SlideShare ist ein Scribd-Unternehmen logo

Computer security

Mahesh Singh Madai
Mahesh Singh Madai

This document discusses computer security and provides an overview of key concepts. It covers objectives like security threats and attacks, malicious software, and security mechanisms. Security threats can be passive or active attacks, while common types of malicious software include viruses, worms, Trojan horses, and spyware. The document also outlines security mechanisms like cryptography, digital signatures, firewalls, user identification/authentication, and intrusion detection systems. It defines security services that ensure confidentiality, integrity, authentication, and non-repudiation of data.

Technologie
1 von 56
Downloaden Sie, um offline zu lesen
Computer Security
Objectives: 1.Introduction 2.Security threats and attacks 3.Malicious software 4.Security Mechanism 1. Cryptography 2. Digital Signatures 3. Firewall 4. User Identification and Authentication 5. Intrusion Detection System(IDS) 5.Security Services 6.Security awareness and Policy
1. Introduction: •Also known as Cyber Security or IT Security •Protection of computer system from theft and damage to hardware, software or information •Protection of computing systems and the data that they store or access. •Also the protection from misdirection from the service computer system provide •Includes controlling physical access to hardware •Good Security Standards follow the "90 / 10" Rule: • 10% of security safeguards are technical. • 90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices.
2. SECURITY THREAT AND SECURITY ATTACK: •A threat is a potential violation of security and causes harm. • A threat can be a malicious program, a natural disaster or a thief. • Vulnerability is a weakness of system that is left unprotected. Systems that are vulnerable are exposed to threats. •Threat is a possible danger that might exploit vulnerability; the actions that cause it to occur are the security attacks.
 Types of security attack: •A. Passive Attack •B. Active Attack •A. Passive Attack: • Aims to get information from the system but it does not affect the system resources. •Passive attacks may analyze the traffic to find the nature of communication that is taking place, or, release the contents of the message to a person other than the intended receiver of the message. • Passive attacks are difficult to detect because they do not involve any alteration of the data. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
 Active attack: • An active attack tries to alter the system resources or affect its operations. • Active attack may modify the data or create a false data. An active attack may be a masquerade (an entity pretends to be someone else), replay (capture events and replay them), modification of messages, and denial of service. •Active attacks are difficult to prevent. However, an attempt is made to detect an active attack and recover from them.
Security attacks : On User : to the identity of user (someone else acting on your behalf by using personal information like password, PIN number in an ATM, credit card number, social security number etc) to the privacy of user: (tracking of users habits and actions—the website user visits, the buying habit of the user etc. Cookies and spam mails are used for attacking the privacy of users.)
On Hardware: could be due to a natural calamity like floods or earthquakes  due to power related problems like power fluctuations etc.;  or by destructive actions of a burglar. Software Attacks: Harms data stored in Computer Software attacks may be due to malicious software, or, due to hacking. Malicious software or malware is a software code included into the system with a purpose to harm the system. Hacking is the most common attack
3. Malicious Software(malware): •Commonly known as malware is a software that brings a harm to a computer system. •It can take the form of executable code, scripts, active content, and other software. •It is commonly used for earning money illegally. •It steals protected data, delete documents or add software not approved by a user. Definition: “A program that is inserted into a program, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or Operating system or otherwise annoying or disturbing the victim”
Malware can entry into your computer by •Questionable file downloads •Visiting infected website • Opening attachments or links from unknown or spoofed emails •Downloading software from malicious sites
 Common types of malware •Viruses •Worms •Trojan horse •Rootkits •Spyware
Virus: • Computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. Virus programs have the following properties: • It can attach itself to other healthy programs. •It can mainly affects the executable files(i.e. .exe files) • It can replicate itself and thus can spread across a network. • It is difficult to trace a virus after it has spread across a network. •e.g The Melissa virus, CrptoLocker, MyDoom etc.
Viruses can harm the computer in many ways: •Corrupt or delete data or files on the computer, •Changes the functionality of software applications, • Use e-mail program to spread itself to other computers, • Erase everything on the hard disk •Degrade performance of the system by utilizing resources such as memory or disk space
Worms: •A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. •It uses a computer network to spread itself, relying on security failures on the target computer to access it. Worms almost always cause at least some harm to the network Trojan Horse: •A Trojan horse is a malicious computer program which misrepresents itself to appear useful, routine, or interesting in order to persuade a victim to install it. •It is generally spread by some form of social engineering.
Rootkits: •Software packages known as rootkits allow this concealment, by modifying the host's operating system so that the malware is hidden from the user. •Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Spyware: •Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer’s consent.
