Bachelor of Computer Applications

BCA-S307 Computer Network Security

UNIT-I

Introduction: Attack, Services and Mechanism, Model for Internetwork Security.

Cryptography: Notion of Plain Text, Encryption, Key, Cipher Text, Decryption and cryptanalysis; Public Key Encryption, digital Signatures and Authentication.

UNIT-II

Network Security:

Authentication Application: Kerberos, X.509, Directory Authentication Service, Pretty Good Privacy, S/Mime.

UNIT-III

IP security Architecture: Overview, Authentication header, Encapsulating Security Pay Load combining Security Associations, Key Management.

UNIT-IV

Web Security: Requirement, Secure Sockets Layer, Transport Layer Security, and Secure Electronic Transactions.

UNIT-V

Network Management Security: Overview of SNMP Architecutre-SMMPVI1 Communication Facility, SNMPV3.

UNIT-VI

System Security: Intruders, Viruses and Related Threats, Firewall Design Principles.

Comprehensive examples using available software platforms/case tools, Configuration Management.

--------------------------------------------------------------

UNIT-I

Introduction: Attack, Services and Mechanism, Model for Internetwork Security. Cryptography: Notion of Plain Text, Encryption, Key, Cipher Text, Decryption and cryptanalysis; Public Key Encryption, digital Signatures and Authentication.

--------------------------------------------------------------

Network security

Network security is a broad term that covers a multitude of technologies, devices and processes. In its simplest term, it is a set of rules and configurations designed to protect the integrity, confidentiality and accessibility of computer networks and data using both software and hardware technologies.

Goals of Network Security

C I A + A + NR

The primary goals of network security are Confidentiality, Integrity, and Availability. These three pillars of Network Security are often represented as CIA triangle.

· Confidentiality − the function of confidentiality is to protect precious business data from unauthorized persons. Confidentiality part of network security makes sure that the data is available only to the intended and authorized persons.

· Integrity − this goal means maintaining and assuring the accuracy and consistency of data. The function of integrity is to make sure that the data is reliable and is not changed by unauthorized persons.

· Availability − the function of availability in Network Security is to make sure that the data, network resources/services are continuously available to the legitimate users, whenever they require it.

It is a major responsibility of any security tool to provide CIA.

“Network security is a protection mechanism to assure confidentiality, integrity and availability of data.”

Attack

Active and Passive attacks

Active attacks: An Active attack attempts to alter system resources or effect their operations. Active attack involves some modification of the data stream or creation of false statement. Types of active attacks are as following:

· Masquerade –

Masquerade attack takes place when one entity pretends to be different entity. A Masquerade attack involves one of the other forms of active attacks.

· Modification of messages –

It means that some portion of a message is altered or that message is delayed or reordered to produce an unauthorized effect. For example, a message meaning “Allow JOHN to read confidential file X” is modified as “Allow Smith to read confidential file X”.

1. Repudiation –

This attack is done by either sender or receiver. The sender or receiver can deny later that he/she has sent or receive a message. For example, customer asks his Bank “To transfer an amount to someone” and later on the sender (customer) denies that he had made such a request. This is repudiation.

2. Replay –

It involves the passive capture of a message and its subsequent the transmission to produce an authorized effect.

3. Denial of Service –

It prevents normal use of communication facilities. This attack may have a specific target. For example, an entity may suppress all messages directed to a particular destination. Another form of service denial is the disruption of an entire network withers by disabling the network or by overloading it by messages so as to degrade performance.

Passive attacks:

A Passive attack attempts to learn or make use of information from the system but does not affect system resources. Passive Attacks are in the nature of eavesdropping on or monitoring of transmission. The goal of the opponent is to obtain information is being transmitted. Types of Passive attacks are as following:

1. The release of message content –

Telephonic conversation, an electronic mail message or a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions.

2. Traffic analysis –

Suppose that we had a way of masking (encryption) of information, so that the attacker even if captured the message could not extract any information from the message.

The opponent could determine the location and identity of communicating host and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.

Security services and mechanisms

· Some security services and some mechanisms to implement those services.

Security services

· Authentication: assures recipient that the message is from the source that it claims to be from.

· Access Control: controls who can have access to resource under what condition

· Availability: available to authorized entities for 24/7.

· Confidentiality: information is not made available to unauthorized individual

· Integrity: assurance that the message is unaltered

· Non-Repudiation: protection against denial of sending or receiving in the communication

Model for Internetwork Security.

Cryptography

Cryptography is a technique of securing information and communications through use of codes so that only that person for whom the information is intended can understand it and process it.

Original message plain text Converted message cipher text key

Thus preventing unauthorized access to information. The prefix “crypt” means “hidden” and suffix graphy means “writing”.

In Cryptography the techniques which are use to protect information are obtained from mathematical concepts and a set of rule based calculations known as algorithms to convert messages in ways that make it hard to decode it. These algorithms are used for cryptographic key generation, digital signing, and verification to protect data privacy, web browsing on internet and to protect confidential transactions such as credit card and debit card transactions.

Types of Cryptography:

In general there are three types of cryptography:

1. Symmetric Key Cryptography:

It is an encryption system where the sender and receiver of message use a single common key to encrypt and decrypt messages. Symmetric Key Systems are faster and simpler but the problem is that sender and receiver have to somehow exchange key in a secure manner. The most popular symmetric key cryptography system is Data Encryption System (DES).

2. Asymmetric Key Cryptography:

Under this system a pair of keys is used to encrypt and decrypt information. A public key is used for encryption and a private key is used for decryption. Public key and Private Key are different. Even if the public key is known by everyone the intended receiver can only decode it because he alone knows the private key.

A [public key, private key]

B [public key, private key]

3. Hash Functions:

There is no usage of any key in this algorithm. A hash value with fixed length is calculated as per the plain text which makes it impossible for contents of plain text to be recovered. Many operating systems use hash functions to encrypt passwords.

Encryption

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as cipher text.

Decryption

The conversion of encrypted data into its original form is called Decryption. It is generally a reverse process of encryption. It decodes the encrypted information so that an authorized user can only decrypt the data because decryption requires a secret key or password.

Cryptanalysis

Cryptanalysis is the investigation of systems, cipher text, and ciphers in order to reveal the hidden meaning or details of the system itself. The goal of this type of study is to discover the hidden aspects even if the key or main algorithm is unable to be deciphered.

Types of cryptanalysis

· Cipher text-only: the cryptanalyst has access only to a collection of cipher texts or code texts.

· Known-plaintext: the attacker has a set of cipher texts to which he knows the corresponding plaintext.

· Chosen-plaintext (chosen-cipher text): the attacker can obtain the cipher texts (plaintexts) corresponding to an arbitrary set of plaintexts (cipher texts) of his own choosing.

· Adaptive chosen-plaintext: like a chosen-plaintext attack, except the attacker can choose subsequent plaintexts based on information learned from previous encryptions. Similarly Adaptive chosen cipher text attack.

· Related-key attack: Like a chosen-plaintext attack, except the attacker can obtain cipher texts encrypted under two different keys. The keys are unknown, but the relationship between them is known; for example, two keys that differ in the one bit.

