SlideShare a Scribd company logo

Computer security

Mahesh Singh Madai, profile picture
Mahesh Singh Madai

This document discusses computer security and provides an overview of key concepts. It covers objectives like security threats and attacks, malicious software, and security mechanisms. Security threats can be passive or active attacks, while common types of malicious software include viruses, worms, Trojan horses, and spyware. The document also outlines security mechanisms like cryptography, digital signatures, firewalls, user identification/authentication, and intrusion detection systems. It defines security services that ensure confidentiality, integrity, authentication, and non-repudiation of data.

Technology
Related topics:
Information Security Security Measures
1 of 56
Downloaded 50 times
1
2
3
4
5
Most read
6
7
8
9
10
11
12
Most read
13
14
15
Most read
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
Computer Security
Objectives: 1.Introduction 2.Security threats and attacks 3.Malicious software 4.Security Mechanism 1. Cryptography 2. Digital Signatures 3. Firewall 4. User Identification and Authentication 5. Intrusion Detection System(IDS) 5.Security Services 6.Security awareness and Policy
Computer security
1. Introduction: •Also known as Cyber Security or IT Security •Protection of computer system from theft and damage to hardware, software or information •Protection of computing systems and the data that they store or access. •Also the protection from misdirection from the service computer system provide •Includes controlling physical access to hardware •Good Security Standards follow the "90 / 10" Rule: • 10% of security safeguards are technical. • 90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices.
2. SECURITY THREAT AND SECURITY ATTACK: •A threat is a potential violation of security and causes harm. • A threat can be a malicious program, a natural disaster or a thief. • Vulnerability is a weakness of system that is left unprotected. Systems that are vulnerable are exposed to threats. •Threat is a possible danger that might exploit vulnerability; the actions that cause it to occur are the security attacks.
 Types of security attack: •A. Passive Attack •B. Active Attack •A. Passive Attack: • Aims to get information from the system but it does not affect the system resources. •Passive attacks may analyze the traffic to find the nature of communication that is taking place, or, release the contents of the message to a person other than the intended receiver of the message. • Passive attacks are difficult to detect because they do not involve any alteration of the data. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
Computer security
 Active attack: • An active attack tries to alter the system resources or affect its operations. • Active attack may modify the data or create a false data. An active attack may be a masquerade (an entity pretends to be someone else), replay (capture events and replay them), modification of messages, and denial of service. •Active attacks are difficult to prevent. However, an attempt is made to detect an active attack and recover from them.
Computer security
Security attacks : On User : to the identity of user (someone else acting on your behalf by using personal information like password, PIN number in an ATM, credit card number, social security number etc) to the privacy of user: (tracking of users habits and actions—the website user visits, the buying habit of the user etc. Cookies and spam mails are used for attacking the privacy of users.)
On Hardware: could be due to a natural calamity like floods or earthquakes  due to power related problems like power fluctuations etc.;  or by destructive actions of a burglar. Software Attacks: Harms data stored in Computer Software attacks may be due to malicious software, or, due to hacking. Malicious software or malware is a software code included into the system with a purpose to harm the system. Hacking is the most common attack
3. Malicious Software(malware): •Commonly known as malware is a software that brings a harm to a computer system. •It can take the form of executable code, scripts, active content, and other software. •It is commonly used for earning money illegally. •It steals protected data, delete documents or add software not approved by a user. Definition: “A program that is inserted into a program, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or Operating system or otherwise annoying or disturbing the victim”
Malware can entry into your computer by •Questionable file downloads •Visiting infected website • Opening attachments or links from unknown or spoofed emails •Downloading software from malicious sites
 Common types of malware •Viruses •Worms •Trojan horse •Rootkits •Spyware
Virus: • Computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. Virus programs have the following properties: • It can attach itself to other healthy programs. •It can mainly affects the executable files(i.e. .exe files) • It can replicate itself and thus can spread across a network. • It is difficult to trace a virus after it has spread across a network. •e.g The Melissa virus, CrptoLocker, MyDoom etc.
Viruses can harm the computer in many ways: •Corrupt or delete data or files on the computer, •Changes the functionality of software applications, • Use e-mail program to spread itself to other computers, • Erase everything on the hard disk •Degrade performance of the system by utilizing resources such as memory or disk space
Worms: •A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. •It uses a computer network to spread itself, relying on security failures on the target computer to access it. Worms almost always cause at least some harm to the network Trojan Horse: •A Trojan horse is a malicious computer program which misrepresents itself to appear useful, routine, or interesting in order to persuade a victim to install it. •It is generally spread by some form of social engineering.
Rootkits: •Software packages known as rootkits allow this concealment, by modifying the host's operating system so that the malware is hidden from the user. •Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Spyware: •Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer’s consent.
