security in computer system 491 cs g 172
Download
Skip this Video
Download Presentation
Security in Computer System 491 CS-G(172)

Loading in 2 Seconds...

play fullscreen
1 / 22

Security in Computer System 491 CS-G(172) - PowerPoint PPT Presentation


  • 114 Views
  • Uploaded on

Security in Computer System 491 CS-G(172). By Manesh T [email protected] AGENDA. Overview of Security & Needs Concepts, Types of Viruses Different Types of Security Threats in Network Hacking, Ethical Hacking Attacks, services and mechanisms Security attacks-Types

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Security in Computer System 491 CS-G(172)' - trish


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
agenda
AGENDA
  • Overview of Security & Needs
  • Concepts, Types of Viruses
  • Different Types of Security
  • Threats in Network
  • Hacking, Ethical Hacking
  • Attacks, services and mechanisms
  • Security attacks-Types
  • Security services
  • Methods of Defense
  • A model for Internetwork Security
overview
Overview
  • What is security?
  • Why do we need security?
  • Who is vulnerable?
what is security
What is “Security”

Security is state of having

1. Freedom from risk or danger; safety.

2. Freedom from doubt, anxiety, or fear

Definition:

Security is the protection of assets. Three main aspects of security are

  • Protection
  • Detection
  • Reaction.
why do we need security
Why do we need security?
  • Protect vital information while still allowing access to those who need it
    • Trade secrets, medical records, etc.
  • Provide authentication and access control for resources
    • Ex: Bank Identity Card, ATM Card
  • Guarantee availability of resources
    • Must be available all the time
need for security
Need for Security
  • The Information Age- Internet Highway
  • Digital Assets- emails, documents
  • Static Assets- pictures, databases
  • Assets on Transit- emails(Comm. Networks)
who is vulnerable
Who is vulnerable?
  • Financial institutions and banks
  • Internet service providers
  • Pharmaceutical companies
  • Government and defense agencies
  • Internet users
  • Multinational corporations
  • ANYONE ON THE NETWORK
different types of security definitions
Different Types of Security-Definitions
  • Computer Security- generic name for the collection of tools designed to protect hardware or software modules.
  • Network Security- measures to protect data during their transmission
  • Internet Security- measures to protect data during their transmission over a collection of interconnected network
  • Information Security- All the three areas
basic terminologies
Basic Terminologies
  • Cryptography
    • Study of mathematical techniques related to aspects of information security (Set of techniques)
  • Cryptanalysis
    • The process of breaking the security policies
  • Cryptology

- Cryptography + cryptanalysis

  • Cryptosystems are computer systems used to encrypt data for secure transmission and storage
slide10

Types of Computer Virus

1.Time Bomb

2.Logical Bomb

3.Worm

4.Boot Sector Virus

5.Macros Virus

6.Trojan Horse

types of viruses
Types of Viruses
  • Time Bomb – Active when time/date comes
  • Logical Bomb – Active when some action comes
  • Worm- Self replicating in networks
  • Boot Sector Virus- During system boot, boot sector virus is loaded into main memory and destroys data stored in hard disk
  • Micro Virus- It is associated with application software like word and excel
  • Trojan Horse- usually email virus
launching the attack
Launching the attack

Steps are

  • Vulnerability
  • Threat
  • Discovery of Vulnerability
  • Exploitation of Vulnerability
  • Attack
attacks services and mechanisms
Attacks, Services and Mechanisms
  • Security Attack:Any action that compromises the security of information.
  • Security Mechanism:A mechanism that is designed to detect, prevent, or recover from a security attack.
  • Security Service:A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
security attacks
Security Attacks
  • Interruption: This is an attack on availability
  • Interception: This is an attack on confidentiality
  • Modification: This is an attack on integrity
  • Fabrication: This is an attack on authenticity
in this section
In This Section
  • What makes a network Vulnerable
    • Reasons for network attacks
  • Who Attacks Networks?
    • Who are the attackers? Why people attack?
  • Threats in Network transmission: Eavesdropping and Wiretapping
    • Different ways attackers attack a victim
what makes a network vulnerable
What Makes a Network Vulnerable
  • How network differ from a stand-alone environment:
    • Anonymity
      • Attacker can mount an attack from thousands of miles away; passes through many hosts
    • Many points of attack
      • Both targets and origins
      • An attack can come from any host to any host
    • Sharing
      • More users have the potential to access networked systems than on single computers
what makes a network vulnerable1
What Makes a Network Vulnerable
  • How network differ from a stand-alone environment:
    • Complexity of System
      • Reliable security is difficult to obtain
      • Complex as many users do not know what their computers are doing at any moment
    • Unknown Perimeter
      • One host may be a node on two different networks
      • Causing uncontrolled groups of possibly malicious users
    • Unknown Path
      • Can have multiple paths from one host to another.
who attacks networks
Who Attacks Networks
  • Challenge – what would happen if I tried this approach or technique? Can I defeat this network?
  • Fame
  • Money and Espionage(Spy)
  • Organized Crime
  • Ideology
    • Hacktivism – breaking into a computer system with the intent of disrupting normal operations but not causing serious damage
    • Cyberterroism- more dangerous than hacktivism can cause grave harm such as loss of life or severe economic damage
reference
Reference
  • Asoke K Talukder, Manish Chaitanya, Architecting Secure Software System, Aeurbach Publication, 2008
  • Howard M, Lipner S, The Security Development Lifecycle, Microsoft Press, 2006
  • Frank Swiderski, Window Snyder, Threat Modeling, Microsoft Press, 2004
  • John Viega, Gary McGraw, Building secure Software, How to Avoid Security problems in the Right Way, Addison-Wesley 2001
  • Tom Gallagher, Bryan Jeffries, Lawrence Landauer, Hunting Security Bugs, Microsoft Press, 2006
  • Ross Anderson, Security Engineering: A guide to Building dependable Distributed systems, John wiley, 2001.
ad