Public key encryption

Public key encryption, or public key cryptography, is a method of encrypting data with two different keys and making one of the keys, the public key, available for anyone to use. The other key is known as the private key. Data encrypted with the public key can only be decrypted with the private key, and data encrypted with the private key can only be decrypted with the public key. Public key encryption is also known as asymmetric encryption. It is widely used, especially for TLS/SSL, which makes HTTPS possible.

Asymmetric key cryptography (public key cryptography)

Digital Signatures and Authentication

“Digital Signatures is an authentication tool.”

Digital signatures are the public-key primitives of message authentication. In the physical world, it is common to use handwritten signatures on handwritten or typed messages. They are used to bind signatory to the message.

Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding can be independently verified by receiver as well as any third party.

Digital signature is a cryptographic value that is calculated from the data and a secret key known only by the signer.

In real world, the receiver of message needs assurance that the message belongs to the sender and he should not be able to repudiate the origination of that message. This requirement is very crucial in business applications, since likelihood of a dispute over exchanged data is very high.

Hash Functions:

A hash function is any function that can be used to map data of variable size to fixed-size values. The values returned by a hash function re called hash values, hash codes, digests, or simply hashes. The values are used to index a fixed-size table called a hash table.

Features of Hash Functions

The typical features of hash functions are −

· Fixed Length Output (Hash Value)

o Hash function coverts data of arbitrary length to a fixed length. This process is often referred to as hashing the data.

o In general, the hash is much smaller than the input data, hence hash functions are sometimes called compression functions.

o Since a hash is a smaller representation of a larger data, it is also referred to as a digest.

o Hash function with n bit output is referred to as an n-bit hash function. Popular hash functions generate values between 160 and 512 bits.

o MD-5

· Efficiency of Operation

o Generally for any hash function h with input x, computation of h(x) is a fast operation.

o Computationally hash functions are much faster than a symmetric encryption.

Properties of Hash Functions

In order to be an effective cryptographic tool, the hash function is desired to possess following properties −

· Pre-Image Resistance

o This property means that it should be computationally hard to reverse a hash function.

o In other words, if a hash function h produced a hash value z, then it should be a difficult process to find any input value x that hashes to z.

o This property protects against an attacker who only has a hash value and is trying to find the input.

· Second Pre-Image Resistance

o This property means given an input and its hash, it should be hard to find a different input with the same hash.

o In other words, if a hash function h for an input x produces hash value h(x), then it should be difficult to find any other input value y such that h(y) = h(x).

o This property of hash function protects against an attacker who has an input value and its hash, and wants to substitute different value as legitimate value in place of original input value.

· Collision Resistance

o This property means it should be hard to find two different inputs of any length that result in the same hash. This property is also referred to as collision free hash function.

o In other words, for a hash function h, it is hard to find any two different inputs x and y such that h(x) = h(y).

o Since, hash function is compressing function with fixed hash length, it is impossible for a hash function not to have collisions. This property of collision free only confirms that these collisions should be hard to find.

o This property makes it very difficult for an attacker to find two input values with the same hash.

o Also, if a hash function is collision-resistant then it is second pre-image resistant.

Model of Digital Signature

As mentioned earlier, the digital signature scheme is based on public key cryptography. The model of digital signature scheme is depicted in the following illustration −

The following points explain the entire process in detail −

· Each person adopting this scheme has a public-private key pair.

· Generally, the key pairs used for encryption/decryption and signing/verifying are different. The private key used for signing is referred to as the signature key and the public key as the verification key.

· Signer feeds data to the hash function and generates hash of data.

· Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signature is appended to the data and then both are sent to the verifier.

· Verifier feeds the digital signature and the verification key into the verification algorithm. The verification algorithm gives some value as output.

· Verifier also runs same hash function on received data to generate hash value.

· For verification, this hash value and output of verification algorithm are compared. Based on the comparison result, verifier decides whether the digital signature is valid.

· Since digital signature is created by ‘private’ key of signer and no one else can have this key; the signer cannot repudiate signing the data in future.

It should be noticed that instead of signing data directly by signing algorithm, usually a hash of data is created. Since the hash of data is a unique representation of data, it is sufficient to sign the hash in place of data. The most important reason of using hash instead of data directly for signing is efficiency of the scheme.

Importance of Digital Signature

Out of all cryptographic primitives, the digital signature using public key cryptography is considered as very important and useful tool to achieve information security.

Apart from ability to provide non-repudiation of message, the digital signature also provides message authentication and data integrity. Let us briefly see how this is achieved by the digital signature −

· Message authentication − When the verifier validates the digital signature using public key of a sender, he is assured that signature has been created only by sender who possess the corresponding secret private key and no one else.

· Data Integrity − In case an attacker has access to the data and modifies it, the digital signature verification at receiver end fails. The hash of modified data and the output provided by the verification algorithm will not match. Hence, receiver can safely deny the message assuming that data integrity has been breached.

· Non-repudiation − Since it is assumed that only the signer has the knowledge of the signature key, he can only create unique signature on a given data. Thus the receiver can present data and the digital signature to a third party as evidence if any dispute arises in the future.

By adding public-key encryption to digital signature scheme, we can create a cryptosystem that can provide the four essential elements of security namely − Privacy, Authentication, Integrity, and Non-repudiation.

UNIT-II

Network Security:

Authentication Application: Kerberos, X.509, Directory Authentication Service, Pretty Good Privacy, S/Mime.

AUTHENTICATION APPLICATIONS

Kerberos – a private-key authentication service

X.509 - a public-key directory authentication service

Kerberos

Kerberos provides a centralize authentication server whose function is to authenticate users to servers and servers to users. In Kerberos Authentication server and database is used for client authentication. Kerberos run as a third-party trusted server known as the Key Distribution Center (KDC). Each user and service on the network is a principal.

The main components of Kerberos are:

· Authentication Server (AS):

The Authentication Server performs the initial authentication and ticket for Ticket Granting Service.

· Database: The Authentication Server verifies access right of users in database.

· Ticket Granting Server (TGS):

The Ticket Granting Server issues the ticket for the Server

Step-1: User logon and request services on host. Thus user request for ticket-granting-service.

Step-2: Authentication Server verifies user’s access right using database and then gives ticket-granting- Ticket and session key. Results are encrypted using Password of user.

Step-3: Decryption of message is done using the password then sends the ticket to Ticket Granting Server. The Ticket contains authenticators like user name and network address.

Step-4: Ticket Granting Server decrypts the ticket send by User and authenticator verifies the request Then creates the ticket for requesting services from the Server.

Step-5: User sends the Ticket and Authenticator to the Server.

Step-6: Server verifies the Ticket and authenticators then generate the access to the service. After this User can access the services.

Digital Certificate

Digital certificates are electronic credentials that are used to assert the online identities of individuals, computers, and other entities on a network. Digital certificates function similarly to identification cards such as passports and drivers licenses. Most commonly they contain a public key and the identity of the owner. They are issued by certification authorities (CAs) that must validate the identity of the certificate-holder both before the certificate is issued and when the certificate is used. Common uses include business scenarios requiring authentication, encryption, and digital signing.

Certificate Purposes

The certificate purpose defines the intended primary use of the certificate. The certificate purpose can be one of four settings:

§ Encryption. A certificate with this purpose will contain cryptographic keys for encryption and decryption.

§ Signature. A certificate with this purpose will contain cryptographic keys for signing data only.

