SlideShare ist ein Scribd-Unternehmen logo

System Security

Als PPTX, PDF herunterladen
Reddhi Basu
Reddhi Basu

The document discusses various topics related to computer security including threats, attacks, and security mechanisms. It defines key terms like intruder, threat, attack, and different types of security breaches. It describes common attack methods like masquerading, replay attacks, and man-in-the-middle attacks. It also discusses security mechanisms at the physical, human, operating system, and network levels and techniques for user authentication.

Bildung
1 von 54
Presented By : Antarleena Sikdar [530] Reddhi Basu [559] Anjan Karmakar [562]
Protection is strictly an internal problem. But Security, on the other hand, requires not only an adequate protection system but also consideration of the external environment within which the system operates. We say that a system is Secure if its resources are used and accessed as intended under all circumstances. Unfortunately total security can not be achieved. Nonetheless, we must have mechanisms to make security breaches a rare occurrence, rather than a norm. Security violations of the system can be categorized as – Intentional Accidental It is easier to protect against accidental misuse than against intentional misuse.
Intruder and Cracker: Those attempting to breach the security. Threat: The potential for a security violation such as the discovery of a vulnerability. Attack: The attempt to break security.
Breach of confidentiality: This type of violation involves unauthorized reading of data or theft of information. Capturing secret data from a system or a data stream, such as credit card information or identity information for identity theft can result directly in money for the intruder. Breach of integrity: This violation involves unauthorized modification of data. Such attacks can for example result in passing of liability to an innocent party or modification of the source code of an important commercial application.
Breach of availability: This violation involves unauthorized destruction of data. Web-site defacement is a common example of this type of security breach. Theft of service: This violation involves unauthorized use of resources. Denial of service: This violation involves preventing legitimate use of the system. These attacks are sometimes accidental.
Attackers use several methods in their attempts to breach security: A. The most common is Masquerading, in which one participant in a communication pretends to be someone else(another host or a person).By masquerading, attackers breach authentication, the correctness of identification; they can gain access that they would not normally be allowed or escalate their privileges- obtain privileges to which they would not normally be entitled. B. Another common attack is to replay a captured exchange of data. A Replay Attack consists of the malicious or fraudulent repeat of a valid data transmission. Sometimes the replay comprises of the entire attack- for example, in a repeat of a request to transfer money. But frequently it is done along with message modification, again to escalate privileges. C. Yet another kind of attack is the man-in-the-middle attack, in which the attacker sits in the data flow of a communication, masquerading as the sender to the receiver and vice versa. In a network communication, a man in the middle attack may be preceded by a session hijacking in which an active communication session is intercepted.
1)Physical:The site or sites containing the computer systems must be physically secured against armed or superstitious entry by intruders. 2)Human: Authorization must be done carefully to assure that only appropriate users have access to the system. 3)Operating System: The system must protect itself from accidental or purposeful security breaches. 4)Network: Much computer data in modern systems travels over private leased lines, shared lines like the internet, wireless connections, or dial-up lines. Intercepting these data could be just as harmful as breaking into a computer and interruption of communications could constitute a remote denial-of-service attack, diminishing users' use of and trust in the system.
If a system can not authenticate a user then authenticating that a message came from the user is pointless.Thus a major security problem for operating systems is user authentication. So how do we determine whether a user's identity is authentic? Generally user authentication is based on one or more of three things: 1)The user's possession of something- a card or a key. 2)The user's knowledge of something- a user identifier and a password 3)An attribute of the user- fingerprint, retina pattern or signature.
The most commmon approach to authenticate a user identity is the use of Passwords. When the user identifies himself by user ID or account name, he is asked for a passowrd.If the user- supplied password matches the password stored in the system, the system assumes that the account is being accessed by the owner of the account. Different passwords may be associated with different access rights. But in practice most systems require only one password for a user to gain full rights.
Passwords may be associated with different access rights. But in practice most systems require only one password for a user to gain full rights. Unfortunately, passwords can often be guessed, accidentally exposed, sniffed or illegally transferred from an authorized user to an unauthorized one.
There are three common ways to guess a password: 1. One way is for the intruder to know the user or to have information about the user. All too frequently people use obvious information as their passwords. 2. The other way is to use brute force, trying enumeration- or all possible combinations of valid password characters until the password is found. Short passwords are especially vulnerable to this method. Enumeration is less successful where systems allow longer passwords that include both uppercase and lowercase letters along with all numbers and punctuation characters. 3.Passwords can also be exposed as a result of visual or electronic monitoring.