Hacking: •Hacking is the unauthorized intrusion into a computer or a network •Hacking may result in a Denial of Service (DoS) attack. •The DoS attack prevents authorized users from accessing the resources of the computer. It aims at making the computer resource unusable or unavailable to its intended users. •Packet sniffing, e-mail hacking and password cracking are used to get the username and password of the system to gain access of the system.
Ways to protect PC from malwares: • Keep your software, browsers, OS and plugins up to date •Don’t click on links within emails •Use free antivirus software •Use a firewall •Minimize downloads •Use a strong password •Use a pop-up blocker
4. Security Mechanism: • A process(or a device incorporating such a process) that is designed to prevent, detect or recover from a security attack. • Prevention involves mechanisms to prevent the computer from being damaged. • Detection requires mechanisms that allow detection of when, how, and by whom an attacked occurred. • Recovery involves mechanism to stop the attack, assess the damage done, and then repair the damage. Security Mechanisms: Cryptography Digital Signatures Firewall User Identification and Authentication Intrusion Detection System(IDS)
4.1 Cryptography: •Derived from the Greek word ‘Kryptos’ which means ‘Secret’. •Method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. •Uses a mathematical algorithm to transfer the data into a form that cannot be read by unauthorized user •The algorithm turns our data into machines codes, then stores them and then provides the info to the authorized person only. •Applications: ATM , Email-Passwords, E-Payment, Electronic Voting etc.
Components of Cryptography: •Plaintext: • It is the data to be protected during transmission. •Encryption Algorithm: •It is a mathematical process that produces a cipher text for any given plaintext and encryption key. •Encryption Key: • It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the cipher text. •Cipher and Code: • bit-by-bit or character-by-character transformation without regard to the meaning of the message. Code replaces one word with another word or symbol. •. Cipher text: •It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. It can be intercepted or compromised by anyone who has access to the communication channel
• Decryption Algorithm: • It is a mathematical process, that produces a unique plaintext for any given cipher text and decryption key. • Decryption Key: • It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the cipher text in order to compute the plaintext. • Certification Authorities (CA): • CAs are trusted third parties that issue digital certificates for use by other parties. A CA issues digital certificates which contains a public key, a name, an expiration date, the name of authority that issued the certificate, a serial number, any policies describing how the certificate was issued, how the certificate may be used, the digital signature of the certificate issuer, and any other information. •Hash Function: • A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length.
4.2 Digital Signatures: •A type of electronic signature that encrypts the documents with digital codes that are particularly difficult to duplicate. •Takes the concept of traditional paper based signing and turns them into an electronic fingerprint or code. •This code used is unique to both the document and the signer •Used to validate authenticity and integrity of a document. •Cryptographically binds an electronic identity into electronic document •Similar to public key cryptography(assymetric cryptography) •Here, the message is encrypted by a private key and decrypted by a public which is just opposite in cryptography.
Algorithms in Digital Signatures: Digital signature scheme is a type of asymmetric cryptography. Digital signatures use the public key cryptography, which employs two keys—private key and public key. The digital signature scheme typically consists of three algorithms: •Key generation algorithm: • The algorithm outputs private key and a corresponding public key. •Signing algorithm: • It takes, message + private key, as input, and, outputs a digital signature. •Signature verifying algorithm: • It takes, message + public key + digital signature, as input, and, accepts or rejects digital signature.
4.3 Firewall: • A system designed to prevent unauthorized access to or from a private network. • Firewalls can be implemented in both hardware and software, or a combination of both. • Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. • All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security of the local network with one or more public IP addresses.
Terminologies Related to Firewall: •Gateway: • The computer that helps to establish a connection between two networks is called gateway. A firewall gateway is used for exchanging information between a local network and the Internet. • Proxy Server: • A proxy server masks the local network’s IP address with the proxy server IP address, thus concealing the identity of local network from the external network. Web proxy and application-level gateway are some examples of proxy servers. A firewall can be deployed with the proxy for protecting the local network from external network. •Screening Routers: • They are special types of router with filters, which are used along with the various firewalls. Screening routers check the incoming and outgoing traffic based on the IP address, and ports.
Types of Firewall: A.Packet Filter Firewall B.Circuit Filter Firewall C.Proxy Server or Application-level gateway A)Packet Filter Firewall: •Packet Filter Firewall is usually deployed on the routers . •It is the simplest kind of mechanism used in firewall protection. •It is implemented at the network level to check incoming and outgoing packets.