§ Signature and encryption. A certificate with this purpose covers all primary uses of a

certificate’s cryptographic key, including encryption of data, decryption of data, initial logon, or digitally signing data.

§ Signature and smartcard logon. A certificate with this purpose allows for initial logon with a smart card, and digitally signing data; it cannot be used for data encryption.

SSL is probably the first protocol to use digital certificates. Now days they are widely used where ever there is a need for signing and encryption.

Certificate Authority

A Certificate Authority (CA) issues digital certificates that contain a public key and the identity of the owner. The matching private key is not made available publicly, but kept secret by the end user who generated the key pair. The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate. A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates. CAs uses a variety of standards and tests to do so. In essence, the Certificate Authority is responsible for saying "yes, this person is who they say they are, and we, the CA, verify that".

If the user trusts the CA and can verify the CA's signature, then he can also verify that a certain public key does indeed belong to whoever is identified in the certificate. Browsers maintain list of well known CAs root certificates. Aside from commercial CAs, some providers issue digital certificates to the public at no cost. Large institutions or government entities may have their own CAs.

X.509

X.509-Directory Authentication Service

Defines a framework for authentication service using the X.500 directory. It is the Repository of public-key certificates, Based on use of public-key cryptography and digital signatures.

Description

In cryptography, X.509 is a standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web. They are also used in offline applications, like electronic signatures.

The following figure shows the contents of X.509 version 3 certificates

Pretty Good Privacy (PGP)

PGP is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil

Zimmermann developed PGP in 1991.

PGP consists of the following five services:

1. Authentication

2. Confidentiality

3. Compression

4. E-mail compatibility

5. Segmentation

S/MIME (Secure MIME)

Before S/MIME first let’s know about MIME.

Multipurpose Internet Mail Extension (MIME) is a standard which was proposed by Bell Communications in 1991 in order to expand limited capabilities of email.

MIME is a kind of add on or a supplementary protocol which allows non-ASCII data to be sent through

SMTP. It allows the users to exchange different kinds of data files on the Internet: audio, video, images, application programs as well.

Why do we need MIME?

Limitations of Simple Mail Transfer Protocol (SMTP):

1. SMTP has a very simple structure

2. Its simplicity however comes with a price as it only send messages in NVT 7-bit ASCII format.

3. It cannot be used for languages that do not support 7-bit ASCII format such as- French, German, Russian, Chinese and Japanese, etc. so it cannot be transmitted using SMTP. So, in order to make SMTP broader we use MIME.

4. It cannot be used to send binary files or video or audio data.

S/MIME has the same functionality as PGP, that is, it offers the ability to sign and to encrypt messages. In more detail, S/MIME provides:

· Enveloped Data, to apply privacy protection to a message. A sender needs to have access to a public key for each intended message recipient.

· Signed Data, to provide authentication. Only a S/MIME enabled mailer can view this message.

· Clear-signed Data, to provide authentication for users with S/MIME capabilities, but to retain readability other viewers.

§ Nesting of signed and encrypted data.

S/MIME incorporates three public-key algorithms, DSS for digital signatures, Diffie-Hellman for encrypting session keys, or RSA. It uses SHA1 or MD5 for calculating digests, and three-key triple DES for message encryption. In an ideal situation, an S/MIME sender has a list of preferred decrypting capabilities from an intended recipient, in which case it chooses the best encryption. Otherwise, if the sender has received any previous mail from the intended recipient, it then chooses the same encryption mechanism.

To secure a MIME entity (e.g. the entire message with exception of the RFC 822 header), S/MIME produces a PKCS object. The PKCS object is then treated as the message object and encoded with MIME. Since the result of encryption is typically in binary, it needs to be transferred in a more secure way, such as in base64 mode.

To make an Enveloped Data MIME entity we:

· Generate a pseudo-random session key for either tripleDES or RC2/40 (a weak, exportable encryption).

I for each recipient, encrypt the session key with the recipient’s public RSA key.

Ii for each recipient, prepare a block known as Recipient Info that contains the sender's public-key certificate, an identifier for the algorithm used to encrypt the session key, and the encrypted session key.

iii encrypt the message content with the session key.

To recover the encrypted message, the recipient first reconverts the base64 encoding and uses his private key to recover the session key. He uses this key to decrypt the message.

To make a Signed Data MIME entity we:

i. select either SHA1 or MD5

ii. Compute the message digest of the content to be signed

iii. Encrypt the message digest with the signer's private key

iv prepare the Signer Info block that contains the signer's public key certificate, an identifier of the message digest algorithm, an identifier of the algorithm used to encrypt the message digest, and the encrypted message digest.

v. the whole block is then encoded in to base64 (excluding the RFC 822 header).

Clear signing uses the multipart content type in MIME to transmit body and signature separately. The body needs to be encoded in some way so that it is not altered during transit. The second object, the signature, is sent in base64. Thus, only S/MIME enabled mail readers can use the signature.

Difference between PGP and S/MIME:

S.NO PGP S/MIME

It is designed for processing the plain

1. texts

While it is designed to process email as well as many multimedia files.

PGP is less costly as compared to

2. S/MIME.

While S/MIME is comparatively expensive.

PGP is good for personal as well as

3. office use.

While it is good for industrial use.

PGP is less efficient

4. than S/MIME.

While it is more efficient than PGP.

5. It depends on user Whereas it relies on a

S.NO PGP S/MIME

key exchange. hierarchically valid certificate

for key exchange.

PGP is

comparatively less

6. convenient.

While it is more convenient than PGP due to the secure transformation of all the applications.

PGP contains 4096

7. public keys.

While it contains only 1024 public keys.

PGP is the standard for strong

8. encryption.

While it is also the standard for strong encryption but has some drawbacks.

PGP is also be used

9. in VPNs.

While it is not used in VPNs, it is only used in email services.

10.

PGP uses Diffie hellman digital signature.

While it uses Elgamal digital signature.

UNIT-III

IP security Architecture: Overview, Authentication header, Encapsulating Security Pay Load combining Security Associations, Key Management.

--------------------------------------------------------------

IP security

IP security refers to security mechanisms implemented at the IP (Internet Protocol) Layer to ensure integrity, authentication and confidentiality of data during transmission.

In the open Internet environment. The primary objective of recent work in this area, mainly by members in the IETF IP Security (IPSec) working group is to improve the robustness of the cryptographic key-based security mechanisms at IP layer for users who request security.

Basic Concepts:

§ Authentication

With certain security mechanism, two communicating parties know that the data at destination is the same as when it's initially sent (data integrity) and that the sender is not impersonated by third party.(data origin authentication).

§ Integrity

Considered to be data integrity part of authentication (see above definition). Data is not allowed to be unmatched at source and at destination for two parties with certain security mechanism between them established.

§ Confidentiality

With certain security mechanism (so-called encryption/decryption), data is protected during transmission from third party’s knowing the content.

§ Security Association (SA)

An agreement between two communication parties on knowing and using certain combination of security mechanisms for data transmission between them. It's based on destination address and a certain index, called Security Parameters Index (SPI).

How can IP Security be achieved?

Currently, there are two specific headers that can be attached to IP packet to achieve security. They are the IP Authentication Header (AH) and the IP Encapsulating Security Payload (ESP) header.

