Реферат: Network Security Essay Research Paper 10 INTRODUCTION

The essence of security operations is managing and controlling access to equipment and facilities within an organisation. The crux of the security problem is providing simple and inexpensive access on a wide-reach basis even protect the physical securities from harm and sensitive information from unauthorised users. Therefore, the organisations can define their own security policies and responsibilities for various aspects of security within, which would lead to a great successful in reducing the threat of the organisation. (Keen, 1994). In an article called PC Magazine by Lindhe (1997) brings the same argument that the first step should be either to devise or to revise a comprehensive security policy for the organisations and that should be educated to the employees about their responsibilities for protecting the organisation s information. (Appendix A)

Types of Attacks

There are two types of attacks involved in release of message contents and traffic analysis.

A release of message contents is easily understood . A telephone conversation, an electronic mail message, a transferred file may contain sensitive or confidential information.We would like to prevent the opponent from learning the contents of these transmissions.

The second passive attack,traffic analysis is more sublte. Suppose that we had a way of masking the contents of messages or orther information traffic so that opponent, even if they captured the message, could not extract the informstion from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be use full in guessing the nature of the communication that was taking place.

Passive attacks are very difficult to detect because they do not involve any alteration of the data.

However, it is feasible to prevent the success of these attacks.

Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.

one is Passive attack and active attacks. Passive attacks means the evasdropping on, or monitoring of,transmission. The goal of the opponent is to obtain information that is being transmitted.

ACTIVE ATTACKS

The second major category of attack is active attack. These attacks invovles some modification of the data stream or the creation of a false stream and can be subdivded into four categories:

a) Masqurade

b) Replay

c) Modificattion- of messages

d) Denial- of services

a) A masqurade takes place when one entity pretends to be a different entity. A masqurade attack usually includes one of the other forms of active attack. Like the example given below authentication sequences can be captured and replayed after a valid athentication sequence has taken place, thus enabling an authorised entity with few privileges by impersonating an entity that those priviliges.

b) Replay involves the passive capture of data unit and it s subsequent retransmission to produce an authorised effect.

C) Modification of messages simply means that some porpotion of messages can be altered, delayed or recorded to produce an unauthorised effect.

D) The denial of the service prevents or inhibits the normal use or management of communication facilities. Another form of service denial is the disruption of an entire network or by disabling the network or by overloading it with messages so as to degrade performance.

Active attacks present the opposite charecteristics of passive attacks, passive attacks are difficult to detect, measures are avalible to prevent thier success. It is difficult to prevent active attacks absoultley, as to do so would require physical protection of all communication facilities and paths at all times. Instead, the goal is to detect them them and to recover from any distruption or delays caused by them

These attacks happen by:

Above is a diagram of normal flow of data

Interuption An asset of the system is destroyed or becomes unavalible or unusable. This is an attack on avalibility. An example of this is disabling, cutting communication link or the disabling of a file managment system.

Interception

Interception is when an unauthorised personnal gains access to an asset. This is when an attack is on confidentiality. E.g wiretapping or copying of files. Below

Modification

Modification is when when a personnal gains access to data this is an attack on the integrity . (eg altering the message being sent or program)see below:

Fabrication

Fabrication is when a person inserts counterfiet objects into the system. This is an attack on authentication . an example of this is when the insertion of spurious messages in a network or the addition of record file.