Tishk International University

Science Faculty
IT Department

Information Security
Lecture 01: Basics of Information Security

4th Grade - Spring Semester

Instructor: Alaa Ghazi

 Course Resources
• Textbook
– Cryptography and Network Security, Fourth Edition,
– By William Stallings

2nd Resource
– Computer & Internet Security: A Hands-on Approach,
Second Edition
– By Wenliang (Kevin) Du
 Course Topics
– Lecture 01 Basics of Information Security
– Lecture 02 Types of Attacks
– Lecture 03 Firewalls
– Lecture 04 VPN (Virtual Private Networks)
– Lecture 05 PKI (Public Key Infrastructure)
– Lecture 06 IPS/IDS (Intrusion Prevention/Detection Systems)
– Lecture 07 AntiMalware
 LAB Sessions
– LAB 01 Information Security LAB Setup
– LAB 02 TCP Attacks
– LAB 03 Firewall Policy
– LAB 04 Site-to-Site VPN Setup
– LAB 05 PKI (Public Key Infrastructure)
– LAB 06 IDS Example
– LAB 07 AntiMalware
 Lecture 1
Basics of Information Security
Lecture Topics
1.1 Definition
1.2 Information Security Architecture
1.3 Security Services Categories
1.4 Passive Vs. Active Security Attacks
1.5 Security Attack By Effect
1.6 Security Attack Diagrams
1.7 Attack vs. Service Matrix
1.8 Main Security Mechanisms
1.9 Model for Firewall
1.10 Model for Cryptography
1.11 Steps to Handle Security Risks
1.12 Cybersecurity Framework Diagram
 1.1 Definition
• Information Security is the protection of information and its
critical elements, including systems and hardware that use, store,
and transmit that information.
• Vulnerability: a weakness that makes targets susceptible to an
attack.
• Threat: is a possible danger that might exploit a vulnerability.
1.2 Information Security Architecture
• Security Service
– A processing or communication service that enhances
the security of the data processing systems and the
information transfers of an organization
• Security Attack
– Any action that compromises the security of information
owned by an organization
• Security Mechanism
– A process or a device that is designed to detect, prevent,
or recover from a security attack.

Information Security is about how to make use of

the security mechanisms to implement security
services, resisting attacks on information systems.
1.3 Security Services Categories
• Confidentiality
• Authentication
• Access control
• Integrity
• Non- repudiation
• Availability
 Confidentiality
• Confidentiality is the protection of transmitted data from
passive attacks. It is used to prevent the disclosure of
information to unauthorized individuals or systems.
• The main purpose of confidentiality is “ensuring that
information is accessible only to those authorized to have
access”.
• Modern confidentiality includes the protection against
Traffic Analysis.
• Traffic Analysis: are techniques where the attacker can
determine the location and identity of communicating
hosts and could observe the frequency and length of
messages.
• Ex: A credit card number has to be secured during online
transaction.
 Authentication
• Concerned with assuring that a communication is
genuine. Authentication targets depends on the case:
– A single message: it assures the recipient that the
message source is the original sender.
– An ongoing interaction: it assures that the two
entities are genuine and that the connection is not
interfered with so a third party can masquerade as
one of the two legitimate parties.
 Access Control
• The ability to restrict the right to use of host
systems and applications via communications
links.
• To achieve this, each entity trying to gain
access must first be identified, or
authenticated, so that access rights can be
personalized to the individual.
 Integrity
• It can apply to a single message or connection-
oriented communications.

• A single message integrity service provides

protection against message modification only.

• Connection-oriented integrity service, one that deals

with a stream of messages, assures that messages
are received as sent with no duplication, insertion,
modification, reordering, or replays.
 Non-Repudiation
• Prevents either sender or receiver from denying a
transmitted message.
• When a message is sent, the receiver can prove later
that the genuine sender in fact sent the message.
• When a message is received, the sender can prove
that the genuine receiver in fact received the
message.
 Availability
• It is the property of a system being accessible and
usable upon demand by an authorized entity
according to performance specifications for the
system.
• The availability can significantly be affected by a
variety of Denial of Service attacks.
 1.5 Security Attacks By Effect
1. INTERRUPTION
2. INTERCEPTION
3. MODIFICATION
4. FABRICATION
5. REPUDIATION
6. UNAUTHORIZED ACCESS
1. INTERRUPTION
• An asset of the system is destroyed or becomes
unavailable or unusable.
• This means that people who are authorized to read or
write the information cannot do what they need.
• It is an attack on availability.
Examples:
• Jamming wireless signals
• Disabling file management systems
2. INTERCEPTION
• Is when an unauthorized party gains illegal access to a
stored or transferred information.
• Interception is an attack on confidentiality.
• Examples:
• Wire tapping to capture data in a network.
• Eavesdropping
3. MODIFICATION
• When an unauthorized party changes stored or
transmitted information.
• It is an attack on Integrity.
• Examples:
• Changing data file
• Altering a program and the contents of a message
4. FABRICATION
• Is when an unauthorized party inserts a fake object
into the system.
• It is an attack on Authentication.
• Examples:
• Hackers gaining access to a personal email and sending
a fake message.
• Insertion of records in database files.
• Insertion of spurious messages in a network.
5. Repudiation
• It occurs when a user either denies sending data or a
user denies receiving or possessing the data.
• It is an attack on Non-Repudiation.
• Examples:
• A bank user denies an online purchase
6. Unauthorized Access
• It is an act of illegally gaining access into any
computer, network, or application.
• It is an attack on Access Control.
• Examples:
• Compromising a computer by using a vulnerability
in the OS, or applications running on it.
• Illegally using services by using their user IDs and
passwords.
 1.7 Attacks vs. Services Matrix
Non-
Confidentiality Authentication Integrity Access Control Availability
repudiation
Interception X
Fabrication X
Modification X
Repudiation X
Unauthorized
Access X
Interruption X
 1.8 Main Security Mechanisms
1. Information flow control: controls the flow of information between
network segments.
2. Access Control Matrix (ACM): The access control matrix exists both in
operating systems and in database and it describes allowed accesses.
3. Firewalls: control traffic between the Internet and the local system or
intranet
4. Cryptography: is the process of converting between readable text,
called plaintext, and an unreadable form, called ciphertext. The sender
converts the plaintext message to ciphertext, and the receiver converts
the ciphertext message back to its plaintext form.
5. Digital signature: ensures the authenticity of documents, programs,
and messages.
6. Intrusion detection: detects attempted or successful attacks on a
system
7. Auditing: bookkeeping on all security-related events in a system

•
 1.11 Steps to Handle Security Risks
1. Identify: The first step in cyber-security strategy is to
understand your resources and risks.
2. Protect: Deploy security protection mechanisms .
3. Detect: If an attack occurs, you’ll want mechanisms
in place that will alert you as quickly as possible.
4. Respond: If a cybersecurity breach happens, you’ll
want to contain and reduce any damage.
5. Recover: After a cybersecurity breach, you’ll need
mechanisms in place to help resume normal
operations.
1.12 Cybersecurity Framework Diagram