If confidentiality is not required, the Authentication Header (AH) alone can provide security (in this case, connectionless data integrity and data origin authentication) to IP datagram. The implementation can be host-host, host-gateway or gateway-gateway. But only host-host implementation is encouraged. The reason is that, in the case that security gateway provides security service for the trusted hosts behind the gateway; the security attack can still arise when the trusted hosts become untrusted. In other words the security can be violated for two communicating end user if the security (without confidentiality) does not cover completely the communicating path, but instead stop at the gateway, even though SA is established. Certainly in any kind of implementation, the untrusted systems (i.e., the systems that don't have the SA established) can't have the ability to attack data authentication (always referring to both data integrity and data origin authentication).

The IP Encapsulating Security Payload (ESP) header provides integrity, authentication, and confidentiality to IP diagrams. It can provide a mix of optional security. ESP header can be applied alone, in combination with the IP Authentication Header (AH), or in a nested way, e. g. by using Tunnel-mode. The ESP header implementation can be host-host, host-gateway, or gateway-gateway. The ESP header is inserted after the IP header and before a higher-level protocol header (Transport-mode) or the encapsulated IP header (Tunnel-mode). Gateway-to-gateway ESP implementation, using encryption/decryption , is critical for building Private Virtual Networks (PVN) across an untrusted backbone in an open environment such as the Internet.

What is a Security Association (SA)?

Security Association (SA) is needed for both the implementation of the IP Encapsulating Security Payload (ESP) header and of the IP Authentication Header (AH). An SA consists of the Destination Address and also some parameters, so-called Security Parameters Index (SPI) and thus it's receiver-oriented. The SPI at least contains the algorithm, algorithm mode and the keys used with the algorithm. In the ESP header case, certain sizes for determining synchronization and initialization of the encryption/decryption algorithm are also needed for the SPI. In addition, the SPI contains sensitivity level of data (for example, Secret or Unclassified) for systems meant to provide multi-level security. The sending host uses the sending user id and Destination Address to select a SA (and hence SPI value). The receiving host uses SPI value and Destination Address to distinguish the association. Hence, an AH implementation will always be able to use the SPI and the Destination Address to determine the security association and related security configuration data for all valid incoming IP packets.

An SA is normally one-way. An authenticated communication between two hosts will have two Security Parameter Indexes (SPI) for both directions. For unicast traffic, the destination system selects the SPI value. For multicast traffic, there are multiple destination systems but a single destination multicast group, so some system or person selects SPIs for that multicast group. Multiple senders to a multicast group may use a single SA (and hence SPI) for all traffic to that group. In that case, the receiver only knows that the message came from a system knowing the SA data for that multicast group. Multicast traffic may use a separate SA (and hence SPI) for each sender to the multicast group . Otherwise a receiver cannot authenticate which system sent the multicast traffic when so-called symmetric (in contrast to asymmetric) authentication algorithms are used.

IP Security Mechanisms

In this section we discuss the format of two IP layer security mechanisms, AH Header and ESP Header and their implementation and usage.

Authentication Header (AH)

The IP AH header holds authentication information for its IP datagram. It achieves this by computing a cryptographic authentication function over the IP datagram and using a secret authentication key in the computation. The sender computes the authentication data, i.e., the Integrity Check Value, before it sends the authenticated IP packet. Fragmentation occurs after the appending of AH Header to out coming packets and before the stripping of AH Header for incoming packets. The receiver rematches the authentication data upon reception. Certain fields which change along the path, such as the "TTL"(time to live) (IPv4: version 4) field or "Hop Limit" (Ipv6: version 6) field, both decrementing on each hop, are omitted from the authentication calculation.

The AH Header Format

Figure 1. the Authentication Header (AH) format

· Next Header. An 8-bit field that identifies the type of the payload after the AH header, with value chosen from standard IP Protocol Numbers.

· Payload Length. An 8-bit field that specifies the length of AH header.

· Reserved. A 16-bit field reserved for future use. Now it's set to zero.

· Security Parameters Index (SPI). A 32-bit value field that identifies the Security Association (SA) for this datagram, relative to the Destination IP Address contained in the IP header.

· Sequence Number. A32-bit field that contains a counter value (sequence number). Before cycle occurs, the sender and receiver have to reset the sequence number. The receiver ignores this field if anti-replay service is not requested.

· Authentication Data. An unfixed-length field that contains the Integrity Check Value (ICV) for this packet. It may include padding as certain algorithms require the AH header size to be a multiple of a blocksize. The ICV ignores those IP fields having a value unpredictable at reception. The ICV computation is based on authentication algorithm specified by the SA.

Using AH Header

AH Header may be used in Transport-mode or Tunnel-mode. In Transport-mode, AH header is appended before the IP header of an IP datagram and is only used for end-end implementation .The reason is that only higher-layer protocols and selected IP header fields are protected. In Transport-mode, AH header is inserted after the IP header and before a high-layer protocol (but before other IP-security header such as ESP Header if that header is already inserted before higher-layer protocol.) For gateway security implementation, Tunnel-mode is required. In this case, AH header protects the entire inner IP packets, including the entire IP header.

Non-repudiation, referring to being able to tell if the sender denies sending data, can be provided by some authentication algorithms (e.g., asymmetric algorithms when both sender and receiver keys are used in the authentication calculation) used with the AH Header. The default authentication algorithm is keyed MD5, which, like all symmetric algorithms, cannot provide non-repudiation by itself, because the sender's key is not used in the computation. Confidentiality protection are not provided by the AH Header.

Encapsulating Security Payload (ESP) Header

The IP Encapsulating Security Payload (ESP) Header provides integrity, authentication, and confidentiality to IP datagram.

It does this by encapsulating either an entire IP datagram or only the higher-layer protocol (e.g., TCP-- Transport Control Protocol) data inside the ESP, encrypting most of the ESP content, and then appending a new IP header to the now encrypted ESP Payload. This new IP header carries the protected data through the internetwork.

The ESP Header Format

Figure 2. The Encapsulating Security Payload (ESP) Header format

· Security Parameters Index (SPI). A 32-bit value field that identifies the SA for this datagram relative to the Destination Address.

· Sequence Number. A 32-bit field that contains a counter value (sequence number). Before a cycle arises, the counter is reset by establishing a new SA thus a new key. This field is optional depending on whether anti-replay service is required.

· Initialization Vector. An unfixed-length field only required by certain encryption/decryption algorithms.

· Payload Data. An unfixed-length field that contains data.

· Padding. A field for padding (margin-filling) Payload Data field if confidentiality is required, since then the block-size requirement for certain encryption/decryption algorithm has to be met.

· Pad length. A 8-bit field that identifies the size of the padding.

· Next Header. An 8-bit field that identifies the type of data contained in the Payload Data field.

· Authentication Data. An unfixed-length field that contains an Integrity Check Value (ICV) computed over the ESP packet (of course not including the field itself.) The mandatory-to- implement authentication algorithms, HMAC with MD5 or SHA-1, both yield a known ICV.

Using ESP Header

Like AH header, ESP header can also be implemented in Tunnel-mode, i.e., an entire IP datagram is encapsulated within the ESP header, or in Transport-mode, i.e., an higher-layer protocol (for example TCP or UDP --User Datagram Protocol) is encapsulated inside ESP and then a new IP header is appended. The encapsulating security used by ESP can impact network performance in systems establishing SA, but does not impact routers or other intermediate systems that are not in the ESP security association.

