Security in Computer System 491 CS-G(172) By Manesh T

Slides:

Advertisements

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Advertisements

Is There a Security Problem in Computing? Network Security / G. Steffen1.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Cryptography and Network Security Chapter 1

1 Network Security Ola Flygt Växjö University

Computer Viruses.

Chapter 1 – Introduction

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

1 An Overview of Computer Security computer security.

Blekinge Institute of Technology, Sweden

Applied Cryptography for Network Security

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Introduction (Pendahuluan)  Information Security.

Chapter Threats in Networks Network Security / G. Steffen.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Securing Information Systems

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

What does “secure” mean? Protecting Valuables

Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.

1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

CSCE 522 Lecture 12 Program Security Malicious Code.

What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.

Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.

Network security Network security. Look at the surroundings before you leap.

John Carpenter & lecture & Information Security 2008 Lecture 1: Subject Introduction and Security Fundamentals.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Cryptography and Network Security (CS435) Part One (Introduction)

What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Topic 5: Basic Security.

Chap1: Is there a Security Problem in Computing?.

Csci5233 computer security & integrity 1 An Overview of Computer Security.

Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.

Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.

Computer Security By Duncan Hall.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

Computer threats, Attacks and Assets upasana pandit T.E comp.

Network Security and Cryptography

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

Lecture1.1(Chapter 1) Prepared by Dr. Lamiaa M. Elshenawy 1.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University

Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.

Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.

Security Issues in Information Technology

Unit 32 – Networked Systems Security

War between Good and Evil.

Lecture 8. Cyber Security, Ethics and Trust

Security in Networking

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

Chap 10 Malicious Software.

Prepared By : Binay Tiwari

Faculty of Science IT Department By Raz Dara MA.

Network Security Ola Flygt Växjö University

Chap 10 Malicious Software.

Computer Security By: Muhammed Anwar.

Mohammad Alauthman Computer Security Mohammad Alauthman

Presentation transcript:

Security in Computer System 491 CS-G(172) By Manesh T

AGENDA Overview of Security & Needs Concepts, Types of Viruses Different Types of Security Threats in Network Hacking, Ethical Hacking Attacks, services and mechanisms Security attacks-Types Security services Methods of Defense A model for Internetwork Security

Overview What is security? Why do we need security? Who is vulnerable?

What is “Security” Security is state of having 1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear Definition: Security is the protection of assets. Three main aspects of security are 1.Protection 2.Detection 3.Reaction.

Why do we need security? Protect vital information while still allowing access to those who need it –Trade secrets, medical records, etc. Provide authentication and access control for resources –Ex: Bank Identity Card, ATM Card Guarantee availability of resources –Must be available all the time

Need for Security The Information Age- Internet Highway Digital Assets- s, documents Static Assets- pictures, databases Assets on Transit- s(Comm. Networks)

Who is vulnerable? Financial institutions and banks Internet service providers Pharmaceutical companies Government and defense agencies Internet users Multinational corporations ANYONE ON THE NETWORK

Different Types of Security-Definitions Computer Security - generic name for the collection of tools designed to protect hardware or software modules. Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected network Information Security- All the three areas

Basic Terminologies Cryptography –Study of mathematical techniques related to aspects of information security (Set of techniques) Cryptanalysis –The process of breaking the security policies Cryptology - Cryptography + cryptanalysis Cryptosystems are computer systems used to encrypt data for secure transmission and storage

Types of Computer Virus 1.Time Bomb 2.Logical Bomb 3.Worm 4.Boot Sector Virus 5.Macros Virus 6.Trojan Horse

Types of Viruses Time Bomb – Active when time/date comes Logical Bomb – Active when some action comes Worm- Self replicating in networks Boot Sector Virus- During system boot, boot sector virus is loaded into main memory and destroys data stored in hard disk Micro Virus- It is associated with application software like word and excel Trojan Horse- usually virus

Launching the attack Steps are 1.Vulnerability 2.Threat 3.Discovery of Vulnerability 4.Exploitation of Vulnerability 5.Attack

Attacks, Services and Mechanisms Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.

Different Types of Security Attacks

Security Attacks Interruption: This is an attack on availability Interception: This is an attack on confidentiality Modification: This is an attack on integrity Fabrication: This is an attack on authenticity

Security Goals

Threats in Networks

In This Section What makes a network Vulnerable –Reasons for network attacks Who Attacks Networks? –Who are the attackers? Why people attack? Threats in Network transmission: Eavesdropping and Wiretapping –Different ways attackers attack a victim

What Makes a Network Vulnerable How network differ from a stand-alone environment: –Anonymity Attacker can mount an attack from thousands of miles away; passes through many hosts –Many points of attack Both targets and origins An attack can come from any host to any host –Sharing More users have the potential to access networked systems than on single computers

How network differ from a stand-alone environment: –Complexity of System Reliable security is difficult to obtain Complex as many users do not know what their computers are doing at any moment –Unknown Perimeter One host may be a node on two different networks Causing uncontrolled groups of possibly malicious users –Unknown Path Can have multiple paths from one host to another. What Makes a Network Vulnerable

Who Attacks Networks 1.Challenge – what would happen if I tried this approach or technique? Can I defeat this network? 2.Fame 3.Money and Espionage(Spy) 4.Organized Crime Ideology Hacktivism – breaking into a computer system with the intent of disrupting normal operations but not causing serious damage Cyberterroism- more dangerous than hacktivism can cause grave harm such as loss of life or severe economic damage

Reference Asoke K Talukder, Manish Chaitanya, Architecting Secure Software System, Aeurbach Publication, 2008 Howard M, Lipner S, The Security Development Lifecycle, Microsoft Press, 2006 Frank Swiderski, Window Snyder, Threat Modeling, Microsoft Press, 2004 John Viega, Gary McGraw, Building secure Software, How to Avoid Security problems in the Right Way, Addison-Wesley 2001 Tom Gallagher, Bryan Jeffries, Lawrence Landauer, Hunting Security Bugs, Microsoft Press, 2006 Ross Anderson, Security Engineering: A guide to Building dependable Distributed systems, John wiley, 2001.