The bad guys can modify or delete messages

The bad guys can modify or delete messages

We finish this brief survey of network attacks by explaining man-in-the-middle attacks. In this class of attacks, the bad guy is inserted into the communication path between two communicating entities. Let's refer to the communicating entities as Alice and Bob, which might be actual human beings or might be network entities such as two routers or two e-maiI servers. The bad guy could be, for instance, a compromised router in the communication path, or a software module residing on one of the end hosts at a lower layer in the protocol stack. In the man-in-the-middle attack, the bad guy not only has the ability to sniff all packets that pass between Bob and Alice, but can also inject, alter, or delete packets. In the terminology of network security, a man-in-the-middle attack can compromise the integrity of the data sent between Alice and Bob. As we will see in "Security in Computer Networks", mechanisms that give secrecy (protection against sniffing) and end-point verification (allowing the receiver to verify with certainty the originator of the message) do not necessarily provide data integrity. So we will require yet another set of methods to provide data integrity.

In closing this section, it's worth taking into account how the Internet got to be such an insecure place in the first place. The answer, in essence, is that the Internet was originally designed to be that way, based on the model of "a group of mutually trusting users attached to a transparent network" [Blumenthal 2001] - a model in which (by definition) there is no need for security. Many features of the original Internet architecture deeply reflect this concept of mutual trust. For instance, the ability for one user to send a packet to any other user is the default rather than a requested/granted capability, and user identity is taken at declared face value, rather than being authenticated by default.

But today's Internet definitely does not involve "mutually trusting users". However, today's users still need to communicate when they don't unavoidably trust each other, may wish to communicate secretly, may communicate indirectly through third parties (e.g., Web caches, which we'll study in "Application Layer", or mobility-assisting agents, which we’ll study in "Wireless and Mobile Networks"), and may suspect the hardware, software, and even the air through which they communicate. We now have many security-related challenges before us as we progress through this blog: we should seek defenses against sniffing, end-point masquerading, man-in-the-middle attacks, DDoS attacks, malware, and more. We should keep in mind that communication among mutually trusted users is the exception rather than the rule.


Tags

network attacks, protocol stack, communicating entities

Copy Right

The contents available on this website are copyrighted by TechPlus unless otherwise indicated. All rights are reserved by TechPlus, and content may not be reproduced, published, or transferred in any form or by any means, except with the prior written permission of TechPlus.