Protocol processing in participating systems is more complex. Encrypting increases the communication latency.

The IP ESP Header may be used in combination with the IP AH header for requested security. The AH Header provides connectionless integrity and data origin authentication and can provide non- repudiation if used with certain authentication algorithms. The ESP header provides integrity and confidentiality and can also provide authentication if used with certain authenticating encryption algorithms. Adding the AH Header to a IP datagram before encapsulating that datagram using the ESP header can provide strong integrity, authentication, confidentiality. When the two mechanisms are combined, the positioning of the IP AH Header ensures which part of the data is being authenticated.

For communication throughout the worldwide Internet, implementations of the IP ESP header must support the use of the Data Encryption Standard (DES) in Cipher-Block Chaining (CBC) Mode (The mode is defined to be either block mode or stream mode). Cryptographic transforms for ESP which use a block-chaining algorithm and lack a strong integrity mechanism is subject to a cut-and-paste attack

described by Bellovin and should not be used unless the Authentication Header is present with packets using that ESP transform.

Key Management

The key management protocol is related to AH header and ESP header only by the Security Parameters Index (SPI). It's agreed to exclude the key management mechanism from the other security mechanisms, such as AH header and ESP header. The reason is that it then allows using improved key management methods without modifying the implementations of the other security mechanisms.

Key Distribution

Currently, most security systems are manually (by a person) configured with its own key and also with the keys of other communicating systems. Automated Key Distribution requires an Internet-standard scalable key management protocol. For Multicast Key Distribution for very large groups, new scalable techniques are needed. The use of Core-Based Trees (CBT) to provide session key management as well as multicast routing may be an approach used in the future.

Keying Approaches for IP

For host-oriented keying, users on one host share the same key on out coming traffic destined for all users on another host. For user-oriented keying one user has one or more keys (not shared with other users on the same host) for its outbound traffic destined for another host with the SA associated...

When host-oriented keying is used and mutually untrusting users exist, it is possible for one user to determine the host-oriented key , and therefore can either read another user's (on the same host) encrypted traffic or forge traffic (impersonate). Integrity and Confidentiality can be provided by host- oriented keying when dynamic key management techniques and certain algorithms are in use. However, authentication using applications on end-systems requires that processes running applications be able to request and use their own SAs. Therefore, applications can access key distribution facilities that provide authentication.

UNIT-IV

Web Security: Requirement, Secure Sockets Layer, Transport Layer Security, and Secure Electronic Transations.

***********************************

Web Security: Requirement HTTPS

HTTPS

HTTPS (Hypertext Transfer Protocol Secure) is a secure version of the HTTP protocol that uses

the SSL/TLS protocol for encryption and authentication. HTTPS is specified by RFC 2818 (May 2000) and uses port 443 by default instead of HTTP’s port 80.

The HTTPS protocol makes it possible for website users to transmit sensitive data such as credit card numbers, banking information, and login credentials securely over the internet. For this reason, HTTPS is especially important for securing online activities such as shopping, banking, and remote work.

However, HTTPS is quickly becoming the standard protocol for all websites, whether or not they exchange sensitive data with users.

How is HTTPS different from HTTP?

HTTPS adds encryption, authentication, and integrity to the HTTP protocol:

Encryption: Because HTTP was originally designed as a clear text protocol, it is vulnerable to eavesdropping and man in the middle attacks. By including SSL/TLS encryption, HTTPS prevents data sent over the internet from being intercepted and read by a third party. Through public-key cryptography and the SSL/TLS handshake, an encrypted communication session can be securely set up between two parties who have never met in person (e.g. a web server and browser) via the creation of a shared secret key.

Authentication: Unlike HTTP, HTTPS includes robust authentication via the SSL/TLS protocol. A website’s SSL/TLS certificate includes a public key that a web browser can use to confirm that documents sent by the server (such as HTML pages) have been digitally signed by someone in

possession of the corresponding private key. If the server’s certificate has been signed by a publicly trusted certificate authority (CA), such as SSL.com, the browser will accept that any identifying information included in the certificate has been validated by a trusted third party.

HTTPS websites can also be configured for mutual authentication, in which a web browser presents a client certificate identifying the user. Mutual authentication is useful for situations such as remote work, where it is desirable to include multi-factor authentication, reducing the risk of phishing or other attacks

involving credential theft. For more information on configuring client certificates in web browsers, please read this how-to.

Integrity: Each document (such as a web page, image, or JavaScript file) sent to a browser by an HTTPS web server includes a digital signature that a web browser can use to determine that the document has not been altered by a third party or otherwise corrupted while in transit. The server calculates

a cryptographic hash of the document’s contents, included with its digital certificate, which the browser can independently calculate to prove that the document’s integrity is intact.

SSL

SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for establishing authenticated and encrypted links between networked computers. Although the SSL protocol was deprecated with the release of TLS 1.0 in 1999, it is still common to refer to these related technologies as “SSL” or “SSL/TLS.”

An SSL certificate (also known as a TLS or SSL/TLS certificate) is a digital document that binds the identity of a website to a cryptographic key pair consisting of a public key and a private key. The public key, included in the certificate, allows a web browser to initiate an encrypted communication session with a web server via the TLS and HTTPS protocols. The private key is kept secure on the server, and is used to digitally sign web pages and other documents (such as images and JavaScript files).

An SSL certificate also includes identifying information about a website, including its domain name and, optionally, identifying information about the site’s owner. If the web server’s SSL certificate is signed by a publicly trusted certificate authority (CA), like SSL.com, digitally signed content from the server will be trusted by end users’ web browsers and operating systems as authentic.

An SSL certificate is a type of X.509 certificate.

TLS

TLS (Transport Layer Security), released in 1999, is the successor to the SSL (Secure Sockets

Layer) protocol for authentication and encryption. TLS 1.3 is defined in in RFC 8446 (August 2018).

Secure Socket Layer (SSL)

Secure Socket Layer (SSL) provides security to the data that is transferred between web browser and server. SSL encrypt the link between a web server and a browser which ensures that all data passed between them remain private and free from attack.

Secure Socket Layer Protocols:

· SSL record protocol

· Handshake protocol

· Change-cipher spec protocol

· Alert protocol

SSL Protocol Stack:

SSL Record Protocol:

SSL Record provide two services to SSL connection.

§ Confidentiality

§ Message Integrity

In SSL Record Protocol application data is divided into fragments. The fragment is compressed and then encrypted MAC (Message Authentication Code) generated by algorithms like SHA (Secure Hash Protocol) and MD5 (Message Digest) is appended. After that encryption of the data is done and in last SSL header is appended to the data.

Handshake Protocol:

Handshake Protocol is used to establish sessions. This protocol allows client and server to authenticate each other by sending a series of messages to each other. Handshake protocol uses four phases to complete its cycle.

· Phase-1: In Phase-1 both Client and Server send hello-packets to each other. In this IP session, cipher suite and protocol version are exchanged for security purpose.

· Phase-2: Server sends his certificate and Server-key-exchange. Server end the phase-2 by sending Server-hello-end packet.

· Phase-3: In this phase Client reply to the server by sending his certificate and Client-exchange- key.

