SlideShare une entreprise Scribd logo

2.Types of Attacks.pptx

Télécharger en tant que PPTX, PDF
N
NISARSHAIKH57

Types of attacks in information security

Ingénierie
1  sur  24
Types of Attacks Mr. N. S. Shaikh MMIT, Lohgaon, Pune-47 nisar.shaikh2022@mmit.edu.in
Security Fundamentals • Confidentiality: Data should be accessible only to entities (users/machines/processes) with the valid permissions (also includes privacy) • Integrity: – Data should be modified only by entities with the valid permissions – A system should perform its function without any deliberate manipulation by entities without valid permissions • Availability: Data and service should be accessible (timely and reliable) to entities with the valid permissions • Authentication: – Entity authentication – validating user/machine identity – Message authentication – validating whether a message came from the user/machine/source who claims to have sent it • Access control: Validating the permissions a user claims to have on a resource • Non-repudiation: Actions of an entity should be uniquely traced back to that entity.
Security Fundamentals • Cryptography (Encryption and Decryption): – Transform information from plaintext to ciphertext (encryption) so that it is not comprehensible for unauthorized entities during transmission or at the end systems (more towards confidentiality) – Every encryption algorithm needs to have a corresponding decryption algorithm to get back the plaintext • Digital Signature: A form of encryption/ decryption that ensures the message came from the appropriate entity – Non-repudiation, Message Authentication
Security Fundamentals • Hashing: A digest of the message such that even if a bit changes in the message, the hash value should change – Integrity • Notarization: Vouching for a user/machine – the notarizing authority is trusted by the associated entities – Entity authentication • Steganography: Replace certain bits in a media file with the plaintext bits and transmit them – Weak confidentiality (but not very obvious to unauthorized users)
Computer Security Challenges • Security is not simple • Potential attacks on the security features need to be considered • It is necessary to decide where to use the various security mechanisms • Requires constant monitoring • Is too often an afterthought • Security mechanisms typically involve more than a particular algorithm or protocol • Security is essentially a battle of wits between a perpetrator and the designer
Threats and Attacks (RFC 4949)
Source: William Stallings, Cryptography & Network Security, 6th ed. Passive vs. Active Attacks A passive attack attempts to learn or make use of information from the system but does not affect system resources
Source: William Stallings, Cryptography & Network Security, 6th ed. Passive vs. Active Attacks An active attack attempts to alter system resources or affect their operation
Passive Attacks • Eavesdropping (release of message contents) – solution: use encryption to prevent. • Traffic analysis (monitoring of transmission – Difficult to prevent or detect. – Though the contents of the transmission can be protected (using encryption), one can learn about the location and identity of the communicating hosts as well as the frequency and length of the messages being exchanged. • As passive attacks are difficult to detect, the emphasis is on prevention.
Active Attacks • Active attacks involve some modification of the data stream or the creation of a false stream • Active attacks can be divided into four categories: – Masquerade: When one entity pretends to be a different entity (impersonation) – Replay: Passive capture of a data unit and its subsequent retransmission (if modified, could produce an unauthorized effect) – Modification of messages: modify the captured message – Denial of service: prevent the normal use or management of communications facilities (e.g., overload a server; prevent legitimate users from use) • It is difficult to prevent active attacks; the goal is on their detection.
Active Attacks: Masquerade Source: William Stallings, Cryptography & Network Security, 6th ed.
Active Attacks: Replay Source: William Stallings, Cryptography & Network Security, 6th ed.
Active Attacks: Modification Source: William Stallings, Cryptography & Network Security, 6th ed.
Active Attacks: Denial of Service Source: William Stallings, Cryptography & Network Security, 6th ed.
Model for Network Security Source: William Stallings, Cryptography & Network Security, 6th ed.
Security Services Security Services
Security Services Authentication: The assurance that communicating entity is the one that it claims to be • Peer Entity Authentication: used in association with a logical connection to provide confidence in the identity of the entities connected • Data Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed
Security Services Access Control: The prevention of unauthorized use of a resource(i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do
Security Services Data Confidentiality: The protection of data from unauthorized disclosure. • Connection Confidentiality: The protection of all user data on a connection. • Connectionless Confidentiality: The protection of all user data in a single data block. • Selective-Field Confidentiality: The confidentiality of selected fields within the user data on a connection or in a single data block.
Security Services Data Integrity: The assurance that data received are exactly as sent by an authorized entity(i.e., contain no modification, insertion, deletion, or replay). • Connection Integrity with Recovery • Connection Integrity without Recovery • Selective-Field Connection Integrity • Connectionless Integrity • Selective-Field Connectionless Integrity
Security Services Nonrepudiation: Provides protections against denial by one of the entities involved in communication of having participated in all or part of the communication. • Nonrepudiation Origin: Proof that the message was sent by the specified party. • Nonrepudiation Destination: Proof that the message was received by the specified party.
Security Mechanisms Specific Security Mechanisms • Encipherment • Digital Signature • Access Control • Data Integrity • Authentication Exchange • Traffic Padding • Routing Control • Notarization
Security Mechanism Encipherment: The use of Mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys.
Security Mechanism Digital Signature:

Recommandé

ch01.pdf
ch01.pdfch01.pdf
ch01.pdfSamtech6
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...NISHASOMSCS113
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityAparnaSunil24
 
Lec 01.pdf
Lec 01.pdfLec 01.pdf
Lec 01.pdfMohammedElkayesh
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyUmangThakkar26
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.pptSwapnaPavan2
 

Recommandé

ch01.pdf
ch01.pdfch01.pdf
ch01.pdfSamtech6
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...NISHASOMSCS113
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityAparnaSunil24
 
Lec 01.pdf
Lec 01.pdfLec 01.pdf
Lec 01.pdfMohammedElkayesh
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyUmangThakkar26
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.pptSwapnaPavan2
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxRizwanBasha12
 
Ch1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxCh1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxsalutiontechnology
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
abc.pptx
abc.pptxabc.pptx
abc.pptxBhargaviGorde1
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptxAwais725629
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptxAwais725629
 
Ch01 NetSec5e.pdf
Ch01 NetSec5e.pdfCh01 NetSec5e.pdf
Ch01 NetSec5e.pdfMohammadAbusaa3
 
Ch01
Ch01Ch01
Ch01ssusere796b3
 
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCENETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCEkarthikasivakumar3
 
ch01.ppt
ch01.pptch01.ppt
ch01.pptssuser4198c4
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network securitysneha padhiar
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdfsurajthakur474818
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Unit-1.pptx
Unit-1.pptxUnit-1.pptx
Unit-1.pptxssuseref9c81
 
ch1-1.ppt
ch1-1.pptch1-1.ppt
ch1-1.pptNayyabMirTahir
 
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for womenE content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for womenAbiramis19
 
cns unit 1.pptx
cns unit 1.pptxcns unit 1.pptx
cns unit 1.pptxSaranya Natarajan
 
Unit 1
Unit 1Unit 1
Unit 1Vinod Kumar Gorrepati
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 

Contenu connexe

Similaire à 2.Types of Attacks.pptx

CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxRizwanBasha12
 
Ch1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxCh1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxsalutiontechnology
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptxAwais725629
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptxAwais725629
 
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCENETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCEkarthikasivakumar3
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network securitysneha padhiar
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdfsurajthakur474818
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for womenE content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for womenAbiramis19
 

Similaire à 2.Types of Attacks.pptx (20)

CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptx
 
Ch1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxCh1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptx
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
abc.pptx
abc.pptxabc.pptx
abc.pptx
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptx
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptx
 
Ch01 NetSec5e.pdf
Ch01 NetSec5e.pdfCh01 NetSec5e.pdf
Ch01 NetSec5e.pdf
 
Ch01
Ch01Ch01
Ch01
 
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCENETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
 
ch01.ppt
ch01.pptch01.ppt
ch01.ppt
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdf
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
Unit-1.pptx
Unit-1.pptxUnit-1.pptx
Unit-1.pptx
 
ch1-1.ppt
ch1-1.pptch1-1.ppt
ch1-1.ppt
 
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for womenE content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
 
cns unit 1.pptx
cns unit 1.pptxcns unit 1.pptx
cns unit 1.pptx
 
Unit 1
Unit 1Unit 1
Unit 1
 

Dernier

Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesPrabhanshu Chaturvedi
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 

Dernier (20)

Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and Properties
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 

