:
:
http://mehr.sharif.edu/~shahriari
1
http://www.fata.ir
!"
(
)*
- (
/0
http://www.fata.ir
2
(/ -
' ! " 3 1,2
:" 5
- (
/0
'
;
' "
4#$% ! "3
- (
$
6
- (
$4 ,
- ( ) 7
9/6 :
8,/
; 7= $ ,
. ,
3
#$%
& '
"
$ + ,
$.
(
http://www.fata.ir
' < - $ ;" "
- ;" "
,
'
!"
:
6)?
- ( )
6
3
9/6 :
6 A <
@
(
-6
5,8
http://www.fata.ir
4
!"
- (
5
: ;"
4 B 7)?
C:
5,8
(
= %, D$
$ 8' $ ? # @ 3
(' / :
@ - ( -' 4
) ?*G ( " E, F
...
http://www.fata.ir
!"
(
- (
)*
/0
6
http://www.fata.ir
#$%
& '
"
$.
$ + ,
(
' 1,2 4
K% 4
@6 0? (-
I
G) ' (
( 4
.
? )*
? I )*
' ' "
' ' "
http://www.fata.ir
7
:(Prevention)
!"#
: (Tracing) $ %
(Detection) & ' (
)*
+,
%!8) ) ",. / 0
...234 5 67 8 ",. 9%: 8)
: (Reaction)< 0
=
) #
>,.
$% $
!"#
http://www.fata.ir
8
Prevention
Reaction
9
Detection
http://www.fata.ir
A.
3 ,
B :
," " ) ?*G
(
- ( ) ?*G
$ 6 A < " ) ?*G
3'
/0 M 06
$ 6 A < "
?>@
5,
& '
$ 6 A <
(
& '
$ /0
(
" %&
3
$ @%& " ) ?*G
5,
, / " $ @%&
5,
L 0 5, 4 ;" %
) E, -/ , /
@ 4 ;" %
-/ 8
:-9< G '
http://www.fata.ir
10
- 7
: 3 ' ('
3 6 -6 E, -/ 8
Q
'
( N
OP "
C
' ( $ $ R8 , /
<" 7 $ 8' 4 ;4
" - ;" % $ ;" " 4 K %
http://www.fata.ir
11
DE!(
C
CERT (Computer Emergency Response Team)
140,000
137,529
120,000
T & " S6
100,000
82,094
80,000
52,658
60,000
40,000
20,000
0
132
89
12
21,756
9,859
3,734
1,334
90
91
92
93
94
95
96
http://www.fata.ir
97
98
99
'00 '01 '02 '03
s10
L U
8'
High
Packet Forging Spoofing
Internet Worms
Sniffers
Stealth Diagnostics DDoS
Back Doors
Sweepers
Exploiting Known
Disabling Audits
Vulnerability
Self Replicating
Code
Password Cracking
Password Guessing
LOW
1980
1990
2000
http://www.fata.ir
13
A.
B :
:
8
'!
E *
" "L
'&
- 7
: -' V' -90& " , " 4
G ' ) ?*G
(
$ 8' L" ' 7 " ' 9
( OP X*7 ')" , B
9? )*
W
" S6
6 ;4
" 4 ,"
http://www.fata.ir
14
s11
(Bishop ) F G - /
? Z*6: (Attack) 9
.L2 4 ;" %
4 E( )# @ D - (
[ , : (Breach) (7
(
#@
$ 0, $ ' - (
L2 4 - , (7
9
( : (Intrusion)= %,
N\ F 6 " \S
, , P $ : (Vulnerability) O:
2
;" < ;" % Y L2 4 L ' < U N (' / : N 4 ;" : N- G
." < [ , # @ - (
Y
# @ D " (7
'
(7 N- ( ]
15
http://www.fata.ir
Slide 13
s10
!
%
.
&
!8
'(
30 9
" #
.
) *+, . - . ! (/
'( .01 2 " .3
:
;
" # < ! 3-( '
.
., =
/B .
., 4 0 ; " # ' CA D .03
Cracker W
. A D 8.
X .Y .-4( : 7. !
