevent, or
recover from a security attack.
• Security Service: A service that
enhances the security of data processing
systems and information transfers. A
security service makes use of one or more
security mechanisms.
9
 Security Concepts

These three concepts form what is often referred to as the CIA

triad. The three concepts embody the fundamental security
objectives for both data and for information and computing
services. For example, the NIST Standards lists confidentiality,
integrity, and availability as the three security objectives for
information and for information systems.
 The Security Requirements
(CIA Triad)
• Confidentiality means that only authorized individuals/systems can
view sensitive information. The data being sent over the network
should not be accessed by unauthorized individuals. It covers two
related concepts:
– Data confidentiality: Assures that private or confidential
information is not made available or disclosed to unauthorized
individuals.
– Privacy: Assures that individuals control or influence what
information related to them may be collected and stored and by
whom and to whom that information may be disclosed.
• Integrity: A system’s ability to ensure that the system and
information is accurate and correct.
– Data integrity: Assures that information and programs are
changed only in a specified and authorized manner.
– System integrity: Assures that a system performs its intended
function in an unimpaired manner, free from deliberate or
inadvertent unauthorized manipulation of the system.
• Availability : This means that the network should be readily available
to its users. This applies to systems and to data. Assures that systems
work promptly and service is not denied to authorized users.
Security Attacks

13
 Security Attack
• Interruption: This is an attack on availability. In
an interruption attack, a network service is made degraded or
unavailable for legitimate use.
• Interception: This is an attack on confidentiality.
An interception is where an unauthorized individual gains access to
confidential or private information.
• Modification: This is an attack on integrity.
Modification is an attack against the integrity of the information.
• Fabrication: This is an attack on authenticity.
A fabrication attack creates illegitimate information, processes,
communications or other data within a system.

14
 SECURITY ATTACKS
A useful means of classifying security attacks, is in terms of
passive attacks and active attacks. A passive attack attempts to
learn or make use of information from the system but does not
affect system resources. An active attack attempts to alter
system resources or affect their operation.

15
PASSIVE ATTACKS
Passive attacks are in the nature of
eavesdropping on, or monitoring of,
transmissions. The goal of the opponent is to
obtain information that is being transmitted.
Two types of passive attacks are the release of
message contents and traffic analysis.
•The release of message contents is easily
understood ex. A telephone conversation, an
electronic mail message, and a transferred file
may contain sensitive or confidential
information.
•During a traffic analysis attack, the
eavesdropper analyzes the traffic, determines
the location, identifies communicating hosts
and observes the frequency and length of
exchanged messages. He uses all this
information to predict the nature of
communication. All incoming and outgoing
traffic of the network is analyzed, but not
altered.
• Passive attacks are very difficult to detect, because they do not involve
any alteration of the data.
• Typically, the message traffic is sent and received in an apparently
normal fashion, and neither the sender nor the receiver is aware that a
third party has read the messages or observed the traffic pattern.
However, it is feasible to prevent the success of these attacks, usually
by means of encryption.
• Thus, the emphasis in dealing with passive attacks is on prevention
rather than detection.
ACTIVE ATTACK
• Active attacks involve some modification of the data stream or the
creation of a false stream and can be subdivided into four categories:
• masquerade
• replay
• modification of messages
• denial of service.
• Active attacks present the opposite characteristics of passive attacks.
Whereas passive attacks are difficult to detect, measures are available
to prevent their success.
• On the other hand, it is quite difficult to prevent active attacks
absolutely because of the wide variety of potential physical, software,
and network vulnerabilities. Instead, the goal is to detect active attacks
and to recover from any disruption or delays caused by them.
A masquerade takes place when one entity pretends to be a different
entity .A masquerade attack usually includes one of the other
forms of active attack. For example,(1) authentication sequences can be
captured and replayed after a valid authentication sequence has taken
place. (2) Hackers initiate masquerade attacks after stealing login
usernames and passwords via vulnerability exploitation or bypassing
authentication procedures.
Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect
Modification of messages simply means that some portion of a
legitimate message is altered, or that messages are delayed or reordered,
to produce an unauthorized effect. For example, a message
meaning “Allow John Smith to read confidential file accounts” is
modified to mean “Allow Fred Brown to read confidential file
accounts.”
The denial of service prevents or inhibits the normal use or
management of communications facilities. This attack may have specific
target; for example, Hackers initiate such an attack by overwhelming a
target computer with more traffic than it can handle.
 Security Services

enhance security of data processing systems and information
transfers of an organization

intended to counter security attacks

using one or more security mechanisms

 X.800:
“a service provided by a protocol layer of communicating open
systems, which ensures adequate security of the systems or of data
transfers”
 RFC 2828:
“a processing or communication service provided by a system to give
a specific kind of protection to system resources”
 Security Services
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation
• Access control (prevent misuse of resources)
• Availability (permanence)

24
 A. Data confidentiality
• Confidentiality is the protection of transmitted data from passive attacks.
With respect to the content of a data transmission, several levels of protection
can be identified. The broadest service protects all user data transmitted
between two system over a period of time.
• These services provide for the protection of data from unauthorized disclosure
as described below
a) Connection confidentiality - provides for the confidentiality of all user-data
on a connection
b) Connectionless confidentiality - provides for the confidentiality of all user-
data in a single data block.
c) Selective field confidentiality - provides for the confidentiality of selected
fields within the user-data on a connection or in a single data block.
d) Traffic flow confidentiality This service provides for the protection of the
information which might be derived from observation of traffic flows.

