Scribd Logo
Upload

Welcome to Scribd!

  • 02-Threats and Attacks On Security - Print PDF

    Uploaded by

    Moh Haidir Khoirul Zain
    37 views4 pages
    Vulnerabilities Identify how the system can malfunction Improve the design to withstand problems n is a weakness in the security system p Threats p p attacks n water a human or another system can exploit vulnerabilities to initiates an attack p Modification Info. Desti. Normal flow Data Info. Source p an unauthorized part gain an access to asset p This p Destruction p Physical is an attack on links n Introduction of noise of routing n Erase of a program or

    Original Description:

    Original Title

    02-Threats and attacks on security_print.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Vulnerabilities Identify how the system can malfunction Improve the design to withstand problems n is a weakness in the security system p Threats p p attacks n water a human or another system can exploit vulnerabilities to initiates an attack p Modification Info. Desti. Normal flow Data Info. Source p an unauthorized part gain an access to asset p This p Destruction p Physical is an attack on links n Introduction of noise of routing n Erase of a program or

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    37 views4 pages

    02-Threats and Attacks On Security - Print PDF

    Uploaded by

    Moh Haidir Khoirul Zain
    Vulnerabilities Identify how the system can malfunction Improve the design to withstand problems n is a weakness in the security system p Threats p p attacks n water a human or another system can exploit vulnerabilities to initiates an attack p Modification Info. Desti. Normal flow Data Info. Source p an unauthorized part gain an access to asset p This p Destruction p Physical is an attack on links n Introduction of noise of routing n Erase of a program or

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Outline

    Threats & Attacks


    on security

    Attacks
    Vulnerabilities
    p Threats
    p
    p

    CS405-Computer Security

    n
    n
    n

    By:

    Interception
    Interruption
    Modification
    Fabrication

    Controls

    Dilum Bandara
    Dept. of Computer Science & Engineering
    University of Moratuwa
    1

    Attacks
    p

    p Vulnerabilities

    Identify how the system can malfunction


    Improve the design to withstand problems

    n Is

    a weakness in the security system

    p Threats

    When analysing a system for security


    n

    Terminology

    When testing a system for functionality


    n

    Dilum Bandara - CSE

    n Is

    set of circumstances that has the


    potential to cause loss or harm

    Identify ways in which systems security can


    malfunction
    Enforce necessary controls

    Dilum Bandara - CSE

    Dilum Bandara - CSE

    Vulnerability

    Terminology
    p

    Attacks
    n

    Water

    Control
    n
    n

    Dilum Bandara - CSE

    A human or another system can exploit


    vulnerabilities to initiates an attack

    Is an action, device, procedure or technique


    that removes or reduces the vulnerabilities
    Example: the finger of the man can control a
    water leak

    Dilum Bandara - CSE

    Security Threats

    Security Threats cont


    p

    Interception

    Dilum Bandara - CSE

    Security Threats cont

    Modification

    Info.
    Desti.

    Normal flow

    Dilum Bandara - CSE

    Data

    Info.
    Source

    A threat is blocked by control


    of a vulnerability

    Interruption
    S

    Fabrication

    Dilum Bandara - CSE

    Dilum Bandara - CSE

    Interception

    Interception cont

    p An

    unauthorized part gain an access


    to asset

    p This

    n
    n
    n

    n Confidentiality

    p Really

    hard to detect a silent


    interceptor

    Eavesdropping
    Link monitoring
    Packet capturing
    System compromisation

    Cant be avoided
    n
    n

    11

    10

    Approaches
    n

    is an attack on

    Dilum Bandara - CSE

    In wireless communication, broadcast,


    multicast
    Sore-and-forward approach in protocols
    Dilum Bandara - CSE

    12

    Interruption

    Interruption cont

    p An

    p Approaches

    asset of a system is destroyed,


    unavailable or unusable

    p This

    n Destruction
    n Physical

    is an attack on

    links

    n Availability

    n Introduction

    of noise
    of routing
    n Erase of a program or a file
    n DoS attacks

    p Easily

    detected by a single party or


    both parties

    Dilum Bandara - CSE

    n Removal

    13

    Modification
    p

    n Changing

    a record in a database
    compromisation
    n Making use of delays in communication
    n Modify hardware

    is an attack on

    n System

    n Integrity
    Can be detected if proper measure are
    taken in advance
    p Can be detected by both parties
    n

    Digital signature
    Checking ones own work
    Dilum Bandara - CSE

    15

    Fabrication
    An unauthorized party inserts counterfeit
    (fake) object into the system

    Pretends it was send by an authorized


    party

    p This

    Dilum Bandara - CSE

    16

    Fabrication cont

    p Approaches
    n Adding
    p Make

    use of IP spoofing

    n Spurious

    is an attack on

    e-mails or web sites

    p E-mail

    from admin@yahoo.com
    p Similar domain names www.yaho.com

    Also related to the non-repudiation

    Dilum Bandara - CSE

    a new record to a database


    of new network packet

    n Insertion

    n Authenticity
    p

    14

    p Approaches

    Dilum Bandara - CSE

    Modification cont

    Unauthorized parties gain access as well


    as tamper with asset

    p This

    of hardware
    damages to communication

    17

    Dilum Bandara - CSE

    18

    Attacks - Passive attacks


    p
    p

    Passive attacks cont

    Goal is to obtain information


    Two types of attacks
    1.

    Passive threats

    Detects the source & destination


    Frequency of transmission & length of
    messages

    Interception

    Release of message content


    p
    p

    To gain personal advantages


    Blackmailing parties involved in
    communication
    Dilum Bandara - CSE

    Release of message
    content
    19

    Attacks - Active attacks


    p
    p

    4.

    20

    Easily detectable
    Harder to prevent
    p Can recover from destruction
    p

    Pretends to be some one else

    Active threats

    Replay
    1.

    3.

    Dilum Bandara - CSE

    Masquerading
    1.

    2.

    Traffic analysis

    Active attacks cont

    Interruption, modification & fabrication


    Four categories:
    1.

    Harder to detect
    Prevention is the better than detection

    Traffic analysis
    p

    2.

    Retransmission of passive captured data

    Modification
    DoS
    Interruption
    Dilum Bandara - CSE

    21

    Modification
    Dilum Bandara - CSE

    Fabrication
    22

    You might also like