Network Security-Y3 Coe New

CIT 3422: NETWORK SECURITY
Mr. Joseph Kaberuka
OVERVIEW
This course provides an essential study of

computer security issues and methods in
networking systems.
Course/class policies:
Please turn off/mute your cell phones
(or put them on vibrate and dont pick up!)
Laptops , desktop switched off in class
Please refrain from reading the news or
checking emails in class
Even though it may not necessarily disrupt the
lecture, it is rude!
Course content
Conventional and modern Encryption

Advanced encryption standard
Public Key Encryption and Authentication
Security Practice
System Security
EXAMS
CATS 2, Assignments 6, quizzes 3, will contribute to 50% of
your results
Final written Exam will contribute to 50% of your results
If you dont attend, you will not pass this course
You wont pass this course if you dont do your
assignments, CATS, and quizzes on timely fashion
Indicative Resources
-NETWORK SECURITY ESSENTIALS: APPLICATIONS AND STANDARDSFOURTH EDITION, william stallings
William Stallings, "Cryptography and Network Security: Principles
and Practice" Prentice Hall, New Jersey. Johannes
Buchmann, "Introduction to cryptography", Springer -Verlag. Bruce
Schiener, "Applied Cryptography".
William Stallings. Network Security Essentials (2nd edition). Prentice
Hall. 2003. (ISBN: 0130351288)
Saadat Malik, Saadat Malik. Network Security Principles and
Practices (CCIE Professional Development). Pearson Education. 2002.
(ISBN: 1587050250)
Introduction
Network security consists of the provisions made in an
underlying computer network infrastructure, policies
adopted by the network administrator to protect the
network and the network-accessible resources from
unauthorized access.
The terms network security and information security
are often used interchangeably, however network
security is generally taken as providing protection at
the boundaries of an organization, keeping the bad
guys (e.g. hackers) out
Why is Network Security Important?

Computer networks have grown in both size and importance in a
very short time.
If the security of the network is compromised, there could be
serious consequences, such as loss of privacy, theft of information,
and even legal liability.
To make the situation even more challenging, the types of potential
threats to network security are always evolving.
As e-business and Internet applications continue to grow, finding
the balance between being isolated and open is critical.
In addition, the rise of mobile commerce and wireless networks

demands that security solutions become seamlessly integrated,
more transparent, and more flexible.
..continued
What is security? Question to the class
SECURITY
What is security?
Building systems to remain dependable in the
face of malice (desire to harm others), error or
mischance(Ross Anderson)
In general, security is the quality or state of
being secureto be free from danger. Means:
protection against adversaries (opponents, third
parties), from those who would harm
..continued
Security :
Security is a process, not a product (Schneier)
Not something you can buy
Be wary of security consultants
Even though some of you may later choose that
line of work
Something you have to build/engineer into a
system
Preferably at system design time (inter-related
objects like network)
..continued
All begin with computer security. The need for
computer security: that is, the need to secure
physical locations, hardware, and software from
threats (danger, or attack)
Historically Started during World War II(1939-1945)
when the first mainframes (very big machines),
developed to aid computations for communication
code breaking (ex: enigma used by Germany
security intelligence)
..continued
old and nowadays
..continued
..continued
..continued
Security matters most!! What happened in the
history?
Enigma machine used by Germany security
services in World war 2, finally broken by
Polish cryptologist and pass the secret to
British and Germany army loose the war!!
..continued
At that time Access to sensitive military locations!
Was protected by (keys, authorized personnel)
Growing need to maintain national security led to
technological sophisticated computer/network
security safeguards that we have to day (Again all
started with the military).
Primary threats to information security was: theft
of equipment, espionage (spying) and sabotage.
..continued
Multiple layers of security for an organization:
1) Physical security, protecting physical assets,
objects, from unauthorized access and misuse
2) Personnel security, protecting individuals/group
authorized to access the organization and its
operations
3) Operations security, protecting details of
operations or series of activities
..continued
4)Communications security, protecting media,
technology and content
5)Information security, to protect the
confidentiality, integrity and availability of
information assets, whether in
storage/processing, or transmission. It is
achieved via: application of policy, education,
training/ awareness, and technology.
..continued
All of these lead to our common goal :
Network security- protect network (inter-related
objects) components, connections and content
from the danger.
This security can be classified as: protection of
information/content and its critical elements,
including the systems (h/w and s/w) that use,
store, and transmit that information/content
(CNSS- Committee on National Security Systems
US security systems (strong reference)
..continued
Reference : C.I.A Triad (Confidentiality, integrity
and availability), It is based on the three
characteristics of information that give it value to
organizations:
SECURITY OBJECTIVES
confidentiality, integrity, and availability of
information have evolved into a vast collection of
events, including accidental or intentional
damage, destruction, theft, unintended or
unauthorized modification, or other misuse from
human or nonhuman threats
..continued
Now security is known! OSI architecture has given:
Security attack: Any action that compromises the security of
information owned by an organization.
Security mechanism: A process (or a device incorporating
such a process) that is designed to detect, prevent, or recover
from a security attack. (ex: police against criminals)
Security service: A processing or communication service that
enhances the security of the data processing systems and the
information transfers of an organization. The services are
intended to counter security attacks, and they make use of
one or more security mechanisms to provide the service. (ex:
notion of cryptography in this course)
..continued
Types of security attacks:
-Passive attacks: Passive attacks are in the nature of
eavesdropping on, or monitoring of, transmissions. The goal of
the opponent is to obtain information that is being
transmitted.
Two types of passive attacks are the release of message
contents and traffic analysis.
The release of message contents is easily
understood/monitoring a telephone conversation, an
electronic mail message, and a transferred file may contain
sensitive or confidential information.
Goal : We would like to prevent an opponent (third party)
from learning the contents of these transmissions
..continued
..continued
A second type of passive attack, traffic
analysis, is subtler (intend, or indirect
method)Suppose that we had a way of
masking the contents of messages or other
information traffic so that opponents, even if
they captured the message, could not extract
the information from the message.
-Encryption is way of masking the message
content
..continued
Active Attacks
Active attacks involve some modification of the
data stream (data) or the creation of a false
stream and can be subdivided into four
categories: masquerade, replay, modification of
messages, and denial of service.
A masquerade (a false show) takes place when
one entity pretends to be a different entity
..continued
..continued
Replay involves the passive capture of a data
unit and its subsequent retransmission to
produce an unauthorized effect (ex: wrong
server on the net does replay attack)
..continued
Modification of messages simply means that
some portion of a legitimate message is
altered, or that messages are delayed or
reordered, to produce an unauthorized effect
Ex: For example, a message meaning Allow
John Smith to read confidential file accounts
is modified to mean Allow Fred Brown to
read confidential file accounts.
..continued
..continued
The denial of service prevents or inhibits the
normal use or management of
communications facilities
Used terms
Access: objects ability to use, manipulate, modify, or affect
another object(ex : authorized users have legal access to a
system, whereas hackers have illegal access to a system
Asset: The organizational resource that is being protected.
An asset can be logical ex: a Web site, information, or data.
Attack: An intentional or unintentional act that can cause
damage to or otherwise compromise information and/or
the systems that support it.
Examples: 1) Someone casually reading sensitive information
not intended for his or her use is a passive attack.
2) A hacker attempting to break into an information system is
an intentional attack.
3) A direct attack is a hacker using a personal computer to
break into a system.
..continued
..continued
Control, safeguard, or countermeasure: Security
mechanisms, policies, or procedures that can successfully
counter attacks, reduce risk, resolve vulnerabilities, and
otherwise improve the security within an organization.
Exploit: A technique used to compromise a system. This
term can be a verb or a noun. Threat agents may attempt
to exploit a system or other information asset by using it
illegally for their personal gain.
Exposure: A condition or state of being exposed. In
network security, exposure exists when a vulnerability
known to an attacker is present (ex: non-protected
sensitive database information)
..continued
Loss: A single instance of an information asset
suffering damage or unintended or unauthorized
modification or disclosure.(ex: When an
organizations information is stolen, it has
suffered a loss)
Protection profile or security posture: The entire
set of controls and safeguards, including policy,
education, training and awareness, and
technology, that the organization implements (or
fails to implement) to protect the asset.
LOSS of Security
Loss of confidentiality : Unauthorized
disclosure of information
Loss of Integrity: Unauthorized modification
or destruction of information
Loss of Availability: Disruption of access to or

use of information
..continued
Risk: The probability that something unwanted
will happen.
Subjects and objects: A computer can be either
the subject of an attack (an agent entity used to
conduct the attackor the object of an attack).
Threat: A category of objects, persons, or other
entities that presents a danger to an asset (the
potential violation of security). Threats are always
present and can be purposeful or undirected.
For example, hackers purposefully threaten
unprotected network systems, while severe storms
incidentally threaten buildings and their contents
..continued
Threat agent: The specific instance or a component of
a threat. For example, all hackers in the world present
a collective threat,
(ex: Kevin Mitnick, who was convicted for hacking into
phone systems, is a specific threat agent. Likewise, a
lightning strike, hailstorm, or tornado is a threat agent
that is part of the threat of severe storms.
Vulnerability: A weaknesses or fault in a system or
protection mechanism that opens it to attack or
damage. Some examples of vulnerabilities are a flaw in
a software package (ex: developers fear flaws when
using Apache server or an unprotected system port
..continued
Some characteristics of network information:
Availability enables authorized userspersons or
computer systemsto access information without
interference or obstruction (obstacle, barrier) and to
receive it in the required format. (ex: queue in the library)
Accuracy Information has accuracy when it is free from
mistakes or errors and it has the value that the end user
expects, and once modified its no longer accurate (ex:
bank account)
Authenticity of information is the quality or state of being
genuine or original, rather than a reproduction or
fabrication (ex: Notification services
..continued
Confidentiality , Confidentiality ensures that only those
with the rights and privileges to access information are
able to do so.
Integrity, whole, complete, and uncorrupted (message)
Possession of information is the quality or state of
ownership or control. Information is said to be in ones
possession if one obtains it, independent of format or
other characteristics. Ex: (System admins management of
files).
..continued
Components of network information system: a
network information system (IS) is much more than
computer hardware; it is the entire set of software,
hardware, data, people, procedures, and networks
that make possible the use of information resources
in the organization.
These six critical components enable network
information to be: input, processed, output, and
stored.
..continued
Software component of IS comprises:
applications, operating systems, and assorted
command utilities- S/w is the most component of
Information system to secure!
errors in s/w programming is substantial to severe
attacks (ex: Errors in windows firewalls)
-it is in s/w that we find holes, bugs, and
weaknesses. It carries the life blood of an
organization
Hardware is the physical technology that houses
and executes the software, stores and transports
the data
..continued
Data stored, processed, and transmitted by a computer
system must be protected. Data is often the most
valuable asset possessed by an organization and it is
the main target of intentional attacks.
People Though often overlooked in computer security
considerations, people have always been a threat to
information security (ex: hackers)
Procedures Another frequently overlooked component
of an IS, is procedures. Procedures are written
instructions for accomplishing a specific task. When an
unauthorized user obtains an organizations
procedures, this poses a threat to the integrity of the
information (ex: unauthorized internal employee).
..continued
Example of a simple hierarchy of Network IS in
an organization
1st Homework-assignment
Draw a sample structure of your chosen
organization with a name (ex: hospital)
List (from your own understanding-dont loose
the opportunity of thinking big and doing
research) 15 security rules that you should
practice to maintain network security in your
organization
List 15 possible human intentional security
attacks against the network in your organization
Major security properties