· Phase-4: In Phase-4 Change-cipher suite occurred and after this Handshake Protocol ends.

Change-cipher Protocol:

This protocol uses SSL record protocol. Unless Handshake Protocol is completed, the SSL record Output will be in pending state. After handshake protocol the Pending state is converted into Current state.

Change-cipher protocol consists of single message which is 1 byte in length and can have only one value. This protocol purpose is to cause the pending state to be copied into current state.

Alert Protocol:

This protocol is used to convey SSL-related alerts to the peer entity. Each message in this protocol contains 2 bytes.

Level is further classified into two parts:

· Warning:

This Alert have no impact on the connection between sender and receiver.

· Fatal Error:

This Alert breaks the connection between sender and receiver.

Silent Features of Secure Socket Layer:

· Advantage of this approach is that the service can be tailored to the specific needs of the given application.

· Secure Socket Layer was originated by Netscape.

· SSL is designed to make use of TCP to provide reliable end-to-end secure service.

· This is two-layered protocol.

Difference between Secure Socket Layer (SSL) and Transport Layer Security (TLS)

SSL stands for Secure Socket Layer while TLS stands for Transport Layer Security. Both Secure Socket Layer and Transport Layer Security are the protocols used to provide the security between web browser and web server.

The main differences between Secure Socket Layer and Transport Layer Security are that. In SSL (Secure Socket Layer), Message digest is used to create master secret and it provides the basic security services which are Authentication and confidentiality. While In TLS (Transport Layer Security), Pseudo-random function is used to create master secret.

There are some differences between SSL and TLS which are given below: S.NOSSL TLS

SSL stands for Secure Socket

1. Layer.

TLS stands for Transport Layer Security.

SSL (Secure Socket Layer)

2. supports Fortezza algorithm.

TLS (Transport Layer Security) does not

support Fortezza algorithm.

SSL (Secure Socket Layer) is

3. the 3.0 version.

TLS (Transport Layer Security) is the 1.0 version.

In SSL ( Secure Socket Layer), Message digest is used to create master

4. secret.

In TLS (Transport Layer Security), Pseudo-random function is used to create master secret.

In SSL ( Secure Socket Layer), Message Authentication Code

5. protocol is used.

In TLS (Transport Layer Security), Hashed Message Authentication Code protocol is used.

SSL (Secure Socket Layer) is complex than TLS (Transport

6. Layer Security).

TLS (Transport Layer Security) is simple.

SSL (Secure Socket Layer) is less secured as compared to TLS (Transport Layer

7. Security).

TLS (Transport Layer Security) provides high security.

Secure Electronic Transaction or SET is a system that ensures the security and integrity of electronic transactions done using credit cards in a scenario. SET is not some system that enables payment but it is a security protocol applied to those payments. It uses different encryption and hashing techniques to secure payments over the internet done through credit cards. The SET protocol was supported in development by major organizations like Visa, Mastercard, Microsoft which provided its Secure Transaction Technology (STT), and Netscape which provided the technology of Secure Socket Layer (SSL).

SET protocol restricts the revealing of credit card details to merchants thus keeping hackers and thieves at bay. The SET protocol includes Certification Authorities for making use of standard Digital Certificates like X.509 Certificate.

Before discussing SET further, let’s see a general scenario of electronic transactions, which includes client, payment gateway, client financial institution, merchant, and merchant financial institution.

Requirements in SET:

The SET protocol has some requirements to meet, some of the important requirements are:

* It has to provide mutual authentication i.e., customer (or cardholder) authentication by confirming if the customer is an intended user or not, and merchant authentication.

* It has to keep the PI (Payment Information) and OI (Order Information) confidential by appropriate encryptions.

* It has to be resistive against message modifications i.e., no changes should be allowed in the content being transmitted.

* SET also needs to provide interoperability and make use of the best security mechanisms.

Participants in SET:

In the general scenario of online transactions, SET includes similar participants:

1. Cardholder – customer

2. Issuer – customer financial institution

3. Merchant- seller

4. Acquirer – Merchant financial

5. Certificate authority – Authority that follows certain standards and issues certificates (like X.509V3) to all other participants.

SET functionalities:

· Provide Authentication

· Merchant Authentication – To prevent theft, SET allows customers to check previous relationships between merchants and financial institutions. Standard X.509V3 certificates are used for this verification.

· Customer / Cardholder Authentication – SET checks if the use of a credit card is done by an authorized user or not using X.509V3 certificates.

· Provide Message Confidentiality: Confidentiality refers to preventing unintended people from reading the message being transferred. SET implements confidentiality by using encryption techniques. Traditionally DES is used for encryption purposes.

· Provide Message Integrity: SET doesn’t allow message modification with the help of signatures. Messages are protected against unauthorized modification using RSA digital signatures with SHA-1 and some using HMAC with SHA-1.

UNIT-V

Network Management Security: Overview of SNMP Architecutre-SMMPVI1 Communication Facility, SNMPV3.

Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and more.

SNMP is widely used in network management for network monitoring. SNMP exposes management data in the form of variables on the managed systems organized in a management information base (MIB) which describe the system status and configuration. These variables can then be remotely queried (and, in some circumstances, manipulated) by managing applications.

Three significant versions of SNMP have been developed and deployed. SNMPv1 is the original version of the protocol. More recent versions, SNMPv2c and SNMPv3, feature improvements in performance, flexibility and security.

SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists of a set of standards for network management.

An SNMP-managed network consists of three key components:

· Managed devices

· Agent – software which runs on managed devices

· Network management station (NMS) – software which runs on the manager

A managed device is a network node that implements an SNMP interface that allows unidirectional (read-only) or bidirectional (read and write) access to node-specific information. Managed devices exchange node-specific information with the NMSs. Sometimes called network elements, the managed devices can be any type of device, including, but not limited to, routers, access servers, switches, cable modems, bridges, hubs, IP telephones, IP video cameras, computer hosts, and printers.

An agent is a network-management software module that resides on a managed device. An agent has local knowledge of management information and translates that information to or from an SNMP- specific form.

A network management station executes applications that monitor and control managed devices. NMSs provide the bulk of the processing and memory resources required for network management. One or more NMSs may exist on any managed network.

Block diagram showing SNMP architecture.

SNMP Versions

There are three versions of SNMP: SNMPv1, SNMPv2c, and SNMPv3.

SNMPv1: The initial version of the protocol. It is easy to set up and is defined in RFC 1155 and 1157.

SNMPv2c: The revised version with enhanced protocol packet types, transport mappings, and MIB structure elements, but also uses the existing SNMPv1 administration structure ("community-based" and hence SNMPv2c). It is defined in RFC 1901, RFC 1905, and RFC 1906.

SNMPv3: Facilitates remote configuration of SNMP entities. It also adds both encryption and authentication, which can be used together or separately, making this the most secure version yet.

SNMPv3 is defined by RFC 1905, RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.

UNIT-VI

System Security: Intruders, Viruses and Related Threats, Firewall Design Principles.

Comprehensive examples using available software platforms/case tools, Configuration Management.

Intruders

-----------------------------------------

In relation to computers, an intruder is an individual or software program that enters a computer system without authorization. An example of an intruder would be a hacker. Another example would be a software virus.