One problem with all these approaches is the difficulty of keeping the passwords secret within the computer. UNIX system uses encryption to avoid the necessity of keeping its password list secret. Each user has a password. The system contains a function that is extremely difficult-impossible to invert but easy to compute. This function is used to encode all the passwords. Only encoded passwords are stored. When a user presents a password, it is encoded and compared against the stored encoded password. Even if the stored encoded password be seen, it can not be decoded, so the password can't be determined. Thus the password file does not need to be kept secret.
This approach can be generalized to the use of an algorithm as a password. The algorithm might be an integer function, for example. The system selects a random integer and presents it to the user. The user applies a function and replies with the correct result. The system also applies the same function. If the two results match , access is allowed. Yet another variation on the use of passwords for authentication involves the use of biometric measures. Palm or hand readers are commonly used to secure physical access. These readers match stored parameters against what is being read from hand-reader pads. The parameters can include temperature maps, finger length, finger width and line patterns. But devices for biometric measures are currently too large and expensive to be used for normal computer authentication.
•A Trojan horse is a code segment that misuses its environment. •A Trojan, is a type of malware that masquerades as a legitimate file or helpful program possibly with the purpose of granting a hacker unauthorized access to a computer. • According to a survey conducted by BitDefender from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world."
• Long search paths, such as are common on UNIX systems, exacerbate the Trojan horse problem. For instance, the use of “.” character in a search path, tells the shell to include the current directory in the search. So, if an user A has “.” in his search path, has set his current directory to user B’s directory, and enters a normal system command, the command would be executed from user B’s directory instead. The program would run on user B’s domain, allowing the program to do anything that the user is allowed to do, including deleting files.
 Use of the machine as part of a botnet (e.g. to perform automated spamming or to distribute Denial-of-Service attacks)  Electronic Money theft  Data Theft(e.g. retrieving passwords or credit card information)  Installation of software, including third-party malware  Downloading or uploading of files on the user's computer  Modification deletion of files  Crashing the Computer  Anonymizing Internet Viewing
Netbus Subseven or Sub7 Y3K Remote Administration Tool Back Orifice Beast Zeus The Blackhole Exploit Kit Flashback Trojan
An unsuspecting user logs in at a terminal and notices that he has apparently mistyped his password. He tries again and is successful. What has happened is that his authentication key and password have been stolen by the login emulator that was left running on the terminal by the thief. The emulator stored away the password, printed out a login error message, and exited; the user was then provided with a genuine login prompt.
Trap Door is a type of security breach where the designer of a program or a system leaves a hole in the software that only he is capable of using. A Trap Door is a secret entry point into a program that allows someone to gain access without normal methods of access authentication. Trapdoors can be included in the compiler as well. The compiler could generate standard object code as well as a trapdoor, regardless of the source code being compiled. Trapdoors pose a difficult problem since to detect them we have to analyze all the source code for all components of a system.
Programmers have been arrested for embezzling from banks by including rounding errors in their code, and having the occasional half cents credited to their accounts. This account crediting can add up to a large sum of money, considering the number of transactions that a large bank executes.
Stack or buffer overflow is the most common way for an attacker outside of the system, on a network or dial-up connection to gain unauthorized access to the target system. This be used by the unauthorised user for privilege escalation. Buffer overflow attacks are especially pernicious as it can be run within a system and travel over allowed communications channels. They can even bypass the security added by firewalls.
The attacker exploits a bug in the program. The bug can be a simple case of poor programming, in which the programmer neglected to code bounds checking on an input field. In this case, the attacker sends more data than the program was expecting. Using trial and error, or by examination of the source code of the attacked program if it is available, the attacker determines the vulnerability and writes a program to do the following: 1. Overflow an input field, command line argument, of input buffer until it writes into the stack. 2. Overwrite the current return address on the stack with the address of the exploit code loaded in the next step. 3. Write a simple setoff code for the next space in the stack that includes the commands that the attacker wishes to execute (e.g. spawn a shell)
A virus is a fragment of code embedded in a legitimate program unlike a worm which is structured as a complete, standalone program. Spread Of Viruses Viruses are spread by users downloading viral programs from public bulletin boards or exchanging disks containing an infection. Exchange of Microsoft Office documents are a common form of virus transmission these days because these documents contain so-called macros which are Visual Basic programs.
The Creeper virus was first detected on ARPANET. Creeper was an experimental self-replicating program written by Bob Thomas at BBN Technologies in 1971. Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.