In some books, they call Security Services
Confidentiality, privacy
Integrity
Authentication, identification
Anonymity
Certification
Non-repudiation vs repudiation etc
Basic security properties
Security properties
Goal: Secrecy, privacy and confidentiality
Keeping information secret from all but those who
are authorized to see it
Alice wants to talk to Bob without Eve or
Mallory being able to listen to the conversation
Slight differences in terminology:
Privacy = preserving own information secret
Alice protects her privacy by not revealing her age to
anyone
Security properties
Confidentiality = obligation to preserve
someone elses information secret

Trent ensures confidentiality of Alice and Bobs
(Ex: credit card numbers verified by the trusted
server on the network)
Secrecy = effect of mechanisms used to limit
the number of principals who can access
information
Security properties
When information is confidential? When it is
protected from unauthorized
individuals/systems. Confidentiality ensures
that only those with the rights and privileges
can access information
When confidentiality is breached? Ex: an
employee throwing away a doc containing
precious info without shredding it!
Security properties
Anonymity
Concealing (preventing from being known)
-keep secret identity of a protocol participant
Possibly involves concealing the path a
message uses to reach its destination,
Alice decided to use Tor to browse websites
anonymously
Security Properties
Data integrity
Ensuring that information has not been altered
by unauthorized or unknown means
Alice and Bob ensure the integrity of their
communication by using a secure physical channel
That prevents Mallory from changing the
contents of the messages they exchange
Data integrity
integrity of information is threatened when the information is

exposed to corruption, damage, destruction, or other disruption of
its authentic state. Corruption can occur while information is being
stored or transmitted.
Many computer viruses and worms are designed with the explicit
purpose of corrupting data. For this reason, a key method for
detecting a virus or worm is to look for changes in file integrity as
shown by the size of the file
(Ex: File hashing to compute hash value) Computing the value of bits
from both original and copied file) means-file is read by a special
algorithm (ex: SHA-1) that uses the value of the bits in the file to
compute a single large number (hash value).
If a computer system performs the same hashing algorithm on a file
and obtains a different number than the recorded hash value for that
file, the file has been compromised(integrity broken)
Security properties
Identification
Corroboration(evidence which confirms or
support a statement) of the identity of an entity
By stating her mothers first name and the last
4 digits of her social security number, Alice
positively identifies herself to her banker (got
served)
Also sometimes called entity authentication
Security properties
(Message) Authentication
Corroborating the source of information , Also
known as data origin authentication
Bob authenticates that the phone call he is
receiving is from Alice by checking his caller ID
(which of course is a terrible way of enforcing
that security property given that caller ID
spoofing (tricking) is easy to do)
Security properties
Non-repudiation vs repudiation, signature
Repudiation (the denial of an entity of having
participated in all or part of a communication)

Signature:
Binds data to an identity

As the document contained Alices digital
signature,
Bob could prove to the judge that Alice approved
to the contents
Security properties
Non-repudiation of origin (NRO) and of receipt
(NRR)-protocols
The signer cannot deny having created the
signature
Alices signature provides non-repudiation,
preventing her from denying receipt of the
document
Security properties
Signature message authentication
Signature is a mean to authenticate a message
Authentication allows the receiver to verify the
origin of a message In addition, signature can be
used to convince a third-party of the origin of
the message Signature provides authentication
Security properties
Signatures can help establish security properties
such as:
authentication
accountability/non-repudiation
integrity
verifiability by independent, public or 3rd
party
Security properties
Authorization, certification, access control, revocation,
authentication, witnessing
Authorization
process of determining which permissions a person or
system is supposed to have (ex: System admin in Active
directory)
Authentication - Authentication is the process of
determining whether someone or something is, in
fact, who or what it is declared to be.
Certification
Endorsement (Approval/seal of approval) of information
by a trusted entity
Security properties
Access control
Restricting access to resources to privileged
entities (ex: ACL)
Witnessing
Verifying the creation or existence of information
by an entity other than the creator (ex: court
witnesses)
Revocation -Retraction of certification or
authorization
Access control
The problem?
A lot of information is stored somewhere
Information may be physically shared on
systems
Resources may be physically accessible
How do we regulate access?
Saltzer-Schroeder: Access only for computer
systems
Access control
Definition
Access control is a mechanism by which
one may restrict access to a resource
How the resource is restricted is described by a policy?
Resources
Computer files, Communication channels
Database records:
Criminal
Medical
Financial
Anything on which you can act (read, write,
execute, transfer ownership)
Access control
Policies
Set of statements:
Specify who can access what
Under which conditions
e.g., time boundaries
acting as a manager?
Most common type of policy
Restrict operations available depending on the
group to which you belong ex: User, Systems
Administrator, Guest
Access control
Access control
Possible security violations
1. Unauthorized information release
2. Unauthorized information modification
3. Unauthorized denial of use
Principles for access control (1/3) (Saltzer and Schroeder,
1975)
Economy of mechanism
Keep It Simple, Stupid!
Any design or implementation error might break the entire
System:
3 lines of code are (relatively) easy to secure, 3 million lines
are
essentially bound to have bugs: 3 lines of code can (in
general) be formally verified
Access control
Principles for access control (2/3)
Complete mediation:
Every access to (each) every object must be checked for
Authority (a foolproof method of identifying the source of
every request)
Privilege separation:
Where feasible, ask two principals (or more) to unlock
the mechanism
Avoids single points of failure (A single point of
failure (SPOF) is a part of a system that, if it fails, will stop
the entire system from working)(ex: redundancy
duplicating objects)
Access control
Principles for access control (3/3)
Least privilege:
Every program and every user of the system should operate
using the least set of privileges necessary to complete the job
(giving a user account only those privileges which are essential to that
users work and nothing more !)
Least common mechanism:
Minimize the amount of shared information (give specific roles)
Every shared mechanism (e.g., shared variables) represents a
potential (untrusted) information path (always watch out!!)
Psychological acceptability:
Make it easier for users to use system properly, otherwise they are
likely to incorrectly use the protection mechanisms (ex: create user in
the OS to prevent guessing passwords with Admin user)
Access control
Access matrices
Access control is defined by a triplet:
(User, Resource, Access)
User
Can correspond to real users or to
administrative users/programs (mail, bin, )
Resource
E.g., file, device
Access
Read, write, execute (r, w, x)
Access control/List
Different types of access control
Discretionary (not-mandatory) Access Control
The user owning an object decides how other users
can access the object
Example: UNIX Access Control
Mandatory Access Control
Each object has a sensitivity level associated with it,
and users have clearances for different sensitivity levels
Example: Military security clearances (official permission
for someone to have access to classified info)
Access control/list
Role-based access control
Each user acts on objects acting in a given role
(e.g., manager, programmer) etc
Permissions are assigned to roles
Adding one level of indirection to the access control
problem
Role: set of transactions that a user can perform
Allowed transactions for each role determined by
sys admin
Each user can act in one of several roles
Possible roles determined by sys admin
Active role for a given transaction chosen by user
Homework assignment 2
Draw an access control matrix of 3 principals:
Sam, Alice and Bob. And 4 different resources
that they can access : os, medical data, audit
data, criminal data
Sam is the syadmin, has universal access except
audit data; which even he should be able to read.
Alice the manager needs to execute the os, but
she mustnt have the ability to change os
privileges. But she can read and write to other
resources. Bob can only read everything.
Submit Monday 9 2 :00 pm
Analysis on security propertiesCryptography

Security Mechanism
Encryption vs decryption (plaintext dataciphertext data)
Cryptology is the study of Cryptography and
Cryptanalysis
Cryptography is the study of mathematical
techniques to enforce security properties
Cryptanalysis is the study of how to break
cryptographic systems
Cryptographic primitives
Encryption using a key (is a piece of
information /a parameter that determines the
functional output of a cryptographic algorithm
or cipher-In encryption, a key specifies the
particular transformation of plaintext into
ciphertext without it, no result for any
algorithm being used.
vice versa during decryption
Symmetric key cryptography vs Asymmetric key
cryptography
Symmetric cryptography uses the same secret
(private) key to encrypt and decrypt its data
whereas,
Asymmetric uses both a public (mathematically
linked of separate keys: one public and private
key)- Encryption is done with secret key part, and
decryption is done with public key part.
A brief history of cryptography
Recall Anderson:
First and foremost military use
Use of crypto has been traced as far back as
the Egyptians some 4,500 years ago
Used to protect national secrets and strategies
Symmetric crypto
Simplified model of symmetric crypto
Caesar Cipher
Caesar cipher or Caesar shift: The earliest known,
and the simplest, use of a substitution cipher was
by Julius Caesar.
The Caesar cipher involves replacing each letter
of the alphabet with the letter standing three
places further down (forward) the alphabet.
Substitution technique: is one in which the
letters of plaintext are replaced by other letters
or by numbers or symbols
Caesar cipher
The earliest known, and the simplest, use of a
substitution cipher was by Julius Caesar.
The Caesar cipher involves replacing each
letter of the alphabet with the letter standing
three places further down (forward) the
alphabet. For example,
plain: meet me after the party
cipher: PHHW PH DIWHU WKH SDUWB
Ceasar cipher
We can define the transformation by listing all
possibilities, as follows:
plain: a b c d e f g h i j k l m n o p q r s t u v w x
yz
cipher: D E F G H I J K L M N O P Q R S T U V W
XYZABC
Caesar Cipher
Let us assign a numerical equivalent to each
letter:
Substitution techniques
Ceasar cipher belong to substitution techniques:
-Caesar Cipher
-Monoalphabetic Ciphers
-Playfair Cipher
-Hill Cipher
-Polyalphabetic Ciphers
-One-Time Pad
Read them from the book
Frequency Analysis
Another substitution technique is the
Frequency analysis.
Frequency analysis(the study of letters or
groups of letters contained in a cipher text in
an attempt to partially reveal the message)
The English language (as well as most other
languages) has certain letters and groups of
letters appear in varying frequencies.
Frequency Distribution In English
Frequency distribution
This is a chart of the frequency distribution of
letters in the English alphabet.
As you can see, the letter e is the most
common, followed by t and a, with j, q, x,
and z being very uncommon
Example: This is a cipher message which is
transferred :
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDB
METSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZU
HSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
Frequency distribution
Encryption/decryption
There are more other types of ciphers (details in
the book):
Monoalphabetic ciphers which includes:
playfair ciphers, and hill cipher
Polyalphabetic ciphers which includes:
Vigenre cipher (the most knows and simple),
vernam cipher and one-time pad
Vigenre cipher
The best known, and one of the simplest,
polyalphabetic ciphers is the Vigenre cipher.
In this scheme, the set of related monoalphabetic
substitution rules consists of the 26 Caesar
ciphers with shifts of 0 through 25.
Each cipher is denoted by a key letter, which is the
cipher text letter that substitutes for the plaintext
letter a. Thus, a Caesar cipher with a shift of 3 is
denoted by the key value d.
Homework assignment 3
From the numeric table below compute the:
-Key, plain text, and cipher text
Thursday 12, 2:00 pm
Network security-Quiz 1/10

