Unknown Path Network a Network B lost Al HEM Host b3 Host d From Security in Computing, Fifth Edition, by Charles P Pfleeger, et aL. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Unknown Path 11 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
12 Modification and fabrication Data corruption May be intentional or unintentional, malicious or nonmalicious directed or random Sequencing Permuting the order of data, such as packets arriving in sequence Substitution Replacement of one piece of a data stream with another Insertion a form of substitution in which data values are inserted into a stream Replay Legitimate data are intercepted and reused From Security in Computing, Fifth Edition, by Charles P Pfleeger, et aL. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Modification and Fabrication • Data corruption • May be intentional or unintentional, malicious or nonmalicious, directed or random • Sequencing • Permuting the order of data, such as packets arriving in sequence • Substitution • Replacement of one piece of a data stream with another • Insertion • A form of substitution in which data values are inserted into a stream • Replay • Legitimate data are intercepted and reused 12 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
Sources of Data Corruption Typing Malicious Program error error accident Hardware lure Software flaw Transmission problem Hacker uman activity mistake From Security in Computing, Fifth Edition, by Charles P Pfleeger, et aL. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Sources of Data Corruption 13 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
Simple Replay Attack Interception ID Password(encrypted) PW→ Encryption ID Password(encrypted) From Security in Computing, Fifth Edition, by Charles P Pfleeger, et aL. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Simple Replay Attack 14 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
Interruption: Loss of Service Routing Internet routing protocols are complicated, and one misconfiguration can poison the data of many routers Excessive demand Network capacity is finite and can be exhausted; an attacker can generate enough demand to overwhelm a critical part of a network Component failure Component failures tend to be sporadic and unpredictable, and will cause loss of service if not planned for From Security in Computing, Fifth Edition, by Charles P Pfleeger, et aL. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Interruption: Loss of Service • Routing • Internet routing protocols are complicated, and one misconfiguration can poison the data of many routers • Excessive demand • Network capacity is finite and can be exhausted; an attacker can generate enough demand to overwhelm a critical part of a network • Component failure • Component failures tend to be sporadic and unpredictable, and will cause loss of service if not planned for 15 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved