Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor - - PowerPoint PPT Presentation

network security
SMART_READER_LITE
LIVE PREVIEW

Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor - - PowerPoint PPT Presentation

Nov 29, 2023 215 likes •452 views

Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor Institute of Information Technology (IIT), University of Dhaka (DU) shafiul@du.ac.bd December 10, 2017 M S A Khan (IIT, DU) Network Security December 10, 2017 1 / 23

slide-1
SLIDE 1

Network Security

  • Dr. Mohammed Shafiul Alam Khan

Assistant Professor Institute of Information Technology (IIT), University of Dhaka (DU) shafiul@du.ac.bd

December 10, 2017

M S A Khan (IIT, DU) Network Security December 10, 2017 1 / 23

slide-2
SLIDE 2

Outline

1

Goal of Network Security

2

Secure Socket Layer (SSL)

3

Public Key Infrastructure (PKI)

4

Browser Security

5

Different Network Attacks

6

Conclusion

M S A Khan (IIT, DU) Network Security December 10, 2017 2 / 23

slide-3
SLIDE 3

Goal of Network Security

Outline

1

Goal of Network Security

2

Secure Socket Layer (SSL)

3

Public Key Infrastructure (PKI)

4

Browser Security

5

Different Network Attacks

6

Conclusion

M S A Khan (IIT, DU) Network Security December 10, 2017 3 / 23

slide-4
SLIDE 4

Goal of Network Security

Goal of Network Security

Properties Confidentiality Integrity Availability OR Authentication protecting the information from disclosure to unauthorized parties protecting information from being modified by unauthorized parties ensuring that authorized parties are able to access the information when needed The CIA triad is a very fundamental concept in security. However, it has been suggested that the CIA triad is not enough.

M S A Khan (IIT, DU) Network Security December 10, 2017 4 / 23

slide-5
SLIDE 5

Secure Socket Layer (SSL)

Outline

1

Goal of Network Security

2

Secure Socket Layer (SSL)

3

Public Key Infrastructure (PKI)

4

Browser Security

5

Different Network Attacks

6

Conclusion

M S A Khan (IIT, DU) Network Security December 10, 2017 5 / 23

slide-6
SLIDE 6

Secure Socket Layer (SSL)

Secure Socket Layer (SSL)

Widely deployed security protocol Variation: TLS— transport layer security (RFC 2246) Provide confidentiality,integrity, and authentication Available to all TCP applications

M S A Khan (IIT, DU) Network Security December 10, 2017 6 / 23

slide-7
SLIDE 7

Secure Socket Layer (SSL)

SSL/TLS

M S A Khan (IIT, DU) Network Security December 10, 2017 7 / 23

slide-8
SLIDE 8

Secure Socket Layer (SSL)

How SSL Works

Handshake: Alice and Bob use their certificates, private keys to authenticate each other and exchange shared secret Key derivation: Alice and Bob use shared secret to derive set of keys Data transfer: data to be transferred is broken up into series of records Connection closure: special messages to securely close connection

M S A Khan (IIT, DU) Network Security December 10, 2017 8 / 23

slide-9
SLIDE 9

Secure Socket Layer (SSL)

SSL Cipher Suite

Cipher suite contains –

Public-key algorithm, for example, RSA Symmetric encryption algorithm, for example, 3DES, AES, RC4, RC5 MAC algorithm

SSL supports several cipher suites Negotiation: client, server agree on cipher suite. For example,

client offers choice server picks one

M S A Khan (IIT, DU) Network Security December 10, 2017 9 / 23

slide-10
SLIDE 10

Public Key Infrastructure (PKI)

Outline

1

Goal of Network Security

2

Secure Socket Layer (SSL)

3

Public Key Infrastructure (PKI)

4

Browser Security

5

Different Network Attacks

6

Conclusion

M S A Khan (IIT, DU) Network Security December 10, 2017 10 / 23

slide-11
SLIDE 11

Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)

Features Provides a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates Manage public-key encryption

M S A Khan (IIT, DU) Network Security December 10, 2017 11 / 23

slide-12
SLIDE 12

Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)

Application In network, PKI allows for the centralization of network authentication Authentication of client systems using SSL (Secure Socket Layer) signatures or encryption in web browser. Other applications include the transmission of authenticated email messages using S/MIME (Secure/Multi-purpose Internet Mail Extensions), OpenPGP (Open Pretty Good Privacy) and other technologies

M S A Khan (IIT, DU) Network Security December 10, 2017 12 / 23

slide-13
SLIDE 13

Browser Security

Outline

1

Goal of Network Security

2

Secure Socket Layer (SSL)

3

Public Key Infrastructure (PKI)

4

Browser Security

5

Different Network Attacks

6

Conclusion

M S A Khan (IIT, DU) Network Security December 10, 2017 13 / 23

slide-14
SLIDE 14

Browser Security

Browser Finger Printing

Browser Finger Printing Discuss a recent paper

M S A Khan (IIT, DU) Network Security December 10, 2017 14 / 23

slide-15
SLIDE 15

Browser Security

Integrated Java Script

Power of Java Script to Do Nasty Staffs Group Discussion

M S A Khan (IIT, DU) Network Security December 10, 2017 15 / 23

slide-16
SLIDE 16

Different Network Attacks

Outline

1

Goal of Network Security

2

Secure Socket Layer (SSL)

3

Public Key Infrastructure (PKI)

4

Browser Security

5

Different Network Attacks

6

Conclusion

M S A Khan (IIT, DU) Network Security December 10, 2017 16 / 23

slide-17
SLIDE 17

Different Network Attacks

Spoofing

Spoofing A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data, thereby gaining an illegitimate advantage What are the possible ways to implement this attack?

M S A Khan (IIT, DU) Network Security December 10, 2017 17 / 23

slide-18
SLIDE 18

Different Network Attacks

Reflection Attack

Reflection Attack A reflection attack is a method of attacking a challenge-response authentication system that uses the same protocol in both directions. That is, the same challenge-response protocol is used by each side to authenticate the other side. How to prevent such attack? For example, use of nonce or time-stamp

M S A Khan (IIT, DU) Network Security December 10, 2017 18 / 23

slide-19
SLIDE 19

Different Network Attacks

Distributed Denial of Service Attack (DDOS)

DDOS DOS attack in distributed nature How to prevent such attack? For example, Monitoring

M S A Khan (IIT, DU) Network Security December 10, 2017 19 / 23

slide-20
SLIDE 20

Different Network Attacks

Botnet

Botnet A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allow the attacker access to the device and its connection.

M S A Khan (IIT, DU) Network Security December 10, 2017 20 / 23

slide-21
SLIDE 21

Conclusion

Outline

1

Goal of Network Security

2

Secure Socket Layer (SSL)

3

Public Key Infrastructure (PKI)

4

Browser Security

5

Different Network Attacks

6

Conclusion

M S A Khan (IIT, DU) Network Security December 10, 2017 21 / 23

slide-22
SLIDE 22

Conclusion

Conclusion

Discuss the required security service in a network Discuss TLS/SSL Discuss Browser security issues Discuss different network attacks

M S A Khan (IIT, DU) Network Security December 10, 2017 22 / 23

slide-23
SLIDE 23

M S A Khan (IIT, DU) Network Security December 10, 2017 23 / 23