Hacking: •Hacking is the unauthorized intrusion into a computer or a network •Hacking may result in a Denial of Service (DoS) attack. •The DoS attack prevents authorized users from accessing the resources of the computer. It aims at making the computer resource unusable or unavailable to its intended users. •Packet sniffing, e-mail hacking and password cracking are used to get the username and password of the system to gain access of the system.
Ways to protect PC from malwares: • Keep your software, browsers, OS and plugins up to date •Don’t click on links within emails •Use free antivirus software •Use a firewall •Minimize downloads •Use a strong password •Use a pop-up blocker
4. Security Mechanism: • A process(or a device incorporating such a process) that is designed to prevent, detect or recover from a security attack. • Prevention involves mechanisms to prevent the computer from being damaged. • Detection requires mechanisms that allow detection of when, how, and by whom an attacked occurred. • Recovery involves mechanism to stop the attack, assess the damage done, and then repair the damage. Security Mechanisms: Cryptography Digital Signatures Firewall User Identification and Authentication Intrusion Detection System(IDS)
4.1 Cryptography: •Derived from the Greek word ‘Kryptos’ which means ‘Secret’. •Method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. •Uses a mathematical algorithm to transfer the data into a form that cannot be read by unauthorized user •The algorithm turns our data into machines codes, then stores them and then provides the info to the authorized person only. •Applications: ATM , Email-Passwords, E-Payment, Electronic Voting etc.
Computer security
Components of Cryptography: •Plaintext: • It is the data to be protected during transmission. •Encryption Algorithm: •It is a mathematical process that produces a cipher text for any given plaintext and encryption key. •Encryption Key: • It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the cipher text. •Cipher and Code: • bit-by-bit or character-by-character transformation without regard to the meaning of the message. Code replaces one word with another word or symbol. •. Cipher text: •It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. It can be intercepted or compromised by anyone who has access to the communication channel
• Decryption Algorithm: • It is a mathematical process, that produces a unique plaintext for any given cipher text and decryption key. • Decryption Key: • It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the cipher text in order to compute the plaintext. • Certification Authorities (CA): • CAs are trusted third parties that issue digital certificates for use by other parties. A CA issues digital certificates which contains a public key, a name, an expiration date, the name of authority that issued the certificate, a serial number, any policies describing how the certificate was issued, how the certificate may be used, the digital signature of the certificate issuer, and any other information. •Hash Function: • A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length.
Computer security
Computer security
Computer security
Computer security
Computer security
4.2 Digital Signatures: •A type of electronic signature that encrypts the documents with digital codes that are particularly difficult to duplicate. •Takes the concept of traditional paper based signing and turns them into an electronic fingerprint or code. •This code used is unique to both the document and the signer •Used to validate authenticity and integrity of a document. •Cryptographically binds an electronic identity into electronic document •Similar to public key cryptography(assymetric cryptography) •Here, the message is encrypted by a private key and decrypted by a public which is just opposite in cryptography.
Computer security
Algorithms in Digital Signatures: Digital signature scheme is a type of asymmetric cryptography. Digital signatures use the public key cryptography, which employs two keys—private key and public key. The digital signature scheme typically consists of three algorithms: •Key generation algorithm: • The algorithm outputs private key and a corresponding public key. •Signing algorithm: • It takes, message + private key, as input, and, outputs a digital signature. •Signature verifying algorithm: • It takes, message + public key + digital signature, as input, and, accepts or rejects digital signature.
Computer security
4.3 Firewall: • A system designed to prevent unauthorized access to or from a private network. • Firewalls can be implemented in both hardware and software, or a combination of both. • Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. • All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security of the local network with one or more public IP addresses.
Computer security
Computer security
Terminologies Related to Firewall: •Gateway: • The computer that helps to establish a connection between two networks is called gateway. A firewall gateway is used for exchanging information between a local network and the Internet. • Proxy Server: • A proxy server masks the local network’s IP address with the proxy server IP address, thus concealing the identity of local network from the external network. Web proxy and application-level gateway are some examples of proxy servers. A firewall can be deployed with the proxy for protecting the local network from external network. •Screening Routers: • They are special types of router with filters, which are used along with the various firewalls. Screening routers check the incoming and outgoing traffic based on the IP address, and ports.
Types of Firewall: A.Packet Filter Firewall B.Circuit Filter Firewall C.Proxy Server or Application-level gateway A)Packet Filter Firewall: •Packet Filter Firewall is usually deployed on the routers . •It is the simplest kind of mechanism used in firewall protection. •It is implemented at the network level to check incoming and outgoing packets.
