CSCE 790: Computer Network Security - PowerPoint PPT Presentation

About This Presentation
Title:

CSCE 790: Computer Network Security

Description:

CSCE 790: Computer Network Security Chin-Tser Huang huangct_at_cse.sc.edu University of South Carolina – PowerPoint PPT presentation

Number of Views:159
Avg rating:3.0/5.0
Slides: 26
Provided by: hua119
Learn more at: https://www.cse.sc.edu
Category:

less

Transcript and Presenter's Notes

Title: CSCE 790: Computer Network Security


1
CSCE 790Computer Network Security
  • Chin-Tser Huang
  • huangct_at_cse.sc.edu
  • University of South Carolina

2
About Me
  • Chin-Tser Huang
  • Ph.D. in Computer Sciences, 2003, University of
    Texas at Austin
  • My first semester with USC
  • Research in network security, network protocol
    design and verification, distributed systems
  • My new web page is not ready, but if you want to
    know more about me, here is the old one
    http//www.cs.utexas.edu/users/chuang

3
About the Course
  • A grad-level seminar course focusing on basics
    and issues in network security
  • First half will be lectures about elements of
    network security, cryptography backgrounds, and
    introduction to network security designs
  • Second half will be your chance to present what
    you have learned from key research papers

4
Course Information Online
  • http//www.cse.sc.edu/huangct/CSCE790F03/index.ht
    m
  • List of assigned paper and useful links will be
    added shortly
  • Lecture slides will be available online too

5
Your Best Strategy
  • Come to every lecture to learn basic security
    problems and skills to counter them
  • Keep yourself exposed to articles related to
    network security to collect project ideas
  • Read each assigned paper and write good summary
    for each paper
  • Do not wait till last minute to prepare for exam
    or work on project
  • Enjoy the fun!

6
What Can Go Wrong
  • when your computer y receive or is waiting for a
    message m?

?
Internet
m
x
y
7
Message Loss
  • Adversary A can discard m in its transit

A
m
x
y
8
Message Interception
  • Adversary A can get a copy of m when m passes by

m
A
m
m
x
y
9
Message Modification
  • Adversary A can arbitrarily modify the content of
    m to become m

A
m
m
x
y
10
Message Insertion
  • Adversary A can arbitrarily fabricate a message
    m, pretending that m was sent by x

src x dst y
A
m
x
y
11
Message Replay
  • Adversary A can replay a message m that has been
    sent earlier by x and received by y

m
A
m
x
y
12
Denial-of-Service Attack
  • Adversary A can send huge amount of messages to y
    to block m from arriving at y

A
m
?????
x
y
13
Type of Attacks
  • Passive attacks
  • Traffic analysis
  • Message interception
  • Active attacks
  • Message loss
  • Message modification
  • Message insertion
  • Message replay
  • Denial-of-Service attack

14
Network Security Services
  • Confidentiality
  • Integrity
  • Authentication
  • Anti-replay
  • Availability
  • Access control
  • Non-repudiation
  • Anonymity

15
Confidentiality
  • Keep message known only to the receiver and
    secret to anyone else
  • Counter message interception

16
Integrity
  • When receiver receives message m, receiver can
    verify m is intact after sent by sender
  • Counter message modification

17
Authentication
  • When receiver receives message m, receiver can
    verify m is indeed sent by the sender recorded in
    m
  • Counter message insertion

18
Anti-replay
  • When receiver receives message m, receiver can
    verify m is not a message that was sent and
    received before
  • Counter message replay

19
Availability
  • Property of a system or a resource being
    accessible and usable upon demand by an
    authorized entity
  • Counter denial-of-service attack

20
Access Control
  • Mechanism to enforce access rights to resources
    and data
  • Users can access resources and data to which they
    have access rights
  • Users cannot access resources and data to which
    they dont have access rights

21
Non-repudiation
  • When receiver receives message m, receiver gets
    proof that sender of m ever sent m
  • Receiver of m can show proof to third-party so
    that sender of m cannot repudiate

22
Anonymity
  • Identity of sender is hidden from receiver
  • When receiver receives message m, receiver has no
    clue about sender of m

23
Network Security Is Great
  • Prevent messages from being attacked in their
    transit
  • Detect and discard messages that are modified,
    inserted, or replayed
  • Disallow unauthorized access to local system
    resource and sensitive data

24
But Hard To Achieve
  • Many layers in network architecture
  • Many different media of network connection
  • Adversarys location hard to determine
  • New attacks keep emerging
  • Cryptographic overhead

25
Why Should You Take This Course
  • Security is an increasingly important issue
  • You want to have basic knowledge about network
    security
  • You can learn latest attacks and newest skills to
    counter those attacks
  • You have a chance to implement the skills learned
    in the class
Write a Comment
User Comments (0)
About PowerShow.com