CSCE 790: Computer Network Security

About This Presentation

Title:

CSCE 790: Computer Network Security

Description:

CSCE 790: Computer Network Security Chin-Tser Huang huangct_at_cse.sc.edu University of South Carolina – PowerPoint PPT presentation

Number of Views:150

Avg rating:3.0/5.0

Slides: 26

Provided by: hua119

Learn more at: https://www.cse.sc.edu

Category:

more less

Transcript and Presenter's Notes

Title: CSCE 790: Computer Network Security

1
CSCE 790Computer Network Security

Chin-Tser Huang
huangct_at_cse.sc.edu
University of South Carolina

2
About Me

Chin-Tser Huang
Ph.D. in Computer Sciences, 2003, University of
Texas at Austin
My first semester with USC
Research in network security, network protocol
design and verification, distributed systems
My new web page is not ready, but if you want to
know more about me, here is the old one
http//www.cs.utexas.edu/users/chuang

3
About the Course

A grad-level seminar course focusing on basics
and issues in network security
First half will be lectures about elements of
network security, cryptography backgrounds, and
introduction to network security designs
Second half will be your chance to present what
you have learned from key research papers

4
Course Information Online

http//www.cse.sc.edu/huangct/CSCE790F03/index.ht
m
List of assigned paper and useful links will be
added shortly
Lecture slides will be available online too

5
Your Best Strategy

Come to every lecture to learn basic security
problems and skills to counter them
Keep yourself exposed to articles related to
network security to collect project ideas
Read each assigned paper and write good summary
for each paper
Do not wait till last minute to prepare for exam
or work on project
Enjoy the fun!

6
What Can Go Wrong

when your computer y receive or is waiting for a
message m?

?
Internet
m
x
y
7
Message Loss

Adversary A can discard m in its transit

A
m
x
y
8
Message Interception

Adversary A can get a copy of m when m passes by

m
A
m
m
x
y
9
Message Modification

Adversary A can arbitrarily modify the content of
m to become m

A
m
m
x
y
10
Message Insertion

Adversary A can arbitrarily fabricate a message
m, pretending that m was sent by x

src x dst y
A
m
x
y
11
Message Replay

Adversary A can replay a message m that has been
sent earlier by x and received by y

m
A
m
x
y
12
Denial-of-Service Attack

Adversary A can send huge amount of messages to y
to block m from arriving at y

A
m
?????
x
y
13
Type of Attacks

Passive attacks
Traffic analysis
Message interception

Active attacks
Message loss
Message modification
Message insertion
Message replay
Denial-of-Service attack

14
Network Security Services

Confidentiality
Integrity
Authentication
Anti-replay

Availability
Access control
Non-repudiation
Anonymity

15
Confidentiality

Keep message known only to the receiver and
secret to anyone else
Counter message interception

16
Integrity

When receiver receives message m, receiver can
verify m is intact after sent by sender
Counter message modification

17
Authentication

When receiver receives message m, receiver can
verify m is indeed sent by the sender recorded in
m
Counter message insertion

18
Anti-replay

When receiver receives message m, receiver can
verify m is not a message that was sent and
received before
Counter message replay

19
Availability

Property of a system or a resource being
accessible and usable upon demand by an
authorized entity
Counter denial-of-service attack

20
Access Control

Mechanism to enforce access rights to resources
and data
Users can access resources and data to which they
have access rights
Users cannot access resources and data to which
they dont have access rights

21
Non-repudiation

When receiver receives message m, receiver gets
proof that sender of m ever sent m
Receiver of m can show proof to third-party so
that sender of m cannot repudiate

22
Anonymity