1.6 Network Security

Overview of Network Security

• Network security is a key focus of computer networking studies.

• Important questions to consider:

  • Types of attacks bad actors can launch on networks.

  • Broad categories of defenses against these attacks.

Historical Context

• Original Internet architecture lacked security as a design criterion.

• Designed for a trusted group of users on a transparent network.

• Current security measures are reactive due to this lack of built-in security.

Types of Attacks by Bad Actors

• Packet Sniffing: Bad actors can intercept packets on shared media (e.g., wireless channels) using tools like Wireshark.

• Packet Injection: Attackers can send fake packets to impersonate legitimate users (e.g., spoofing).

• Denial of Service (DoS): Overloading network devices with requests, potentially leading to a DDoS attack using compromised hosts.

Defensive Strategies

• Authentication: Verify user identity before granting network access (e.g., passwords, SIM card technology).

• Encryption: Protect data integrity by encrypting packet contents to prevent unauthorized access.

• Digital Signatures: Confirm sender identity and ensure data hasn't been tampered with.

• Access Control: Define user actions based on identity (e.g., UMass campus wireless network authentication).

• Firewalls: Hardware designed to detect and mitigate attacks; regulates traffic at the network's edge and core.

Conclusion

• Understanding potential attacks and defenses is crucial in network security.

• Future discussions in the course will delve deeper into security measures, particularly in relation to the network protocol stack.