1) Give an example of an algorithm used to
compute file hashing.
1 Mark
2) Define 3 security ppties: Access control,
revocation and authentication
3 Marks
3) Decrypt this cipher:
PHHW PH DIWHU WKH WRJD SDUWB 1 Mark
4) Differentiate mandatory access control from notmandatory access control
2 Marks
5) Draw a picture for modification of messages
attack
3 Marks
Public Key Encryption and

Authentication
Recall:
What are Prime numbers?
Fermats and Eulers theorem

RECAP
Prime Numbers
A prime number is divisible only by 1 and itself
For example: {2, 3, 5, 7, 11, 13, 17, }
RECAP
Prime Factorization
To factor a number n is to write it as a
product of other numbers.
n=a*b*c
Or, 100 = 5 * 5 * 2 * 2
Prime factorization of a number n is writing it
as a product of prime numbers.
143 = 11 * 13
RECAP
Relatively Prime Numbers
Two numbers are relatively prime if they have no common
divisors other than 1.
10 and 21 are relatively prime, in respect to each other, as
10 has factors of 1, 2, 5, 10 and 21 has factors of 1, 3, 7, 21.
How do you compute GCD of two +ve integers?
Ref: divisors of integers, and point the largest
The Greatest Common Divisor (GCD) of two relatively
prime numbers can be determined by comparing their
prime factorizations and selecting the least powers.
A Little Bit Of History

Pierre de Fermat (1601-1665) was a lawyer by profession
and an amateur mathematician.
Fermat rarely published his mathematical discoveries.
It was mostly through his correspondence with other
mathematicians that his work is known at all.
Fermat was one the inventors of analytic geometry and
came up with some of the fundamental ideas of calculus.
He is probably most famous for a problem that went

unsolved until 1994; that the equation xn + yn = zn has no
non-trivial solution when n>2.
History Cont.
One of Fermats books contained a handwritten
note in the margin declaring that he had a proof
for this equation, but it would not fit in the
margin.
He never published his proof, nor was it found

after his death.
In 1994 Andrew Wiles worked out a proof of this
equation using advanced modern techniques.
Fermats Little Theorem

If p is prime and a is an integer not divisible by
p, then . . .
ap-1 1 (mod p).
And for every integer a
ap a (mod p).
mod means modular arithmetic, what is
modular arithmetic?
Recap
When we divide two integers (A/B), we will have
an equation that looks like:
A/B = Q remainder R
A= dividend, B=divisor, Q=quotient, R=remainder
Using this relation, there is an operation called
Modulo operator (abbreviated as mod), using the
same relation, A,B,Q and R, would have
A mod B =R, so we would say this as A modulo B is
Congruent to R, where B is referred to as the
Modulus.
Recap
Ex: 13/5 = 2 remainder 3. Using modulo
operator: 13 mod 5 = 3
7%5= 2 what is that means?
When we say mod 5 there are 5 integers counted
from 0,1,2,3,4.
We can use the technique to compute modulo
arithmetic by visualizing modulus with clocks
(we start at o integer position and go through n
integer numbers in a clock wise sequence) NB:
negative integer is otherwise
Recap Congruence relation

Congruence modulo n on the set of integers,
for a given positive integer n, two integers a
and b are called congruent modulo n,
a b (mod n) if a-b is divisible (or multiple)
by n (or equivalently is a and b ) have the
same remainder when divided by n.
Ex: 37 and 57 are congruent modulo 10 or
3757 (mod 10)
Recap
1) Is the symbol for congruence, which means A
and B are in the same equivalence class
ex: 26 11 (mod 5)
26 mod 5 = 1 so it is in the equivalence class 1

11 mod 5 = 1 so it is in the equivalence class 1 as
well.
This Fermats theorem was useful in public key
(RSA) and primarily testing.
Euler Totient Function: (n)

(n) = how many integers that are less than or
equal to n that do not share a common factor
with n (totatives of n, that is, the positive integers
less than or equal to n that are relatively
prime to n) In other words, how many integers n
doesnt share a factor greater than 1 with?
(4) = 2 (1, 3 are relatively prime to 4)

(6) = 2 (1, 5 are relatively prime to 6)
For Prime Numbers (p)=p-1
(7)=6 , (8)=?
Eulers Totient Theorem

This theorem generalizes Fermats theorem and
is an important key to the RSA algorithm.
If GCD(a, p) = 1, and a < p, then
(p)
a 1(mod p).
In other words, If a and p are relatively prime,
with a being the smaller integer, then when we
multiply a with itself (p) times and divide the
result by p, the remainder will be 1.
So What is the use of these theorems?
Eulers theorem uses modulus arithmetic

which helps to lay the foundation for RSA
encryption.
Public Key Encryption and

Authentication
Message Authentication
Message Authentication
Requirements
Message Authentication must be able to verify that:
1. Message came from apparent source or author,
2. Contents have not been altered,
3. Sometimes, it was sent at a certain time or
sequence.
Protection against active attack (falsification of data

and transactions)
Message Authentication Code (MAC)

In crypto, A message authentication code
(MAC) is a short piece of information to
authenticate a message.
-To provide integrity and authenticity
assurances on the messages
-Integrity here detects accidental and
intentional message changes
-Authenticity assurances affirm the messages
origin
Approaches to Message
Authentication
Authentication Using Conventional Encryption
Only the sender and receiver should share a key
Then a correctly encrypted message should be from the sender
Usually also contains error-detection code, sequence number and time stamp
Message Authentication without Message Encryption
No confidentiality is preferred when:
1.
2.
3.
Same message is broadcast to many destinations

Heavy load and cannot decrypt all messages some chosen at random
No danger in sending plaintext
An authentication tag is generated and appended to each message
Message Authentication Code
Calculate the MAC as a function of the message and the key. MAC
= F(K, M)
MAC
A MAC is sometimes called Keyed (cryptographic)
hash function (h(x) which is only one of the
possible ways to generate MACs). Which means:
- Accepts input a secret key and this key generates
a small size-fixed block of data known as MAC
appended to the message
- The MAC value protects both a messages data
integrity and authenticity by allowing verifiers
(who possess secret key) to detect any changes to
the message content. (Sender and receiver must
agree on the same key before initiating
communication)
MAC
Message Authentication without Message
Encryption
An authentication tag is generated and appended
to each messageMessage Authentication Code
(MAC)
MAC is generated by using a secret key
Assumes both parties A,B share common secret
key KAB
Code is function of message and key MACM= F(KAB,
M)
Message plus code are transmitted
MAC
RECAP Hash function H(x)

A hash function is any function f(x) that can
be used to map digital data of arbitrary size to
digital data of fixed size.
RECAP
-The values returned by a h(x) are called hash
values, hash code, hash sums, or simply
hashes.
-A very good example of h(x) in cryptography is
one-way hash function, an algorithm that turns
messages or text into a fixed string of digits, for
security or data management purposes. Oneway means that its nearly impossible to derive
the original text from the string.
Recap
-Ex: A one way hash function is used to create
digital signatures ( a digital code that can be
attached to an electronically transmitted
message that uniquely identifies the sender).
Which in turn identify and authenticate the
sender and message digitally distributed.
-In one-way hash function , the input is often
called the message digest or simply digest.
One-way HASH function

Alternative to Message Authentication Code
Accepts a variable size message M as input
and produces a fixed-size message digest H
(M) as output
One Way Hash Function

Ideally We Would Like To Avoid Encryption
Encryption software is slow
Encryption hardware costs arent cheap
Hardware optimized toward large data sizes
Algorithms covered by patents
Algorithms subject to export control

Secret value is added before the hash and
removed before transmission.
Secure HASH Functions
Purpose of the HASH function is to produce a fingerprint.
Properties of a HASH function H :

1.
H can be applied to a block of data at any size
2.
H produces a fixed length output
3.
H(x) is easy to compute for any given x.
4.
For any given block x, it is computationally infeasible to find x such

that H(x) = h
5.
For any given block x, it is computationally infeasible to find with

H(y) = H(x).
6.
It is computationally infeasible to find any pair (x, y) such that H(x) =

H(y)
Simple Hash Function

General principle
Input is a sequence of n-bit blocks
Input is processed one block at a time to produce an
n-bit hash function
A simple example is the bit-by-bit XOR of each block
Ci = bi1 bi2 bim
Ci is ith bit of hash code 1 <= i <= n
m is number of n-bit block in input
bij is ith bit in jth block
is the XOR operation
SHA-1 Secure Hash Function

The Secure Hash Algorithm( SHA) was developed by
the National Institute of Standards and Technology and
published in 1993.
SHA-1 is a 1995 revised version
It takes as input a message with maximum length < 264
bits and produces a 160-bit message digest.
It is processed in 512-bit blocks.
SHA-1 Secure Hash Function
SHA-1 Processing of single 512-Bit

Block
Other Secure HASH functions
HMAC -keyed-hash message

authentication code
Use a MAC derived from a cryptographic hash code, such
as SHA-1.
a specific construction for calculating a MAC involving
a cryptographic hash function in combination with a
secret key.
As for MAC it may be used to find out integrity and
authentication of messages. Any H(x) like MD5, SHA-1
may be used to calculate HMAC, results will be: HMACMD5 or HMAC-SHA1
Motivations:
Cryptographic hash functions executes faster in software than
encryption algorithms such as DES
Library code for cryptographic hash functions is widely available
Public-Key Cryptography Principles

The use of two keys has consequences in:
key distribution,
confidentiality
authentication.
The scheme has six ingredients
Plaintext
Encryption algorithm
Public and private key
Ciphertext
Decryption algorithm
Encryption using Public-Key system
Authentication using Public-Key

System
Applications for Public-Key

Cryptosystems
Three categories:
Encryption/decryption: The sender encrypts a
message with the recipients public key.
Digital signature: The sender signs a message

with its private key.
Key echange: Two sides cooperate two exhange a
session key.
Requirements for Public-Key

Cryptography
1. Computationally easy for a party B to
generate a pair (public key KUb, private key
KRb)
2. Easy for sender to generate ciphertext:
C EKUb (M )
3. Easy for the receiver to decrypt ciphertect

using private key:
M DKRb (C ) DKRb [ EKUb (M )]
Public-Key Cryptographic Algorithms

RSA and Diffie-Hellman
1. RSA - Ron Rives, Adi Shamir and Len Adleman at MIT, in
1977.
RSA is a block cipher
The most widely implemented
2. Diffie-Hellman
Echange a secret key securely
Compute discrete logarithms
RSA Key Generation

RSA has become almost synonymous with
public key.
How it works: RSA makes extensive use of
arithmetic operations using modulo n
arithmetic.
Recall: 19 mod 5 = 4
Mod ppties: [(a mod n)+(b mod n)] mod n=
(a+b) mod n; same way for multiplication,
subtraction etc
RSA Key Generator

Now suppose that Alice wants to send to Bob
an RSA encrypted-message, keep in mind that
a message is nothing but a bit pattern and
every bit pattern can be uniquely represented
by an integer number (along with the length
of the bit pattern), so a message of bit pattern
1001 is represented by which decimal integer?
So to generate the public and private RSA
keys, Bob has to perform the following steps:
RSA Key Generation

1.Choose two large prime numbers: p and q,
how large should p and q be? The larger the
values, the more difficult it is to break RSA.
2. Compute n = pq and z= (p-1)(q-1)
3. Choose a number e , less that n, that has no
common factors (other than 1) with z (in this
case , e and z are said to be relatively prime )
The letter e is used since this value will be used
in encryption.
RSA Key Generation