2.Types of Attacks.pptx

  • 1. Types of Attacks Mr. N. S. Shaikh MMIT, Lohgaon, Pune-47 nisar.shaikh2022@mmit.edu.in
  • 2. Security Fundamentals • Confidentiality: Data should be accessible only to entities (users/machines/processes) with the valid permissions (also includes privacy) • Integrity: – Data should be modified only by entities with the valid permissions – A system should perform its function without any deliberate manipulation by entities without valid permissions • Availability: Data and service should be accessible (timely and reliable) to entities with the valid permissions • Authentication: – Entity authentication – validating user/machine identity – Message authentication – validating whether a message came from the user/machine/source who claims to have sent it • Access control: Validating the permissions a user claims to have on a resource • Non-repudiation: Actions of an entity should be uniquely traced back to that entity.
  • 3. Security Fundamentals • Cryptography (Encryption and Decryption): – Transform information from plaintext to ciphertext (encryption) so that it is not comprehensible for unauthorized entities during transmission or at the end systems (more towards confidentiality) – Every encryption algorithm needs to have a corresponding decryption algorithm to get back the plaintext • Digital Signature: A form of encryption/ decryption that ensures the message came from the appropriate entity – Non-repudiation, Message Authentication
  • 4. Security Fundamentals • Hashing: A digest of the message such that even if a bit changes in the message, the hash value should change – Integrity • Notarization: Vouching for a user/machine – the notarizing authority is trusted by the associated entities – Entity authentication • Steganography: Replace certain bits in a media file with the plaintext bits and transmit them – Weak confidentiality (but not very obvious to unauthorized users)
  • 5. Computer Security Challenges • Security is not simple • Potential attacks on the security features need to be considered • It is necessary to decide where to use the various security mechanisms • Requires constant monitoring • Is too often an afterthought • Security mechanisms typically involve more than a particular algorithm or protocol • Security is essentially a battle of wits between a perpetrator and the designer
  • 6. Threats and Attacks (RFC 4949)
  • 7. Source: William Stallings, Cryptography & Network Security, 6th ed. Passive vs. Active Attacks A passive attack attempts to learn or make use of information from the system but does not affect system resources
  • 8. Source: William Stallings, Cryptography & Network Security, 6th ed. Passive vs. Active Attacks An active attack attempts to alter system resources or affect their operation
  • 9. Passive Attacks • Eavesdropping (release of message contents) – solution: use encryption to prevent. • Traffic analysis (monitoring of transmission – Difficult to prevent or detect. – Though the contents of the transmission can be protected (using encryption), one can learn about the location and identity of the communicating hosts as well as the frequency and length of the messages being exchanged. • As passive attacks are difficult to detect, the emphasis is on prevention.
  • 10. Active Attacks • Active attacks involve some modification of the data stream or the creation of a false stream • Active attacks can be divided into four categories: – Masquerade: When one entity pretends to be a different entity (impersonation) – Replay: Passive capture of a data unit and its subsequent retransmission (if modified, could produce an unauthorized effect) – Modification of messages: modify the captured message – Denial of service: prevent the normal use or management of communications facilities (e.g., overload a server; prevent legitimate users from use) • It is difficult to prevent active attacks; the goal is on their detection.
  • 11. Active Attacks: Masquerade Source: William Stallings, Cryptography & Network Security, 6th ed.
  • 12. Active Attacks: Replay Source: William Stallings, Cryptography & Network Security, 6th ed.
  • 13. Active Attacks: Modification Source: William Stallings, Cryptography & Network Security, 6th ed.
  • 14. Active Attacks: Denial of Service Source: William Stallings, Cryptography & Network Security, 6th ed.
  • 15. Model for Network Security Source: William Stallings, Cryptography & Network Security, 6th ed.
  • 17. Security Services Authentication: The assurance that communicating entity is the one that it claims to be • Peer Entity Authentication: used in association with a logical connection to provide confidence in the identity of the entities connected • Data Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed
  • 18. Security Services Access Control: The prevention of unauthorized use of a resource(i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do
  • 19. Security Services Data Confidentiality: The protection of data from unauthorized disclosure. • Connection Confidentiality: The protection of all user data on a connection. • Connectionless Confidentiality: The protection of all user data in a single data block. • Selective-Field Confidentiality: The confidentiality of selected fields within the user data on a connection or in a single data block.
  • 20. Security Services Data Integrity: The assurance that data received are exactly as sent by an authorized entity(i.e., contain no modification, insertion, deletion, or replay). • Connection Integrity with Recovery • Connection Integrity without Recovery • Selective-Field Connection Integrity • Connectionless Integrity • Selective-Field Connectionless Integrity
  • 21. Security Services Nonrepudiation: Provides protections against denial by one of the entities involved in communication of having participated in all or part of the communication. • Nonrepudiation Origin: Proof that the message was sent by the specified party. • Nonrepudiation Destination: Proof that the message was received by the specified party.
  • 22. Security Mechanisms Specific Security Mechanisms • Encipherment • Digital Signature • Access Control • Data Integrity • Authentication Exchange • Traffic Padding • Routing Control • Notarization
  • 23. Security Mechanism Encipherment: The use of Mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys.