Network Security(CP33925) Computer Networks (Introduction to TCP/IP Protocols) 부산대학교공과대학정보컴퓨터공학부
Network Type Elements of Protocol OSI Reference Model OSI Layers What we ll learn today 2
Definition of Network Network Type For the purpose of efficient use of computers by allowing computers to be interconnected by communication networks to share software or databases, or to use large computers remotely Client/Server Network Communication Methods Data Transmission Method Topology Peer to Peer Circuit Switching Network Packet Switching Network Cell Switching Network Bus Star Size LAN MAN WAN Mesh Ring 3
Communication Methods Client/Server Peer to Peer BROADCAST Communication method that sends data to all systems on LAN 1 : All Destination : FF:FF:FF:FF:FF:FF UNICAST Communication method for transferring data to a specific destination on LAN 1 : 1 MULTICAST Communication method for transmitting data to a specific large number on the LAN 1 : Group 4
Data Transmission Methods (1/3) Circuit Switched Network Operation A method of exclusively using a connection until the communication is completed by setting a dedicated communication line as a physical connection before communication Characteristic It requires a relatively long time to connect, there is no transmission delay because there is no need to consider other communication attempts 5
Data Transmission Methods (2/3) Packet Switched Network Operation The information to be transmitted is divided into small units called packets When a packet is sent to the packet-switching network by putting the address of the source and the destination for each packet, the packet-switching center looks at the address and delivers it to the final destination Characteristic Communication path is not established in communication like circuit-switched network Each packet can be transmitted over multiple paths depending on the network conditions. 6
Data Transmission Methods (3/3) Cell Switched Network Operation In the network, the protocol is simplified, and the data is transmitted in units of packets called cells Flow control and error control are processed between terminals to realize highspeed properties such as circuit switching. Characteristic ATM (Asynchronous Transfer Mode) is a typical type of cell switching network It transmits cells consisting of 5 bytes of header and 48 bytes of data, 7
Topology (1/2) Bus Topology All hosts on the network are connected to a single cable One communication line shared by all systems When a message transmitted from one system is transmitted to all the systems (broadcasting) Poor speed due to collisions when there are many systems configured in the network Bus Topology 8
Topology (2/2) Star Topology Central control system manages all control of communication Data Between Systems Is Not Delivered to Another System The central system determines the performance of the network. If the central system is inoperable, the entire network can not communicate Star Topology Ring Topology Start and end points do not exist Closed circulation type Token network If a system fails, communication is not possible. Delay in data transmission Ring Topology 9
LAN (Local Area Network) Size (1/2) A communication network constituted by connecting a communicationrelated device, etc. in the same building or company (factory) by a highspeed dedicated line Characteristics Network of the same institution Limited area within a few Km range Communication speed faster than WAN Metropolitan Area Network (MAN) New network between LAN and WAN Characteristics Transfer rate: 45Mbps or more Transmission medium: coaxial cable, optical cable The IEEE 802.6 access method uses a standardized medium access control (MAC) protocol 10
Wide Area Network (WAN) Size (2/2) A network in which interconnected LANs are interconnected is called a WAN The main factors affecting design and performance are transmission media Characteristics Transmission speed: 56Mbps or less Higher line error rate than LAN Transmission delay is high Has a more complex network structure than LAN The routing algorithm that connects the two destinations to the shortest path is important. Consider transmission efficiency and characteristics in WAN design Eliminates flow control and excessive delay under limited traffic conditions 11
Elements of Protocol (1/3) A protocol is synonymous with rule. A protocol consists of a set of rules that govern data communications. A protocol determines what is communicated, how it is communicated and when it is communicated. 12
Elements of Protocol (2/3) The key elements of a protocol are syntax, semantics and timing Syntax Structure or format of the data Indicates how to read the bits - field delineation Semantics Interprets the meaning of the bits Knows which fields define what action Timing When data should be sent and what Speed at which data should be sent or speed at which it is being received. 13
Elements of Protocol (3/3) Functions Addressing Addressing for each transport layer Sequencing Specifying the order in which protocol data units are sent when they are sent Fragmentation & Reassembling When transferring large data, it is divided into small units with high transmission efficiency and recombination Data Flow Control Adjust the amount or speed of data coming from the sending entity Connection Control In connection-oriented data transfer, connection establishment, data transfer, disconnection Encapsulation Add data control information Error Control Technique to detect when SDU or PCI is wrong in data exchange Synchronization Two entities simultaneously share well-defined argument values Multiplexing Techniques for multiple systems to communicate on a single communication line Transmission Service Prioritization, Control of Service Classes and Security Requirements 14
OSI Reference Model Open Systems Interconnection (OSI) Reference model provides a general framework for standardization defines a set of layers and services provided by each layer one or more protocols can be developed for each layer Developed by the International Organization for Standardization (ISO) also published by ITU-T (International Telecommunications Union) 15
Consists of 7 Layers OSI - The Layer Model Each layer performs a subset of the required communication functions Each layer relies on the next lower layer to perform more primitive functions Each layer provides services to the next higher layer Changes in one layer should not require changes in other layers 16