4. Find a number d, such that ed-1 is exactly
divisible (that is, no remainder)by z. The letter d
is used because this value will be used in
decryption. Put another way, given e , we
choose d such that ed mod z = 1
5. The public key that Bob makes available to the
world is the pair of numbers ( n, e); his private
key, is is the pair of numbers (n, d).
RSA key Generation

The Encryption by Alice and Decryption by
Bob are done as follows:
Suppose Alice wants to send Bob a bit pattern
represented by the integer number m (with
m<n). To encode, Alice performs the
exponentiation
is divided by n. In other
worlds, the encrypted value, C, of Alices
plaintext message, m , is
RSA Key Generation

The bit pattern corresponding to this
ciphertext C is sent to Bob.
To decrypt the received ciphertext message, C,
Bob computes
which requires the use of his private key (n, d)
Diffie Hellman Algorithm

First introduced by Diffie-Hellman in 1976
Mathematical functions rather than simple
operations on bit patterns
Exchange keys securely
Compute discrete logarithms
Diffie Hellman details

i.e. if a is a primitive root of prime or a
generator p,
a mod p, a2 mod p, ,ap-1 mod p are distinct

and contain 1 through (p-1) in some order.
Diffie Hellman key exchange
Diffie-Hellman Algorithm
Diffie-Hellman Algorithm
DH is one of the earliest practical examples
of public key exchange implemented within
the field of cryptography.
The DiffieHellman key exchange method
allows two parties that have no prior
knowledge of each other to jointly establish
a shared secret key over an
insecure communication channel.
Diffie Hellman Algorithm

Compare to RSA:
RSA Recall:
sender encrypts the data to be transferred using
his public key
receiver decrypts the encrypted data using his
private key
D-H: a method of exchanging cryptographic keys
establishes a shared secret key that can be used
for secret communication
Diffie Hellman Basics
Diffie Hellman
Other Public-Key Cryptographic

Algorithms
Digital Signature Standard (DSS)
Makes use of the SHA-1
Not for encryption or key echange
Elliptic-Curve Cryptography (ECC)

Good for smaller bit size
Low confidence level, compared with RSA
Very complex
Digital signatures
A digital signature is an encryption of a
document with the creators private key
It is attached to a document that validates the
creator of the document (an attachment to an
electronic message used for security purpose)
Any one can validate it by decrypting the

signature with the claimed creators public key
Digital signatures
Recall:
Think a number of the times youve signed your
name to a piece of paper during the last week?
You signed checks, credit card receipts, legal
documents, and letters.
You signature attests that you (as opposed to
someone else) have agreed on the documents
content. In digital world, one often wants to
indicate the owner or creator of a document or to
signify ones agreement with a documents
contents.
Digital signatures
A digital signature Is a cryptographic technique for
achieving these goals in a digital world. And just as
with handwritten signatures, digital signing should be
done in a way that is verifiable.
Lets see how we might design a digital signature
scheme:
- When Bob signs a message, Bob must put something on
the message that is unique to him. Means Bob could
consider attaching a MAC for the message where the
MAC is created by appending a key (unique to him) to the
message and then taking the Hash.
Generic model of digital signature

process
Digital signatures
In other words Digital signature is a
mathematical technique used to validate the
authenticity and integrity of a message,
software or digital document.
There have been serious concerns behind
message authentication thus required digital
signature techniques to resolve some of those
issues:
Digital signatures
Properties
Message authentication protects two parties who exchange
messages from any third party. However, it does not
protect the two parties against each other.
Several forms of dispute between the two are possible. For
example, suppose that Bob sends an authenticated
message to Alice,
1. Alice may forge a different message and claim that it came
from Bob. Alice would simply have to create a message and
append an authentication code using the key that Bob and
Alice share.
2. Bob can deny sending the message. Because it is possible
for Alice to forge a message, there is no way to prove that Bob
did in fact send the message.
Digital signatures
In situations where there is not complete trust
between sender and receiver, something more than
authentication is needed. The most attractive solution
to this problem is the digital signature. The digital
signature must have the following
properties:
It must verify the author and the date and time of the
signature.
It must authenticate the contents at the time of the
signature.
It must be verifiable by third parties, to resolve
disputes.
Digital Signatures: The basic idea
Key management
Distribution of public keys
Well, whats the issue?
Cant we just trust Mallory if she claims a key as
her public key?
Public keys to exchange secret keys

Using public-keys to exchange secret keys
why exchange secret keys?
arent public keys sufficient?
Key Management
Public-Key Certificate Use
Certificate Authority
In cryptography, a certificate
authority or certification authority (CA) is an
entity that issues digital certificates (public key
certificate) is an electronic document used to
prove ownership of a public key.
Common Application: Trusted certificates from
trusted CAs are typically used to make secure
connections to a server over the Internet,
The client uses the CA certificate to verify the CA
signature on the server certificate, as part of the
checks before establishing a secure connection
Analogy : Internet Security means not just
making sure that data is not intercepted or
corrupted, but that a computer user is who they
say they are. Just as in real life you may need a
passport from a trusted source to prove who
you are, a Certificate Authority server can be
set up to issue certificates to prove who people
are online.
A Certificate Authority is an organization or
individual that provides certificates and a
mechanism for verifying their authenticity. Large
companies such as Microsoft issue certificates to
guarantee downloaded software, and companies
like Verisign.
Users are sometimes concerned receiving
messages that "certificates have expired",
however this just means the default valid period
for the certificate is over not that you are
suddenly at any risk attack.
Certificates
Certificates are an important component
of Transport Layer Security (TLS, sometimes
called by its older name SSL, Secure Sockets
Layer), where they prevent an attacker from
impersonating a secure website or other
server. They are also used in other important
applications, such as email encryption.
Homework Assignment 4/RSA
Given a Message m=85

Choose your prime numbers p and q
Calculate your n
Calculate z
Choose your e and Find a number d
Show the public key pair
Show the private key pair
Compute encryption and decryption
Deadline 31st March , 2:00 pm, copy and paste is
seriously handled
2nd CATs Schedule

2nd Cats are mandatory to every one
27th April 2015 2nd Cat Network security 2:00
pm
6th May 2015 - 2nd Cat Mobile Computing
8th May 2015 - Project Presentation (Mobile
computing and Last lecture)
Before exam dates make sure that your cat
marks, homeworks and quizzes are matching with
the marks youve got.
Security Practice
Authentication Applications
Authentication Applications
Authentication Overview
We are taking a network-based view of user
authentication
User authentication is the first line of defence of
a network
It aims to prevent un authorized access to a
network
It is the basis of setting access controls
It is used to provide user accountability
Verifying User Identity

User authentication has two steps:
Identification presenting the user to the security system
Identification is the means by which a user claims to be a
specific identity
Verification providing information that binds the entity to
the identity
Verification is the method used to prove that claim
Means of Authentication
Something the individual knows
E.g. password, PIN
Something the individual possesses (tokens)
A security token (sometimes called an authentication token) is a small
hardware device that the owner carries to authorize access to a network
service. The device may be in the form of a smart card
E.g. cryptographic key, smartcard
Something the individual is
E.g. fingerprint, retina
Something the individual does

E.g. handwriting pattern, speech pattern
Authentication Problems
Guess or steal passwords, PIN, etc
Forget passwords, PIN
Steal or forge smartcards
Lose smartcard
False positives in biometrics
False negatives in biometrics
The most common method of network
authentication uses passwords and cryptographic
keys
User authentication security technologies

The following Technologies will be discussed:
Password-Based Authentication
Token-Based Authentication
Remote-user Authentication
Biometric authentication
Password-Based Authentication
Password-based authentication is the most common
means of authentication.
It requires no special hardware.
Its typical authentication by password only,
where the user supplies a username and password
then the system looks up the username in the
relevant database table,
it checks that username, password pair exists and
finally it provides system access to the user
Password Strength
Users tend to pick weak passwords if allowed. These kinds of
passwords can be easily to cracked via dictionary attack
(A dictionary attack is a technique or method used to breach the
computer security of a password-protected machine or server. A
dictionary attack attempts to defeat an authentication mechanism
by systematically entering each word in a dictionary as a password
or trying to determine the decryption key of an encrypted message
or document)
Users should be forced to create more complex passwords.
System can also supply users with a strong password however, with
this method, many users will tend to write down a stronger
password and this can be a greater security risk.
One of the best methods of creating strong password is by using
the Challenge Response method.
Here the systems are used that request specific characters in a
password rather than the whole password. This is commonly used
in online banking
Example Challenge-Response Method:

The password is MyPassword
The system asks for the 2nd, 3rd and 8th
characters
The user enters y, P and o
The idea is that it would take an eavesdropper

many sessions to determine the whole password
Attacks on Password-Based
authentication
Eavesdropping: Here the attacker can listen in
and gain password information. Encrypting
messages will prevent this
Offline dictionary attack: A direct attack on the
database storing passwords can be used to
discover or change passwords. Normally strong
access controls are applied to protect the
databases storing password files. However, some
hackers can bypass these control measures and
access the password files
Contd
Specific account attack: The hacker can be determined to guess a
password for a specific account until the correct password for that
specific account is discovered. The best method to prevent this is
by implementing the account lockout mechanism. This will disable
the account after a number of failed login attempts.
Popular password attack: The attacker will deploy different

popular password to different user IDs. Normally users tend to use
password which are easily remembered, i.e., the name of your
girlfriend/boyfriend, the capital city of your country, etc. So the
hacker will guess these kind of passwords and apply them to
different user IDs. This can be prevented by implementing policies
to reduce the selection by users of common passwords and
scanning the IP addresses of authentication requests and client
cookies for submission patterns
Contd
Workstation and session hijacking; the attacker can
monitor when the workstation is not being used or a
hacker can disconnect the session of the user and they
connect themselves. The main prevention mechanism is to
automatically logging the workstation out after a period of
inactivity. Intrusion detection schemes can be used to
detect changes in user behavior
Exploiting user mistakes: Some systems will provide
passwords to the users. These kind of passwords are very
difficult to remember, so users tend to write them
somewhere. So this would make it easier for the hackers to
read it. Prevention mechanisms include user training,
intrusion detection, and simpler passwords combined with
another authentication mechanism.
Contd
Exploiting multiple password use: Some users
use same password for different devices, so
once the attacker gets to know the password,
all the devices can be easily attacked. Never
use the same password for different
applications or devices
TOKEN-BASED AUTHENTICATION
Objects that a user possesses for the purpose
of user authentication are called tokens.
There are mainly two types of tokens that are
widely used; these are cards that have the
appearance and size of bank cards i.e.
Memory card
smart card
Smartcards
These are tamper-resistant devices that have a
small amount of memory and a small processor.
They are difficult to duplicate and are easily
transferable.
They can use the combination of PIN/password
and have Simple computations, e.g.
encryption/decryption, digital signatures.
Smartcard Examples
Bank/ATM cards
Credit cards
Travel cards
Pass cards for a workplace
SMARTCARD
Memory Cards
Memory cards have the capability to store data but cannot process
it.
The most common example of a memory card is the bank card

which has a magnetic stripe on the back.
This magnetic stripe at the back can store only a simple security
code. These codes can be read and reprogrammed by an
inexpensive card reader.
Other kinds of memory cards include an internal electronic
memory. Memory card can be used for physical access, such as a
hotel room.
Regarding computer user authentication, memory cards are used
with some form of password or personal identification number
(PIN). The best example is the automatic teller machine (ATM).
BOIMETRIC AUTHENTICATION
Biometric-based authentication is the Measurement of
bodys unique characteristics or behavior.
These behaviors are of different types such as; Voice,
Signature, Facial, Palm, Eye, Fingerprint etc.
Compared to passwords and tokens, biometric
authentication is both technically complex and
expensive
Ex: Biometric palm
Physical Characteristics Used in Biometric

