2. DEFINITION
◈ The protection of information and its elements including
systems, hardware that use, store and transmit the information.
◈ Computer facilities have been physically protected for three
reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
3. PRINCIPLES OF COMPUTER SECURITY
◈ Guarantee data CONFIDENT
◈Protect the information INTEGRITY
◈ Assure resources AVAILABILITY
Ensuring that information is
accessible only to those authorized
to have access
Safeguarding the accuracy and
completeness of information and
processing methods
Ensuring that authorized users
have access to information and
associated assets when required
4. PASSIVE Attacks
◈Passive attack attempts to learn
or make use of information from
the system but does not affect
system resources.
◈Two types of passive attacks are
release of message contents and
traffic analysis.
NETWORK SECURITY THREATS
ACTIVE Attacks
◈ Active attacks involve some
modification of the data stream
or the creation of a false stream
and can be subdivided into four
categories : masquerade , replay,
modification of messages, and
denial of service.
8. Malicious Software
◈ Software deliberately designed to harm computer systems.
◈ Malicious software program causes undesired actions in
information systems.
◈ Spreads from one system to another through:
1. E-mail (through attachments)
2. Infected Pen drives
3. Downloading / Exchanging of corrupted files
4. Embedded into computer games
🔨
9. Trap Doors
◈ Secret undocumented entry point to the program.
An example of such feature is so called back door, which enables
intrusion to the target by passing user authentication methods.
A hole in the security of a system deliberately left in place by
designers or maintainers.
Trapdoor allows unauthorized access to the system.
Only purpose of a trap door is to "bypass" internal controls. It is up
to the attacker to determine how this circumvention of control can be
utilized for his benefit.
10. Logic Bomb
◈ A logic bomb is a piece of code intentionally inserted into a
software system that will set off a malicious function when specified
conditions are met.
◈Piggybacking: Many viruses, worms, and other code that are
malicious in nature, often carry a logic bomb that “detonates” under
given conditions. This may help the code on it’s journey as it worms
through your system undetected.
💣
11. Trojan Horse
◈ This is a malicious program with unexpected additional
functionality. It includes harmful features of which the user is not
aware.
Perform a different function than what these are advertised to do
(some malicious action e.g., steal the passwords).
Infects when user installs and executes infected programs.
Some types of Trojan horses include Remote Access Trojans (RAT),
Key Loggers, Password-Stealers (PSW), and logic bombs.
12. Virus
◈ These are the programs that spread to other software in the
system .i.e., program that incorporates copies of itself into other
programs.
Two major categories of viruses:
1. Boot sector virus : infect boot sector of systems.
become resident.
activate while booting machine
2. File virus : infects program files.
activates when program is run.
13. Worm /Bacteria
◈ Computer worms are similar to viruses in that they replicate
functional copies of themselves and can cause the same type of
damage.
◈ In contrast to viruses, which require the spreading of an infected
host file, worms are standalone software and do not require a host
program or human help to propagate.
◈ worm is faster than virus. E.g. The code red worm affected 3 lack
PCs in just 14 Hrs.
14. Preventing infection by malicious software
Use only trusted software, not pirated software.
Regularly take backup of the programs.
Use anti-virus software to detect and remove viruses.
Update virus database frequently to get new virus signatures.
Install firewall software, which hampers or prevents the functionality of
worms and Trojan horses.
Make sure that the e-mail attachments are secure.