Intrusion techniques

The objective of the intruders is to gain access to a system or to increase the range of privileges accessible on a system. Generally, this requires the intruders to acquire information that should be protected. In most cases, the information is in the form of a user password.

Typically, a system must maintain a file that associates a password with each authorized user. If such a file is stored with no protection, then it is an easy matter to gain access to it. The password files can be protected in one of the two ways:

· One way encryption – the system stores only an encrypted form of user‟s password. In practice, the system usually performs a one way transformation (not reversible) in which the password is used to generate a key for the encryption function and in which a fixed length output is produced.

· Access control – access to the password file is limited to one or a very few accounts.

The following techniques are used for learning passwords.

· Try default passwords used with standard accounts that are shipped with the system. Many

Administrators do not bother to change these defaults.

· Exhaustively try all short passwords.

· Try words in the system’s online dictionary or a list of likely passwords.

· Collect information about users such as their full names, the name of their spouse and children, Pictures in their office and books in their office that are related to hobbies.

· Try user’s phone number, social security numbers and room numbers.

· Try all legitimate license plate numbers.

· Use a Trojan horse to bypass restriction on access.

· Tap the line between a remote user and the host system.

Viruses and Similar Threats

Viruses, worms, Trojan horses and related computer threats are commonly confused with each other because they often cause similar damage. Viruses have been around longer than the others, and consequently the term “virus” is commonly but inaccurately used to refer to all of them. Here are some distinguishing characteristics:

Virus

A virus is a relatively small file that can copy itself into another file or program (its host). It can be transmitted only if its host files or program is transmitted. Some viruses are designed to change themselves slightly in order to make their detection and removal more difficult. Many viruses are merely annoyances, but some can be very destructive. As a whole, they are less common now than in the past. For more information, see the Wikipedia page on Computer virus.

Trojan horse

A Trojan horse is a program that appears to be useful or entertaining, but it carries a hidden malicious function that is activated when the program is run. Some Trojan horses even masquerade as repair tools, claiming to remove threats from your computer but actually doing the opposite. Older Trojan horses could not transmit themselves, but more recent versions can. This blurs the traditional distinction between viruses and Trojan horses. For more information, see the Wikipedia page on Trojan horse (computing)

Worm

A worm is a program that can both copy and transmit itself. This type of threat is now more common and often more disruptive than many viruses. For more information, see the Wikipedia page

on Computer worm.

Malicious script

these vary in the harm they can cause, and they can get into your computer or compromise your

personal information by a number of means; e.g., when you click on a link inside a specially designed fraudulent email or submit a form that has such a script hidden inside it.

Viruses and Related Threats

Perhaps the most sophisticated types of threats to computer systems are presented by programs that exploit vulnerabilities in computing systems. In this context, we are concerned with application programs as well as utility programs, such as editors and compilers.

We begin this section with an overview of the spectrum of such software threats. The remainder of the section is devoted to viruses and worms.

Malicious Programs

The terminology in this area presents problems because of a lack of universal agreement on all of the terms and because some of the categories overlap.

Name	Description
Virus	Attaches itself to a program and propagates copies of itself to other programs
Worm	Program that propagates copies of itself to other computers
Logic bomb	Triggers action when condition occurs
Trojan horse	Program that contains unexpected additional functionality
Backdoor (trapdoor)	Program modification that allows unauthorized access to functionality
Exploits	Code specific to a single vulnerability or set of vulnerabilities
Downloader’s	Program that installs other items on a machine that is under attack. Usually, a downloader is sent in an e-mail.
Auto-rooter	Malicious hacker tools used to break into new machines remotely
Kit (virus generator)	Set of tools for generating new viruses automatically
Spammer programs	Used to send large volumes of unwanted e-mail

Name	Description
Flooders	Used to attack networked computer systems with a large volume of traffic to carry out a denial of service (DoS) attack
Key loggers	Captures keystrokes on a compromised system
Root kit	Set of hacker tools used after attacker has broken into a computer system and gained root-level access
Zombie	Program activated on an infected machine that is activated to launch attacks on other machines

Malicious software can be divided into two categories: those that need a host program, and those that are independent. The former are essentially fragments of programs that cannot exist independently of some actual application program, utility, or system program. Viruses, logic bombs, and backdoors are examples. The latter are self-contained programs that can be scheduled and run by the operating system. Worms and zombie programs are examples.

We can also differentiate between those software threats that do not replicate and those that do. The former are programs or fragments of programs that are activated by a trigger. Examples are logic bombs, backdoors, and zombie programs. The latter consist of either a program fragment or an independent program that, when executed, may produce one or more copies of itself to be activated later on the same system or some other system. Viruses and worms are examples.

In the remainder of this subsection, we briefly survey some of the key categories of malicious software, with the exception of viruses and worms, which are covered in more detail later in this section.

Backdoor

A backdoor, also known as a trapdoor, is a secret entry point into a program that allows someone that is aware of the backdoor to gain access without going through the usual security access procedures.

Programmers have used backdoors legitimately for many years to debug and test programs. This usually is done when the programmer is developing an application that has an authentication procedure, or a long setup, requiring the user to enter many different values to run the application. To debug the program, the developer may wish to gain special privileges or to avoid all the necessary setup and authentication. The programmer may also want to ensure that there is a method of activating the program should something be wrong with the authentication procedure that is being built into the application. The backdoor is code that recognizes some special sequence of input or is triggered by being run from a certain user ID or by an unlikely sequence of events.

Backdoors become threats when unscrupulous programmers use them to gain unauthorized access. The backdoor was the basic idea for the vulnerability portrayed in the movie War Games. Another example is that during the development of Multics, penetration tests were conducted by an Air Force "tiger team" (simulating adversaries). One tactic employed was to send a bogus operating system update to a site running Multics. The update contained a Trojan horse (described later) that could be activated by a backdoor and that allowed the tiger team to gain access. The threat was so well implemented that the Multics developers could not find it, even after they were informed of its presence [ENGE80].

It is difficult to implement operating system controls for backdoors. Security measures must focus on the program development and software update activities.

Logic Bomb

One of the oldest types of program threat, predating viruses and worms, is the logic bomb. The logic bomb is code embedded in some legitimate program that is set to "explode" when certain conditions are met. Examples of conditions that can be used as triggers for a logic bomb are the presence or absence of certain files, a particular day of the week or date, or a particular user running the application. Once triggered, a bomb may alter or delete data or entire files, cause a machine halt, or do some other damage. A striking example of how logic bombs can be employed was the case of Tim Lloyd, who was convicted of setting a logic bomb that cost his employer, Omega Engineering, more than $10 million, derailed its corporate growth strategy, and eventually led to the layoff of 80 workers [GAUD00].

Ultimately, Lloyd was sentenced to 41 months in prison and ordered to pay $2 million in restitution. Trojan Horses

A Trojan horse is a useful, or apparently useful, program or command procedure containing hidden code that, when invoked, performs some unwanted or harmful function.

