TOPICS COVERED

Introduction
Securing Computer Network
Forms of protection
Authentication
Confidentiality and Integrity

COMPUTER NETWORK
SECURITY
FUNDAMENTALS
 Chapter 2: Computer Network Security Fundamentals

CHAPTER – 2

1. INTRODUCTION

It seems that every other day there is a story in the newspapers about a computer network
being compromised by hackers. More recently, Yahoo, [Link], eBay, and some other
popular World Wide Web (WWW) sites were targets of what appears to have been a
coordinated "denial-of-service" attack. During a three- or four-day period, the sites were
overwhelmed with massive bombardments of false traffic from multiple sites. As a result, the
sites were shut down for hours at a time. These attacks illustrate how pervasive the threat
from outside hackers has become.

At the same time, every organization that uses computers faces the threat of hacking from
individuals within the organization. Employees or former employees with malicious intent or
who want to obtain information such as employee salaries or view other employee's files are
also a threat to an organization's computers and networks.

Every organization should monitor its systems for possible unauthorized intrusion and other
attacks. This needs to be part of the daily routine of every organization's IT unit, as it is
essential to safeguarding a company's information assets.

Every year, Corporations, Governments, and other organizations spend billions of dollars on
expenditures related to network security. The rate at which these organizations are expending
funds seems to be increasing. However, when companies need to find areas in which they
can decrease spending, budget items such as security and business resumption planning
have historically been some of the first to be cut.

Computer and Network Security is important for the following reasons.

• To protect company assets: One of the primary goals of computer and network security
is the protection of company assets. By "assets," it do not mean the hardware and software
that constitute the company's computers and networks. The assets are comprised of the
"information" that is housed on a company's computers and networks.
• To gain a competitive advantage: Developing and maintaining effective security
measures can provide an organization with a competitive advantage over its competition.
Network security is particularly important in the arena of Internet financial services and e-
commerce.
• To comply with regulatory requirements: Corporate officers of every company have a
responsibility to ensure the safety and soundness of the organization. Part of that
responsibility includes ensuring the continuing operation of the organization. Accordingly,
organizations that rely on computers for their continuing operation must develop policies
and procedures that address organizational security requirements. Such policies and
procedures are necessary not only to protect company assets but also to protect the
organization from liability.
• To keep your job: Finally, to secure one's position within an organization and to ensure
future career prospects, it is important to put into place measures that protect
organizational assets. Security should be part of every network or systems administrator's
job. Failure to perform adequately can result in termination.
 Chapter 2: Computer Network Security Fundamentals

2. SECURING COMPUTER NETWORKS

The meaning of the term securing computer network has evolved in recent years. Before the
problem of data security became widely publicized in the media, most people’s idea of
securing computer network focused on the physical machine. Traditionally, computer facilities
have been physically protected for three reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
Securing Computer Network is security applied to computing devices such as computers and
smartphones, as well as computer networks such as private and public networks, including
the whole Internet. It includes physical security to prevent theft of equipment, and information
security to protect the data on that equipment. It is sometimes referred to as "cyber security"
or "IT security".
Generic Securities are:
Computer Security - generic name for the collection of tools designed to protect data and to
prevent hackers.
Network Security - measures to protect data during their transmission.
Internet Security - measures to protect data during their transmission over a collection
of interconnected networks.

3. FORMS OF PROTECTION

3.1 Security Attacks, Services and Mechanisms

To assess the security needs of an organization effectively, the manager responsible for
security needs some systematic way of defining the requirements for security and
characterization of approaches to satisfy those requirements. One approach is to consider
three aspects of information security:
Security attack – Any action that compromises the security of information owned by
an organization.
Security mechanism – A mechanism that is designed to detect, prevent or recover
from a security attack.
Security service – A service that enhances the security of the data processing systems and
the information transfers of an organization. The services are intended to counter security
attacks and they make use of one or more security mechanisms to provide the service.
 Chapter 2: Computer Network Security Fundamentals

3.2 Basic Concepts

Cryptography: The art or science encompassing the principles and methods of transforming
an intelligible message into one that is unintelligible, and then retransforming that message
back to its original form.
Plain Text: The original intelligible message.
Cipher Text: The transformed message.
Cipher: An algorithm for transforming an intelligible message into one that is unintelligible by
transposition and/or substitution methods.
Key: Some critical information used by the cipher, known only to the sender& receiver.
Encipher (encode): The process of converting plaintext to cipher text using a cipher and a
key.
Decipher (decode): The process of converting cipher text back into plaintext using a cipher
and a key.
Cryptanalysis: The study of principles and methods of transforming an unintelligible message
back into an intelligible message without knowledge of the key. Also called code breaking.
Cryptology: Both cryptography and cryptanalysis.
Code: An algorithm for transforming an intelligible message into an unintelligible one using a
code-book.

