1 / 8

Dr. Kemal Akkaya E-mail: kemal@cs.siu

Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture 4: An Introduction to Security. Dr. Kemal Akkaya E-mail: kemal@cs.siu.edu. Network Security Principles.

knumbers
Download Presentation

Dr. Kemal Akkaya E-mail: kemal@cs.siu

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Department of Computer ScienceSouthern Illinois University CarbondaleCS 591 – Wireless & Network SecurityLecture 4: An Introduction to Security Dr. Kemal Akkaya E-mail: kemal@cs.siu.edu Wireless & Network Security 1

  2. Network Security Principles • Availability: means ensuring that the service offered by the node will be availableto its users when expected despite denial of service attacks (DoS). • Confidentiality: ensures that certain information is never disclosed to unauthorized entities. • Authentication: enables a node to ensure the identity of the peer node it is communicating with. • Integrity: means ensuring that the node/data has not been maliciously altered. • Non-repudiation: ensures that the origin of a message cannot deny having sent the message. • Authorization: means permission of access to use certain resources Wireless & Network Security 2

  3. Attacks Classification and violation Wireless & Network Security 3

  4. Definitions • Snooping: Capturing packets (Airsnoop) • Selfishness: Do not participate (forwarding, services etc.) • Wormhole: Replaying messages • Blackhole: A malicious node falsely advertises good paths • Byzantine: Compromised node(s) create loops, drop packets to hinder routing • Information disclosure: Malicious node give information to unauthorized nodes about network topology, routing etc. • Resource consumption: Sending unnecessary packets to consume energy, bandwidth of nodes • Routing: Unnecessary update of routing tables, caches etc. • Session hijacking: Capturing the session between two parties • Repudiation: Denial of participation in the communication • Device tampering: Capturing, damaging physical device • Man-in-the middle: Listening communication between two parties and impersonate • SYN flooding: TCP related • DDOS: Distributed Denial of Service Wireless & Network Security 4

  5. Risks Unauthorized AP backdoor access to company network Malicious Station may attack Trusted APs or Trusted Stations Trusted AP connected tocompany network Evil Twin AP pretends to be Trusted AP Trusted Station authorized to use company network AdHoc Station accidental associations with Trusted Stations Neighbor AP accidental associations from Trusted Stations DoS Flood Company Network Captured Email, Logins, Passwords, etc. This slide is a courtesy of Philip LaViscount, CISSP Wireless & Network Security 5

  6. Security Services Wireless & Network Security 6

  7. Encryption Algorithms • The strength of the encryption is dependent mostly on the size of the secret key. • Encryption algorithms employed today are almost impossible to break except by brute force that involves searching through all possible keys. Wireless & Network Security 7

  8. Breaking Encryption Algorithms Cost of breaking different encryption algorithms with different key lengths Wireless & Network Security 8

More Related