On March 6, 1992, the 517th birthday of Michelangelo, the Michelangelo virus was scheduled to erase infected hard disk files. But because of the extensive popularity surrounding the virus, most sites had detected and destroyed the virus before it was activated, so it caused little or no damage.
In 2000, the Love Bug became very widespread. It appeared to be a love note sent by the friend of the receiver. Once invoked, by opening the Virtual Basic script, it propagated by sending itself to the first users in user’s email contact list. It just clogged user’s inbox and email systems, but was relatively harmless.
 A worm is a process that uses the spawn mechanism to clobber system performance.  The worm spawns copies of itself, using up system resources and perhaps locking out system use by all other processes. Worms Spread:  independently of human action  usually by utilizing a security hole in a piece of software  by scanning a network for another machine that has a specific security hole and copies itself to the new machine using the security hole
Robert Tappan Morris is an American computer scientist, best known for creating the Morris Worm in 1988, considered the first computer worm on Internet - and subsequently becoming the first person convicted under Computer Fraud and Abuse Act.
Denial of service does not involve stealing of resources or gaining information, but rather disabling legitimate use of a system or facilty. It is easier than breaking into a machine. They are network based. They fall into 2 categories:  1. An attack that uses so many facility resources that, in essence, no work can be done.  2. An attack that disrupts the network facility of the computer. It is impossible to prevent Denial of Service attacks. Frequently it is difficult to determine if a system slowdown is due to surge in use or an attack.
MAJOR Techniques Defense in Depth Security Policy Vulnerability Assessment Intrusion Detection Virus Protection
􀂄 Broadest security tool available 􀂄 Source and destination of messages cannot be trusted without cryptography 􀂄 Means to constrain potential senders (sources) and / or receivers (destinations) of messages 􀂄 Based on secrets (keys) Operating Symmetric and Asymmetric Encryption.
 A computer security policy defines the goals and elements of an organization's computer systems. The definition can be highly formal or informal. Security policies are enforced by organizational policies or security mechanisms. A technical implementation defines whether a computer system is secure or insecure. These formal policy models can be categorized into the core security principles of: Confidentiality, Integrity and Availability. Formal policy models Confidentiality policy model Integrity policies model Hybrid policy model
A vulnerability assessment is the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system. Examples of systems for which vulnerability assessments are performed include, but are not limited to, information technology systems, energy supply systems, water supply systems, transportation systems, and communication systems. Assessments are typically performed according to the following steps:  Cataloging assets and capabilities (resources) in a system.  Assigning quantifiable value (or at least rank order) and importance to those resources.  Identifying the vulnerabilities or threats to each resource.  Mitigating or eliminating the most serious vulnerabilities for the most valuable resources.
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies.
All Intrusion Detection Systems use one of two detection techniques: Statistical anomaly-based IDS A statistical anomaly-based IDS determines normal network activity like what sort of bandwidth is generally used, what protocols are used, what ports and devices generally connect to each other- and alert the administrator or user when traffic is detected which is anomalous(not normal). Signature-based IDS Signature based IDS monitors packets in the Network and compares with pre-configured and pre-determined attack patterns known as signatures. The issue is that there will be lag between the new threat discovered and Signature being applied in IDS for detecting the threat. During this lag time your IDS will be unable to identify the threat.
The problem of viruses can be dealt with by using antivirus software. They work by searching all the programs on a system for the specific pattern of instructions known to make up a virus. When they find a known pattern, they remove the instructions, disinfecting the program. The best protection against virus is the method of safe computing : purchasing unopened software from vendor and avoiding free or pirated copies from public sources or disk exchange.
Protection Antivirus software can provide real-time protection, meaning it can prevent unwanted processes from accessing your computer while you surf the Internet. Cleanup Antivirus software allows you to scan your computer for viruses and other unwanted programs, and provides you with the tools to get rid of them. Alerts Antivirus programs can alert you when something is trying to access your computer, or when something in your computer is trying to access something on the Internet. Updates Antivirus programs can update themselves, keeping your computer's protection up to date without you having to manually update it. Further Protection If an antivirus software finds an infected file that cannot be deleted, it can quarantine the file so that it cannot infect other files or programs on your computer.
A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services • only authorized traffic is allowed Auditing and controlling access • can implement alarms for abnormal behavior Itself immune to penetration Provides perimeter defence
Useless against attacks from the inside • Evildoer exists on inside • Malicious code is executed on an internal machine Organizations with greater insider threat • Banks and Military Protection must exist at each layer • Assess risks of threats at every layer Cannot protect against transfer of all virus infected programs or files • because of huge range of O/S & file types Can be spoofed and Tunneled.
Book : Operating System Concepts [Galvin, Silverschatz, Gagne] Websites: www.google.com www.wikipedia.com Pictures : Google images
System Security