Internet Worms
" # ., 4 ' 5!
, > ? @ A
2000 N
O
: 7.
" #
Password
sadoddin, 1/8/2005
Slide 15
s11
` 4
`( 4
. C
: 7.
- "
!
!
.0 W d3
'( '
sadoddin, 1/8/2005
@
5!
.
b
8 A c D! = -W = 0 ; d;
: 7. abstract
-i e!
!
3!8 g . - . ! b0% h
e .03
.3
A
?3
C 1 .
" W
F G-/
Attacker and Hacker
E( ' Z /(< -(S ' T& " Hack
.
#@ D <
HackT& " L 5 "
@ ' = %, ' Z*6 Attack
.
, 7
Malicious Hacker = Attacker
^
, _
\C<
http://www.fata.ir
16
s12
(Stallings) F G - /
(Security Attack)- (
(< - [ ,
L 4
) ?*G
(
(Security Policy)- (
.
4 b I - $ < a 4 b - $ < a -` (
0(U 4 < (< - 3 S6
(Security Mechanism)- ( R8 , /
)*
- (
e'
17
9
< -9 ?
4 -' 4 '
D 4
P 9U ,c VC6 ' ;
P E, " Z
;" :
4 -/ T& " - ( R8 , / $
(Security Service)- ( .
8 , / 4 ;" %
'
( ; ((< 3 Q6
$.
http://www.fata.ir
!"
( /0
18
#$%
(
& '
"
- (
$.
)*
$ + ,
/0
(
I) ,
(
$ 0(U
http://www.fata.ir
Slide 17
s12
-
?
.AD
j"
Y . - <# ! 3
!8 k l : 7.
sadoddin, 1/8/2005
. -
.
$
-
6
." C
(
O: !
;" "
8
!
-P 1 : 9/6 :
-2 <
8 -, ' & fe S
' ( 8$ e '
R b, ' ' " T, L (? '
( "?L
. ((< - ,
:- (
4
((/
.
$ <L
http://www.fata.ir
19
$
" ;" @P
, 5
/0
20
S6
. (<
(
(
' <
- 96
G '
( L"4
!
"
$ 8 R , ) ?*G
. ( 0
7
E, " ;4 0 D L (? '
( L"4 " -7 '
. , 0 )O L2 R b, 4
@
$ - G R 5($ " - ( ) E *
.
; C,
P E, " $
http://www.fata.ir
!"
(
- (
)*
/0
21
http://www.fata.ir
#$%
$ 0(U
$.
$ + ,
(
-I% E
(Integrity) ;" " S U g%
(Confidentiality) $;" " -5,
g%
(Authentication)
$4
N- (
$
(Authorization) - ( 4 b
(Non-repudiation) /, R ?
(Availability) O: ! "
http://www.fata.ir
22
-I% E
<
L $;
1,2 /( 4 L ( G :;" "
.;
(MAC) R :
S U g%
;"
$4
<
YQ
E, "
L ' < (6 /( 4 L ( G : $;" " -5,
g%
. ( 0
:W " ' "&
OP8
23
http://www.fata.ir
- I% E
< 3 4 L ( G : (Authentication) - (
$
(<- ?" <
-, $ ' <
$
(<
T' ( ' (6 ' <:(Authorization)- ( 4 b
." " "_ ;
-
24
http://www.fata.ir
"
(<
s24
- I% E
; , Ph 6
" /, L / R ? : /, R ?
; (
YQ
L ' <
')
7 T&
' L" ' !
" ":
O: ! "
4b
http://www.fata.ir
25
s25
J % E+$5 (
- 8 , $ ;" "
S U; , P ' "
. '
$4
.
Non-repudiation
Authentication
Integrity
8,
26
$4
.
; , P ' " /, R ? .
'-
http://www.fata.ir
!"
(
)*
- (
/0
27
http://www.fata.ir
#$%
& '
"
$ + ,
$.
(
Slide 25
s24
-X
!
<
3!
?
W
.
! gY
= - j" ,
sadoddin, 1/8/2005
ne 7
oA
(ne 7
. A
p -3
? -
Slide 26
s25
-X !