B) Circuit Filter Firewall: Circuit filter firewalls provide more protection than packet filter firewalls. Circuit filter firewall is also known as a “stateful inspection” firewall. •It prevents transfer of suspected packets by checking them at the network layer. •It checks for all the connections made to the local network, in contrast, to the packet filter firewall which makes a filtering decision based on individual packets. •It takes its decision by checking all the packets that are passed through the network layer and using this information to generate a decision table. The circuit level filter uses these decisions tables to keep track of the connections that go through the firewall.
C) Application-Level Gateway(Proxy Server): •Protects all the client applications running on a local network from the Internet by using the firewall itself as the gateway. •It creates a virtual connection between the source and the destination hosts. •A proxy firewall operates on the application layer. The proxy ensures that a direct connection from an external computer to local network never takes place. •The proxy automatically segregates all the packets depending upon the protocols used for them. •A proxy server must support various protocols. It checks each application or service, like Telnet or e-mail, when they are passed through it. •It is easy to implement on a local network. •It tends to be more secure than packet filters. Instead of checking the TCP and IP combinations that are to be allowed, it checks the allowable applications.
4.4 User Identification and Authentication: •Identification is the process whereby a system recognizes a valid user’s identity. •Authentication is the process of verifying the claimed identity of a user. •For example, a system uses user-password for identification. The user enters his password for identification. Authentication is the system which verifies that the password is correct, and thus the user is a valid user. •Authentication Mechanisms: 1.User name and password 2.Smart Card 3.Biometrics—Fingerprints, Iris/retina scan etc
4.4.1 . Smart Card: •A smart card is in a pocket-sized card with embedded integrated circuits which can process data. •With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g. encryption and mutual authentication) and intelligently with a smart card reader. •The smart card is made of plastic, generally PVC. The card may embed a hologram. Using smart cards is a strong security authentication for single sign-on within large companies and organizations. •Smart cards are used in secure identity applications like employee-ID badges, citizen-ID documents, electronic passports, driver license and online authentication devices.
4.4.2. BIOMETRIC: •Derived from the greek words ‘Bios’ and ‘Metric’ which means life and measurement respectively. •Biometrics is the science and technology of measuring and statistically analyzing biological data. •In IT, Biometrics refers to technologies that measures and analyzes human traits(like fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements) for authentication. •Biometric systems are relatively costly and are used in environments requiring high-level security.
4.5 Intrusion Detection System(IDS): •IDS monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. •They complement firewalls to detect if internal assets are being hacked or exploited. •Types of IDS: • Network Based(NIDS) • Host Based(HIDS) •A Network-based IDS monitors real-time network traffic for malicious activity and sends alarms for network traffic that meets certain attack patterns or signatures. •A Host-based IDS monitors computer or server files for anomalies and sends alarms for network traffic that meets a predetermined attack signature.
5. Security Services: • The security services provide specific kind of protection to system resources. • Security services ensure Confidentiality, Integrity, Authentication, and Non- Repudiation of data or message stored on the computer, or when transmitted over the network. • It provides assurance for access control and availability of resources to its authorized users. • A Security Mechanism should ensure following aspects: Confidentiality Integrity Access Control Authentication Non-repudiation Availability
•Confidentiality: • The confidentiality aspect specifies availability of information to only authorized users. In other words, it is the protection of data from unauthorized disclosure. It requires ensuring the privacy of data stored on a server or transmitted via a network, from being intercepted or stolen by unauthorized users. • Integrity: •It assures that the received data is exactly as sent by the sender, i.e. the data has not been modified, duplicated, reordered, inserted or deleted before reaching the intended recipient. The data received is the one actually sent and is not modified in transit. • Access Control: • It is the prevention of unauthorized use of a resource. This specifies the users who can have access to the resource, and what are the users permitted to do once access is allowed.
• Authentication: • It is the process of ensuring and confirming the identity of the user before revealing any information to the user. It also assures that the source of the received data is as claimed. Authentication is facilitated by the use of username and password, smart cards, biometric methods like retina scanning and fingerprints. • Non-Repudiation: •Prevents either sender or receiver from denying a transmitted message. For a message that is transmitted, proofs are available that the message was sent by the alleged sender and the message was received by the intended recipient. For example, if a sender places an order for a certain product to be purchased in a particular quantity, the receiver knows that it came from a specified sender. Non- repudiation deals with signatures. •Availability: • It assures that the data and resources requested by authorized users are available to them when requested.
Computer security
Computer security
Computer security