4. SECURITY SERVICES

The classification of security services are as follows:

Confidentiality: Ensures that the information in a computer system and transmitted
information are accessible only for reading by authorized parties.
Example: Printing, displaying and other forms of disclosure.
Authentication: Ensures that the origin of a message or electronic document is correctly
identified, with an assurance that the identity is not false.
Integrity: Ensures that only authorized parties are able to modify computer system assets
and transmitted information. Modification includes writing, changing status, deleting,
creating and delaying or replaying of transmitted messages.
Non repudiation: Requires that neither the sender nor the receiver of a message be able to
deny the transmission.
Access control: Requires that access to information resources may be controlled by or the
target system.
Availability: Requires that computer system assets be available to authorized parties when
needed.
 Chapter 2: Computer Network Security Fundamentals

4.1 Security Attacks

There are four general categories of attacks, which are listed below:

Interruption: An asset of the system is destroyed or becomes unavailable or unusable. This

is an attack on availability.
For example,
i. Destruction of piece of hardware
ii. Cutting of a communication line or
iii. Disabling of file management system.

Interception: An unauthorized party gains access to an asset. This is an attack

on confidentiality. Unauthorized party could be a person, a program or a computer.
For example,
i. Wiretapping to capture data in the network
ii. Illegal copying of files.

Sender Receiver

Eavesdropper or Forger

Modification: An unauthorized party not only gains access to but tampers with an asset. This
is an attack on integrity.
For example,
i. Changing values in data file
ii. Altering a program
iii. Modifying the contents of messages being transmitted in a network.

Sender Receiver

Eavesdropper or Forger
 Chapter 2: Computer Network Security Fundamentals

Fabrication: An unauthorized party inserts counterfeit objects into the system. This is an
attack on authenticity.
For example,
i. Insertion of unauthentic message in a network
ii. Addition of records to a file.

Sender Receiver

Eavesdropper or Forger

4.2 Cryptographic Attacks

Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The
goal of the opponent is to obtain information that is being transmitted. Passive attacks are of
two types:
i. Release of message contents: A telephone conversation, an e-mail message and a
transferred file may contain sensitive or confidential information. We would like to
prevent the opponent from learning the contents of these transmissions.
ii. Traffic analysis: If we had encryption protection in place, an opponent might still be
able to observe the pattern of the message. The opponent could determine the location
and identity of communication hosts and could observe the frequency and
length of messages being exchanged. This information might be useful in guessing the
nature of communication that was taking place.
Passive attacks are very difficult to detect because they do not involve any alteration of data.
However, it is feasible to prevent the success of these attacks.
Active attacks
These attacks involve some modification of the data stream or the creation of a false stream.
These attacks can be classified in to four categories:
i. Masquerade – One entity pretends to be a different entity.
ii. Replay – involves passive capture of a data unit and its subsequent transmission to
produce an unauthorized effect.
iii. Modification of messages – Some portion of message is altered or the messages
are delayed or recorded, to produce an unauthorized effect.
iv. Denial of service – Prevents or inhibits the normal use or management of
communication facilities. Another form of service denial is the disruption of an entire
network, either by disabling the network or overloading it with messages so as to
degrade performance.
 Chapter 2: Computer Network Security Fundamentals

It is quite difficult to prevent active attacks absolutely, because to do so would require physical
protection of all communication facilities and paths at all times. Instead, the goal is to detect
them and to recover from any disruption or delays caused by them.
4.3 Symmetric and Public Key Algorithms
Encryption/Decryption methods fall into two categories.
i. Symmetric key
ii. Public key
In symmetric key algorithms, the encryption and decryption keys are known both to sender
and receiver. The encryption key is shared and the decryption key is easily calculated from
it. In many cases, the encryption and decryption keys are the same.
In public key cryptography, encryption key is made public, but it is computationally infeasible
to find the decryption key without the information known to the receiver.

Figure 2.1: A Model for Network Security

A message is to be transferred from one party to another across some sort of internet. The
two parties, who are the principals in this transaction, must cooperate for the exchange to take
place. A logical information channel is established by defining a route through the internet
from source to destination and by the cooperative use of communication protocols (e.g.,
TCP/IP) by the two principals.
Using this model requires us to:
✓ Design a suitable algorithm for the security transformation
✓ Generate the secret information (keys) used by the algorithm
✓ Develop methods to distribute and share the secret information
✓ Specify a protocol enabling the principals to use the transformation and secret
information for a security service.

