Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Information Security - National University of Sciences and
Document related concepts
Information security wikipedia , lookup
Unix security wikipedia , lookup
Quantum key distribution wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Cyberwarfare wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Airport security wikipedia , lookup
Distributed firewall wikipedia , lookup
Wireless security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Security printing wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Cyberattack wikipedia , lookup
Security-focused operating system wikipedia , lookup
Mobile security wikipedia , lookup
Transcript
Information Security ICT Fundamentals Presentation Credits • “Introduction to Computers” by Peter Norton • Dr Junaid, EE Dept, SEECS Today’s Topics • Computer Security • Network Security • Communication Security Basic Security Terminology • Threat: • Anything that can cause harm • Vulnerability • Existing weakness that can be exploited to do harm • Countermeasure • Steps taken to ward off threat Basic Security Terminology Computer Security • Malware • Malicious code that compromises your computer security when it enters your system • Viruses • Trojan Horses • Spyware Computer Security • Viruses • Attaches itself to some host program e.g. a word document • Executes when word document is opened • Make copies of itself by attaching itself by other host programs • Can do all sorts of damage • Fill up storage and memory, modify/destroy data, erase hard disk • Attack on Integrity Computer Security • Trojan Horses • Malicious program that appears to be friendly • E.g. Games • Open a “backdoor” to the infected system allowing someone else to access/take control of your system • Facilitates hacking of system • Hacking: To enter somebody system/account in an illegal way • Attack on confidentiality and authenticity Computer Security • Spyware • Can track user’s activities and report them to somebody else • Attack on Confidentiality Network Security • Worms • Malicious code that replicates itself • Can fill entire disks and spread to other computer • Attack on availability Network Security • Denial of Service Attacks (DoS) • A person hacks a system and uses it to attack other computers • Compromised system is called a zombie • Using large number of zombies, a person can send thousands of requests to web-Server effectively making it unavailable for legitimate users • Attack on availability Communication Security • Alice sends a message to Bob • A malicious person Eve can listen • Listening: Attack on confidentiality • Modify data and again transmit to Bob: Attack on integrity • Self generate a message and send to Bob, pretending that it came from Alice: Attack on authenticity • Alice sends a message to Bob and later denies sending it • Attack on Non-repudiability COUNTER MEASURES Computer and Network Security • Anti Virus Software • Anti Spyware • Firewall • Software or Hardware • Restricts who can/cannot connect to your system Communication Security • Authenticate • Ask for password before starting communication • Eve will not know the password, she cannot self generate the message • Encrypt • Talk in secret language • E.g Alice and Bob understand that a will be written as a+2 = c and b will be written as b+2 = d and so on • Eve does not know this, she cannot understand the message Communication Security • Hash functions • Do a summary of whole message using a technique that only Alice and Bob know • Append the summary to the message • If eve modifies message, she cannot recalculate summary because she does not know the technique • Digital Signatures • Digitally sign your message END OF CHAPTER