25
 B. Authentication
• The authentication service is concerned with assuring that a communication is
authentic.
• In the case of a single message, such as a warning or alarm signal, the function
of the authentication service is to assure the recipient that the message is from
the source that it claims to be from.
• In the case of an ongoing interaction, such as the connection of a terminal to a
host, two aspects are involved.
– First, at the time of connection initiation, the service assures that the two
entities are authentic (that is, that each is the entity that it claims to be).
– Second, the service must assure that the connection is not interfered with
in such a way that a third party can masquerade as one of the two
legitimate parties for the purposes of unauthorized transmission or
reception.
 B. Authentication
The Assurance that the communicating entity is the one that it claims it to
be. Two specific authentication services are
a) Peer entity authentication:
Provides for the validation of the identity of a peer entity in an
association. It attempts to provide confidence that an entity is not
performing either a masquerade or an unauthorized replay of a
previous connection.
b) Data origin authentication: Provides Corroboration of the
source of a data unit. This type of service supports applications like
electronic mail, where there are no prior interactions between the
communicating entities.

27
 C. Integrity
• Integrity can apply to a stream of messages, a single message, or
selected fields within a message. Again, the most useful and
straightforward approach is total stream protection.
• A connection-oriented integrity service deals with a stream of
messages and assures that messages are received as sent with no
duplication, insertion, modification, reordering, or replays. The
destruction of data is also covered under this service. Thus, the
connection-oriented integrity service addresses both message stream
modification and denial of service.
• On the other hand, a connectionless integrity service deals with
individual messages without regard to any larger context and generally
provides protection against message modification only.
 C. Integrity
Assurance that data received are exactly as sent by an unauthorized entity
(i.e. contain no modification, insertion, deletion or replay.
a) Connection integrity with recovery
• provides for the integrity of all user-data on a connection
• detects any modification, insertion, deletion or replay of any
data within an entire data sequence (with recovery attempted).
b) Connection integrity without recovery
• the previous one but with no recovery attempted
(only detection).
c) Selective field connection integrity –
• provides for the integrity of selected fields within the user data of
data block transferred over a connection and determine whether
the selected fields have been modified, inserted, deleted or
replayed.
29
 C. Integrity (contd..)
d) Connectionless integrity
– provides for the integrity of a single data block
– determine whether a received data block has been modified.
– Additionally, a limited form of detection of replay may be
provided.

e) Selective field connectionless integrity

provides for the integrity of selected fields within a single
connectionless data block determine whether the selected fields have
been modified.

30
 D. Non-repudiation
• Nonrepudiation prevents either sender or receiver from denying a transmitted
message. Thus, when a message is sent, the receiver can prove that the alleged sender in
fact sent the message. Similarly, when a message is received, the sender can prove that
the alleged receiver in fact received the message.
• Provides protection against denial by one of the entities involved in a communication of
having participated in all or part of the communication.
a) Non-repudiation , Origin
• Proof that the message was sent by the specified party -
 This will protect against any attempt by the sender to
falsely deny sending the data or its contents.
b) Non-repudiation, Destination
• Proof that the message was received by the specified party
 This will protect against any subsequent attempt by the recipient to
falsely deny receiving the data or its contents.

31
 E. Access control
• In the context of network security, access control is the ability to
limit and control the access to host systems and applications via
communications links.
• To achieve this, each entity trying to gain access must first be
identified, or authenticated, so that access rights can be tailored to the
individual.
• Provides protection against unauthorized use of resources accessible
Example: the service controls who can have access to a resource,
under what circumstances, and what those accessing the resource are
allowed to do.

32
 F. Availability
• Both X.800 and RFC 2828 define availability to be the property of a
system or a system resource being accessible and usable upon
demand by an authorized system entity.
• An availability service is one that protects a system to ensure its
availability. This service addresses the security concerns raised by
denial-of-service attacks.
• It depends on proper management and control of system resources and
thus depends on access control service and other security services.
 Security Mechanisms
Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.

Sec. Mech. Types

Specific security Pervasive security

mechanisms mechanisms

May be incorporated into the Mechanisms that are not specific

appropriate protocol layer in order to any particular OSI security
to provide some of the OSI service or protocol layer.
security services. 34
Specific Security Mechanisms
 Mechanisms Explanation
Encipherment The use of mathematical algorithms to transform data into a form that is
not readily intelligible. The transformation and subsequent recovery of
the data depend on an algorithm and zero or more encryption keys.

Digital Signature Data appended to, or a cryptographic transformation of, a data unit that
allows a recipient of the data unit to prove the source and integrity of the
data unit and protect against forgery (e.g., by the recipient).

Access Control Mechanisms that enforce access rights to resources.

