2. AGENDA
What is Information Security?
Threats
Why Information Security?
What can we do?
3. What is Information Security?
Information security (infosec) is a set of
strategies for managing the
processes, tools and policies
necessary to prevent, detect,
document and counter threats to
digital and non-digital information.
5. CIA triad
Infosec programs are built around the core
objectives of the CIA triad: maintaining the
confidentiality
integrity
availability
of IT systems and business data.
These objectives ensure that sensitive
information is only disclosed to authorized
parties (confidentiality), prevent
unauthorized modification of data (integrity)
and guarantee the data can be accessed by
authorized parties when requested
(availability).
6. Threats
Malware:
◦ Hostile, intrusive, or annoying software or
program code ("malicious" + "software“)
◦ Includes computer viruses, worms, trojan horses,
bots, spyware, adware, etc
◦ Software is considered malware based on the
intent of the creator rather than any particular
features
7. Threats
Internet bot:
◦ also known as web robots, are automated
internet applications controlled by software
agents
◦ These bots interact with network services
intended for people, carrying out monotonous
tasks and behaving in a humanlike manner (i.e.,
computer game bot)
◦ Bots can gather information, reply to queries,
provide entertainment, and serve commercial
purposes.
◦ Botnet - a network of "zombie" computers used
to do automated tasks such as spamming or
reversing spamming
8. Definitions
Adware:
◦ Advertising-supported software is any
software package which automatically plays,
displays, or downloads advertising material to a
computer after the software is installed on it or
while the application is being used.
◦ Adware is software integrated into or bundled
with a program, typically as a way to recover
programming development costs through
advertising income
9. Threats
Spyware:
◦ A broad category of software designed to
intercept or take partial control of a computer's
operation without the informed consent of that
machine's owner or legitimate user
◦ In simpler terms, spyware is a type of program
that watches what users do with their computer
and then sends that information over the internet
10. Threats
Spyware:
◦ Spyware can collect many different types of
information about a user:
Records the types of websites a user visits
Records what is typed by the user to intercept
passwords or credit card numbers
Used to launch “pop up” advertisements
◦ Many legitimate companies incorporate forms of
spyware into their software for purposes of
advertisement(Adware)
15. Threats
Phishing:
◦ A criminal activity using social engineering
techniques.
◦ An attempt to acquire sensitive data, such as
passwords and credit card details, by
masquerading as a trustworthy person or
business in an electronic communication.
◦ Typically carried out using email or an instant
message
17. Identity Theft
Protecting your online privacy is the
best step you can take in preventing
the new but popular crime of Identity
Theft: stealing someone's "identity" in
order to fraudulently carry out
monetary transactions in the name of
the stolen identity.
18. Why Information Security
(infosec)?
Governments, commercial businesses, and
individuals are all storing information
electronically
◦ compact, instantaneous transfer, easy access
Ability to use information more efficiently has
resulted in a rapid increase in the value of
information
Information stored electronically faces new
and potentially more damaging security
threats
◦ can potentially be stolen from a remote location
◦ much easier to intercept and alter electronic
communication than its paper-based
predecessors
19. What can we do?
Firewalls
A "network firewall" is like a filter for
Internet messages: it lets some pass
through, but blocks others.
A firewall selectively allows certain
messages to pass through based on
its type (e-mail, web, file sharing). All
other messages are stopped at the
gates.
20. Authenticating Sites and Using
Encryption
There are two main problems with the
out-of-the-box Internet:
i. identifying people or computers at
the other end of the network
ii. guarding against eavesdroppers.
Authentication solves the first problem,
and encryption solves the second.
21. Audit
A chronological record of system
activities that is sufficient to enable the
reconstruction and examination of a
given sequence of events
23. Symmetric and public key
cryptosystems
Symmetric-key cryptosystem
same key is used for encryption
and decryption
system with 1000 users requires
499,500 keys
◦ each pair of users requires a
different key
Example: DES
Public-key cryptosystem
separate keys for encryption
and decryption
system with 1000 users requires
2000 keys
◦ each individual user has
exactly two keys
Example: RSA