CSE

Paper Presentation
On

NETWORK SECURITY
Submitted By

D.HARITHA
E-mail : haritha.devinani@gmail.com

Department of
Computer Science
KMM INSTITUTE OF
TECHNOLOGY &
SCIENCE
(Affiliated to JNTU, Anantapur)

KMM INSTITUTE OF TECHNOLOGY &

SCIENCE
Reg . No : 083G1A0520 Topic : NETWORK
SECURITY

Name : D.HARITHA
[CSE]
Abstract
SECURITY” in
contemporary scenarios
become a more sensible issue
either it may be in “REAL
WORLD” or in the “CYBER
WORLD” .in this world
opposed to the cyber world an
attack is often preceded
information gathering.
Network security is a
complicated subject, historically
only tackled by well-trained and
experienced experts. However, as
more and more people become
”wired'', an increasing number of
people need to understand the
basics of security in a networked
world. Our paper covers different
kinds of threats & firewalls in the
network by implementation of
different security services using
various security mechanisms. The
security mechanisms are primarily
based on cryptographic algorithms
like symmetric-DES, AES,
CSE
Course :1I1-B.Tech
asymmetric-RSA, ECC.
Generally, the logical conclusion
is to use both kind of algorithms
this and their combinations to achieve
has optimal speed and security levels.
It is hoped that the reader will
have a wider perspective on
security in
as
by
general, and better
understand how to reduce and
manage risk personally.
Contents:
1. Introduction
2. Popular networks
3. Security services
4. Security threats
5. Where do they come from?
6. Preventing security disasters
7. Firewalls
• Types of firewalls
• Point of failure
• Security mechanisms
 CSE

Popular networks:
8. Cryptography
UUCP: (Unix-to-Unix Copy) was
Types of cryptography originally developed to connect
• Secret key UNIX (surprise!) hosts together.
Internet: The Internet is the
cryptography world's largest network of
• public key cryptography networks.
Services for security:
• Hash algorithms
The services are intended to
9. Conclusion
counter security attacks, and they
10. Bibliography
make use of one or more
Security mechanisms to provide
the service.
1. Confidentiality: Ensure that the
Introduction: information in a computer system
and transmitted information are
A basic understanding of
accessible only for reading by
computer networks is requisite in
authorized parties. This type of
order to understand the principles
access includes printing
of network security. In this
displaying and other forms of
section, we'll cover some of the
disclosure, including simply
foundations of computer
revealing the existence of an
networking, then move on to an
object.
overview of some popular
2. Authentication: Ensure that the
networks. The impressive
origin of a message or electronic
development of computer
document is correctly
networks has reached the point,
with an assurance that the identity
where security becomes essential.
is not false;
Users want to exchange data in a
3. Integrity: Ensures that only
secure way. The problem of
authorized parties are able to
network security is a complex
modify computer systems assets
issue. Network security means a
and transmitted information.
protection of the network assets.
Modification includes writing,
 CSE

changing, changing status,

deleting, creating and delaying or
replaying of transmitted messages.
4. Non-repudiation: Requires that
neither the sender nor the receiver
of a message is able to deny the
transmission.
5. Access control: Require that
access to information resources
may be controlled by or for the
target system.
6. Availability: Require that
computer systems assets be
available to authorized parties
when needed.

Attacks:
Attacks on the security of a
computer system or network are
best characterized by viewing the
function of a computer system as
provided information. This normal
flow is depicted in figure:

Security threats:

Categorization of these attacks is

passive attacks and active attacks.
Passive attacks: In this the goal
of the attacker is to obtain

information that is being
transmitted. Two types of passive
attacks are release of message
contents and traffic analysis.
Active attacks:. These attacks
involve some modification of the
data stream or the creation of false
stream and can be sub divided into
4 categories: Masquerade, Replay,
Modification of messages, and
denial of service.
Denial of service: Do S (Denial-
of-Service) attacks are probably
the nastiest, and most difficult to
address. Such attacks were fairly
common in late 1996 and early
1997, but are now becoming less
popular. Some things that can be
done to reduce the risk of being
stung by a denial of service attack
include
• Not running your visible-to-the-
world servers at a level too close
to capacity
• Using packet filtering to prevent
obviously forged packets from
entering into your
network address space.
• Keeping up-to-date on security-
related patches for your hosts'
operating systems.
CSE
Unauthorized Access:
``Unauthorized access'' is a
very high-level term that can refer
to a number of different sorts of
attacks. The goal of these attacks
is to access some resource that
your machine should not provide
the attacker. These can take the
form of a virus, worm, or Trojan
horse. One of the most publicized
threats to security is intruder.
Generally referred to as a hacker
or cracker, and some other threats
are executing commands illicitly,
confidential breaches, destructive
behavior.
Where do the attacks come
from? How, though, does an
attacker gain access to your
equipment?
Through any connection that you
have to the outside world. This
includes Internet connections,
dial-up modems, and even
physical access.
Preventing security disasters:
• Hope you have backups
 CSE