Empfohlen

Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
Online
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
Bill Gardner
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
mateenzero
 

Empfohlen

Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
Online
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
Bill Gardner
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
mateenzero
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
Jen Ruhman
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
Toño Herrera
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
Community IT Innovators
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Vaishak Chandran
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
Amos Oyoo
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
JayfErika
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
jubke
 
Computer security
Computer securityComputer security
Computer security
Ayesha Arshad
 
Network security
Network securityNetwork security
Network security
fatimasaham
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Cyber Security Awareness Training
Cyber Security Awareness TrainingCyber Security Awareness Training
Cyber Security Awareness Training
Buy Custom Papers
 
Security awareness
Security awarenessSecurity awareness
Security awareness
Josh Chandler
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
Jason Murray
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
PraphullaShrestha1
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
parveen837153
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 
Information security
Information securityInformation security
Information security
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
Computer security
Computer securityComputer security
Computer security
 
Network security
Network securityNetwork security
Network security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Cyber Security Awareness Training
Cyber Security Awareness TrainingCyber Security Awareness Training
Cyber Security Awareness Training
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 

Ähnlich wie Computer security

BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11
limsh
 

Ähnlich wie Computer security (20)

Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptx
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Ecommerce_Ch4.pptx
Ecommerce_Ch4.pptxEcommerce_Ch4.pptx
Ecommerce_Ch4.pptx
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy control
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).ppt
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
презентация1
презентация1презентация1
презентация1
 
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxMateri Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attacks
 
Lec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devicesLec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devices
 
Security problems.pptx
Security problems.pptxSecurity problems.pptx
Security problems.pptx
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Kürzlich hochgeladen (20)