Computer security
Computer security
Computer security
B) Circuit Filter Firewall: Circuit filter firewalls provide more protection than packet filter firewalls. Circuit filter firewall is also known as a “stateful inspection” firewall. •It prevents transfer of suspected packets by checking them at the network layer. •It checks for all the connections made to the local network, in contrast, to the packet filter firewall which makes a filtering decision based on individual packets. •It takes its decision by checking all the packets that are passed through the network layer and using this information to generate a decision table. The circuit level filter uses these decisions tables to keep track of the connections that go through the firewall.
Computer security
C) Application-Level Gateway(Proxy Server): •Protects all the client applications running on a local network from the Internet by using the firewall itself as the gateway. •It creates a virtual connection between the source and the destination hosts. •A proxy firewall operates on the application layer. The proxy ensures that a direct connection from an external computer to local network never takes place. •The proxy automatically segregates all the packets depending upon the protocols used for them. •A proxy server must support various protocols. It checks each application or service, like Telnet or e-mail, when they are passed through it. •It is easy to implement on a local network. •It tends to be more secure than packet filters. Instead of checking the TCP and IP combinations that are to be allowed, it checks the allowable applications.
Computer security
4.4 User Identification and Authentication: •Identification is the process whereby a system recognizes a valid user’s identity. •Authentication is the process of verifying the claimed identity of a user. •For example, a system uses user-password for identification. The user enters his password for identification. Authentication is the system which verifies that the password is correct, and thus the user is a valid user. •Authentication Mechanisms: 1.User name and password 2.Smart Card 3.Biometrics—Fingerprints, Iris/retina scan etc
4.4.1 . Smart Card: •A smart card is in a pocket-sized card with embedded integrated circuits which can process data. •With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g. encryption and mutual authentication) and intelligently with a smart card reader. •The smart card is made of plastic, generally PVC. The card may embed a hologram. Using smart cards is a strong security authentication for single sign-on within large companies and organizations. •Smart cards are used in secure identity applications like employee-ID badges, citizen-ID documents, electronic passports, driver license and online authentication devices.
4.4.2. BIOMETRIC: •Derived from the greek words ‘Bios’ and ‘Metric’ which means life and measurement respectively. •Biometrics is the science and technology of measuring and statistically analyzing biological data. •In IT, Biometrics refers to technologies that measures and analyzes human traits(like fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements) for authentication. •Biometric systems are relatively costly and are used in environments requiring high-level security.
4.5 Intrusion Detection System(IDS): •IDS monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. •They complement firewalls to detect if internal assets are being hacked or exploited. •Types of IDS: • Network Based(NIDS) • Host Based(HIDS) •A Network-based IDS monitors real-time network traffic for malicious activity and sends alarms for network traffic that meets certain attack patterns or signatures. •A Host-based IDS monitors computer or server files for anomalies and sends alarms for network traffic that meets a predetermined attack signature.
5. Security Services: • The security services provide specific kind of protection to system resources. • Security services ensure Confidentiality, Integrity, Authentication, and Non- Repudiation of data or message stored on the computer, or when transmitted over the network. • It provides assurance for access control and availability of resources to its authorized users. • A Security Mechanism should ensure following aspects: Confidentiality Integrity Access Control Authentication Non-repudiation Availability
•Confidentiality: • The confidentiality aspect specifies availability of information to only authorized users. In other words, it is the protection of data from unauthorized disclosure. It requires ensuring the privacy of data stored on a server or transmitted via a network, from being intercepted or stolen by unauthorized users. • Integrity: •It assures that the received data is exactly as sent by the sender, i.e. the data has not been modified, duplicated, reordered, inserted or deleted before reaching the intended recipient. The data received is the one actually sent and is not modified in transit. • Access Control: • It is the prevention of unauthorized use of a resource. This specifies the users who can have access to the resource, and what are the users permitted to do once access is allowed.
• Authentication: • It is the process of ensuring and confirming the identity of the user before revealing any information to the user. It also assures that the source of the received data is as claimed. Authentication is facilitated by the use of username and password, smart cards, biometric methods like retina scanning and fingerprints. • Non-Repudiation: •Prevents either sender or receiver from denying a transmitted message. For a message that is transmitted, proofs are available that the message was sent by the alleged sender and the message was received by the intended recipient. For example, if a sender places an order for a certain product to be purchased in a particular quantity, the receiver knows that it came from a specified sender. Non- repudiation deals with signatures. •Availability: • It assures that the data and resources requested by authorized users are available to them when requested.
Computer security
Computer security
Computer security