Applications
Facial Behaviors: This is one of the most common
means of human to human identifications. It is based
on some key features such as relative location and
shape of key facial characteristics, such as eyes,
eyebrows, nose, lips, and chin shape.
Fingerprints: . A fingerprint is the pattern of ridges
and furrows on the surface of the fingertip. This
approach has been around for a long time and is
mostly used as means of identification for law
enforcement purposes. This method is believed to be
unique across the entire human population
Contd
Hand geometry: This method involves the hand
geometry systems identify features of the hand, such
as; shape, and lengths and widths of fingers.
Retinal pattern: It is believed that the pattern formed
by the veins beneath the retinal surface is unique and
therefore suitable for identification. The biometric
system gets the digital image of the retinal by
projecting a low-intensity beam of visual or infrared
light into the eye.
Contd
Iris: This is the detailed structure of the iris. It is also
another unique feature that can be used for
identification
Signature: A signature is frequently written sequence.
Every person has a different style of handwriting and
this is reflected mainly in their signatures. So this
method can also be used as means of identification.
Voice: This is another means of identification where
voice patterns are more closely tied to the physical and
anatomical characteristics of the speaker.
Operation of a Biometric Authentication

System
In order to be an authorized user, you must first be enrolled in the
database system of authorized users.
This is similar to assigning password to a specific user ID. With regards to
the biometric system, the user gives the name and password or PIN to
the system.
At the same time, the system senses some biometric features for this
user i.e, Iris, Fingerprints, etc.
All these inputs are digitized and the system extracts a set of
characteristics that can be stored as a number or set of numbers
representing this unique biometric characteristic; this set of numbers is
referred to as the users template.
The user is now enrolled in the system, which maintains for the user a
name (ID), perhaps a PIN or password, and the biometric value.
Contd
Figure showing enrollement process
Contd
Depending on application, user authentication
on a biometric system involves two methods:
Verification
Identification
Verification
This method is similar to a user logging on to a system by
using a memory card or smart card coupled with a
password or PIN.
For biometric verification, the user enters a PIN and also
uses a biometric sensor.
The system extracts the corresponding feature and
compares that to the template stored for this user.
If there is a match, then the system authenticates this user
Contd
Figure showing Verification process
Identification
In this method, the user uses the biometric
sensor with no any other additional
information presented.
The system then compares the presented

template with the set of stored templates.
If there is a match, then this user is
identified. Otherwise, the user is rejected.
Contd
Figure showing identification process
Why Biometrics ?
Unique
Authentication: 1-to-1 matching
Identification: 1-to-M matching
Convenient
Non-repudiable
Fast, accurate, non-transferable
Nothing to remember and nothing to
forget
Areas of Biometrics Application
Physical access control

Data access security
Time and attendance
ID theft prevention
Privacy protection
Fraud reduction
Cost-effective and high security
Types of Fingerprint Sensor

Semiconductor
Capacitive
Thermal
RF
Optical
Traditional
SEIR (Surface Enhanced Irregular
Reflection)
Thin Film Technology
Semiconductor Sensors
Semiconductor Finger Print Sensor

Characteristics
Small and low profile
Cost - expensive at low volume and
large sensing area
Physical and electrical Unstable
Metal discharge pathway
Surface coating required
Low tolerance to abuse
Traditional Optical Sensor
How to Select a Fingerprint Biometrics?
User friendliness
Durability
Cost
Size
Ease of integration
Choice of application products
Third-party SW support
Traditional Optical FP Sensor Characteristics
Plastic platen with soft coating

Nonlinear distortion
Low contrast image
Stray light interference
High power consumption
Assembly required mirror for compensation
Integration relatively difficult
Production- labor intensive
New Generation Optical FP Sensors

Characteristics
SEIR: Surface Enhanced Irregular Reflection- a break
through optical finger-scanning technology
High contrast and virtually distortion-free image
High performance for extreme skin condition
Scratch-proof surface with robust and compact housing
Low power consumption
Integration relatively easy
Mass production capable at low cost
Biometrics Overview
Biometrics Applications
Financial Sector
Point of Sale
ATM
Online Banking
Immigration
Passport Control
Border Control
Public Sector
National ID
Correctional Facility
Computer Security
Access Control
Network Security
e-Commerce
Medical
Medical Records Mgt
Social Service
Social Security
Welfare Payment
Missing Child
Telecommunication
Mobile Phone
Call Center
Internet Phone
Facility and Attendance
Door Lock
Time-Attendance
Aviation & Travel

Access Control
Ticket-less Travel
Anti-terrorist security
Biometrics Application
Physical Access Control

Time and Attendance
PC/Enterprise/Network Security
Internet & e-Commerce
Financial: on-line banking, ATM
Medical information system
Distant Learning
e-Publishing
Smart card/Digital Certificate
Any password-based application
etc
Distant Learning

Time and Attendance
PC/Network Security/IT
Student registration/verification
On-line testing
Healthcare

Time and Attendance
PC/Network Security/IT
Patient registration and Identification
e-Claim processing
Document Management
Privacy Protection
etc
Benefits of Biometrics Implementation
Maximize network security

Ensure users privacy
Protect institution physical assets
Provide user authentication
Allow non-repudiable transaction
Deter hackers and ID fraud
Eliminate password frustration
Cut IT cost in password maintenance
Increase corporation image, productivity and
profitability
REMOTE-USER AUTHENTICATION
The form of authentication is where an individual tends to access
the system which is locally present i.e. a stand-alone office PC or
an ATM machine.
This is one of the simplest forms of user authentication.
The more complex case is when remote user authentication,
happens over the Internet, a network, or a communications link.
Remote user authentication raises additional security threats,
such as an eavesdropper being able to capture a password, or an
adversary replaying an authentication sequence that has been
observed.
To prevent these kinds of threats, the systems normally apply
some form of challenge-response protocol
Electronic Mail security

Importance of Email
Business has come to rely on email as a means of
communication:
Fast
cost-effective
easy collaboration and information-sharing
Email has become the primary method for
corresponding with colleagues, customers, and
business partners
Email Security Threats

Viruses can corrupt mission-critical documents and
applications
Hackers will try to obtain confidential information
Spam can greatly deteriorate the performance of other
components within the communications infrastructure
Threats can stop business systems and mission critical

activities
Viruses
Viruses are very sophisticated and often appear
to be harmless correspondence:
personal communication
jokes
marketing promotions
Most viruses require recipients to download
attachments in order to spread
Some are designed to launch automatically, with
no user action required
Protection from Viruses

Email security solutions offer highly advanced
virus protection:
automatically scan all ingoing and outgoing
messages
automatically scan all attachments
automatic update capabilities
New threats emerge all the time and updates

offer protection from all the latest threats
Spam
A large proportion of all corporate email is spam
Spam costs US business billions of dollars in lost
productivity and system slow-downs annually
Most spam is annoying and slows down the network
Hackers may sometimes disguise viruses, spyware, and
malware as innocent-looking spam
Protection from Spam

Email security packages usually contain spam filters
that:
Identify non-relevant communications
Use key words and phrases
May also use format, size, or ratio of graphics to text
Spam is moved to a separate folder or deleted from
email server
May also block email addresses that are known to have
sent spam, preventing further disruptive emails
Phishing
Phishing is an e-mail fraud method in which the perpetrator sends
out legitimate-looking email in an attempt to gather personal and
financial information from recipients.
- (fraudulent practice of sending emails purporting to be from
reputable companies in order to induce individuals to reveal personal
information, such as passwords and credit card numbers, online.)
Used for identity theft and fraud
Posing as authorised emails from trustworthy institutions

Attempt to get recipients to surrender personal information such
as bank account details
Most are aimed at individuals
Some have targeted smaller businesses
Protection from Phishing

Email security packages provide anti-phishing
protection
Combination of methods:
Authentication
Detection
Prevention
Reporting
Enables threat analysis, attack prioritisation and

response to minimise risk and impact of phishing
Spyware
Enables hackers to record activities and data
from the infected computer
Done via a program that dynamically gathers
information and transmits it via an Internet
connection
Often bundled in with shareware and freeware
programs
Usually installs and runs without user knowledge
Protection from Spyware

Firewalls alone are insufficient
Email security packages will scan devices
regularly for spyware programs
Blocks known spyware programs before they
can be downloaded and installed
Email Authentication
Aims to provide enough information to the recipient
so that they know the nature of the email
A valid identity on an email is a vital step in stopping
spam, forgery, fraud, and other serious crimes
SMTP was not designed with security in mind and thus

had no formal verification of the sender
Signing emails identifies the origin of a message, but
not if it should be trusted
Authenticating Source IP Address

TCP allows an email recipient to automatically
verify the message senders IP address
This does not verify the identity of the sender
Forged headers can be used to create a spam
message that appears to be real
The sending IP address may belong to a zombie

machine under the control of a hacker
Blacklisting IP Addresses
The IP addresses originating spam and phishing emails can
be blacklisted so that future email from them is not
received but either quarantined or deleted
Many IP addresses are dynamic
Change frequently
An organisation has a block of IP addresses
IP addresses are allocated when needed
May get a new address every time a connection is made
Therefore, spammer will not have a permanent IP address
Controlling Traffic
Some ISPs use techniques to prevent spamming
by their customers:
Port 25 can be blocked so that port 587 is used
and that requires authentication
Limiting the number of received headers in
relayed mail
Infected computers can be cleaned and patched
Outgoing email can be monitored for any sudden
increase in flow or in content (a typical spam
signature)
Awareness
Always remember : security-related
transformation (remember encryption of your
channel-transform it into something tricky to
opponent)
to make sure that your information is secured
(secret from opponent)-ex: a network model
At Network level
Awareness
Taken as a society (because of the people who
use it) internet is now full of people proud of
vandalism like intentional hackers
Awareness
Intrusion
Intruders are now ready!
Intruders are an individual or individuals who gains or
attempt to gain unauthorized access to a computer system
(can be :Insiders, Outsiders). 3 forms of intruder:
Masquerade, misfeasor, clandestine.
The misfeasor is a legitimate user who accesses data,
programs, or resources for which such access is not
authorized for him, or who is authorized for such access but
misuses his or her privileges ( ex: A DB control user trying
to behave like system admin)
Internet security
Internet security : Measures taken to guard

against, crimes, attack, sabotage on the
electronic communications network that
connects computer networks and organizational
computer facilities around the world
Internet security
The Internet of today uses the Internet Protocol Version 4
(IPv4) to route and deliver packets between computers
Packets can have reliable delivery using the Transmission
Control Protocol (TCP) or non-guaranteed delivery using
the User Datagram Protocol (UDP)
An IP address is used to deliver a packet to the right

computer and the port or protocol is used to send the
packet to the appropriate computer service or application
Email (port 25, smtp)
Web (port 80, http)
Domain Name System (port 53, DNS)www.somewhere.com maps to the IP address 192.168.10.1
Internet security
ZeuS is active trojan horse widely used to steal
banking and other financial institute information first
seen on 2007, still in use today
A virus : A program that can replicate itself and send
copies from computer to computer across network
connections with human intervention (ex: Randex,
BigBear, SoBig, Klez, SirCam, Mankex, Fizzer etc)
A worm: A program that can replicate itself and send
copies from computer to computer across network
connections without human intervention
Internet security
Worms that has cause serious loss up to know:
Code Red - July 19, 2000

