Upload
radhey-raj
View
50
Download
0
Embed Size (px)
DESCRIPTION
Presentation on various types of computer attacks and what happened to data during each attack.
Citation preview
The protection of networks and their services from unauthorized modification, destruction or disclosure and provision of assurance that the network performs its critical functions correctly and there is no harmful side effects.It includes Authentications, Access control, Data Integrity, Data confidentiality and Availability.Basic aim of Network Security is to protect the networked computers and network operations from hackers and Attackers.
Network Security Includes Two Types Of Securities…..
DATA INFORMATION SECURITY
COMPUTER SECURITY
DATA INFORMATION SECURITY
protection of information Travelling through a communication medium from unauthorized access and loss. On
internet or any network of an organization, thousands of information are exchanged daily. These information can be misused by attackers.
• to manage the acknowledgement of messages received by any node in
order to protect from denial by sender in specific situations.• to protect the message from unwanted delay in the transmission lines in order to deliver it to required destination in time.• to protect the data from wandering the data packets or information packets in the network for infinitely long time.
COMPUTER SECURITYprotection of an individual
system’s data from hackers. Computer security means to protect our system from unwanted damages caused due to network. One of the major reason for such damages are the viruses that can wipe off all the information from our hard disk or some times may cause hardware problems.
• it should be protected from replicating and capturing viruses from infected files.
• it needs a proper protection from worms .
• there is a need of protection from Trojan Horses as they are enough dangerous for our computer.
Any software or person that deliberately attempts to evade security services and violate the security policy of the networked system is called Attacker.
Such a program or person intentionally attempts to gain unauthorized access to information resources. They sometimes, also prevent legitimate access to those resources.
An unauthorized activity uses specially crafted codes or techniques is called an Attack.
PASSIVE ATTACK in it the attacker only
monitors the transmission and accesses the data in an unauthorized manner. They are difficult to detect.
ACTIVE ATTACKit involves reading of data
messages along with modifications or changes to it in an unauthorized way. They are difficult to prevent.
PASSIVE ATTACK in it the attacker only looks
and watches the transmission and does not try to modify or change the data packets.There are two types of Passive Attacks…
1.Release of message contentsthe attacker only looks the
messages and reads them in an unauthorized way.
2.Traffic Analysisthe attacker masks ( does not
change ) the message in such a way that the authorized user either can not access it or can not understand the message properly.
User A User BP1 P1P1P1P1 P1 P1 P1 P1P1P1P1P1P1P1P1
DURING PASSIVE ATTACK
User C
Unauthorized access
P1 P1P1P1P1 P1 P1 P1 P1P1P1P1
P1
P1P1P1
P1P1P1P1P1P1P1
P1
ACTIVE ATTACK (CASE 1 : modification of message)
the attacker creates a new message and sends it to destination instead of original message.
User A User B
P1 P1P1P1P1 P1 P1 P1 P1P1P1P1P1P1P1P1
User C
P1 P1 P1
P1P
1
P1 Pkt
Pkt
Pkt
Pkt PktPkt
Unauthorized access & modification
ACTIVE ATTACK (CASE 2: Masque Rade)
the attacker appears to be an authorized one to other users. In such cases the attacker manipulates everything according to his wish.
User A User BI am User
A
User C
Pk PktPk
Fr
Frm
Fr
FrFrmFrmFrmFrmFr
ACTIVE ATTACK (CASE 3: Replay)in it the attacker captures the data unit and subsequent retransmits it to the destination
to produce an unauthorized effect.
User A User B
User C
P1 P1 P1
P1P
1
P1 Pkt
Pkt
Pkt
Pkt PktPkt
Unauthorized access & retransmission
Pkt
Pkt
Pkt PktPkt
ACTIVE ATTACK (CASE 4: Denial of Service)
Denial of service prevents the normal management/use of communication facilities. In such attacks all messages directed to a particular
destination may be suppressed, entire network may be disrupted or performance of network may be degraded due to disabling of network.
User A User B
User C
Can not access network facilities
Service provided by server disrupted