Data Integrity Mechanisms used to assure the integrity of a data unit or stream of data
units.
Authentication A mechanism intended to ensure the identity of an entity by means of
Exchange information exchange
Traffic Padding The insertion of bits into gaps in a data stream to frustrate traffic
analysis attempts.
Routing Control Enables selection of particular physically secure routes for certain data
and allows routing changes, especially when a breach of security is
suspected.
36
Notarization The use of a trusted third party to assure certain properties of a data
Pervasive Security Mechanisms
Trusted
Functionality

Security Label

Pervasive Event Detection

Mechanisms

Security Audit
Trail

Security
Recovery
 Mechanisms Explanation
Trusted functionality Any functionality providing or accessing security mechanisms should be
trustworthy. May involve combination of software and hardware.

Security Label Any resource (e.g. stored data, processing power, communications bandwidth)
may have security label associated with it to indicate security sensitivity. Similarly
labels may be associated with users. Labels may need to be securely bound to
transferred data. The marking bound to a resource( which may be a data unit) that
names or designates the security attributes of that resource.

Event Detection Detection of security-relevant events– Includes detection of • attempted security

violations, • legitimate security-related activity. – Can be used to trigger event
reporting (alarms), event logging, automated recovery..
Security Audit Trail Permits detection and investigation of past security breaches. Data collected &
potentially used to facilitate a security audit, which is an independent review and
examination of system records and activities.
Security Recovery Includes mechanisms to handle requests to recover from security failures. Deals
with requests from mechanisms, such as event handling and management
functions, and takes recovery actions.
 Relationship between Security Services and Mechanisms
Mechanism

Authentica
Encipher Digital Access Data Traffic Routing Notarizati
Service tion
ment Signature Control Integrity Padding Control on
Exchange

Peer entity
authentication Y Y Y

Data origin
authentication Y Y
Access control Y
Confidentiality Y Y
Traffic flow
confidentiality Y Y Y
Data integrity Y Y Y
Nonrepudiation Y Y Y
Availability Y Y
NETWORK SECURITY MODEL

40
• A message is to be transferred from one party to another across some sort of
Internet service. The two parties, who are the principals in this transaction, must
cooperate for the exchange to take place.
• A logical information channel is established by defining a route through the
Internet from source to destination and by the cooperative use of communication
protocols (e.g., TCP/IP) by the two principals.
• Security aspects come into play when it is necessary or desirable to protect the
information transmission from an opponent who may present a threat to
confidentiality, authenticity, and so on.
• All of the techniques for providing security have two components:
• 1. A security-related transformation on the information to be sent. Examples
include the encryption of the message, which scrambles the message so that it is
unreadable by the opponent, and the addition of a code based on the contents of the
message, which can be used to verify the identity of the sender.
• 2. Some secret information shared by the two principals and, it is
hoped, unknown to the opponent. An example is an encryption key
used in conjunction with the transformation to scramble the message
before transmission and unscramble it on reception.7identiality,
authenticity, and so on.
• A trusted third party may be needed to achieve secure transmission.
For example, a third party may be responsible for distributing the
secret information to the two principals while keeping it from any
opponent. Or a third party may be needed to arbitrate disputes between
the two principals concerning the authenticity of a message
transmission.
The model shows that there are four basic tasks in designing a
particular security services:

1. Design an algorithm for performing the security-related

transformation. The algorithm should be such that an
opponent cannot defeat its purpose
2. Generate the secret information to be used with the
algorithm.
3. Develop methods for the distribution and sharing of secret
information.
4. Specify a protocol to be used by two principals that makes
use of the security algorithm and the secret information to
achieve a particular security service.
44
• Hackers: can be some one who, with no malign intent, simply
gets satisfaction fro breaking and entering a computer system.
• Intruder: Can be a disgruntled employee who wishes to
damage , or a criminal who seeks to exploit computer assets for
financial gain
• Another type of Unwanted access is the placement of logic
that exploits vulnerabilities in the system and can affect
application programs, such as editors, compilers.
Programs can present two kinds of threats:
1. Information access threats- Intercept or modify data on
behalf of users who should not have access to that data.
2. Service threats- Exploit service flaws in computers to
inhibit use by legitimate users.
• Viruses and Worms are software attacks.
• The security mechanisms needed to cope with unwanted
access fall into broad categories.
1. Gatekeeper functions include
Password-based login
Screening logic
2. Once unwanted user or software gain access, the second
line of defense consists of a variety of internal controls that
monitor, analyze information & attempt to detect the
presence of unwanted intruders.
 Internet standards and
•
RFCs
National Institute of Standards and Technology (NIST)
– Federal Information Processing Standards (FIPS)
– Special Publications (SP)
• Internet Society
– 1. INTERNET ARCHITECTURE BOARD (IAB): Responsible for
defining the overall architecture of the internet, providing guidance and
broad direction to IETF
– 2. INTERNET ENGINEERING TASK FORCE (IETF): The protocol
engineering and development arm of the internet
– 3. INTERNET ENGINEERING STEERING GROUP (IESG):
Responsible for technical management of IETF activities and the
internet standards process
Internet RFC Publication Process

48 48