-450000+ hosts effected, 2.4 billion dollars*
Nimda - September 18, 2001
550000+ hosts effected
Slapper - October 21, 2002
root and .com name servers unavailable
SQL Slammer - January 25, 2003
80000+ hosts effected
Cybercrimes
Cybercrimes : - Pharming and phishing
Pharming is a way hackers attempt to manipulate users on
the Internet. While phishing attempts to capture personal
information by getting users to visit a fake website,
pharming redirects users to false websites without them
even knowing it.
So One way that pharming takes place is via an e-mail virus

that "poisons" a user's local DNS cache. It does this by
modifying the DNS entries,
For example, instead of having the IP address 17.254.3.183
direct to www.apple.com, it may direct to another website
determined by the hacker.
Pharmers can affect the entire DNS server, even if DNS has
security features to fight against (security is vague!!)
Cybercrimes
Phishing is similar to fishing in a lake, but instead of trying
to capture fish, phishers attempt to steal your personal
information.
They send out e-mails that appear to come from legitimate
websites such your banking institutions (ex: email from
BK).
The e-mails state that your information needs to be like
updated or ask that you enter your credentials: after
clicking a link included in the e-mail, Some e-mails will ask
that you enter even more info (ex: full name, credit card
number, address, phone) and at that time
the phisher may be able to gain access to more information
by just logging in to you account.
Phishing vs Pharming
So : Phishing and pharming are two different
ways hackers attempt to manipulate users via the
Internet.
Phishing involves getting a user to enter personal
information via a fake website (most of the time
from a wrong email link)
While Pharming involves modifying DNS entries
(routes), which causes users to be directed to the
wrong website when they visit a certain Web
address.
Phishing
Example:
Hi Junior!
We sent you an email a while ago, because you now
qualify for a new mortgage. You could get
$200,000 for as little as $500 a month!
Bad credit is not a problem, you can pull cash out or
refinance!
Please click on this link for FREE consultation
without obligations: http://cutrate-loan.info/ !
Best Regards,
Ninsiima Geoffrey
Web Security
Overview of web security

The Web presents us with some security issues
that may not be present in other networks:
Two-way systems
Multiple types of communication
Importance to business
Complex software
Multiple connections to a server
Untrained users
Two-way Systems
The Web works on a client-server model that
allows communication in both directions:
Server sends files to clients
Clients send files to servers
Servers must be protected from malicious
content uploaded by clients:
Deliberate upload
Accidental upload, e.g. unwittingly uploading an
infected file
Multiple Types of Communication

The web does not deal with a limited small
number of file types:
Text
Image
Video
Sound
The web delivers real-time content.
Multiple file types = multiple security threats
Importance to Business
Used to supply corporate information
Used to supply product/service information

Used for business transactions including financial
transactions:
banking, online shops, ordering systems, etc.
If web servers are compromised, there may be
very serious consequences to a business:
Loss of money & trade
Loss of reputation
Complex Software
Servers are relatively easy to set up and configure.
It is simple to create web content:
Even complex looking web applications are often simple to
create
This simplicity is made possible by complex underlying
software.
Complex software often has undetected security holes:
You can be sure that someone will detect them!
Multiple Connections
The Web works because there are multiple
connections to a server.
Different servers are connected to each other.
What happens if a server is subverted and a
malicious attacker gains control?
How many clients will be affected?
How many other servers will be affected?
An attack could have widespread consequences.
Untrained Users
The Web is used by many, many clients with no training or
understanding of security issues.
How many people surf the Internet without antivirus
software?
Add in the people who have out of date virus definitions
Many people do not have the tools or knowledge to deal
with threats on the Web.
These same people will be interacting with servers around

the world.
Traffic Security
Maintaining the security of a server as a piece of
hardware is not fundamentally different to
general computer security.
We will concentrate on the security of Web
traffic:
At the Network level (IPSec)
At the Transport level (Secure Socket Layer
(SSL)/Transport Layer Security(TLS))
Network Level Security (IPSec)
Transport Level Security (SSL/TLS)
IP Security (IPSec)
Provides security services at the IP layer for
other TCP/IP protocols and applications to use
Provides the tools that devices on a TCP/IP
network need in order to communicate securely:
When two devices wish to securely
communicate, they create a secure path between
themselves that may traverse across many
insecure intermediate systems.
IPsec
IPsec sits on top of the network layer. IPSec is an
Internet Engineering Task Force (IETF) standard suite of
protocols.
it provides data authentication (origin of the packet)
integrity, and confidentiality as data is transferred
between communication points across IP networks.
IPSec provides data security at the IP packet level.
All applications are protected by default, without
requiring any change to applications or actions on
behalf of users
Can only authenticate hosts, not users
User completely unaware that IPsec is running
Steps for an IPSec Connection

1. Agree on a set of security protocols to use
so that data is in a format both parties can
understand.
2. Decide on an encryption algorithm to use in
encoding data.
3. Exchange the keys that are used to decrypt
the cryptographically encoded data.
4. Use the protocols, methods and keys
agreed upon to encode data and send it
across the network.
IPSec Core Protocols

IPSec Authentication Header (AH)
Provides authentication services
Verifies the originator of a message
Verifies that the data has not been changed on route
Provides protection against replay attacks
Encapsulating Security Payload (ESP)
AH ensures integrity but not privacy
Datagram can be further protected using ESP
Encrypts the payload of the IP datagram
IPSec Authentication Header (AH)
ESP Packet
AH & ESP
Ipsec Standard Algorithms

IPsec relies on existing algorithms to implement encryption,
authentication, and key exchange.
Some of the standard algorithms that IPsec uses are as follows:
DES : Encrypts and decrypts packet data.
3DES: Provides significant encryption strength over 56-bit DES.
AES: Provides stronger encryption, depending on the key length used, and
faster throughput.
MD5: Authenticates packet data, using a 128-bit shared secret key.
Support Protocols & Mechanisms

The core protocols are quite generic and rely on other
protocols and mechanisms to be agreed.
Common algorithms used are MD5 and SHA-1
IPSec provides flexibility in letting devices decide how

they want to implement security.
Security policies and security associations are created.
Devices need a way to exchange security information.
The Internet Key Exchange (IKE) provides this.
IPSec Applications
Securing a companys Virtual Private network
(VPN) over the Internet
Securing remote access over the Internet
Establishing connections with partners via an
Extranet
Enhancing eCommerce security by adding to
the security mechanism in the application
layer
IPSec Advantages
Can be applied to a firewall or router and
apply to all traffic across that boundary
It is transparent to applications.
It is transparent to end users.
It can provide security for individual users if

required.
Secure Socket Layer (SSL)

Originally developed by Netscape in 1995 to
provide secure and authenticated
connections between browsers and servers
Provides transport layer security
Transport Layer Security (TLS) Version 1 is

essentially SSLv3.1
SSL Architecture
SSL uses TCP to provide a reliable and secure
end to end service.
It is not a single protocol but two layers of
protocols
The Hypertext Transfer Protocol (HTTP) used
for server/client interaction on the Internet
can operate on top of the SSL Record Protocol.
SSL Architecture
SSL Connections
A connection is defined by the OSI model as a
transport that provides a suitable service.
SSL connections are peer-to-peer relationships.
These SSL connections are transient.
They only last for a certain length of time.
Each connection is associated with a session.
SSL Connections
SSL(secure socket layer)/TLS overview
Goal (ex: Perform secure e-commerce across Internet)
Secure bank transactions
Secure online purchases
Secure web login
Security requirements
Secrecy to prevent eavesdroppers to learn sensitive
information
Entity and message authentication to prevent
message alteration / injection
SSL Connections
SSL/TLS sits on top of the transport layer
End-to-end security, best for connection-oriented
sessions
User does not need to be involved
The OS does not have to be changed
If SSL rejects packet accepted by TCP, then TCP
rejects correct packet when it arrives!
SSL must then close the connection
SSL Connections
SSL Sessions
A session in SSL is an association between a client and
a server.
Such sessions are created by the SSL Handshake

Protocol.
A session defines the security parameters.
A session may be shared by multiple connections.
Allows the same settings to be used by many

connections without the need for repeatedly sending
the security parameters
SSL Record Protocol - 1

Provides two services for SSL connections:
Confidentiality
Integrity
Transmitted data:
Fragmented into manageable blocks
Compressed (optional)
Encrypted
Header added and transmitted in a TCP segment
SSL Record Protocol - 2

Received data:
Decrypted
Verified
Decompressed
Reassembled
Delivered to higher level users
SSL Alert Protocol

Used to convey SSL alerts to the peer entity
Alert messages are compressed and encrypted as

specified by the session.
Each message consists of two bytes:
The first values indicates a warning or fatal alert
The second indicates the type of alert
A fatal alert will cause SSL to immediately

terminate the connection, but not other
connections on the same session.
SSL Alert Types

There are a number of alerts including the
following.
unexpected_message
decompression_failure
Fatal alerts:
handshake_failure
illegal_parameter
close_notify
no_certificate
certificate_revoked
SSL Handshake Protocol - 1

The most complex part of SSL
Allows server and client to authenticate each

other
Allows server and client to negotiate the
encryption algorithms and keys that be used to
protect data in an SSL record
This protocol is used before any application data
is sent.
SSL Handshake Protocol - 2

Consists of a series of messages, all with the
same format
Each message has 3 fields
Type (1 byte) indicates 1 of 10 message types
Length (3 bytes) the length of the message
in bytes
Content (0 or more bytes) parameters
associated with the message
Messages
The series of messages are initiated by the client.
The first phase establishes the security

credentials.
The second phase involves authenticating the
server and exchanging keys.
The third phase involves authenticating the client
and exchanging keys.
The fourth phase is completing the exchange.
HTTPS
HTTP over SSL/TLS
Used to create secure communications between
a Web browser and Web server
Built into modern browsers
Requires server to support HTTPS
communication
For example, at the time of writing, the Google
search engine does not support connections via
HTTPS
HTTPS Compared to HTTP

URL begins with https:// rather than http://
HTTPS connections use port 443 whereas HTTP
uses port 80.
Port 443 invokes SSL
If all is well, the browser will typically show a
padlock or some other symbol to indicate the use
of SSL/TLS.
HTTPS and Encryption

The following elements of an HTTPS communication are
encrypted:
URL of the requested document

Contents of the document
Contents of browser forms
The fields filled in by the user in the browser
Cookies
From server to browser
From browser to server
Contents of the HTTP header
SSL Advantages
It is independent of the applications once a
connection has been created.
After the initiating handshake, it acts as a secure
tunnel through which you can send almost
anything.
Has several implementation packages, both
commercial and freely available
All major platforms (Windows, Linux, etc.)

