Chapter 1 - 1 ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.

Slides:



Advertisements
Similar presentations
Chapter 9 E-Security. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES Security in Cyberspace Conceptualizing Security Designing for Security.
Advertisements

Computer Security CIS326 Dr Rachel Shipsey.
1 Identification Who are you? How do I know you are who you say you are?
1 E-business Security and Control 2 Opening Case: Visa 10 commandments for online merchants – Maintaining a network firewall – Keeping security patches.
Chapter 7: Physical & Environmental Security
A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.
Is There a Security Problem in Computing? Network Security / G. Steffen1.
A Common Language for Computer Security Incidents John D. Howard, Thomas A. Longstaff Presented by: Jason Milletary 9 November 2000.
Lecture 1: Overview modified from slides of Lawrie Brown.
Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.
CSA 223 network and web security Chapter one
Security+ Guide to Network Security Fundamentals
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Threats and Attacks Principles of Information Security, 2nd Edition
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CPSC 6126 Computer Security Information Assurance.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
1 Kyung Hee University Prof. Choong Seon HONG Network Control.
Storage Security and Management: Security Framework
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Computer Crime and Information Technology Security
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
1.1 System Performance Security Module 1 Version 5.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
C8- Securing Information Systems
1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
John Carpenter & lecture & Information Security 2008 Lecture 1: Subject Introduction and Security Fundamentals.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
Information Security What is Information Security?
Lesson 2 Computer Security Incidents Taxonomy. Need an accepted taxonomy because... Provides a common frame of reference If no taxonomy, then we: Can’t.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 5: Basic Security.
Viewing Information Systems Security. The basic objectives of Information Security are the same as the basic objectives of EDP auditing. They are: 1.To.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,
Chap1: Is there a Security Problem in Computing?.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
Computer Security By Duncan Hall.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Threats, Attacks And Assets… By: Rachael L. Fernandes Roll no:
PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.
Keimyung University 1 Network Control Hong Taek Ju College of Information and Communication Keimyung University Tel:
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Securing Network Servers
By Arisara Sangsopapun
Security.
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Operating System Concepts
Mohammad Alauthman Computer Security Mohammad Alauthman
Chapter 5 Computer Security
Presentation transcript:

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities and Attacks –Characteristics of Computer Intrusion –Type of Threats –Points of Security Vulnerabilities –Methods of Defense Categories of Computer Attacks –Using an Attack Taxonomy –Consideration in Selecting an Attack Taxonomy –Simple Attack Taxonomy –Risk Based Attack Taxonomy Examples of Common Attack Methods Attack Prevention Methods Summary

Chapter ADCS CS262/0898/V1 Introduction Computer security protects computer and everything associated with it - building, terminals, printers, cabling, disks and tapes. Most importantly, computer security protects the information stored in a system. Hence often known as information security.

Chapter ADCS CS262/0898/V1 Threats to Computer Systems Threats Vulnerabilities Attacks

Chapter ADCS CS262/0898/V1 Threats Is defined as any potential occurrence, malicious or a possible danger that can affect the assets and resources associated with a computer system. Example: A person - a system cracker or a spy, A thing - a faulty equipment or An event - a fire or a flood.

Chapter ADCS CS262/0898/V1 Vulnerabilities Is a point where a system is susceptible to attack. In other words the presence of vulnerabilities allows bad things to happen on a computer system. Example: Physical: buildings and computer rooms are vulnerable. Natural: computers are very vulnerable to natural disasters such as fire, flood etc. Human: people who administer and user computer system represent greatest vulnerability of all.

Chapter ADCS CS262/0898/V1 Attack An attack on a computer system is some action taken by a malicious intruder that involves the exploitation of certain vulnerabilities to cause an existing threat to occur.

Chapter ADCS CS262/0898/V1 Characteristic of Computer Intrusion The target of computer crime involves - hardware, software, media, data and people. In any system, the weakest point is the most serious vulnerability.

Chapter ADCS CS262/0898/V1 Types of Threats Confidentiality threat: –To protect information from unauthorised disclosure. –Also known as secrecy or privacy. Integrity threat: –To ensure that information is accurate, complete and authentic. –Accuracy is more important than confidentiality of information. Availability threat: –To ensure that the computer systems work efficiently. –Able to recover quickly and completely if a disaster occurs. –Opposite of availability is denial of service.

