Security in Computing Security in Networks. I.Threats in networks A. Vulnerabilities 1.Anonymity...

Post on 14-Dec-2015

215 views 0 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

Transcript of Security in Computing Security in Networks. I.Threats in networks A. Vulnerabilities 1.Anonymity...

Security in ComputingSecurity in Computing

Security in Networks

I.I. Threats in networksThreats in networks

A. Vulnerabilities

1. Anonymity

2. Shared resources

3. Size (many points of attack)

4. Complexity

5. Unknown perimeter

6. Unknown path

I.I. Threats in networksThreats in networks

B. Attackers

1. for the challenge

2. for money, reward, espionage; organised crime because of reward

3. for ideology

I.I. Threats in networksThreats in networks

C. Steps in an attack

1. reconnaissance

a) port scan

b) social engineering

2. attacking the network itself: eavesdropping and active wiretapping

3. attacking the infrastructure: protocol attacks

I.I. Threats in networksThreats in networks4. attacking an endpoint

a) defeating authentication1) guessing (spoofing); masquerade,

phishing, hijacking; man-in-the middle attack

b) defeating confidentiality

1) delivery problems

c) defeating integrity

1) message forgery

2) noise

I.I. Threats in networksThreats in networksd) website attacks

1) defacement

2) buffer overflow on a host of server

3) compromising applications on a host server, e.g.:

http:// www.CDs-r-us.com/buy.asp?i1=459012&p1=1599

http:// www.CDs-r-us.com/buy.asp?i1=459012&p1=1599&i2=365217&p2=1499

I.I. Threats in networksThreats in networks

e) denial of service

1) flooding

2) distributed denial of service

I.I. Threats in networksThreats in networksf) hostile code

1) active code (or mobile code)

2) bots (or robots) – similar to Distributed denial of Service

3) script kiddies – people who download and run attack scripts – simple scripts for many of the popular attacks

II.II. Network controlsNetwork controlsA. Architecture

1) segmented (idea similar to OS) – one server to handle Http, another for application code , another to handle DB request

2) redundant – function to run on more than one node

3) protected against single points of failure – fault tolerance

4) segment controlled by firewall

II.II. Network controlsNetwork controls

A. Encryption

1. link – encryption at layer 1 and 2 of the OSI model

2. end-to-end – security from one end of transmission to the other

3. “virtual” private network – a sense of a “private” although part of public network

4. IPSEc (IP Layer) - similar to SSL

II.II. Network controlsNetwork controlsC. Content integrity check (detect, not

prevent)

1. error codes, checksums, cryptographic checksums

D. Authentication

E. Wireless security protocols

1. WEP (Wired Equivalent Privacy)

2. WPA - WPA2 extends WPA (WiFi Protected Access) – alternative to WEP

III.III. OtherOtherA. Firewalls

B. Intrusion detection systems

C. Secure email

Top related

Towards Efficient Traffic-analysis Resistant Anonymity Networksconferences.sigcomm.org/sigcomm/2013/papers/sigcomm/p303.pdf · 2013-07-12 · Modest-latency anonymity networks.
 Documents
Network Security: Denial of Service (DoS), Anonymity Tuomas Aura.
 Documents
FaceChange: Attaining Neighbor Node Anonymity in …hs6ms/publishedPaper/Journal/2016/MOSNAnon… · FaceChange: Attaining Neighbor Node Anonymity in Mobile Opportunistic Social Networks
 Documents
Anonymity Networks
 Documents
Slide 1 Vitaly Shmatikov CS 361S Anonymity Networks.
 Documents
Security And Anonymity Of Identity-based Encryption With ...prai175/PresentationPairing2008.pdf · Security And Anonymity Of Identity-based Encryption With Multiple Trusted Authorities
 Documents
Walking Onions: Scaling Anonymity Networks while ...iang/pubs/walkingonions-usenix20.pdf · tacks. Anonymity networks in practice, such as Tor, have opted for security over scalability
 Documents
Proceedings of the 6th Conference on Security and ... · Proceedings of the 6th Conference on Security and Cryptography for Networks (SCN ’08) ... the so-called Key Anonymity with
 Documents
7 Providing Users’ Anonymity in Mobile Hybrid Networks
 Documents
On the Effectiveness of Traffic Analysis Against Anonymity Networks ...
 Documents
K-Anonymity & Social Networks · K-Anonymity & Social Networks CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1 (Some slides adapted from [Hay et al,
 Documents
Security and Anonymity of Identity-Based Encryption with ...prai175/PatersonS08.pdf · Security and Anonymity of Identity-Based Encryption with Multiple Trusted Authorities ... anonymity,
 Documents
22. exit node repudiation for anonymity networksusers.encs.concordia.ca/~clark/papers/2009_idtrail.pdf · 2013-08-05 · exit node repudiation for anonymity networks 401 In this case,
 Documents
K-Anonymity & Social Networks - Duke University · K-Anonymity & Social Networks CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1 (Some slides adapted
 Documents
ANONYMITY SECURITY - Archive
 Documents
Network Security: Anonymity · Mix is an anonymity service [Chaum 1981] Attacker sees both sent and received messages but cannot link them to each other Wsender anonymity, third-party
 Documents
Anonymity Networks and Censorship Resistance
 Documents
Security in P2P environments Anonymity on the internet.
 Documents
Network Security: Anonymity - cse.hut.fi · Network Security: Anonymity ... Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous ... key or a secret send
 Documents
Preserving Caller Anonymity in Voice-over-IP Networks
 Documents

Copyright © 2022 FDOCUMENTS