• Stay current with relevant and build a firewall architecture

operating system patches that best implements that policy.
• Don't put data where it doesn't Points of Failure: Any time there
need to be is only one component paying
• Avoid systems with single points attention to what's going on
of failure between the internal and external
• Watch for relevant security networks, an attacker has only one
advisories thing to break (or fool!) in order to
Firewalls: gain complete access to your
internal networks.
Firewalls can be an Security Mechanisms: A
effective means of protecting a mechanism that is designed to
local system or network of detect, prevent, or recover from a
systems from network based security attack. Cryptography and
security threats while at the same Steganographic are such two
time, a firewall is simply a group techniques. Hence we focus on
of components that collectively development, use and
form a barrier between two management of Cryptographic
networks. techniques.
Types of firewalls: What is Cryptography?
• Application Gateways
The word “cryptography”
• Packet Filtering
is derived from Greek and when
• Hybrid systems
literally translated, means “secret
Best for me: Lots of options are
writing.” The study of enciphering
available, and it makes sense to
and encoding (on the sending
spend some time with an expert,
end), and decoding (on the
either in-house, or an experienced
receiving end) is called
consultant who can take the time
cryptography. Although the
to understand your organization's
distinction is fuzzy, ciphers are
security policy, and can design
different from codes. When you
 CSE

mix up or substitute existing

letters, you are using a cipher.
Encryption refers to the
transformation of data in “plain
text” form into a form called
“cipher text,” .The recovery of
plain text requires the key, and
this process is known as
decryption. This key is meant to You can construct a secret
be secret information and the message from the above table.
privacy of the text depends on the Relative substitutions can be done.
cryptographic strength of the key. So, the message “ Meet me after
Ciphers are broken into two main school behind the gym,” would
categories, substitution ciphers read
and transposition ciphers. “DTTZ DT QYZTK LEIGGS
Substitution ciphers replace letters WTIOFR ZIT UND.”
in the plaintext with other letters Five letters are customary in the
or symbols, keeping the order in spy biz, so your message comes
which the symbols fall the same. out like this:
Transposition ciphers keep all of DTTZD TQYZT KLEIG GSWTI
the original letters intact, but mix OFRZI TUNDM
up their order. Transposition cipher: Text
Substitution cipher: chosen in one form can be
Plaintext letter enciphered choosing a different

ABCD EF G H IJK LM N
route. To decipher, you fill the in
OP Q RST UV WX Y Z box following the zigzag route
Cipher text letter and read the message using the
spiral route.
QW ER TY U IOP A S DF
G HJ K LZX C V B NM The cipher text becomes:
EAMTN FTDIE EHOTE
RHMEM BYESC GLOHO
 CSE

Types of Cryptography: send messages to one another on a

medium that can be tapped,
There are three types of
without worrying about
cryptographic algorithms:
eavesdroppers. All we need to do
1. Secret Key Cryptography.
is have the sender encrypt the
2. Public Key Cryptography. messages and the receiver decrypt
3. Hash Algorithms. them using the key. An
Secret Key Cryptography: eavesdropper will only see
unintelligible data. Some of the
Secret key cryptography
secret key cryptography
involves the use of single key.
algorithms are - DES, 3-DES,
Given a message (Plain text) and
blowfish, IDEA, AES, RC2, RC4,
the key, encryption produces
RC5, ECB etc.
cipher text, which is about the
same length as the plain text was.
Decryption is the reverse of Advantages of Secret Key
encryption, and uses the same key Cryptography:
o Very fast relative to public key
as encryption.
cryptography.
Encryption
o Considered secure, provided the
Plain text------------------> cipher
key is relatively strong.
text
o The cipher text is compact (i.e.,
Key
encryption does not add excess
Cipher text------------------> plain
“Baggage” to the cipher text).
text
o Widely used and very popular.
Decryption
Secret key cryptography is Disadvantages of Secret
sometimes referred to as Key Cryptography:
symmetric cryptography or o The administration of the keys
conventional cryptography. If can become extremely
sender and receiver agree on a complicated.
shared secret key, then by using o A large number of keys are
secret key cryptography we can needed to communicate securely
 CSE