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Computer security

  • 2. Objectives: 1.Introduction 2.Security threats and attacks 3.Malicious software 4.Security Mechanism 1. Cryptography 2. Digital Signatures 3. Firewall 4. User Identification and Authentication 5. Intrusion Detection System(IDS) 5.Security Services 6.Security awareness and Policy
  • 3.
  • 4. 1. Introduction: •Also known as Cyber Security or IT Security •Protection of computer system from theft and damage to hardware, software or information •Protection of computing systems and the data that they store or access. •Also the protection from misdirection from the service computer system provide •Includes controlling physical access to hardware •Good Security Standards follow the "90 / 10" Rule: • 10% of security safeguards are technical. • 90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices.
  • 5. 2. SECURITY THREAT AND SECURITY ATTACK: •A threat is a potential violation of security and causes harm. • A threat can be a malicious program, a natural disaster or a thief. • Vulnerability is a weakness of system that is left unprotected. Systems that are vulnerable are exposed to threats. •Threat is a possible danger that might exploit vulnerability; the actions that cause it to occur are the security attacks.
  • 6.  Types of security attack: •A. Passive Attack •B. Active Attack •A. Passive Attack: • Aims to get information from the system but it does not affect the system resources. •Passive attacks may analyze the traffic to find the nature of communication that is taking place, or, release the contents of the message to a person other than the intended receiver of the message. • Passive attacks are difficult to detect because they do not involve any alteration of the data. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
  • 7.
  • 8.  Active attack: • An active attack tries to alter the system resources or affect its operations. • Active attack may modify the data or create a false data. An active attack may be a masquerade (an entity pretends to be someone else), replay (capture events and replay them), modification of messages, and denial of service. •Active attacks are difficult to prevent. However, an attempt is made to detect an active attack and recover from them.
  • 9.
  • 10. Security attacks : On User : to the identity of user (someone else acting on your behalf by using personal information like password, PIN number in an ATM, credit card number, social security number etc) to the privacy of user: (tracking of users habits and actions—the website user visits, the buying habit of the user etc. Cookies and spam mails are used for attacking the privacy of users.)
  • 11. On Hardware: could be due to a natural calamity like floods or earthquakes  due to power related problems like power fluctuations etc.;  or by destructive actions of a burglar. Software Attacks: Harms data stored in Computer Software attacks may be due to malicious software, or, due to hacking. Malicious software or malware is a software code included into the system with a purpose to harm the system. Hacking is the most common attack
  • 12. 3. Malicious Software(malware): •Commonly known as malware is a software that brings a harm to a computer system. •It can take the form of executable code, scripts, active content, and other software. •It is commonly used for earning money illegally. •It steals protected data, delete documents or add software not approved by a user. Definition: “A program that is inserted into a program, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or Operating system or otherwise annoying or disturbing the victim”
  • 13. Malware can entry into your computer by •Questionable file downloads •Visiting infected website • Opening attachments or links from unknown or spoofed emails •Downloading software from malicious sites
  • 14.  Common types of malware •Viruses •Worms •Trojan horse •Rootkits •Spyware
  • 15. Virus: • Computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. Virus programs have the following properties: • It can attach itself to other healthy programs. •It can mainly affects the executable files(i.e. .exe files) • It can replicate itself and thus can spread across a network. • It is difficult to trace a virus after it has spread across a network. •e.g The Melissa virus, CrptoLocker, MyDoom etc.
  • 16. Viruses can harm the computer in many ways: •Corrupt or delete data or files on the computer, •Changes the functionality of software applications, • Use e-mail program to spread itself to other computers, • Erase everything on the hard disk •Degrade performance of the system by utilizing resources such as memory or disk space
  • 17. Worms: •A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. •It uses a computer network to spread itself, relying on security failures on the target computer to access it. Worms almost always cause at least some harm to the network Trojan Horse: •A Trojan horse is a malicious computer program which misrepresents itself to appear useful, routine, or interesting in order to persuade a victim to install it. •It is generally spread by some form of social engineering.
  • 18. Rootkits: •Software packages known as rootkits allow this concealment, by modifying the host's operating system so that the malware is hidden from the user. •Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Spyware: •Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer’s consent.
  • 19. Hacking: •Hacking is the unauthorized intrusion into a computer or a network •Hacking may result in a Denial of Service (DoS) attack. •The DoS attack prevents authorized users from accessing the resources of the computer. It aims at making the computer resource unusable or unavailable to its intended users. •Packet sniffing, e-mail hacking and password cracking are used to get the username and password of the system to gain access of the system.