More Related Content

PPTX
Vulnerability Assessment Presentation
Lionel Medina
 
PPTX
Security threats and safety measures
Dnyaneshwar Beedkar
 
PPTX
Malware
Anoushka Srivastava
 
PPTX
System security
sommerville-videos
 
PPTX
Types of attacks
Vivek Gandhi
 
PPT
Web Application Security
Abdul Wahid
 
PDF
Cyber Security Vulnerabilities
Siemplify
 
PPT
Web security
Muhammad Usman
 
Vulnerability Assessment Presentation
Lionel Medina
 
Security threats and safety measures
Dnyaneshwar Beedkar
 
Malware
Anoushka Srivastava
 
System security
sommerville-videos
 
Types of attacks
Vivek Gandhi
 
Web Application Security
Abdul Wahid
 
Cyber Security Vulnerabilities
Siemplify
 
Web security
Muhammad Usman
 

What's hot (20)

PPTX
Email security
Baliram Yadav
 
PDF
Computer Security
Frederik Questier
 
PPTX
Malicious software and software security
Prachi Gulihar
 
PPTX
Basics of Denial of Service Attacks
Hansa Nidushan
 
PPT
Computer Worms
sadique_ghitm
 
PPTX
Different types of attacks in internet
Rohan Bharadwaj
 
PPTX
Network security
Estiak Khan
 
PPTX
Unit-3.pptx
Ramya Nellutla
 
PPTX
NETWORK SECURITY
afaque jaya
 
PPTX
Virus and Worms
GrittyCC
 
PPTX
Intrusion detection
CAS
 
PPTX
Introduction to cyber security amos
Amos Oyoo
 
PPTX
Cybersecurity
A. Shamel
 
PPTX
WLAN Attacks and Protection
Chandrak Trivedi
 
PPTX
Firewall in Network Security
lalithambiga kamaraj
 
ODP
Email security
Ahmed EL-KOSAIRY
 
PPTX
cyber security presentation.pptx
kishore golla
 
PPT
STRIDE And DREAD
chuckbt
 
PPTX
Cyber security system presentation
A.S. Sabuj
 
PPTX
Cyber security
Dr. Kishor Nikam
 
Email security
Baliram Yadav
 
Computer Security
Frederik Questier
 
Malicious software and software security
Prachi Gulihar
 
Basics of Denial of Service Attacks
Hansa Nidushan
 
Computer Worms
sadique_ghitm
 
Different types of attacks in internet
Rohan Bharadwaj
 
Network security
Estiak Khan
 
Unit-3.pptx
Ramya Nellutla
 
NETWORK SECURITY
afaque jaya
 
Virus and Worms
GrittyCC
 
Intrusion detection
CAS
 
Introduction to cyber security amos
Amos Oyoo
 
Cybersecurity
A. Shamel
 
WLAN Attacks and Protection
Chandrak Trivedi
 
Firewall in Network Security
lalithambiga kamaraj
 
Email security
Ahmed EL-KOSAIRY
 
cyber security presentation.pptx
kishore golla
 
STRIDE And DREAD
chuckbt
 
Cyber security system presentation
A.S. Sabuj
 
Cyber security
Dr. Kishor Nikam
 
Ad

Similar to Computer security (20)