Trojan horse programs can be used to accomplish functions indirectly that an unauthorized user could not accomplish directly. For example, to gain access to the files of another user on a shared system, a user could create a Trojan horse program that, when executed, changed the invoking users file permissions so that the files are readable by any user. The author could then induce users to run the program by placing it in a common directory and naming it such that it appears to be a useful utility. An example is a program that ostensibly produces a listing of the user's files in a desirable format. After another user has run the program, the author can then access the information in the user's files. An example of a Trojan horse program that would be difficult to detect is a compiler that has been modified to insert additional code into certain programs as they are compiled, such as a system login program [THOM84]. The code creates a backdoor in the login program that permits the author to log on to the system using a special password. This Trojan horse can never be discovered by reading the source code of the login program.

Another common motivation for the Trojan horse is data destruction. The program appears to be performing a useful function (e.g., a calculator program), but it may also be quietly deleting the user's files. For example, a CBS executive was victimized by a Trojan horse that destroyed all information contained in his computer's memory [TIME90]. The Trojan horse was implanted in a graphics routine offered on an electronic bulletin board system.

Zombie

A zombie is a program that secretly takes over another Internet-attached computer and then uses that computer to launch attacks that are difficult to trace to the zombie's creator. Zombies are used in denial-of-service attacks, typically against targeted Web sites. The zombie is planted on hundreds of computers belonging to unsuspecting third parties, and then used to overwhelm the target Web site by launching an overwhelming onslaught of Internet traffic. Section 19.3 discusses zombies in the context of denial of service attacks.

Basics of what is a Firewall

Firewall

A Firewall is a security system to protect an internal network from unauthorized servers and networks based on predefined rules. It acts as a barrier and only allows the secured network to send or receive data.

How does a Firewall work?

A Firewall analyses the network traffic and filters it so that the unsecured and suspicious networks cannot attack the system. The point where information is exchanged with an external network is called a port.

How is Firewall different from an Antivirus?

A firewall is a security network designed to protect computer systems and networks from malicious attacks. Whereas, Antivirus is software utility program designed to protect a system from internal attacks from viruses. Get a tabulated and detailed comparison between the two at the Difference between Firewall and Antivirus page.

With regard to a Firewall, another term that is frequently being used is a Computer Network. To get a detailed explanation and understanding of networking, candidates can visit the linked article.

Types of Firewall

There are various types of Firewalls. Described below is each of them in detail for a better and simplistic understanding:

1. Packet Filtering Firewall

One of the oldest types of Firewall

This type of Firewall creates a checkpoint at the traffic router. Only the secure and verified IP address or networks are allowed for the further flow of data

The data packets are not verified, i.e. the information or data is not opened at the Firewall stage They are easy to use and do not overload the device and do not affect its processing or functioning speed

2. Application Level Gateway Firewall

It is also known as Proxy Firewall

When the user connects with the destination server, it forms a connection with the application gateway The proxy then connects with the destination server and takes up the decision of forwarding the data packets

It is a bit more secure in comparison to Packet Filtering Firewall Strong Memory and processors are required for using this Firewall

3. Circuit Level Gateway Firewall

This works as the Sessions layer of the OSI Model

Using this, two Transmission Control Protocol (TCP) connections can be set up together

It can easily let the flow of data packets continue without consuming major computer resources These Firewalls are not much efficient as they do not check the data packets and incase a data packet comprises malware, it will allow it to pass if the TCP connections are successfully done

4. Stateful Inspection Firewall

It is a combination of data packet inspection and TCP connection. Until both the fields are verified, the information cannot be approved

They are less straining for the computer resources

However, they are a bit slow in comparison to other Firewalls

5. Next-Generation Firewall

The recently launched Firewall systems are known as the Next-Gen Firewalls

Under this, the data packets are also thoroughly checked before being passed on to the destination address

These are still on the platform of improving and evolving and intend to use modern technology for automatic detection of errors and network safety

6. Software Firewall

Any firewall which is installed in a local device or a cloud server is called a Software Firewall

They can be the most beneficial in terms of restricting the number of networks being connected to a single device and control the in-flow and out-flow of data packets

Software Firewall also time-consuming

7. Hardware Firewall

They are also known as Physical-appliance based firewalls

It ensures that the malicious data is stopped before it reaches the endpoint of the network at risk

Functions of Firewall

Following are the function of a Firewall. Candidates can refer to these to apprehend the basic functions of a Firewall:

Any data which enters or exits a computer network has to pass through the Firewall

All the valuable information stays intact if the data packets are securely passed through the Firewall Every time data packets passed through a Firewall, it records it which allows the user to record the network activity

No data can be modified as it is held securely within the data packets

Precisely, a Firewall ensures that all the data is secure and any malicious data trying to enter the internal network is not allowed to pass through.

Firewall Design principle:

1. All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall) –

2. Only authorized traffic (defined by the local security policy) will be allowed to pass

3. The firewall itself is immune to penetration (use of trusted system with a secure operating system)

Configuration management

Configuration management is a process for maintaining computer systems, servers, and software in a desired, consistent state. It’s a way to make sure that a system performs as it’s expected to as changes are made over time.

Configuration management benefits

Think of it like this. If you keep up with the small things, you can avoid more complicated, expensive repairs in the future. Configuration management is about preventing issues so you don’t have to deal with as many problems later.

For example, you can make sure that your test and production environments match. That way, you’ll have fewer problems with applications once they’ve been deployed than you would if these

environments weren’t exactly the same.

With configuration management, you can accurately replicate an environment with the correct configurations and software because you know what exists in the original environment.

Automating configuration management

The role of configuration management is to maintain systems in a desired state. Traditionally, this was handled manually or with custom scripting by system administrators. Automation is the use of software to perform tasks, such as configuration management, in order to reduce cost, complexity, and errors.

Through automation, a configuration management tool can provision a new server within minutes with less room for error. You can also use automation to maintain a server in the desired state, such as

your standard operating environment (SOE), without the provisioning scripts needed previously.

one solution

Wednesday, March 13, 2024

MGKVP BCA VI Semester " Computer Network Security " Notes all Units

Bachelor of Computer Applications

Attack

Passive attacks:

Security services and mechanisms

Security services

Model for Internetwork Security.

Types of Cryptography:

Encryption

Decryption

Cryptanalysis

Types of cryptanalysis

Public key encryption

Digital Signatures and Authentication

Hash Functions:

Features of Hash Functions

Properties of Hash Functions

Model of Digital Signature

Importance of Digital Signature

Kerberos

Digital Certificate

Certificate Purposes

Certificate Authority

X.509

Description

Pretty Good Privacy (PGP)

S/MIME (Secure MIME)

To make an Enveloped Data MIME entity we:

S.NO PGP S/MIME

S.NO PGP S/MIME

UNIT-III

IP security

Basic Concepts:

How can IP Security be achieved?

What is a Security Association (SA)?

IP Security Mechanisms

Authentication Header (AH)

The AH Header Format

Encapsulating Security Payload (ESP) Header

Key Management

Key Distribution

Keying Approaches for IP

UNIT-IV

Web Security: Requirement HTTPS

How is HTTPS different from HTTP?

SSL

TLS

Secure Socket Layer Protocols:

SSL Protocol Stack:

Handshake Protocol:

Change-cipher Protocol:

Silent Features of Secure Socket Layer:

Requirements in SET:

Participants in SET:

SET functionalities:

UNIT-V

UNIT-VI

Intruders

Viruses and Similar Threats

Firewall

Firewall Design principle:

Configuration management

Configuration management benefits

Automating configuration management

0 Comments:

Post a Comment

Previous Posts