unit 1 nsc
unit 1 nsc
PROFESSIONAL ELECTIVE
(L-2 T-1 C-3)
Unit -1
Prepared by
Dr. B. Umamageswari, AP/CTECH
Unit - 1
The need for security - Security approaches - Principles of security -
Types of Security attacks - Security services- Security Mechanisms - A
model for Network Security - Substitution techniques -Transposition
techniques - Steganography.
Possible Attacks on Computers
• Computer security
• Network security CIN
• Internet security
AMS
Security
Services
AADDN
Security Mechanisms
ITU-T X800 standards – security architecture for ISO/OSI model
Security
Mechanisms
EDDAATRN
TESSS
Security
Mechanisms
Relationship between Security Services and
Mechanisms
Model for Network Security
Principles of Security or Security Services
• Confidentiality
What attack results in loss of confidentiality?
• Authentication
Which attack is possible in case of loss of proper authentication
mechanism?
• Integrity
Which attack leads to loss of integrity?
Principles of Security or Security Services
(Contd..)
• Non-repudiation
• Access Control
• Availability
Which attack makes the system unavailable?
Identify the attacks and security principle
violated due to the attack
Types of attacks
• Passive attacks – prevent
• Active attacks – detect and recover
Passive Attacks
- attacker overhears the communication without modifying it.
- Will be in the form of interception.
- difficult to detect
- prevention is better
Active Attacks
Modification of message or creation of the false message.
- will be in the form of interruption/modification/fabrication.
Guess the type of attack
Practical side of attack
Programs that attack
• Virus – piece of code that attaches itself to legitimate code and runs
when the legitimate code is executed.
• It can lead to application-level or even network-level attack
Phases of virus
(a) Dormant Phase - The virus is idle. It gets activated based on a certain action or
event (e.g. the user typing a certain key or a certain date or time is reached, etc).
This is an optional phase.
(b) Propagation Phase - In this phase, a virus copies itself, and each copy starts
creating more copies of itself, thus propagating the virus.
(c) Triggering Phase - A dormant virus moves into this phase when the action/event
for which it was waiting is initiated.
(d) Execution Phase -This is the actual work of the virus, which could be harmless
(display some message on the screen) or destructive (delete a file on the disk).
Types of virus
• Parasitic virus – attaches to exe files and infects other exe files when
executed.
• Memory resident virus – virus that resides in memory and infects all exe
files that are executed.
• Boot sector virus – virus infects the master boot record of the disk and
spreads when OS starts booting the machine.
• Stealth virus – built-in intelligence so that anti-virus program can’t detect.
• Polymorphic – changes its signature on every execution.
• Metamorphic – changes its signature and rewrites itself every time on its
execution.
• Macro virus
Worm and Trojan Horse
Specific Attacks
Sniffing and Spoofing
• Sniffing – passive attack
- encryption of data / transmission link
- attacker captures thr’ router or less – protected system on
the path.
• Spoofing – forges the source address – intercept/DoS/confuse host
• Phishing –
Phishing use case
DNS Spoofing use case
Cryptography (Krypto – hidden or secret and
graphene – writing)
Cryptanalysis / Code breaking
Modified Version
Caesar Cipher
Homophonic cipher
Replace each character by another character from the chosen set.
Polygram substitution cipher
Polygram substitution cipher technique replaces one block of
plain text with another block of cipher text—it does not work
on a character-by-character basis.
Problem
Alice meets Bob and says Rjjy rj ts ymj xfggfym. bj bnqq inxhzxx ymj
uqfs. If she is using Caesar cipher, what does she want to convey?
Solution:
Meet me on the sabbath. We will discuss the plan
Polyalphabetic substitution cipher
Playfair Cipher
Playfair Cipher
PLAYFAIR EXAMPLE
Encryption
• MY NA ME IS AT UL
Try it out
Hill Cipher
Hill Cipher
Transposition Technique
Transposition techniques differ from substitution techniques in
the way that they do not simply replace one alphabet with
another, but they also perform some permutation over the plain
text.
Rail Fence technique
Working of Rail Fence Technique
Simple Columnar Transposition Technique
Simple Columnar Transposition Technique
Simple columnar transposition technique with
multiple rounds
Vernam Cipher (one time pad)
Vernam Cipher (one time pad) Problem
Try it out
Encrypt the plaintext “safe messages”, using Hill cipher for the given key:
“ciphering”.
Encrypt NOTHING IS AS IT SEEMS using rail fence cipher.
Encrypt NOTHING IN THE WORLD IS MORE DANGEROUS THAN SINCERE
IGNORANCE AND CONSCIENTIOUS STUPIDITY with a key of k = 9 columns.
Suppose the ciphertext is: GPSDO AILTI VRVAA WETEC NITHM EDLHE TALEA
ONME. If it is known that the key is k = 7, find the plaintext.
Steganography
• Steganography is the practice of concealing information within
another message or physical object to avoid detection.
• It can be used to hide virtually any type of digital content, including
text, image, video, or audio content. That hidden data is then
extracted at its destination.
• Content concealed through steganography is
sometimes encrypted before being hidden within another file format.
If it isn’t encrypted, then it may be processed in some way to make it
harder to detect.
Types
• Text steganography
• Image steganography
• Audio steganography
• Video steganography
• Network steganography
Examples
• Writing with invisible ink
• Embedding text in a picture (like an artist hiding their initials in a painting they’ve
done)
• Backward masking a message in an audio file (remember those stories of evil
messages recorded backward on rock and roll records?)
• Concealing information in either metadata or within a file header
• Hiding an image in a video, viewable only if the video is played at a particular
frame rate
• Embedding a secret message in either the green, blue, or red channels of an RRB
image
Difference between Cryptography and
Steganography
Factors Steganography Cryptography
It's a method to conceal the fact that It's a method for making
Explanation
communication is taking place information unintelligible
Does not modify the data's general Modifies the overall data
Data Structure
structure structure