PDF
E Commerce security
Mayank Kashyap
 
PPT
COMPUTER SECURITY
Kak Yong
 
PPTX
Data security
Soumen Mondal
 
PPTX
Computer security
EktaVaswani2
 
PPTX
Computer security and
Rana Usman Sattar
 
PPTX
AAU Chapter 5.pptxpppppppppppppppppppppppt
AYNETUTEREFE1
 
PPTX
Computer security
sruthiKrishnaG
 
PDF
2.Security (1).pdfccccccccccccccccccccccccccccccccccccccccccccc
jacobdiriba
 
PDF
Sec0001 .pdf
mah902110
 
PPTX
Cyber security
Nimesh Gajjar
 
PPTX
FCT UNIT 5 Foundation of computing technologies.pptx
nandinikhalane
 
PPTX
Security Architectures and Models.pptx
RushikeshChikane2
 
PPTX
Computer , Internet and physical security.
Ankur Kumar
 
PPTX
AN INTRODUCTION TO COMPUTER SECURITY TECHNIQUES.pptx
olisahchristopher
 
PPTX
Dos unit 5
JebasheelaSJ
 
PPTX
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Eric Vanderburg
 
PPTX
Computer Security Presentation
PraphullaShrestha1
 
PPT
MIS part 4_CH 11.ppt
EndAlk15
 
PPTX
Computer security ethics_and_privacy
Ardit Meti
 
PPTX
Cyber security
Sabir Raja
 
E Commerce security
Mayank Kashyap
 
COMPUTER SECURITY
Kak Yong
 
Data security
Soumen Mondal
 
Computer security
EktaVaswani2
 
Computer security and
Rana Usman Sattar
 
AAU Chapter 5.pptxpppppppppppppppppppppppt
AYNETUTEREFE1
 
Computer security
sruthiKrishnaG
 
2.Security (1).pdfccccccccccccccccccccccccccccccccccccccccccccc
jacobdiriba
 
Sec0001 .pdf
mah902110
 
Cyber security
Nimesh Gajjar
 
FCT UNIT 5 Foundation of computing technologies.pptx
nandinikhalane
 
Security Architectures and Models.pptx
RushikeshChikane2
 
Computer , Internet and physical security.
Ankur Kumar
 
AN INTRODUCTION TO COMPUTER SECURITY TECHNIQUES.pptx
olisahchristopher
 
Dos unit 5
JebasheelaSJ
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Eric Vanderburg
 
Computer Security Presentation
PraphullaShrestha1
 
MIS part 4_CH 11.ppt
EndAlk15
 
Computer security ethics_and_privacy
Ardit Meti
 
Cyber security
Sabir Raja
 
Ad

Recently uploaded (20)

PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Teaching material agriculture food technology
LiaRayya
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Cloud computing and distributed systems.
kkkkkhan
 
A Presentation on Artificial Intelligence
memembruh336
 
Approach and Philosophy of On baking technology
30anthuong17
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Encapsulation theory and applications.pdf
gurumoop
 