Chapter ADCS CS262/0898/V1 Points of Security Vulnerabilities Attacks on hardware: –Computer hardware is so visible and hence easy to attack. –Includes power supply surge, unstable power supply etc. Attacks on Software: –Software can be destroyed maliciously or modified, deleted or misplaced. –Examples include time bomb, Trojan horse, computer bug etc. Attacks on data: –Available in many forms, such as electronic, printout and media. –Can be destroyed, changed, modified or deleted very easily.

Chapter ADCS CS262/0898/V1 Categories of Computer Attacks Attack Taxonomy: –Defined as any generalised categorisation of potential attacks that might occur on given computer system. –Classes of system like real-time systems, databases and local area networks. Consideration in selecting attack taxonomy: –Completeness –Appropriateness –Internal and External threats

Chapter ADCS CS262/0898/V1 Simple Attack Taxonomy

Chapter ADCS CS262/0898/V1 Risk Based Attack Taxonomy External information theft External abuse of resources Masquerading Pest programs Bypassing of internal controls

Chapter ADCS CS262/0898/V1 Risk Based Attack Taxonomy External information theft: –Involves unauthorised access to information without exploiting any mechanisms. –Abuse of mechanisms without direct access to the system. –Associated with disclosure threat. –Example, an individual glancing at a colleague's terminal screen. External abuse of resources: –Involves physical destruction of computer system hardware. –Associated with the integrity threat. –Example, direct vandalism.

Chapter ADCS CS262/0898/V1 Risk Based Attack Taxonomy External masquerading: –Involves a malicious intruder successfully impersonating another user. –Associated with disclosure, integrity or denial of service threats. –Example, intruder tapping into a communication media. Pest Program: –Programs that cause subsequent harm to computer system can be viewed as a time bomb. –Requires mechanisms internal to the computer system associated with integrity threat. –Example, Trojan horse and computer virus attacks.

Chapter ADCS CS262/0898/V1 Risk Based Attack Taxonomy Bypassing of Internal Controls: –Involves the explicit avoidance of authorisation, access and authority controls. –Associated with disclosure, integrity or denial of service threats. –Example, cracking techniques that subvert protective approaches.

Chapter ADCS CS262/0898/V1 Examples of Common Attack Methods Password spoof program Password theft by clever reasoning Logic bomb mail Schedule file removal Field separate attack Insertion of compiler Trojan horse

Chapter ADCS CS262/0898/V1 Examples of Common Attack Methods Password spoof program: –Trojan horse program is used to fake the normal login sequence. –Involves spoofing a user for login and password information. Password theft by clever reasoning: –Users typically create passwords that are mnemonic. –Hackers gain access by guessing of password of individuals. –Obtain a copy of password file and encryption function.

Chapter ADCS CS262/0898/V1 Examples of Common Attack Methods Logic bomb mail: –Programs that remain dormant until some predetermined logical condition on the target system becomes true. –May cause harm after the malicious intruder has escaped. –The login spoof might be viewed as a logic bomb. Schedule file removal: –A useful file offered on many types of operating systems. –Used to schedule program to be run at predetermined time. –Command can be combined with attack programs.

Chapter ADCS CS262/0898/V1 Examples of Common Attack Methods Field separate attack: –This attack relies on several technical assumptions underlying operating system. –Field separate can be redefined to include various characters. –Also relies on existence of system program invoked by a normal user. Insertion of compiler Trojan horse: –Programs used by many different users are the attractive target for Trojan horse for widespread damage. –Hence, compilers are attractive targets for Trojan horse insertion.

Chapter ADCS CS262/0898/V1 Attack Prevention Methods Individual screening Physical security Care in operations

Chapter ADCS CS262/0898/V1 Attack Prevention Methods Individual screening: –Involves checking the background, credentials and other personal attributes of individuals. –Used to trust user not to spoof other user or create compiler Trojan horse. Physical security: –This method involves securing the computer system facility. –Computer centres that are guarded, locked and monitored demonstrate this type of security control. –Advantage is external hardware damage is effectively controlled. –Disadvantage is may not useful for remote access.

Chapter ADCS CS262/0898/V1 Attack Prevention Methods Care in operations: –Involves individuals being careful in their day-to-day activities to avoid common types of attacks. –Users can often avoid password spoof attacks by clearing the terminals before login into system. –Similarly compiler attacks can be avoided by simple access and configuration controls.