support SSL
No requirement for extra software packages
SSL Disadvantages
The extra security comes with extra processing
overhead.
This overhead is largely at the server end.
Means communications using SSL/TLS are a slower
than those without it
Some sources suggest that HTTPS communication can
be up to three time slower than HTTP.
With modern browsers, servers and connection
speeds, this should not cause significant problems
Secure Electronic Transaction (SET)

SET is a standard protocol for securing credit card
transactions over insecure networks, specifically, the
Internet.
SET is not itself a payment system, but rather a set of security

protocols and formats that enables users to employ the
existing credit card payment infrastructure on an open
network in a secure fashion.
SET was developed by VISA and MasterCard (involving other
companies such as GTE, IBM, Microsoft, Netscape, RSA and
VeriSign) starting in 1996.
The SET Protocol Operation
People today pay for online purchases by sending their credit card details to the
merchant.
A protocol such as SSL or TLS keeps the card details safe from eavesdroppers, but
does nothing to protect merchants from dishonest customers or vice-versa.
SET addresses this situation by requiring cardholders and merchants to register

before they may engage in transactions.
A cardholder registers by contacting a certificate authority, supplying security

details and the public half of his proposed signature key.
Registration allows the authorities to examine an applicant, who if approved

receives a certificate confirming that his signature key is valid.
All orders and confirmations bear digital signatures, which provide authentication
and could potentially help to resolve disputes
System Security
Intrusion Detection
Intrusion Detection Systems (IDS)

Monitors network traffic for suspicious activity
Alerts the network administrator if suspicious activity
discovered
May also respond to suspicious traffic by:

blocking the user from accessing the network
blocking the IP address from accessing the network
Different types that use different methods to detect
suspicious activity
IDS Types
Network based intrusion detection systems
(NIDS)
Host based intrusion detection systems (HIDS)
IDS that look for signatures of known threats
IDS that compare traffic patterns against a
network baseline and look for anomalies in the
patterns
NIDS
Positioned in strategic locations in the network
Monitor all traffic to and from network devices

In a perfect world all traffic would be monitored
This would create a bottleneck in the network
with a huge processing overhead
It would deteriorate network speed
HIDS
Operate on individual hosts or network
devices
Monitors all inbound and outbound packets
but only to and from the device it operates on
If suspicious activity is detected it usually
alerts the user and/or network administrator
of that activity
Signature-based IDS
Monitors packets on the network
Compare packets against a stored database of

known malicious threats
Similar to the operation of antivirus software
When a new threat appears there is a period of
time before this is added to the database
Any new threat is undetected until such time as
the database is updated to include this threat
Similar to the operation of antivirus software
Anomaly-based IDS
Monitors network traffic
Compare network traffic with a baseline
Baseline is normal traffic for that network:
Bandwidth
Protocols
Ports
Devices
User and/or network administrator is alerted
if there is a significant change from the
baseline
IDS Overview
Ideal for monitoring and protecting a network
Can be prone to false alarms

Must be correctly set up to recognize what is
normal traffic on the network
Network administrators and users must:
Understand the alerts
Know the most effective course of action upon
receiving an alert
Response to an intrusion
Responding to an intrusion
Communicate with appropriate parties (trusted servicesparties) to secure the network
Once compromised by intruders (remember to back up as
usual for non-compromised systems
Isolate Compromised System from the rest of the network (
and make systems tangible files as read-only by super
useran intruder may be an internal threat agent
Install regular software patches to eliminate vulnerability
in the software ,
Response to an intrusion
Response to an intrusion:
Analysis of the attacker: How the attack has been
conducted?, there have been modifications on
the data accessed in the attack?
Search for additional intrusions: Understand that
the intrusion may expose additional
vulnerabilities in other systems and Careful
review of other systems
Credentials: Change all authentication credentials
on compromised systems (username & pwds,
certificates, and private keys)
Complexity
Complexity of the problem:
Many intrusions go undetected!!!
Because intruders may be smart than us, system
and network administrator, lack of adequate
infrastructure, Lack of time and money in
monitoring systems status.
Most intrusion can be prevented: poor
configuration (ex: windows firewall turned off),
human error (intentional unintentional) , known
software vulnerabilities (un-patched).
System Security
Vulnerabilities and Threats
Vulnerabilities and Threats

Network Security Vulnerabilities
Technology weaknesses in protocols or systems (e.g. OS vulnerabilities)
Configuration insecure default configuration, e.g open ports, user
accounts/passwords: admin/admin
Policy allowing insecure passwords, not logging events, lack of
Acceptable Use Policy, or education of users.
Network Security Threats

There are four general categories of security
threats to the network:
Unstructured threats
Structured threats these have a definite
objective
External threats
Internal threats
Three Classes of Network Attacks

Reconnaissance attacks
Access attack
Denial of service attacks
Specific Attacks
Packet sniffers
IP weaknesses
Password attacks
DoS or DDoS
Man-in-the-middle attacks
Application layer attacks
Trust exploitation
Port redirection
Virus
Trojan horse
Operator error
Worms
NB: All these listed attacks can be used to comprise a system
Network Reconnaissance
Network reconnaissance refers to the overall
act of learning information about a target
network by using publicly available
information and applications.
This is often also referred to as Footprinting.
Network Reconnaissance Mitigation

Network reconnaissance cannot be prevented entirely.
Intrusion Detection System (IDSs) at the network and host
levels can usually notify an administrator when a
reconnaissance gathering attack (for example, ping sweeps
and port scans) is under way.
Ping sweeps and port scans can be dangerous, but can also
be prevented. Ping sweeps is when an intruder sends an
ICMP ECHO to a range of machines on a network
(Then the machines on the network send a signal back to
the intruder to let him/her know that they are on, The
machines that are not on or available do not send a signal.
This is an easy way for the intruder to know where to start
on his/her intrusion)
Ping sweep and port scan

Now, pings sweeps is not 100% for intruders, but
rather it is for network administrators on their
own network.
The ping sweeps are to determine which
machines are alive and which ones are not. This
could be for trouble shooting purposes or for
licenses issues.
Ping sweeps are a good tool unless you have a
malicious person out there wanting to do
damage.
Port scans are the most common probing tool
available. Port scans take ping sweeps to a
different level.
Port scan
Port scans actually look at a machine that is
alive and scan for an open port.
Once the open port is found, it scans the port to
find the service it is running. Once it finds the
service the port is running, it gives the intruder
power and knowledge about your system.
It basically gives him/her an edge in taking over
your machine. Protecting ourselves can be very
easy.
Port scan and ping sweep protection

Keep up to date with readings about security
prevention and download the latest security
patches from your operating system or your
Internet Security software
Firewalls are a must to keep open ports and
machines protected
Keep your software up to date and hire ethical
people to watch the networks will decrease
your chances of being hacked.
Packet Sniffers
A packet sniffer is a software application that uses a network adapter card in

promiscuous mode (looking at everything that comes through) to capture all
network packets.
A program that can see all of the information passing over the network it is
connected to.
As data streams back and forth on the network, the program looks at, or "sniffs,"
each packet
The following are the packet sniffer features:

Packet sniffers exploit information passed in clear text.
Protocols that pass information in the clear include the following:
Telnet
FTP
SNMP
POP
HTTP
Packet sniffers must be on the same collision domain.
Packet Sniffer Mitigation

The following techniques and tools are used to mitigate packet sniffer:
Authentication: Using strong authentication, such as one-time
passwords, is a first option for defense against packet sniffers.
Switched infrastructure: Deploy a switched infrastructure to counter the
use of packet sniffers in your environment.
Anti-sniffer tools: Use these tools to employ software and hardware
designed to detect the use of sniffers on a network.
Cryptography: The most effective method for countering packet sniffers
does not prevent or detect packet sniffers, but rather make them
irrelevant.
IP Spoofing
IP spoofing occurs when a hacker inside or outside a network impersonates the

conversations of a trusted computer.
Two general techniques are used during IP spoofing:
A hacker uses an IP address that is within the range of trusted IP addresses.

A hacker uses an authorized external IP address that is trusted
Uses for IP spoofing include the following:
IP spoofing is usually limited to the injection of malicious data or commands into

an existing stream of data.
A hacker changes the routing tables to point to the spoofed IP address, then the
hacker can receive all the network packets that are addressed to the spoofed
address and reply just as any trusted user can.
IP Spoofing Mitigation
The threat of IP spoofing can be reduced, but not eliminated, through the
following measures:
Access controlThe most common method for preventing IP spoofing is

to properly configure access control.
Request for Comments (RFC) 2827 filteringYou can prevent users of

your network from spoofing other networks (and be a good Internet
citizen at from spoofing other networks (and be a good Internet citizen at
the same time) by preventing any outbound traffic on your network that
does not have a source address in your organization's own IP range.
Additional authentication that does not use IP-based authentication,

Examples of this include the following:
Cryptographic (recommended)
Strong, two-factor, one-time passwords
DoS: Denial of Service

DOS attacks prevent authorized people from
using a service by using up system resources
Resource overload:
Disk space, bandwidth, buffer, etc
Ping floods: Smurf (smurf attack is a type of denial of service attack in which a
system is flooded with spoofed ping messages )etc
Packet storms: UDP bombos, etc
DDoS Distributed DoS

In a distributed DOS, a hacker tricks other
machines into flooding the target machine with
nuisance traffic that robs system performance
DoS Mitigation
The threat of DoS attacks can be reduced through the
following three methods:
Anti-spoof featuresProper configuration of antispoof features on your routers and firewalls
Anti-DoS featuresProper configuration of anti-DoS
features on routers and firewalls
Traffic rate limitingImplement traffic rate limiting

with the networks ISP
Password Attacks
Hackers can implement password attacks
using several different methods:
Brute-force attacks
Dictionary Attacks
Trojan horse programs
IP spoofing
Packet sniffers
Password Attacks Mitigation

The following are mitigation techniques:
Do not allow users to use the same password on
multiple systems.
Disable accounts after a certain number of
unsuccessful login attempts unsuccessful login
attempts.
Do not use plain text passwords. OTP or a
cryptographic password is recommended.
Use strong passwords. Strong passwords are at least
eight characters long and contain uppercase letters,
lowercase letters, numbers, and special characters.
Man-in-the-Middle Attacks
A man-in-the-middle attack requires that the hacker have access to network

packets that come across a network.
A man-in-the-middle attack is implemented using the following:
Network packet sniffers

Routing and transport protocols
Possible man-in-the-middle attack uses include the following:

Theft of information
Hijacking of an ongoing session
Traffic analysis
DoS
Corruption of transmitted data
Introduction of new information into network sessions
Man-in-the-Middle Mitigation
Man-in-the-middle attacks can be effectively
mitigated only through the use of
cryptography (encryption).
Application Layer Attacks

Application layer attacks have the following characteristics:
Exploit well known weaknesses, such as protocols, that are
intrinsic to an application or system (for example HTTP, and
FTP)
Often use ports that are allowed through a firewall (for
example, TCP port 80 used in an attack against a web server
behind a firewall)
Can never be completely eliminated, because new

vulnerabilities are always being discovered
Application Layer Attacks Mitigation

Some measures you can take to reduce your risks are as
follows:
Read operating system and network log files, or have
them analyzed by log analysis applications.
Subscribe to mailing lists that publicize vulnerabilities.
Keep your operating system and applications current with
the latest patches.
IDS/IPSs can scan for known attacks, monitor and log
attacks, and in some cases, prevent attacks.
Virus and Trojan Horses

Viruses refer to malicious software (malware) which attach
themselves to another program to execute a particular
unwanted function on a users workstation.
End-user workstations are the primary targets of virus
infection.
A Trojan horse is different only in that the entire
application was written to look like something else, when in
fact it is an attack tool.
A Trojan horse is mitigated by antivirus software at the
user level and possibly the network level.
What Is a Security Policy?