with a large group of People. Private key

o The key is subject to Cipherkey-----------------------------
interception by hackers. ---> plain text
Public Key Cryptography: Decryption
Public key cryptography Public key cryptography can do
sometimes also referred to as anything secret key cryptography
asymmetric cryptography. The can do like- transmitting the data
public key need not be kept secret, over an insecure channel, secure
and, in fact, may be widely storage on insecure media,
available, only its authenticity is authentication purposes and
required to guarantee that A is digital signatures. Some Public
indeed the only party who knows key cryptography algorithms are
the co-responding private key. A RSA, Elliptic Curve Cryptography
primary advantage of such (ECC), ElGamal, DH, DSA/DSS
systems is that providing authentic etc.
public keys is generally easier Advantages of Public key
than distributing secret keys Cryptography:
securely, as required in symmetric
o Considered very secure, and
key systems. The main objective
easy to configure these systems.
of public-key encryption is to
o No form of secret sharing is
provide privacy or confidentiality.
required, thus reducing key
Public-key encryption schemes
administration to a Minimum.
are typically substantially slower
o Supports non-repudiation.
than symmetric-key encryption
o The number of keys managed by
algorithms such as DES.
each user is much less compared
The private key and the public key to secret key
are mathematically linked. Cryptography.
Encryption Disadvantages of Public
Plaintext------------------------------- key Cryptography:
--> cipher text
Public key
 CSE

o Much slower compared to secret protect the integrity of a message

key cryptography.
o The ciphertext is much larger
than the plaintext, relative to
secret key Cryptography.
Hash Algorithms:
transmitted over insecure media.
Message fingerprint: We can
know whether some data stored
has been modified from one day to
the next, if we save that data

Hash algorithms are also structure with a hash function. We

known as message digests or one- can compare the hash function

way transformations. A data structure with the message on

cryptographic hash function is a the message data. If the message

mathematical transformation that digest has not changed, you can be

takes a message of arbitrary length sure that none of the data is

and computes from it a fixed changed.

length number. Digital Signatures: can be

The following things can be done efficiently implemented using

using hash algorithms. hash functions.

Implementation Issues
Password Hashing: When a user
Key Size:
types a password, the system must
This has major role for amount of
store the password encrypted
security. If the algorithm is
because someone else can use it.
inherently strong, then it can be
To avoid this problem hashing is
assumed that the larger the key
used. When a password is
size for the ciphers, the harder it is
supplied, it computes the
for a hacker to perform an attack
password hash and compares it
on the cipher text. But, larger keys
with the stored value if they
lead to lower levels of
match; the password is taken to be
performance. Thus there are,
correct.
trade-offs, which are traditionally
Message Integrity: Cryptographic
made between the level of security
hash functions can be used to
and other factors, like
performance.
 CSE

Hybrid Systems: o Douglas R.Stinson.

Just one crypto-system will not Cryptography: theory and
solve every problem. Most practice: 2nd edition
systems in use today employ a o A.Menezes, P.van Oorschot and
hybrid system. S.Vanstone:Handbook of Applied
Cryptography.
Conclusion: o Smith, Laurence Dwight.

Everyone has a different Cryptography, the Science of

idea of what ``security'' is, and Secret Writing

what levels of risk are acceptable.

It's important to build systems and
networks in such a way that the
user is not constantly reminded of
the security system around him.
As and when new security
methods are developed, breaking
of these methods has increased. So
measures have to be taken to fill
the loopholes, of which
cryptography has and is
playing a major role.
Cryptography is evergreen and
developments in this area are a
better option.

References:
o William Stallings: Cryptography
and Network security: principles
and practice: 2nd edition.
o J.P. Holbrook, J.K. Reynolds.
``Site Security Handbook.''
CSE