1 / 43

S5 CIT

S5 CIT Internet Security Computer Virus (Malicious Software) Attack E-mail viruses moves around in e-mail messages, usually replicates itself by automatically mailing itself to dozens of people in the victim’s e-mail address book. Computer Virus (Malicious Software) Attack Worms

HarrisCezar
Download Presentation

S5 CIT

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. S5 CIT Internet Security

  2. Computer Virus (Malicious Software)Attack • E-mail viruses • moves around in e-mail messages, • usually replicates itself by automatically mailing itself to dozens of people in the victim’s e-mail address book.

  3. Computer Virus (Malicious Software)Attack • Worms • a small piece of software that uses computer networks and security holes to replicate itself • A copy of the worm scans the network for another machine that has a specific security hole. • It copies itself to the new machine using the security hole, and then starts replicating from there, as well.

  4. Computer Virus (Malicious Software)Attack • Trojan Horses • simply a computer program • claims to do one thing, for example it may claim to be a game program • Instead it may allow hackers to view or steal files inside your computer • Trojan horses cannot replicate automatically.

  5. Unauthorized Access(Hacking and Cracking) • Breaking into computer networks • Defacing or damaging websites

  6. Unauthorized Access(Hacking and Cracking) • DoS (Denial of Service) attack on a website or network

  7. Unauthorized Access(Hacking and Cracking) • stealing valuable information such as password and credit card data

  8. Privacy Infringement and Identification problem • Privacy • You want your message to be read only by the intended receipt but not someone else. • Identification • You want to confirm that the sender or the receipt is really the person or organization. • You want the person or organization to prove themselves with a recognized identity.

  9. Avoid Computer Virus Attack • Do not accept files from high-risk sources such as • floppy disk from unknown people • pirated CDs • files downloaded from unknown sites • e-mail attachment from unknown people or with strange title. • Never run executable file (eg: .exe, .com) from e-mail attachment

  10. Avoid Computer Virus Attack • If the suspected file must be used, install an anti-virus program to check the file is safe. • Update the virus definition table regularly • Scan for computer virus regularly. You may schedule the scanning process each week. • Use the function of virus shielding to check each file for virus when executed.

  11. Avoid Computer Virus Attack • Set the BIOS so that your computer does not boot from a floppy disk or CD-ROM drive

  12. Prevent Unauthorized Access • User ID and Password • User ID and Password should be kept secret. • Password should be • difficult to guess • consist of numbers and alphabet (Both upper and lower case letters) • never use word from a dictionary or birthday to be a password.

  13. Prevent Unauthorized Access • Never enable “Auto Complete” function in public computer when you are logging in a system

  14. Prevent Unauthorized Access • Remember to log off the system before you leave. • Password should be changed regularly.

  15. Prevent Unauthorized Access • Authentication Device • Magnetic card • Smart card

  16. Prevent Unauthorized Access • Biometric authentication device like eye, fingerprint, face and voice recognition

  17. Prevent Unauthorized Access • Firewall • can be implemented in software and hardware • located at a network gateway that protects the resources of a private network from users from other networks • checks the incoming and outgoing data of the computer to ensure there is no unauthorized access

  18. Prevent Unauthorized Access • record all the transmission in and out of the network and alert the network administrator if there is any intrusion (入侵)

  19. Prevent Unauthorized Access • a school firewall can be set like this: • Allow traffic from the HTTP protocol, ie: port 80 • Allow remote access through the FTP protocol, ie: port 20 and 21 • Deny users access the web site “http://hk.games.yahoo.com/” • Deny all others transmission

  20. Prevent Unauthorized Access How to we strike a balance between security and convenience when setting up firewall?

  21. Tackling Privacy Infringement and Identification Problem • Encryption (加密) • the conversion of readable data into a form of unreadable characters to prevent unauthorized people accessing the data.

  22. Tackling Privacy Infringement and Identification Problem • A key is needed during the encryption process. • Using a key, the encrypted data can be decrypted (解密) back into its original form.

  23. Tackling Privacy Infringement and Identification Problem • Encryption • ensures Confidentially (機密性) as it can make sure the message is not leaked out during the transmission of data. • ensures Data Integrity (完整性) as it can make sure the message is not altered during the transmission of data.

  24. Tackling Privacy Infringement and Identification Problem • PKI (Public Key Infrastructure) • Data locked by the Public Key  unlocked by the corresponding Private Key

  25. Tackling Privacy Infringement and Identification Problem • Data locked by Private Key  unlocked by the corresponding Public Key

  26. Tackling Privacy Infringement and Identification Problem • Everybody can get the Public Key from the web site of a specific company, while the private key should be kept secretly.

  27. Tackling Privacy Infringement and Identification Problem • Digital Certificate • a digital document that includes the name, the public key and expiry date of a person or organization • issued by a Certificate Authority like The Hong Kong Post • identifies a person or organization on the Internet and ensure Authentication (身份鑑定).

  28. Tackling Privacy Infringement and Identification Problem • Digital Signature • A digitally signed document carries a digital certificate and is partially encrypted using a private key • This partially encrypted part is called digital signature.

  29. Tackling Privacy Infringement and Identification Problem • Digital Signature ensures Non-repudiation (不能否定性) • ie: both the sender and the receiver cannot deny an transaction if both of them use digital signature. • Eg: When A want to send a document to B: • A sign the document by his private key • Document is sent to B with A’ digital certificate • B opens the document using A’s public key • As Only A have A’s private key • So B can verify that the document is sent from A.

  30. Tackling Privacy Infringement and Identification Problem • Everybody can apply for a digital certificate. • One will get a private key (a 16-digit password) and software to install your digital certificate into your computer. • To further increase the security, the user can insert the Smart-ID card into the computer for verification of the identification.

  31. Tackling Privacy Infringement and Identification Problem

  32. Tackling Privacy Infringement and Identification Problem • Secure Socket Layer (SSL) • a protocol that provides secure data transmission via the Internet. • A web site that provides SSL must have a digital certificate, • and the user must use an Internet browser which supports SSL, like Internet Explorer.

  33. Tackling Privacy Infringement and Identification Problem • The customer can send their personal information to the website as SSL ensure the web site is genuine and the transmission is secure as it is encrypted • Web sites that uses SSL will begin the URL by “https://”,eg: https://www.ebank.hsbc.com.hk/

  34. Backup and Recovery • computer disaster like fire or failure of hardware may caused data loss, to protect our data, • regular backup should be done to ensure a computer system • data can be recovered after a computer disaster. • if data is lost, the backup copy is used to resume the operation of the computer system. This process is called Recovery. • Hardware used: CD-R, DVD-R, Magnetic Tape, MO

  35. Backup and Recovery • Recovery can also be done without a backup • By software • Data Recovery Software • By hardware • Directly read the data from the disk inside the hard disk

More Related