A security policy is a formal statement of the
rules by which people who are given access
to an organizations technology and
information assets must abide.
(RFC 2196, Site Security Handbook)
Why Create a Security Policy?

To create a baseline of your current security
posture
To set the framework for security implementation
To define permitted and non permitted
behaviors
To help determine necessary tools and
procedures
To communicate consensus and define roles
To define how to handle security incidents
Network Security as a Continuous

Process
Network security is a continuous process
built around a security policy
Step 1: Secure
Step 2: Monitor
Step 3: Test
Step 4: Improve
Secure the Network

Implement security solutions to stop or
prevent unauthorized access or activities ,
and to protect information:
Authentication
Encryption
Firewalls
Vulnerability patching
Monitor Security
Detects violations to the security policy
Involves system auditing and and real-time
intrusion detection
Validates the security implementation in Step
1
Test Security
Validates effectiveness of the security policy
through system auditing and vulnerability
scanning
Improve Security
Use information from the monitor and test
phases to make improvements to the security
implementation.
Adjust the security policy as security
vulnerabilities and risks are identified.
Firewalls
A firewall is a software program or piece of
hardware that helps screen out hackers,
viruses, and worms that try to reach your
computer over the Internet.
Firewalls
Network Firewall
A firewall is the first line of defence for your network
The purpose of a firewall is to keep intruders from
gaining access to your network
Usually placed at the perimeter of network to act as a
gatekeeper for incoming and outgoing traffic
It protects your computer from Internet threats by
erecting a virtual barrier between your network or
computer and the Internet
How Does a Firewall Work?

Examines the traffic sent between two networks
e.g. examines the traffic being sent between your network
and the Internet
Data is examined to see if it appears legitimate:

if so the data is allowed to pass through
If not, the data is blocked
A firewall allows you to establish certain rules to
determine what traffic should be allowed in or out of your
private network
Creating Rules
Traffic blocking rules can be based upon:
Words or phrases
Domain names
IP addresses
Ports
Protocols (e.g. FTP)
While firewalls are essential, they can block
legitimate transmission of data and programs
Common Firewall Types

In general there are software firewalls and
hardware firewalls
Even in home networks
Hardware firewalls are typically found in routers,
which distribute incoming traffic from an Internet
connection to computers
Software firewalls reside in individual computers

Ideally a network has both
Software Firewall
Protect only the computer on which they are
installed
Provide excellent protection against threats
(viruses, worms, etc.)
Have a user-friendly interface

Have flexible configuration
Hardware firewalls /Router Firewall

Protect your entire network or part of a network
Located on your router
Protect network hardware which cannot have a
software firewall installed on it
Allows the creation of network-wide rules that
govern all computers on the network
Firewall Operation
Can be divided into three main methods:
Packet filters
Application gateways
Packet inspection
Individual vendors of firewalls may provide
additional features
You should look at their products for details
Application Gateways
Application-layer firewalls can understand the
traffic flowing through them and allow or deny
traffic based on the content
Host-based firewalls designed to block

objectionable Web content based on keywords
are a form of application-layer firewall
Application-layer firewalls can inspect packets
bound for an internal Web server to ensure the
request isnt really an attack in disguise
Advantages of Application Gateways

Provide a buffer from port scans and application attacks
if an attacker finds a vulnerability in an application, the
attacker would have to compromise the application/proxy
firewall before attacking devices behind the firewall
Can be patched quickly in the event of a vulnerability
being discovered
This may not be true for patching all the internal devices
Disadvantages
Needs to know how to handle traffic to and from
your specific application
If you have an application that's unique, your
application layer firewall may not be able to support it
without making some significant modifications
Application firewalls are generally much slower than
packet-filtering or packet-inspection firewalls
They run applications, maintain state for both the
client and server, and also perform inspection of traffic
Packet Inspection Firewalls

Examine the session information between
devices:
Protocol
New or existing connection
Source IP address
Destination IP address
Port numbers
IP checksum
Sequence numbers
Application-specific information
Outbound Internet Traffic

Client initiates connection to IP address of the web
server destined for port 80 (HTTP)
Firewall determines whether that packet is allowed
through the firewall based on the current rule-set
Firewall looks into the data portion of the IP packet
and determine whether it is legitimate HTTP traffic
If all the requirements are met, a flow entry is created
in the firewall based on the session information, and
that packet is allowed to pass
Inbound Internet Traffic

Web server receives the packet and responds Return
traffic is received by the firewall
Firewall determines if return traffic is allowed by
comparing the session information with the
information contained in the local translation table
If return traffic matches the previous requirements,
payload is inspected to validate appropriate HTTP
Then it is forwarded to the client
Advantages
Generally much faster than application firewalls
They are not required to host client applications
Most of the packet-inspection firewalls today also
offer deep-packet inspection
The firewall can dig into the data portion of the packet
and also:
Match on protocol compliance
Scan for viruses
Still operate very quickly
Disadvantages
Open to certain denial-of-service attacks
These can be used to fill the connection

tables with illegitimate connections
Firewall Architecture
Firewalls are used to protect the perimeter of
a network and the perimeter of sections of
networks
A key question for a network administrator is
where firewalls should be located
The positioning of firewalls in relation to
other network elements is the firewall
architecture
Firewall Architecture
The following are common firewall
architectures:
Screening router
Screened host
Dual homed host
Screened subnet
Screened subnet with multiple Demilitarized Zone
(DMZs)
Dual firewall
Screening Router
Simplest of firewall architectures
Traffic is screened by a router
Packet filtering
Using ACLs
Traffic is screened according to:
Source or destination IP address
Transport layer protocol
Services requested
Screening Router
Usually deployed at the perimeter of the network
May be used to control access to a Demilitarized Zone (DMZ)
More often used in conjunction with other firewall technologies
Untrusted Network
Packet Filter
Trusted Network
Advantages & Disadvantages

Advantages
Simple
Cheap
Disadvantages
No logging
No user authentication
Difficult to hide internal network structure
Demilitarised Zones (DMZ)

A DMZ is part of the internal network but separated from the rest of the
internal network (a DMZ ) is a computer host or small network inserted as a
"neutral zone" between a company's private network and the outside public
network. It prevents outside users from getting direct access to a server that
has company data.
DMZ is an optional and more secure approach to a firewall and
effectively acts as a proxy server as well
Traffic moving between the DMZ and other interfaces on the protected
side of the firewall still goes through the firewall
This traffic has firewall protection policies applied
Common to put public-facing servers on the DMZ:

Web servers
Email servers
Screened Host Firewall

Adds an extra layer of protection in comparison to a
screening router
Has a Bastion Host/Firewall between networks
Bastion Host/Firewall has two NICs

Bastion Host/Firewall connects the trusted network to
the untrusted network
Stateful and proxy technologies are used to filter
traffic up to the application layer
Bastion Host
A special purpose computer specifically designed and configured to withstand

attacks
The router is the first line of defence
packet filtering/access control is carried out at the router
The bastion host is the server that connects to the unsecure network through the
router
Bastion Host
Untrusted Network
Packet Filter
Trusted Network

Advantages
Security is distributed between two points
Greater security than screening router
Transparent outbound access/restricted inbound
access
Disadvantages
Difficult to hide internal structure
There is a single point of failure in the network
Dual-Homed Host
A Bastion Host/Firewall is surrounded with packet filtering routers
Dual-homed - outside world and protected network (Dual-homed is a

general term for proxies, gateways, firewalls, or any server that provides
secured applications or services directly to an untrusted network).
Multi-homed - outside world and multiple protected networks (host that
has multiple IP addresses to connected networks)
Routers filter traffic to the Bastion Host
Bastion Host adds additional filtering capabilities
Bastion Host has no routing capabilities (Dual-homed firewalls are not able
to forward IP datagrams)

Advantages
Hides internal network structure
Disadvantages
Requires users to log onto bastion host or the use of proxy servers
Bastion Host
Untrusted Network
Packet Filter
Packet Filter
Trusted Network
Screened Subnet DMZ

Bastion Host is surrounded with packet filtering
routers
These control traffic into and out of the trusted
and untrusted network sections
Has an extra layer of functionality with a DMZ
Traffic from DMZ to trusted network must go
through Bastion Host and packet filtering router

Advantages
Provides services to outside without
compromising inside
Internal network hidden
Disadvantage
Single point of failure
Screened Subnet Multiple DMZs

Allows configuration of varying levels of
security between:
DMZs and the untrusted network
Different DMZs
DMZs and the trusted network
Dual Firewall Architecture

Using two or more firewalls enhances
security
Can be used to create DMZs
Using technology from multiple vendors can
enhance security
Self-Study
Go and Read on the following Advanced
Concepts of Network Security
Socket programming
Concurrent and iterative
Master and Slave Networks with algorithms
Kerberos & X.509

Network Security-Y3 Coe New

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Network Security-Y3 Coe New

Hochgeladen von

Copyright:

Verfügbare Formate

CIT 3422: NETWORK SECURITY

Mr. Joseph Kaberuka

This course provides an essential study of

Conventional and modern Encryption

Why is Network Security Important?

In addition, the rise of mobile commerce and wireless networks

Loss of Availability: Disruption of access to or

Major security properties

Basic security properties

someone elses information secret

integrity of information is threatened when the information is

participated in all or part of a communication)

Binds data to an identity

Analysis on security propertiesCryptography

Simplified model of symmetric crypto

Frequency Distribution In English

Thursday 12, 2:00 pm

Network security-Quiz 1/10

Public Key Encryption and

Fermats and Eulers theorem

For example: {2, 3, 5, 7, 11, 13, 17, }

A Little Bit Of History

He is probably most famous for a problem that went

He never published his proof, nor was it found

Fermats Little Theorem

Recap Congruence relation

26 mod 5 = 1 so it is in the equivalence class 1

Euler Totient Function: (n)

(4) = 2 (1, 3 are relatively prime to 4)

Eulers Totient Theorem

So What is the use of these theorems?

Eulers theorem uses modulus arithmetic

Public Key Encryption and

Protection against active attack (falsification of data

Message Authentication Code (MAC)

Message Authentication without Message Encryption

No confidentiality is preferred when:

Same message is broadcast to many destinations

An authentication tag is generated and appended to each message

Message Authentication Code

RECAP Hash function H(x)

One-way HASH function

One-way HASH function

One Way Hash Function

One-way HASH function

Secure HASH Functions

Purpose of the HASH function is to produce a fingerprint.

Properties of a HASH function H :

H can be applied to a block of data at any size

H produces a fixed length output

H(x) is easy to compute for any given x.

For any given block x, it is computationally infeasible to find x such

For any given block x, it is computationally infeasible to find with

It is computationally infeasible to find any pair (x, y) such that H(x) =

Simple Hash Function

SHA-1 Secure Hash Function

SHA-1 Secure Hash Function

SHA-1 Processing of single 512-Bit

Other Secure HASH functions

HMAC -keyed-hash message

Public-Key Cryptography Principles

Encryption using Public-Key system

Authentication using Public-Key