Empfohlen

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.pptZaheer720515
 
Non repudiation
Non repudiationNon repudiation
Non repudiationJasleen Khalsa
 
Database security
Database securityDatabase security
Database securityMaryamAsghar9
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1Vamsee Krishna Kiran
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
9780840024220 ppt ch09
9780840024220 ppt ch099780840024220 ppt ch09
9780840024220 ppt ch09Kristin Harrison
 

Empfohlen

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.pptZaheer720515
 
Non repudiation
Non repudiationNon repudiation
Non repudiationJasleen Khalsa
 
Database security
Database securityDatabase security
Database securityMaryamAsghar9
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1Vamsee Krishna Kiran
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
9780840024220 ppt ch09
9780840024220 ppt ch099780840024220 ppt ch09
9780840024220 ppt ch09Kristin Harrison
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Network security
Network securityNetwork security
Network securityAli Kamil
 
Email security
Email securityEmail security
Email securityBaliram Yadav
 
Information security
Information securityInformation security
Information securityMustahid Ali
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Operating System Security
Operating System SecurityOperating System Security
Operating System SecurityRamesh Upadhaya
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
Network security
Network securityNetwork security
Network securitytoamma
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & PrivacyNawanan Theera-Ampornpunt
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Chapter 4
Chapter 4Chapter 4
Chapter 4Amy McMullin
 
Sql injection
Sql injectionSql injection
Sql injectionPallavi Biswas
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Social engineering
Social engineering Social engineering
Social engineering Vîñàý Pãtêl
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modellingn|u - The Open Security Community
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Database security
Database securityDatabase security
Database securityCAS
 
Telecommunication survey 2010
Telecommunication survey 2010Telecommunication survey 2010
Telecommunication survey 2010Zoha Qureshi
 
Telecom industry in india
Telecom industry in indiaTelecom industry in india
Telecom industry in indiaSandhir Sharma, Ph.D. (Management)
 

Weitere ähnliche Inhalte

Was ist angesagt?

Network security
Network securityNetwork security
Network securityAli Kamil
 
Information security
Information securityInformation security
Information securityMustahid Ali
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Operating System Security
Operating System SecurityOperating System Security
Operating System SecurityRamesh Upadhaya
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
Network security
Network securityNetwork security
Network securitytoamma
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Database security
Database securityDatabase security
Database securityCAS
 

Was ist angesagt? (20)

Network security
Network security Network security
Network security
 
Network security
Network securityNetwork security
Network security
 
Email security
Email securityEmail security
Email security
 
Information security
Information securityInformation security
Information security
 
Cia security model
Cia security modelCia security model
Cia security model
 
Operating System Security
Operating System SecurityOperating System Security
Operating System Security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network security
Network securityNetwork security
Network security
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 
Network security
Network securityNetwork security
Network security
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
Sql injection
Sql injectionSql injection
Sql injection
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Social engineering
Social engineering Social engineering
Social engineering
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
 
Database security
Database securityDatabase security
Database security
 

Andere mochten auch

Telecommunication survey 2010
Telecommunication survey 2010Telecommunication survey 2010
Telecommunication survey 2010Zoha Qureshi
 
Types of telecommunication for mis
Types of telecommunication for misTypes of telecommunication for mis
Types of telecommunication for misShukun Karthika
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMANAND MURALI
 
Basic of telecommunication presentation
Basic of telecommunication presentationBasic of telecommunication presentation
Basic of telecommunication presentationhannah05
 
telecommunication-ppt
telecommunication-ppttelecommunication-ppt
telecommunication-pptsecomps
 