Computer security

  • 2. Objectives: 1.Introduction 2.Security threats and attacks 3.Malicious software 4.Security Mechanism 1. Cryptography 2. Digital Signatures 3. Firewall 4. User Identification and Authentication 5. Intrusion Detection System(IDS) 5.Security Services 6.Security awareness and Policy
  • 4. 1. Introduction: •Also known as Cyber Security or IT Security •Protection of computer system from theft and damage to hardware, software or information •Protection of computing systems and the data that they store or access. •Also the protection from misdirection from the service computer system provide •Includes controlling physical access to hardware •Good Security Standards follow the "90 / 10" Rule: • 10% of security safeguards are technical. • 90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices.
  • 5. 2. SECURITY THREAT AND SECURITY ATTACK: •A threat is a potential violation of security and causes harm. • A threat can be a malicious program, a natural disaster or a thief. • Vulnerability is a weakness of system that is left unprotected. Systems that are vulnerable are exposed to threats. •Threat is a possible danger that might exploit vulnerability; the actions that cause it to occur are the security attacks.
  • 6.  Types of security attack: •A. Passive Attack •B. Active Attack •A. Passive Attack: • Aims to get information from the system but it does not affect the system resources. •Passive attacks may analyze the traffic to find the nature of communication that is taking place, or, release the contents of the message to a person other than the intended receiver of the message. • Passive attacks are difficult to detect because they do not involve any alteration of the data. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
  • 8.  Active attack: • An active attack tries to alter the system resources or affect its operations. • Active attack may modify the data or create a false data. An active attack may be a masquerade (an entity pretends to be someone else), replay (capture events and replay them), modification of messages, and denial of service. •Active attacks are difficult to prevent. However, an attempt is made to detect an active attack and recover from them.
  • 10. Security attacks : On User : to the identity of user (someone else acting on your behalf by using personal information like password, PIN number in an ATM, credit card number, social security number etc) to the privacy of user: (tracking of users habits and actions—the website user visits, the buying habit of the user etc. Cookies and spam mails are used for attacking the privacy of users.)
  • 11. On Hardware: could be due to a natural calamity like floods or earthquakes  due to power related problems like power fluctuations etc.;  or by destructive actions of a burglar. Software Attacks: Harms data stored in Computer Software attacks may be due to malicious software, or, due to hacking. Malicious software or malware is a software code included into the system with a purpose to harm the system. Hacking is the most common attack
  • 12. 3. Malicious Software(malware): •Commonly known as malware is a software that brings a harm to a computer system. •It can take the form of executable code, scripts, active content, and other software. •It is commonly used for earning money illegally. •It steals protected data, delete documents or add software not approved by a user. Definition: “A program that is inserted into a program, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or Operating system or otherwise annoying or disturbing the victim”
  • 13. Malware can entry into your computer by •Questionable file downloads •Visiting infected website • Opening attachments or links from unknown or spoofed emails •Downloading software from malicious sites
  • 14.  Common types of malware •Viruses •Worms •Trojan horse •Rootkits •Spyware
  • 15. Virus: • Computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. Virus programs have the following properties: • It can attach itself to other healthy programs. •It can mainly affects the executable files(i.e. .exe files) • It can replicate itself and thus can spread across a network. • It is difficult to trace a virus after it has spread across a network. •e.g The Melissa virus, CrptoLocker, MyDoom etc.
  • 16. Viruses can harm the computer in many ways: •Corrupt or delete data or files on the computer, •Changes the functionality of software applications, • Use e-mail program to spread itself to other computers, • Erase everything on the hard disk •Degrade performance of the system by utilizing resources such as memory or disk space
  • 17. Worms: •A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. •It uses a computer network to spread itself, relying on security failures on the target computer to access it. Worms almost always cause at least some harm to the network Trojan Horse: •A Trojan horse is a malicious computer program which misrepresents itself to appear useful, routine, or interesting in order to persuade a victim to install it. •It is generally spread by some form of social engineering.
  • 18. Rootkits: •Software packages known as rootkits allow this concealment, by modifying the host's operating system so that the malware is hidden from the user. •Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Spyware: •Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer’s consent.
  • 19. Hacking: •Hacking is the unauthorized intrusion into a computer or a network •Hacking may result in a Denial of Service (DoS) attack. •The DoS attack prevents authorized users from accessing the resources of the computer. It aims at making the computer resource unusable or unavailable to its intended users. •Packet sniffing, e-mail hacking and password cracking are used to get the username and password of the system to gain access of the system.