" ? i!
d3
" o(A
sadoddin, 1/8/2005
>; Y !
"' kl
9
"oA
q!
r d3
' : 7. .
' : 7. .
>,.
-
" /9 ? ;
K !7
,
@
' )*
+ ,
" * 7 :(Interruption) %&
i
: (Interception) " (
3
-%V
$;" " 4 b I j6 : (Modification) $;" "
/ "
/0 # @
L ' < h 6 ;" "
: (Fabrication)) ?*G SU
4b L ' <R, '4b I
.
/0
- V ) G 06 T
http://www.fata.ir
28
/ :
Alice
Bob
data, control
messages
,<
;" "
% J(
; , P
; (
Trudy
http://www.fata.ir
29
! :
Alice
;" "
% J(
; , P
; (
;" "
Trudy
30
Bob
data, control
messages
,<
http://www.fata.ir
;" "
E :
Alice
% J(
Bob
data, control
messages
,<
/
; , P
; (
Trudy
http://www.fata.ir
31
?>@ 93#:
Alice
;" "
% J(
Trudy
; (
Bob
Trudy
;" "
; , P
32
http://www.fata.ir
>,.
:M 06
K !7
" k 6 E, 4 )* + ,
S I )*
(release of message content) R : Y C
D 6 9 6
" (
S )*
(Masquerade)
$ SU
(Replay) R j : ; ' "
(Modification of message) j6
(Denial of Service – DoS).
T(
33
http://www.fata.ir
!"
#$%
& '
"
$ + ,
$.
(
(
)*
- (
/0
http://www.fata.ir
34
+ 5 ( L%
"0 A
:+ 5 (
( , (
/0
R :
: 0
l )3 ,
, "
, < D 4 ;" %
$4
/E %
4 ,"
M 06 3 G 3 '
,
-
'3 G3' Rj:D
6 N-5,
/F!
- (
, P-
$.
!,?
$.
& ;" % "
/E
L" 2 #$
i
, 4 ,
3 6 '4 ,
!
U:- (
J
(
06
06 " < : -%V ) ?*G
, ;
OP W
'
http://www.fata.ir
35
+ 5 (
"
- (
$ 7!,7 A
L%
m k cV
" ?
- (
06
-%V ) ?*G
06
-%V ) ?*G
3 "
36
"0 !% E
http://www.fata.ir
s16
I% E + ,M(
n7- ( .
D L 2 #$
' < $" - L C, i
# (< #$
E,"
- (
06 R b,
4
'
( #
3 G 4 ,"
-%V ) ?*G ; ' " _ 6 T 4 6
- ( .
3 Q6 3 G M 06
-%V
'
'
( Z
(
$4 , #
0b
5 -
G
$ 9<
6
4 ;" %
/6 : D -
G
http://www.fata.ir
37
-
L 2
-P 1 :
"
U
$ (2
."
3/
L ' <
( 3'
(
?
http://www.fata.ir
38
7
Encryption
FN
Dos: Denial Of
Service
.
Non Repudiation
6
T(
= %,
Interoperable
4
Interruption
R :
$4
Accountability
"
S UN
Masquerade
Authorization
http://www.fata.ir
O:!
Breach
"
/ "
$;" "
/ "
- ( 4b
Circumvent
Audit
6
$ SU
Tampering
Modification
(<
2
SU
Integrity
#$
<
$
O:
Fabrication
%&
- 5' U
-
N- (
Availability
-5,
Intrusion
$4
Vulnerability
/, R ?
Confidentiality
Access Control
Authentication
" (
Integrity
Message :MAC
code authentication
NF
OP8
Interception
39
' <
L"4
8
N"
"
0k
(7
Slide 37
s16
A
-
. 9/t = :
! O .q
,
: 7. .
4 N
<@>
W. # u =
...)
CA D ' 4
g( k
sadoddin, 1/8/2005
) i ).
. ! 5!
b !
:?
=
#, < !
)
:?
# ! .t l ' , t *
c *(
#) : 7.
w 1
)
D
*
@
5-
© Copyright 2024 Paperzz