Evolution Of Telecommunication
Evolution Of TelecommunicationEvolution Of Telecommunication
Evolution Of TelecommunicationRohan Attravanam
 

Andere mochten auch (8)

Telecommunication survey 2010
Telecommunication survey 2010Telecommunication survey 2010
Telecommunication survey 2010
 
Telecom industry in india
Telecom industry in indiaTelecom industry in india
Telecom industry in india
 
Types of telecommunication for mis
Types of telecommunication for misTypes of telecommunication for mis
Types of telecommunication for mis
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
 
Basic of telecommunication presentation
Basic of telecommunication presentationBasic of telecommunication presentation
Basic of telecommunication presentation
 
telecommunication-ppt
telecommunication-ppttelecommunication-ppt
telecommunication-ppt
 
PPT FOR SECURITY
PPT FOR SECURITYPPT FOR SECURITY
PPT FOR SECURITY
 
Evolution Of Telecommunication
Evolution Of TelecommunicationEvolution Of Telecommunication
Evolution Of Telecommunication
 

Ähnlich wie System Security

Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Komal Mehfooz
 
Protection and security
Protection and securityProtection and security
Protection and securitymbadhi
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking pptNitesh Dubey
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Securityprachi67
 
OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYRohitK71
 
Security in network computing
Security in network computingSecurity in network computing
Security in network computingManoj VNV
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
E commerce security 4
E commerce security 4E commerce security 4
E commerce security 4Anne ndolo
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
 
Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxyoufanlimboo
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Cengage Learning
 

Ähnlich wie System Security (20)

Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz)
 
Computer security
Computer securityComputer security
Computer security
 
Ns unit 6,7,8
Ns unit 6,7,8Ns unit 6,7,8
Ns unit 6,7,8
 
Protection and security
Protection and securityProtection and security
Protection and security
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking ppt
 
Security Threats
Security ThreatsSecurity Threats
Security Threats
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Unit 7
Unit 7Unit 7
Unit 7
 
Insecurity vssut
Insecurity vssutInsecurity vssut
Insecurity vssut
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
 
OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITY
 
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
E commerce security 4
E commerce security 4E commerce security 4
E commerce security 4
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
 

Mehr von Reddhi Basu

Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System ThreatsReddhi Basu
 
Exception Handling
Exception HandlingException Handling
Exception HandlingReddhi Basu
 
Software Engineering - Software Models
Software Engineering - Software ModelsSoftware Engineering - Software Models
Software Engineering - Software ModelsReddhi Basu
 
Storage Class Specifiers in C++
Storage Class Specifiers in C++Storage Class Specifiers in C++
Storage Class Specifiers in C++Reddhi Basu
 
Storage Class Specifiers
Storage Class SpecifiersStorage Class Specifiers
Storage Class SpecifiersReddhi Basu
 

Mehr von Reddhi Basu (6)

Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
 
Exception Handling
Exception HandlingException Handling
Exception Handling
 
Software Engineering - Software Models
Software Engineering - Software ModelsSoftware Engineering - Software Models
Software Engineering - Software Models
 
Storage Class Specifiers in C++
Storage Class Specifiers in C++Storage Class Specifiers in C++
Storage Class Specifiers in C++
 
Storage Class Specifiers
Storage Class SpecifiersStorage Class Specifiers
Storage Class Specifiers
 
Big Data
Big DataBig Data
Big Data
 

Kürzlich hochgeladen

Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesShubhangi Sonawane
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfChris Hunter
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 

Kürzlich hochgeladen (20)

Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 

System Security

  • 1. Presented By : Antarleena Sikdar [530] Reddhi Basu [559] Anjan Karmakar [562]
  • 2.
  • 3. Protection is strictly an internal problem. But Security, on the other hand, requires not only an adequate protection system but also consideration of the external environment within which the system operates. We say that a system is Secure if its resources are used and accessed as intended under all circumstances. Unfortunately total security can not be achieved. Nonetheless, we must have mechanisms to make security breaches a rare occurrence, rather than a norm. Security violations of the system can be categorized as – Intentional Accidental It is easier to protect against accidental misuse than against intentional misuse.
  • 4. Intruder and Cracker: Those attempting to breach the security. Threat: The potential for a security violation such as the discovery of a vulnerability. Attack: The attempt to break security.
  • 5. Breach of confidentiality: This type of violation involves unauthorized reading of data or theft of information. Capturing secret data from a system or a data stream, such as credit card information or identity information for identity theft can result directly in money for the intruder. Breach of integrity: This violation involves unauthorized modification of data. Such attacks can for example result in passing of liability to an innocent party or modification of the source code of an important commercial application.
  • 6. Breach of availability: This violation involves unauthorized destruction of data. Web-site defacement is a common example of this type of security breach. Theft of service: This violation involves unauthorized use of resources. Denial of service: This violation involves preventing legitimate use of the system. These attacks are sometimes accidental.
  • 7. Attackers use several methods in their attempts to breach security: A. The most common is Masquerading, in which one participant in a communication pretends to be someone else(another host or a person).By masquerading, attackers breach authentication, the correctness of identification; they can gain access that they would not normally be allowed or escalate their privileges- obtain privileges to which they would not normally be entitled. B. Another common attack is to replay a captured exchange of data. A Replay Attack consists of the malicious or fraudulent repeat of a valid data transmission. Sometimes the replay comprises of the entire attack- for example, in a repeat of a request to transfer money. But frequently it is done along with message modification, again to escalate privileges. C. Yet another kind of attack is the man-in-the-middle attack, in which the attacker sits in the data flow of a communication, masquerading as the sender to the receiver and vice versa. In a network communication, a man in the middle attack may be preceded by a session hijacking in which an active communication session is intercepted.
  • 8.
  • 9. 1)Physical:The site or sites containing the computer systems must be physically secured against armed or superstitious entry by intruders. 2)Human: Authorization must be done carefully to assure that only appropriate users have access to the system. 3)Operating System: The system must protect itself from accidental or purposeful security breaches. 4)Network: Much computer data in modern systems travels over private leased lines, shared lines like the internet, wireless connections, or dial-up lines. Intercepting these data could be just as harmful as breaking into a computer and interruption of communications could constitute a remote denial-of-service attack, diminishing users' use of and trust in the system.
  • 10. If a system can not authenticate a user then authenticating that a message came from the user is pointless.Thus a major security problem for operating systems is user authentication. So how do we determine whether a user's identity is authentic? Generally user authentication is based on one or more of three things: 1)The user's possession of something- a card or a key. 2)The user's knowledge of something- a user identifier and a password 3)An attribute of the user- fingerprint, retina pattern or signature.
  • 11. The most commmon approach to authenticate a user identity is the use of Passwords. When the user identifies himself by user ID or account name, he is asked for a passowrd.If the user- supplied password matches the password stored in the system, the system assumes that the account is being accessed by the owner of the account. Different passwords may be associated with different access rights. But in practice most systems require only one password for a user to gain full rights.
  • 12. Passwords may be associated with different access rights. But in practice most systems require only one password for a user to gain full rights. Unfortunately, passwords can often be guessed, accidentally exposed, sniffed or illegally transferred from an authorized user to an unauthorized one.
  • 13. There are three common ways to guess a password: 1. One way is for the intruder to know the user or to have information about the user. All too frequently people use obvious information as their passwords. 2. The other way is to use brute force, trying enumeration- or all possible combinations of valid password characters until the password is found. Short passwords are especially vulnerable to this method. Enumeration is less successful where systems allow longer passwords that include both uppercase and lowercase letters along with all numbers and punctuation characters. 3.Passwords can also be exposed as a result of visual or electronic monitoring.
  • 14. One problem with all these approaches is the difficulty of keeping the passwords secret within the computer. UNIX system uses encryption to avoid the necessity of keeping its password list secret. Each user has a password. The system contains a function that is extremely difficult-impossible to invert but easy to compute. This function is used to encode all the passwords. Only encoded passwords are stored. When a user presents a password, it is encoded and compared against the stored encoded password. Even if the stored encoded password be seen, it can not be decoded, so the password can't be determined. Thus the password file does not need to be kept secret.