  • 20. Ways to protect PC from malwares: • Keep your software, browsers, OS and plugins up to date •Don’t click on links within emails •Use free antivirus software •Use a firewall •Minimize downloads •Use a strong password •Use a pop-up blocker
  • 21. 4. Security Mechanism: • A process(or a device incorporating such a process) that is designed to prevent, detect or recover from a security attack. • Prevention involves mechanisms to prevent the computer from being damaged. • Detection requires mechanisms that allow detection of when, how, and by whom an attacked occurred. • Recovery involves mechanism to stop the attack, assess the damage done, and then repair the damage. Security Mechanisms: Cryptography Digital Signatures Firewall User Identification and Authentication Intrusion Detection System(IDS)
  • 22. 4.1 Cryptography: •Derived from the Greek word ‘Kryptos’ which means ‘Secret’. •Method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. •Uses a mathematical algorithm to transfer the data into a form that cannot be read by unauthorized user •The algorithm turns our data into machines codes, then stores them and then provides the info to the authorized person only. •Applications: ATM , Email-Passwords, E-Payment, Electronic Voting etc.
  • 24. Components of Cryptography: •Plaintext: • It is the data to be protected during transmission. •Encryption Algorithm: •It is a mathematical process that produces a cipher text for any given plaintext and encryption key. •Encryption Key: • It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the cipher text. •Cipher and Code: • bit-by-bit or character-by-character transformation without regard to the meaning of the message. Code replaces one word with another word or symbol. •. Cipher text: •It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. It can be intercepted or compromised by anyone who has access to the communication channel
  • 25. • Decryption Algorithm: • It is a mathematical process, that produces a unique plaintext for any given cipher text and decryption key. • Decryption Key: • It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the cipher text in order to compute the plaintext. • Certification Authorities (CA): • CAs are trusted third parties that issue digital certificates for use by other parties. A CA issues digital certificates which contains a public key, a name, an expiration date, the name of authority that issued the certificate, a serial number, any policies describing how the certificate was issued, how the certificate may be used, the digital signature of the certificate issuer, and any other information. •Hash Function: • A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length.
  • 31. 4.2 Digital Signatures: •A type of electronic signature that encrypts the documents with digital codes that are particularly difficult to duplicate. •Takes the concept of traditional paper based signing and turns them into an electronic fingerprint or code. •This code used is unique to both the document and the signer •Used to validate authenticity and integrity of a document. •Cryptographically binds an electronic identity into electronic document •Similar to public key cryptography(assymetric cryptography) •Here, the message is encrypted by a private key and decrypted by a public which is just opposite in cryptography.
  • 33. Algorithms in Digital Signatures: Digital signature scheme is a type of asymmetric cryptography. Digital signatures use the public key cryptography, which employs two keys—private key and public key. The digital signature scheme typically consists of three algorithms: •Key generation algorithm: • The algorithm outputs private key and a corresponding public key. •Signing algorithm: • It takes, message + private key, as input, and, outputs a digital signature. •Signature verifying algorithm: • It takes, message + public key + digital signature, as input, and, accepts or rejects digital signature.
  • 35. 4.3 Firewall: • A system designed to prevent unauthorized access to or from a private network. • Firewalls can be implemented in both hardware and software, or a combination of both. • Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. • All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security of the local network with one or more public IP addresses.
  • 38. Terminologies Related to Firewall: •Gateway: • The computer that helps to establish a connection between two networks is called gateway. A firewall gateway is used for exchanging information between a local network and the Internet. • Proxy Server: • A proxy server masks the local network’s IP address with the proxy server IP address, thus concealing the identity of local network from the external network. Web proxy and application-level gateway are some examples of proxy servers. A firewall can be deployed with the proxy for protecting the local network from external network. •Screening Routers: • They are special types of router with filters, which are used along with the various firewalls. Screening routers check the incoming and outgoing traffic based on the IP address, and ports.
  • 39. Types of Firewall: A.Packet Filter Firewall B.Circuit Filter Firewall C.Proxy Server or Application-level gateway A)Packet Filter Firewall: •Packet Filter Firewall is usually deployed on the routers . •It is the simplest kind of mechanism used in firewall protection. •It is implemented at the network level to check incoming and outgoing packets.
