What is Computer Security Key Components Levels Challenges Attacks Desktop Security Why it is important Virus/Worms/Trojans Tips Web Security Malwares: spyware, keylogger, rootkits. Wi-Fi security.
Key concepts of security includes : CIA. Confidentiality Integrity Availability
Confidentiality – student grades Integrity – patient information Availability – authentication service Authenticity – admission ticket Non-repudiation – stock sell order
Low: Minor damage to organizational assets, small financial loss, etc. Moderate: Significant damage to organization. High: Causing life threatening injuries, organizations financially crashed.
Not simple – easy to get it wrong Must consider potential attacks Must decide where to deploy mechanisms Requires regular monitoring : a process, not an event Too often an after-thought
Active Attacks: Interception, monitoring. Passive Attacks: Man –in-the-middle, Denial of Service, Modification.
In-secured compromised system implications Crash Sensitive, important data loss/leakage Financial loss Slow performance Programs/Software do not work as intended Network broadcast Infect other systems
Virus: A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels. Almost all viruses are attached to an executable file, which means the virus may exist on a system but will not be active or able to spread until a user runs or opens the malicious host file or program.
Worm: Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. Trojans: It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. Trojans are also known to create back doors to give malicious users access to the system.
Use Linux Anti-virus: Update, Real-time Scan, Full Scan Flash, Acrobat Reader, Java, Real Player, Quick Time needs to be updated regularly Use Firewall Sandbox: Sandboxie Safe web browser File Sharing Management Network Connection Usage User Account Control
Lock screen Avoid working in Administrator login Beware of social engineering tricks used to steal sensitive information services.msc to know which programs are automatically started Be cautious regarding removable storage Be cautious while browsing web and checking s Peer-to-peer sharing like BitTorrent is dangerous Password management System password Boot loader password
‘Delete’ does not permanently delete ‘Shift + Delete’ also does not permanently delete ‘format’ is misleading So, shred Sanitize browser of shared computer after use – Clear History, cache, cookies, reset browser Sanitize your device before selling/giving for repair
Malware: short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of executable code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software.
A small piece of software that watch web pages one visit and report that information May allow people to record the information Install without knowledge or by tricking Often runs even when the program that it rides upon is not running At the start up Watches web activities and tracks every web site Reports to the spyware website about the web activities done by us Spyware website creates profile of every individual Website delivers targeted ads to the individual
How it hides in the system Install at multiple locations at the hard disk Anti-spyware if detects any such spyware; other spywares are still alive in the machine Spyware can inject itself in some other application Silent Spyware vs. destructive program Hiding itself in the windows registry files
Often installed in two parts.exe file Automatically launches as startup.dll file.exe file launches.dll file and it does most of the damage Records all keystrokes : Keystrokes recorded may be sent to the attacker directly or saved in a file and sent at regular intervals Attacker examines the key strokes and gets necessary information
Used by intruder to gain access to someone’s PC without being detected Made of series of files and tools Can be installed similar to shareware Replace important components of OS with new software of same size, creation date etc. Installs backdoor daemon, automatic program Many also install keyloggers or sniffers May also send the log of the system
WAR DRIVERS: Common kind of intruder which looks for unprotected networks which he can break into. They user software which makes it easy to find unprotected networks. Some use high power antennas in order to find as many networks as they can. In business networks they target, they look for proprietary business information or be looking to do malicious damage. When they target a home network, they might look for personal information, such as credit card numbers, or be looking to damage computers.
Wi-Fi hotspot allows people with laptops, PDAS or other devices Food restaurants, hotels and airports, free Connected to a network and vulnerable to other people ex file sharing feature Use of sniffer to capture packets of others
Evil twin hack, hacker creates a twin of existing hotspot to fool the people. (SSID) He uses special tool (hotspotter) Hotspotter will act as an access point to allow the client to authenticate and associate
Use Encryption methods (WPA 2) WEP: Wireless Encryption Protocol. WPA: Wi-Fi Protected Access. Use of Intrusion detection system. (Honeypot) Position network antennas so signal does not reach outside the building