  • 15. This approach can be generalized to the use of an algorithm as a password. The algorithm might be an integer function, for example. The system selects a random integer and presents it to the user. The user applies a function and replies with the correct result. The system also applies the same function. If the two results match , access is allowed. Yet another variation on the use of passwords for authentication involves the use of biometric measures. Palm or hand readers are commonly used to secure physical access. These readers match stored parameters against what is being read from hand-reader pads. The parameters can include temperature maps, finger length, finger width and line patterns. But devices for biometric measures are currently too large and expensive to be used for normal computer authentication.
  • 16.
  • 17.
  • 18. •A Trojan horse is a code segment that misuses its environment. •A Trojan, is a type of malware that masquerades as a legitimate file or helpful program possibly with the purpose of granting a hacker unauthorized access to a computer. • According to a survey conducted by BitDefender from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world."
  • 19. • Long search paths, such as are common on UNIX systems, exacerbate the Trojan horse problem. For instance, the use of “.” character in a search path, tells the shell to include the current directory in the search. So, if an user A has “.” in his search path, has set his current directory to user B’s directory, and enters a normal system command, the command would be executed from user B’s directory instead. The program would run on user B’s domain, allowing the program to do anything that the user is allowed to do, including deleting files.
  • 20.  Use of the machine as part of a botnet (e.g. to perform automated spamming or to distribute Denial-of-Service attacks)  Electronic Money theft  Data Theft(e.g. retrieving passwords or credit card information)  Installation of software, including third-party malware  Downloading or uploading of files on the user's computer  Modification deletion of files  Crashing the Computer  Anonymizing Internet Viewing
  • 21. Netbus Subseven or Sub7 Y3K Remote Administration Tool Back Orifice Beast Zeus The Blackhole Exploit Kit Flashback Trojan
  • 22. An unsuspecting user logs in at a terminal and notices that he has apparently mistyped his password. He tries again and is successful. What has happened is that his authentication key and password have been stolen by the login emulator that was left running on the terminal by the thief. The emulator stored away the password, printed out a login error message, and exited; the user was then provided with a genuine login prompt.
  • 23.
  • 24. Trap Door is a type of security breach where the designer of a program or a system leaves a hole in the software that only he is capable of using. A Trap Door is a secret entry point into a program that allows someone to gain access without normal methods of access authentication. Trapdoors can be included in the compiler as well. The compiler could generate standard object code as well as a trapdoor, regardless of the source code being compiled. Trapdoors pose a difficult problem since to detect them we have to analyze all the source code for all components of a system.
  • 25. Programmers have been arrested for embezzling from banks by including rounding errors in their code, and having the occasional half cents credited to their accounts. This account crediting can add up to a large sum of money, considering the number of transactions that a large bank executes.
  • 26.
  • 27. Stack or buffer overflow is the most common way for an attacker outside of the system, on a network or dial-up connection to gain unauthorized access to the target system. This be used by the unauthorised user for privilege escalation. Buffer overflow attacks are especially pernicious as it can be run within a system and travel over allowed communications channels. They can even bypass the security added by firewalls.
  • 28. The attacker exploits a bug in the program. The bug can be a simple case of poor programming, in which the programmer neglected to code bounds checking on an input field. In this case, the attacker sends more data than the program was expecting. Using trial and error, or by examination of the source code of the attacked program if it is available, the attacker determines the vulnerability and writes a program to do the following: 1. Overflow an input field, command line argument, of input buffer until it writes into the stack. 2. Overwrite the current return address on the stack with the address of the exploit code loaded in the next step. 3. Write a simple setoff code for the next space in the stack that includes the commands that the attacker wishes to execute (e.g. spawn a shell)
  • 29.
  • 30. A virus is a fragment of code embedded in a legitimate program unlike a worm which is structured as a complete, standalone program. Spread Of Viruses Viruses are spread by users downloading viral programs from public bulletin boards or exchanging disks containing an infection. Exchange of Microsoft Office documents are a common form of virus transmission these days because these documents contain so-called macros which are Visual Basic programs.
  • 31. The Creeper virus was first detected on ARPANET. Creeper was an experimental self-replicating program written by Bob Thomas at BBN Technologies in 1971. Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.
  • 32. On March 6, 1992, the 517th birthday of Michelangelo, the Michelangelo virus was scheduled to erase infected hard disk files. But because of the extensive popularity surrounding the virus, most sites had detected and destroyed the virus before it was activated, so it caused little or no damage.