  • 43. B) Circuit Filter Firewall: Circuit filter firewalls provide more protection than packet filter firewalls. Circuit filter firewall is also known as a “stateful inspection” firewall. •It prevents transfer of suspected packets by checking them at the network layer. •It checks for all the connections made to the local network, in contrast, to the packet filter firewall which makes a filtering decision based on individual packets. •It takes its decision by checking all the packets that are passed through the network layer and using this information to generate a decision table. The circuit level filter uses these decisions tables to keep track of the connections that go through the firewall.
  • 45. C) Application-Level Gateway(Proxy Server): •Protects all the client applications running on a local network from the Internet by using the firewall itself as the gateway. •It creates a virtual connection between the source and the destination hosts. •A proxy firewall operates on the application layer. The proxy ensures that a direct connection from an external computer to local network never takes place. •The proxy automatically segregates all the packets depending upon the protocols used for them. •A proxy server must support various protocols. It checks each application or service, like Telnet or e-mail, when they are passed through it. •It is easy to implement on a local network. •It tends to be more secure than packet filters. Instead of checking the TCP and IP combinations that are to be allowed, it checks the allowable applications.
  • 47. 4.4 User Identification and Authentication: •Identification is the process whereby a system recognizes a valid user’s identity. •Authentication is the process of verifying the claimed identity of a user. •For example, a system uses user-password for identification. The user enters his password for identification. Authentication is the system which verifies that the password is correct, and thus the user is a valid user. •Authentication Mechanisms: 1.User name and password 2.Smart Card 3.Biometrics—Fingerprints, Iris/retina scan etc
  • 48. 4.4.1 . Smart Card: •A smart card is in a pocket-sized card with embedded integrated circuits which can process data. •With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g. encryption and mutual authentication) and intelligently with a smart card reader. •The smart card is made of plastic, generally PVC. The card may embed a hologram. Using smart cards is a strong security authentication for single sign-on within large companies and organizations. •Smart cards are used in secure identity applications like employee-ID badges, citizen-ID documents, electronic passports, driver license and online authentication devices.
  • 49. 4.4.2. BIOMETRIC: •Derived from the greek words ‘Bios’ and ‘Metric’ which means life and measurement respectively. •Biometrics is the science and technology of measuring and statistically analyzing biological data. •In IT, Biometrics refers to technologies that measures and analyzes human traits(like fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements) for authentication. •Biometric systems are relatively costly and are used in environments requiring high-level security.
  • 50. 4.5 Intrusion Detection System(IDS): •IDS monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. •They complement firewalls to detect if internal assets are being hacked or exploited. •Types of IDS: • Network Based(NIDS) • Host Based(HIDS) •A Network-based IDS monitors real-time network traffic for malicious activity and sends alarms for network traffic that meets certain attack patterns or signatures. •A Host-based IDS monitors computer or server files for anomalies and sends alarms for network traffic that meets a predetermined attack signature.
  • 51. 5. Security Services: • The security services provide specific kind of protection to system resources. • Security services ensure Confidentiality, Integrity, Authentication, and Non- Repudiation of data or message stored on the computer, or when transmitted over the network. • It provides assurance for access control and availability of resources to its authorized users. • A Security Mechanism should ensure following aspects: Confidentiality Integrity Access Control Authentication Non-repudiation Availability
  • 52. •Confidentiality: • The confidentiality aspect specifies availability of information to only authorized users. In other words, it is the protection of data from unauthorized disclosure. It requires ensuring the privacy of data stored on a server or transmitted via a network, from being intercepted or stolen by unauthorized users. • Integrity: •It assures that the received data is exactly as sent by the sender, i.e. the data has not been modified, duplicated, reordered, inserted or deleted before reaching the intended recipient. The data received is the one actually sent and is not modified in transit. • Access Control: • It is the prevention of unauthorized use of a resource. This specifies the users who can have access to the resource, and what are the users permitted to do once access is allowed.
  • 53. • Authentication: • It is the process of ensuring and confirming the identity of the user before revealing any information to the user. It also assures that the source of the received data is as claimed. Authentication is facilitated by the use of username and password, smart cards, biometric methods like retina scanning and fingerprints. • Non-Repudiation: •Prevents either sender or receiver from denying a transmitted message. For a message that is transmitted, proofs are available that the message was sent by the alleged sender and the message was received by the intended recipient. For example, if a sender places an order for a certain product to be purchased in a particular quantity, the receiver knows that it came from a specified sender. Non- repudiation deals with signatures. •Availability: • It assures that the data and resources requested by authorized users are available to them when requested.