OSI as Framework for Standardization Layer functionalities are described by ISO Different standards can be developed based on these functionalities 17
Protocol specification Elements of Standardization Operates between the same layer on two systems May involve different platforms Protocol specification must be precise Format of data units Semantics of all fields Service definition Functional description of what is provided to the next upper layer Addressing Referenced by SAPs 18
The OSI Environment (1/2) User support layer Transmission layer Network layer Application Presentatio n Session Transport Network Data Link Physical OSI 7 Layer Provide user interface Data presentation, encryption/decryption Session formation, communication synchronization, data exchange, etc. Retransmission Provide a logical address to use for route determination Accessing media using MAC address Responsible for bit shift between devices 19
The OSI Environment (2/2) 20
OSI Layers (1/8) Physical Physical interface between devices Characteristics Mechanical - interface specs Electrical - voltage levels for bits, transmission rate, coding, etc. Data Link Basic services error detection and control, flow control at the link level (point to point) Higher layers may assume error free transmission Later a sublayer is added to Data Link Layer MAC (Medium Access Control) sublayer to deal with broadcast networks 21
OSI Layers (2/8) Network Transfer of information through communication network network related issues Network nodes (relays/routers) should perform switching and routing functions QoS (Quality of Service) and congestion control are also addressed in this layer Several other internetworking issues e.g. differences in addressing, max. data length, etc. Higher layers do not need to know about underlying networking technology Not needed on direct links 22
Example of Network Layer Operation 23
IP (Internet Protocol) OSI Layers (3/8) The core of the TCP/IP protocol suite Two versions co-exist v4 the widely used IP protocol v6 has been standardized in 1996, but still not widely deployed IP (v4) header minimum 20 octets (160 bits) IPv4 Header 24
IP (Internet Protocol) Example of IP Packet Total Length Fragmention Frag/Offset Header Checksum Version/Header Length Differentiated Services Flag Identifier Time To Live Protocol Source IP Dest. IP 25
OSI Layers (4/8) IP (Internet Protocol) Addressing 10000000. 00001011. 00000011. 00011111 128.11.4.31 26
Use of a Relay/Router 27
OSI Layers (5/8) Transport End to end exchange of data In sequence, no losses, no duplicates If needed, upper layer data are split into smaller units Reliable connection = provides flow and error control In TCP terms, a connection is a temporary association between enti ties in different systems TCP PDU Called TCP segment Includes source and destination port Identify respective users (applications) TCP Header pair of ports (together with the IP addresses) uniquely identify a connection; such an ide ntification is necessary in order TCP to track segments between entities. 28
OSI Layers (6/8) TCP PDU Src Port Dest Port Sequence Number Ack Number TCP Flags Window TCP Checksum Urgent Pointer TCP Offset TCP option Type Length MSS 29
Example of TCP Connection Establishment TCP PDU Three-way Handshake Client Server 1 Closed Listen 2 SYN_Send Client_My_Seq Listen Server_Client_Seq 3 SYN_Send Client_Server_Seq SYN_Received Server_My_Seq Server_Client_Seq +1 4 Established Established Session 30
TCP PDU Example of TCP Connection Close Four-way Handshake Client Server 31
OSI Layers (7/8) UDP User Datagram Protocol Alternative to TCP end-to-end protocol Not guaranteed delivery UDP Header No preservation of sequence No protection against duplication Minimum overhead Source Port Destination Port Length UDP Checksum 32
OSI Layers (8/8) Session Control of dialogues whose turn to talk? Dialogue discipline (full-duplex, half-duplex) Checkpointing and recovery Presentation Data formats Data compression Encryption Application Support for various applications e.g. HTTP, SMTP, telnet 33
Operation of TCP and IP 34
Some Protocols in TCP/IP Suite (1/3) 35
Some Protocols in TCP/IP Suite (2/3) ICMP A protocol that diagnoses the status of the sender and the status of the destination node A representative tool that uses ICMP is ping It operates on the IP layer but is separate from the transport layer protocol of TCP and UDP Error diagnosis message and diagnostic query message 36
Some Protocols in TCP/IP Suite (3/3) ARP (Address Resolution Protocol) A protocol that broadcasts an IP address and takes over its MAC address B s IP Addr. Request A B A Reply B s MAC Addr. B 37
Interconnected set of networks May be seemed as a large network Internetworking Each constituent network is a subnetwork Entire configuration referred to as an internet not the Internet conceptually the same, but by internet we do not mean a specific network the Internet is the most important example of an internet 38
Internetworking Devices Each subnetwork supports communication among the devices attached to that subnetwork End systems (ESs) Subnetworks connected by intermediate systems (ISs) In practice, ISs are routers that are used to relay and route packets between different subnetworks. If subnetworks use different Network Access Protocols, router should support all of the protocols. In OSI terminology, a router works at layer 3 (network layer). 39
Routers Interconnect dissimilar subnetworks without any modifications on architecture of subnetworks. Must accommodate differences among networks, such as Addressing schemes network addresses may need to be translated Maximum packet sizes if two subnetworks have different limits for max. packet sizes, then router may need fragment/reassemble the packets We have seen that subnetworks may have different network access and physical layers, but they have to speak the same (inter)network protocol implemented in all end systems and routers. The most important internetwork protocol is the IP protocol. 40
Configuration for TCP/IP Example 41
Action of Sender 42
Action of Router 43
Action of Receiver 44
General Network Attack Steps Footprinting Collect basic information about Victim Scanning Check whether the server that provides the service operates and the service it provides Step1. Information Collection Listing List information from footprinting and scanning Network Vulnerability Based on the collected information, we exploits Victim's vulnerability to attack Step2. Vul. Attack MITM DDoS SideJacking SSL Strip Wireless 45
46