  • 33. In 2000, the Love Bug became very widespread. It appeared to be a love note sent by the friend of the receiver. Once invoked, by opening the Virtual Basic script, it propagated by sending itself to the first users in user’s email contact list. It just clogged user’s inbox and email systems, but was relatively harmless.
  • 34.
  • 35.  A worm is a process that uses the spawn mechanism to clobber system performance.  The worm spawns copies of itself, using up system resources and perhaps locking out system use by all other processes. Worms Spread:  independently of human action  usually by utilizing a security hole in a piece of software  by scanning a network for another machine that has a specific security hole and copies itself to the new machine using the security hole
  • 36. Robert Tappan Morris is an American computer scientist, best known for creating the Morris Worm in 1988, considered the first computer worm on Internet - and subsequently becoming the first person convicted under Computer Fraud and Abuse Act.
  • 37.
  • 38.
  • 39. Denial of service does not involve stealing of resources or gaining information, but rather disabling legitimate use of a system or facilty. It is easier than breaking into a machine. They are network based. They fall into 2 categories:  1. An attack that uses so many facility resources that, in essence, no work can be done.  2. An attack that disrupts the network facility of the computer. It is impossible to prevent Denial of Service attacks. Frequently it is difficult to determine if a system slowdown is due to surge in use or an attack.
  • 40.
  • 41. MAJOR Techniques Defense in Depth Security Policy Vulnerability Assessment Intrusion Detection Virus Protection
  • 42. 􀂄 Broadest security tool available 􀂄 Source and destination of messages cannot be trusted without cryptography 􀂄 Means to constrain potential senders (sources) and / or receivers (destinations) of messages 􀂄 Based on secrets (keys) Operating Symmetric and Asymmetric Encryption.
  • 43. A computer security policy defines the goals and elements of an organization's computer systems. The definition can be highly formal or informal. Security policies are enforced by organizational policies or security mechanisms. A technical implementation defines whether a computer system is secure or insecure. These formal policy models can be categorized into the core security principles of: Confidentiality, Integrity and Availability. Formal policy models Confidentiality policy model Integrity policies model Hybrid policy model
  • 44. A vulnerability assessment is the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system. Examples of systems for which vulnerability assessments are performed include, but are not limited to, information technology systems, energy supply systems, water supply systems, transportation systems, and communication systems. Assessments are typically performed according to the following steps:  Cataloging assets and capabilities (resources) in a system.  Assigning quantifiable value (or at least rank order) and importance to those resources.  Identifying the vulnerabilities or threats to each resource.  Mitigating or eliminating the most serious vulnerabilities for the most valuable resources.
  • 45. An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies.
  • 46. All Intrusion Detection Systems use one of two detection techniques: Statistical anomaly-based IDS A statistical anomaly-based IDS determines normal network activity like what sort of bandwidth is generally used, what protocols are used, what ports and devices generally connect to each other- and alert the administrator or user when traffic is detected which is anomalous(not normal). Signature-based IDS Signature based IDS monitors packets in the Network and compares with pre-configured and pre-determined attack patterns known as signatures. The issue is that there will be lag between the new threat discovered and Signature being applied in IDS for detecting the threat. During this lag time your IDS will be unable to identify the threat.
  • 47. The problem of viruses can be dealt with by using antivirus software. They work by searching all the programs on a system for the specific pattern of instructions known to make up a virus. When they find a known pattern, they remove the instructions, disinfecting the program. The best protection against virus is the method of safe computing : purchasing unopened software from vendor and avoiding free or pirated copies from public sources or disk exchange.
  • 48. Protection Antivirus software can provide real-time protection, meaning it can prevent unwanted processes from accessing your computer while you surf the Internet. Cleanup Antivirus software allows you to scan your computer for viruses and other unwanted programs, and provides you with the tools to get rid of them. Alerts Antivirus programs can alert you when something is trying to access your computer, or when something in your computer is trying to access something on the Internet. Updates Antivirus programs can update themselves, keeping your computer's protection up to date without you having to manually update it. Further Protection If an antivirus software finds an infected file that cannot be deleted, it can quarantine the file so that it cannot infect other files or programs on your computer.
  • 49.
  • 50. A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services • only authorized traffic is allowed Auditing and controlling access • can implement alarms for abnormal behavior Itself immune to penetration Provides perimeter defence
  • 51.
  • 52. Useless against attacks from the inside • Evildoer exists on inside • Malicious code is executed on an internal machine Organizations with greater insider threat • Banks and Military Protection must exist at each layer • Assess risks of threats at every layer Cannot protect against transfer of all virus infected programs or files • because of huge range of O/S & file types Can be spoofed and Tunneled.
  • 53. Book : Operating System Concepts [Galvin, Silverschatz, Gagne] Websites: www.google.com www.wikipedia.com Pictures : Google images