  • 20. Ways to protect PC from malwares: • Keep your software, browsers, OS and plugins up to date •Don’t click on links within emails •Use free antivirus software •Use a firewall •Minimize downloads •Use a strong password •Use a pop-up blocker
  • 21. 4. Security Mechanism: • A process(or a device incorporating such a process) that is designed to prevent, detect or recover from a security attack. • Prevention involves mechanisms to prevent the computer from being damaged. • Detection requires mechanisms that allow detection of when, how, and by whom an attacked occurred. • Recovery involves mechanism to stop the attack, assess the damage done, and then repair the damage. Security Mechanisms: Cryptography Digital Signatures Firewall User Identification and Authentication Intrusion Detection System(IDS)
  • 22. 4.1 Cryptography: •Derived from the Greek word ‘Kryptos’ which means ‘Secret’. •Method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. •Uses a mathematical algorithm to transfer the data into a form that cannot be read by unauthorized user •The algorithm turns our data into machines codes, then stores them and then provides the info to the authorized person only. •Applications: ATM , Email-Passwords, E-Payment, Electronic Voting etc.
  • 23.
  • 24. Components of Cryptography: •Plaintext: • It is the data to be protected during transmission. •Encryption Algorithm: •It is a mathematical process that produces a cipher text for any given plaintext and encryption key. •Encryption Key: • It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the cipher text. •Cipher and Code: • bit-by-bit or character-by-character transformation without regard to the meaning of the message. Code replaces one word with another word or symbol. •. Cipher text: •It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. It can be intercepted or compromised by anyone who has access to the communication channel
  • 25. • Decryption Algorithm: • It is a mathematical process, that produces a unique plaintext for any given cipher text and decryption key. • Decryption Key: • It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the cipher text in order to compute the plaintext. • Certification Authorities (CA): • CAs are trusted third parties that issue digital certificates for use by other parties. A CA issues digital certificates which contains a public key, a name, an expiration date, the name of authority that issued the certificate, a serial number, any policies describing how the certificate was issued, how the certificate may be used, the digital signature of the certificate issuer, and any other information. •Hash Function: • A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31. 4.2 Digital Signatures: •A type of electronic signature that encrypts the documents with digital codes that are particularly difficult to duplicate. •Takes the concept of traditional paper based signing and turns them into an electronic fingerprint or code. •This code used is unique to both the document and the signer •Used to validate authenticity and integrity of a document. •Cryptographically binds an electronic identity into electronic document •Similar to public key cryptography(assymetric cryptography) •Here, the message is encrypted by a private key and decrypted by a public which is just opposite in cryptography.
  • 32.
  • 33. Algorithms in Digital Signatures: Digital signature scheme is a type of asymmetric cryptography. Digital signatures use the public key cryptography, which employs two keys—private key and public key. The digital signature scheme typically consists of three algorithms: •Key generation algorithm: • The algorithm outputs private key and a corresponding public key. •Signing algorithm: • It takes, message + private key, as input, and, outputs a digital signature. •Signature verifying algorithm: • It takes, message + public key + digital signature, as input, and, accepts or rejects digital signature.
  • 34.
  • 35. 4.3 Firewall: • A system designed to prevent unauthorized access to or from a private network. • Firewalls can be implemented in both hardware and software, or a combination of both. • Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. • All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security of the local network with one or more public IP addresses.
  • 36.
  • 37.
  • 38. Terminologies Related to Firewall: •Gateway: • The computer that helps to establish a connection between two networks is called gateway. A firewall gateway is used for exchanging information between a local network and the Internet. • Proxy Server: • A proxy server masks the local network’s IP address with the proxy server IP address, thus concealing the identity of local network from the external network. Web proxy and application-level gateway are some examples of proxy servers. A firewall can be deployed with the proxy for protecting the local network from external network. •Screening Routers: • They are special types of router with filters, which are used along with the various firewalls. Screening routers check the incoming and outgoing traffic based on the IP address, and ports.
  • 39. Types of Firewall: A.Packet Filter Firewall B.Circuit Filter Firewall C.Proxy Server or Application-level gateway A)Packet Filter Firewall: •Packet Filter Firewall is usually deployed on the routers . •It is the simplest kind of mechanism used in firewall protection. •It is implemented at the network level to check incoming and outgoing packets.
  • 40.
  • 41.
  • 42.
