Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unit 3 Section 6.4: Internet Security

Published byRosamond Gilbert Modified over 7 years ago

Similar presentations

Presentation on theme: "Unit 3 Section 6.4: Internet Security"— Presentation transcript:

1 Unit 3 Section 6.4: Internet Security

2 Types of issues Viruses Spam Worms Phishing/Pharming Spyware

3 Viruses A small program that attacks computers and replicates itself by attaching itself to other programs or files. List of computer viruses How Computer Viruses Work Computer viruses: description, prevention, and recovery

4 Spam Unsolicited junk emails What is spam?
Blind and partially sighted people are the inadvertent victims in a war being fought against the software robots used by spammers. SPAMfighter wins big spam filter test in Germany’s largest computer magazine

5 Worms A small program that attacks computers by exploiting network security weaknesses and replicates itself through computer networks. Worm strikes down Windows 2000 systems A computer worm is a self-replicating computer program. The International Computer Science Institute is a non-profit institute in Berkeley, California. They pursue research on internet architecture and related networking issues.

6 Phishing and Pharming Phishing is when someone tries to get you to give them your personal information. Pharming is when a phisher changes DNS server information so that customers are directed to another site. Bank turmoil fuels phishing boom Committed to wiping out internet scams and fraud Recognize phishing scams and fraudulent Is a hacker’s attack aiming to redirect a website’s traffic to another, bogus website

7 Spyware A computer program that tracks and records a user’s actions e.g. websites visited. Can redirect a user’s browser to unwanted websites Can change computer settings

8 Firewalls A hardware device or program
Controls traffic between Internet and computer system Can be customised by setting rules on data packets allowed through Traffic can be blocked from specific IP addresses, domain names and port numbers Packet filtering Proxy server

9

10 Encryption Encryption algorithm Plain text encrypted into cipher text
Decryption algorithm and decryption key Cipher text decrypted to plain text Cryptography Cryptanalysis THE NUM8ER MY5TERIES: the case of the uncrackable code

11 Symmetric Encryption Cipher text can be decrypted using encryption algorithm and the encryption key Enigma machine used during WW II Code breakers at Bletchley Park Difficult to distribute symmetric key without being intercepted Easy to decrypt the message with key

12 Asymmetric encryption
Also called public key encryption e.g. RSA Pair of keys – public and private Private key is kept secret Encryption algorithm and public keys are freely available A message encrypted with A’s private key can only be decrypted with A’s public key A message encrypted with A’s public key can only be decrypted by A with it’s private key It’s slow

13 Digital Signatures and Certificates
To prove that an electronic message is genuine, a sender can digitally sign the message. This means it can be detected if the message has been tampered with and the signature is proof that it has been sent by the correct person. Digital signatures use asymmetric encryption. The process to send a message is as follows:

14 A digest (also known as a hash) is produced from the message using a hash function. The digest is a much reduced version of the original message (it is not possible to change a message digest back into the original message from which it was created). Message Digest Hash Function

15 The digest is then encrypted using the sender’s private key
The digest is then encrypted using the sender’s private key. The sender’s private key must be used instead of the receiver’s public key to prove it has been encrypted by the sender. The encrypted digest result is the digital signature. Encrypted Digest (Digital Signature) Encrypt using sender’s private key Digest

16 The encrypted digest (digital signature) is then appended to the original message.
Digital Signature Appended with

17 Encrypt using receiver’s public key
The message and digital signature are then encrypted using the receiver’s public key. The receiver’s public key must be used here so that only the receiver can decrypt the message with the private key. Message Encrypted Message Encrypt using receiver’s public key

18 The encrypted message is then sent by electronic mail.
Encrypted Message Send by

19 Digital Signatures and Certificates The process to verify that a message is genuine is as follows:

20 Decrypt using receiver’s private key
The message and signature are decrypted using the receiver’s private key. Message Encrypted Message Decrypt using receiver’s private key

21 Separate Digital Signature
The decrypted message is then separated into the original message and digital signature. Message Digital Signature Separate Digital Signature

22 The digital signature (encrypted digest) is then decrypted using the sender’s public key. This proves it has been sent by the person who owns the private key. Digital Signature (Encrypted Digest) Decrypt using sender’s public key Decrypted Digest

23 A new digest is produced from the original message using the same hash function as the original digest. Message Hash Function New Digest

24 The decrypted digest is then compared to the new digest
The decrypted digest is then compared to the new digest. If the decrypted digest is the same as the new digest then the message has not been tampered with. Decrypted Digest New Digest

25 Digital Signatures and Certificates Although this process sounds complicated it is all handled by the signing software so the messages can be signed and received using a simple click.

26 Digital Signatures and Certificates A digital certificate is issued by a certification authority. It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.

27 Virus detection Antivirus scanner software
Checks files against a dictionary of known viruses Users must regularly update the dictionary If infected file found then antivirus scanner will delete the virus from the file If unable to delete virus then file quarantined where file can be deleted

28 Computer Security Procedures
Authentication used to verify user is legitimate e.g. passwords, biometric data, security tokens, digital certificates Digitally signed is used to authenticate the sender thus reducing phishing attacks Authorisation by user ID and password Users authorised to use certain resources System administrator grants permissions to users Passwords and encryption used to keep data secret from unauthorised persons Accounting – systems generate activity logs e.g. website IP addresses logged

29 Past Paper Questions The following past papers have questions on Internet security. They are in the ‘6.4 Internet Security’ folder in Learning resources. January 2007 CPT5 Q5 January 2006 CPT5 Q7 January 2003 CPT5 Q5

30 Class work and Homework
Using the hyperlinks in this presentation research Viruses Spam Worms Phishing Pharming Spyware Firewalls Encryption Complete the past paper questions

Download ppt "Unit 3 Section 6.4: Internet Security"

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Quiz Review.

Quiz Review.
Security Issues: Phishing, Pharming, and Spam

Security Issues: Phishing, Pharming, and Spam
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.

Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
CSE 4482, Fall 2009, D Chan Session 2 – Common Security Techniques.

CSE 4482, Fall 2009, D Chan Session 2 – Common Security Techniques.
AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing 

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 

Similar presentations

Ads by Google