COMPUTER & DATA SECURITY
Introduction to ComputingCHAPTER #
11
Introduction to Computing 2Chapter # 11
Security
Security is about the protection of assets It can be computer, network or data security
Security is a set of procedures that protect You, your employees, and your peers
Paper or electronic media
Hardware, software, and networks
It protects from damage, theft, or change There can be different security measures
Prevention measures taken to protect your assets from being damaged
Detection measures taken to allow you to detect when an asset has been damaged,
how it was damaged and who damaged it
Reaction measures that allow you to recover your assets
Introduction to Computing 3Chapter # 11
Computer Security
Computer security is information security as applied to computers and networks
The field covers all the processes and mechanisms by which computer-based equipment, information, networks and services are protected from unintended or unauthorized access, change or destruction
It also includes protection from unplanned events and natural disasters
Introduction to Computing 4Chapter # 11
Security Properties
Confidentiality ensures that the data is only read by the intended recipients
Integrity ensures that all of the data has not been corrupted from its
original source
The system continues to operate properly.
Availability Actions by an attacker do not prevent users from having access
to use of the system
guarantees that the data is usable upon demand
Accountability it is audit information that is kept and protected so that security
actions can be traced to the responsible party
Introduction to Computing 5Chapter # 11
Highly Vulnerable
Financial institutions and banks
Internet service providers
Government and defense agencies
Multinational corporations
Pharmaceutical companies
Contractors to various government agencies
Anyone on the Internet
Introduction to Computing 6Chapter # 11
Types of Attacks
Denial of Service (D.o.S) attacks
D.o.S attacks have one goal – to knock your service off the net
Crash your host
Flood your host
Flood the network connecting to your host
Viruses
A computer virus attaches itself to files on the target machine
Master Boot Sector/Boot Sector viruses
File viruses, Macro viruses
Stealth viruses, Polymorphic viruses
Introduction to Computing 7Chapter # 11
Types of Attacks
Trojans Trojans are programs that appear to perform a desirable and necessary
function that perform functions unknown to (and probably unwanted by) the user
Worms Worms are memory resident viruses
Unlike a virus, which seeds itself in the computer's hard disk or file system, a worm will only maintain a functional copy of itself in active memory
Worms frequently “sleep” until some event triggers their activity e.g. send password file to hacker, send copy of registry to hacker
Worms and Trojans are frequent methods by which Backdoors are enabled on a system
Backdoors Such programs give remote access to the computer from anywhere on
the Internet
e.g. Back Orifice, BO2K, Sub-Seven)
Introduction to Computing 8Chapter # 11
Types of Attacks
Sniffers
Devices that capture network packets
Extremely difficult to detect because they are passive
Scanners
Programs that automatically detect security weaknesses in remote or local hosts
Tells the hacker
What services are currently running
What users own those services
Whether anonymous logins are supported
Whether certain network services require authentication
Password Crackers
Some actually try to decrypt
Most simply try “brute force” or intelligent “brute force”
Dictionary words, days of year, initials
Introduction to Computing 9Chapter # 11
Types of Attacks
Social Engineering
“This is MIS, I can fix your e-mail box, what’s your password?”
Email Spoofing
It tricks the user in believing that the email originated from a certain user such as an administrator although it actually originated from a hacker
Such emails may solicit personal information such as credit card details and passwords
Examining the email header may provide some additional information about the origin of the email
Introduction to Computing 10Chapter # 11
How Do We Protect
Anti-virus software
Personal Anti-virus SW on your machine
Make sure it is set to scan all executables, compressed files, e-mail, e-mail attachments, web pages
Keep your virus information files up to date!!!
Firewalls A combination of hardware and software resources positioned
between the local (trusted) network and [an untrusted network]
It ensures that all communication between an organization's network and the Internet connection conforms to the organization's security policy
It tracks and controls communications, deciding whether to pass, reject, encrypt, or log communications
Introduction to Computing 11Chapter # 11
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties
Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering
Applications of cryptography include ATM cards, computer passwords, and electronic commerce
Simply – secret codes
Encryption Converting data to unreadable codes to prevent anyone form accessing this
information
Need a “key” to find the original data keys take a few million-trillion years to guess
Public keys An ingenious system of proving you know your password without disclosing your
password. Also used for digital signatures
Used heavily in SSL connections
Hashing Creating fingerprints of documents
Introduction to Computing 12Chapter # 11
Cryptography
Symmetric encryption
Authentication
Asymmetric encryption
Public Key Infrastructure
Introduction to Computing 13Chapter # 11
Steganography
Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message
It is a form of security through obscurity
Message appears to be something else
images, articles, shopping lists, or some other cover-text
Classically, the hidden message may be in invisible ink between the visible lines of a private letter
Messages do not attract attention to themselves
It is high security technique for long data transmission
Introduction to Computing 14Chapter # 11
Watermarking
Watermarking is the process of hiding digital information in a carrier signal
It is a technique in which a kind of marker is embedded in a signal such as audio or image data
Used to identify ownership of the copyright of such signal
Digital watermarks may be used to verify the authenticity or integrity of the carrier signal or to show the identity of its owners
It is prominently used for tracing copyright infringements and for banknote authentication
Top Related