  • 43. B) Circuit Filter Firewall: Circuit filter firewalls provide more protection than packet filter firewalls. Circuit filter firewall is also known as a “stateful inspection” firewall. •It prevents transfer of suspected packets by checking them at the network layer. •It checks for all the connections made to the local network, in contrast, to the packet filter firewall which makes a filtering decision based on individual packets. •It takes its decision by checking all the packets that are passed through the network layer and using this information to generate a decision table. The circuit level filter uses these decisions tables to keep track of the connections that go through the firewall.
  • 44.
  • 45. C) Application-Level Gateway(Proxy Server): •Protects all the client applications running on a local network from the Internet by using the firewall itself as the gateway. •It creates a virtual connection between the source and the destination hosts. •A proxy firewall operates on the application layer. The proxy ensures that a direct connection from an external computer to local network never takes place. •The proxy automatically segregates all the packets depending upon the protocols used for them. •A proxy server must support various protocols. It checks each application or service, like Telnet or e-mail, when they are passed through it. •It is easy to implement on a local network. •It tends to be more secure than packet filters. Instead of checking the TCP and IP combinations that are to be allowed, it checks the allowable applications.
  • 46.
  • 47. 4.4 User Identification and Authentication: •Identification is the process whereby a system recognizes a valid user’s identity. •Authentication is the process of verifying the claimed identity of a user. •For example, a system uses user-password for identification. The user enters his password for identification. Authentication is the system which verifies that the password is correct, and thus the user is a valid user. •Authentication Mechanisms: 1.User name and password 2.Smart Card 3.Biometrics—Fingerprints, Iris/retina scan etc
  • 48. 4.4.1 . Smart Card: •A smart card is in a pocket-sized card with embedded integrated circuits which can process data. •With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g. encryption and mutual authentication) and intelligently with a smart card reader. •The smart card is made of plastic, generally PVC. The card may embed a hologram. Using smart cards is a strong security authentication for single sign-on within large companies and organizations. •Smart cards are used in secure identity applications like employee-ID badges, citizen-ID documents, electronic passports, driver license and online authentication devices.
  • 49. 4.4.2. BIOMETRIC: •Derived from the greek words ‘Bios’ and ‘Metric’ which means life and measurement respectively. •Biometrics is the science and technology of measuring and statistically analyzing biological data. •In IT, Biometrics refers to technologies that measures and analyzes human traits(like fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements) for authentication. •Biometric systems are relatively costly and are used in environments requiring high-level security.
  • 50. 4.5 Intrusion Detection System(IDS): •IDS monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. •They complement firewalls to detect if internal assets are being hacked or exploited. •Types of IDS: • Network Based(NIDS) • Host Based(HIDS) •A Network-based IDS monitors real-time network traffic for malicious activity and sends alarms for network traffic that meets certain attack patterns or signatures. •A Host-based IDS monitors computer or server files for anomalies and sends alarms for network traffic that meets a predetermined attack signature.
  • 51. 5. Security Services: • The security services provide specific kind of protection to system resources. • Security services ensure Confidentiality, Integrity, Authentication, and Non- Repudiation of data or message stored on the computer, or when transmitted over the network. • It provides assurance for access control and availability of resources to its authorized users. • A Security Mechanism should ensure following aspects: Confidentiality Integrity Access Control Authentication Non-repudiation Availability
  • 52. •Confidentiality: • The confidentiality aspect specifies availability of information to only authorized users. In other words, it is the protection of data from unauthorized disclosure. It requires ensuring the privacy of data stored on a server or transmitted via a network, from being intercepted or stolen by unauthorized users. • Integrity: •It assures that the received data is exactly as sent by the sender, i.e. the data has not been modified, duplicated, reordered, inserted or deleted before reaching the intended recipient. The data received is the one actually sent and is not modified in transit. • Access Control: • It is the prevention of unauthorized use of a resource. This specifies the users who can have access to the resource, and what are the users permitted to do once access is allowed.
  • 53. • Authentication: • It is the process of ensuring and confirming the identity of the user before revealing any information to the user. It also assures that the source of the received data is as claimed. Authentication is facilitated by the use of username and password, smart cards, biometric methods like retina scanning and fingerprints. • Non-Repudiation: •Prevents either sender or receiver from denying a transmitted message. For a message that is transmitted, proofs are available that the message was sent by the alleged sender and the message was received by the intended recipient. For example, if a sender places an order for a certain product to be purchased in a particular quantity, the receiver knows that it came from a specified sender. Non- repudiation deals with signatures. •Availability: • It assures that the data and resources requested by authorized users are available to them when requested.