This is the first day of my participation in the Computer and Network Security Challenge.August more challenge | new game play strange upgrade, prize overlay get soft 🎁 (juejin.cn))

1.1 Concept of computer security

1.1.1 Three core objectives of Computer Security (CIA) :

  • (1) Data Confidentiality (to ensure that privacy or secrets are not disclosed or used by unauthorized parties); ② Privacy (to ensure that individuals can control or determine their own information).

  • Integrity –① Data Integrity (to ensure that information can only be changed in specific and authorized ways); (2) System integrity (ensure that the system performs scheduled functions in a normal manner and avoid unauthorized manipulation.)

  • Availability – Ensures that the system works quickly and that authorized users cannot be denied service

    Two additional:

    • Authenticity -- Verify that users are correct and the system inputs are from trusted sourcesCopy the code
    • Accountability -- An entity's actions can be uniquely traced back to that entityCopy the code

1.2 OSI Security Architecture

1.2.1 CONCERNS of OSI Security Architecture

  • Security attack – any action that compromises the security of a system
  • Security mechanisms – Processes used to detect, prevent, or recover from attacks
  • Security service – a process or communication service that reinforces the security of data processing systems and information transmission, with the purpose of countering with one or more security mechanisms.

1.3 Security Attacks

1.3.1 Passive Attack

① Eavesdrop and monitor the transmission to obtain the transmitted information

② Traffic analysis: with proper encryption protection for information, attackers still have some patterns that may obtain these messages. For example, you can determine the identity and location of the host, the frequency and length of the message

Passive attacks do not involve changes to data and can usually be prevented using encryption methods. Prevention rather than detection

1.3.2 Active attack — Modify or forge data streams

Disguise: an entity pretends to be something else. For example, after obtaining authentication information, the authentication information is played back after completing legitimate verification, and the entity without permission can pretend to obtain additional permission.

② Replay: the attacker sends the intercepted information again without authorization

③ Message modification: Unauthorized modification of part of a legitimate message, or delay the transmission of the message, or change the order of the message

(4) Denial of service: to prevent the normal use or management of facilities, targeted at specific objectives. For example, an entity might block all messages sent to a destination. Another is to destroy the entire network, or disable it, or overload it to degrade performance

Due to the diversity of potential weaknesses of physical communication equipment, software and network itself, it is difficult to absolutely prevent active attacks. The key is to detect and recover from damage or delay caused by attacks

Bye~