Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security and Malicious Programs

Published byReginald McCarthy Modified over 6 years ago

Similar presentations

Presentation on theme: "Information Security and Malicious Programs"— Presentation transcript:

1 Information Security and Malicious Programs
BSAD 141 Dave Novak BDIS 4.2

2 Topics Covered Information security Virus versus worm
Incidental, intentional or accidental loss of data, data integrity or data confidentiality Intellectual property Virus versus worm How does encryption work? What is a digital signature?

3 Protecting Intellectual Assets
Organizational information is a form of capital - it must be protected Information security – protection of information from accidental loss of access, intentional misuse of or lost confidence in the integrity of data and information systems Downtime – Refers to a period of time when a system is unavailable

4 The Cost of Computer Viruses
16 M - estimated number of U.S. households with a “serious” computer virus in last 2 years 8 M – estimated number of U.S. households with a spyware problem in last 2 years $4.5 B - estimated total cost to households in lost money, time, or computing hardware and software in last 2 years

5 The Cost of Computer Viruses
$55 B - estimated annual cost to businesses in U.S. stemming from computer viruses $8 B - estimated annual cost to businesses to provide protection $525 / per employee per year

6 https://www. webpagefx

7 Threats Caused by Hackers and Viruses
Virus - Software / code written to replicate and may have malicious intent Polymorphic virus Trojan-horse virus Worm Denial-of-service attack (DoS) – floods a computer or site with requests Worm—a type of virus that spreads itself, not only from file to file, but also from computer to computer. The primary difference between a virus and a worm is that a virus must attach to something, such as an executable file, in order to spread. Worms do not need to attach to anything to spread and can tunnel themselves into computers. Denial-of-service attack (DoS)—floods a website with so many requests for service that it slows down or crashes the site Distributed denial-of-service attack (DDoS)—attacks from multiple computers that flood a website with so many requests for service that it slows down or crashes. A common type is the Ping of Death, in which thousands of computers try to access a website at the same time, overloading it and shutting it down. Trojan-horse virus—hides inside other software, usually as an attachment or a downloadable file Backdoor programs—viruses that open a way into the network for future attacks Polymorphic viruses and worms—change their form as they propagate

8 How Viruses Spread

9 Primary Difference Between Viruses and Worms?
Worm a type of virus that spreads itself, not only from file to file, but also from computer to computer The primary difference between a virus and a worm is that a virus must attach to something, such as an executable file, to spread. Worms do not need to attach to anything to spread and can tunnel themselves into computers

10 Tunneling in Networking
Port Forwarding or Tunneling A tunnel is a network communication channel between two networks – works with disparate protocols Tunneling is essential in modern networking All remote Virtual Private Networking (VPN) connections use tunnels

11 Tunneling in Networking
TCP/IP system addresses traffic to another system using combination of: 1) IP address 2) Port number (16-bit) unsigned integer ranging from 0 to 65,535 Combination of IP address and port number is called a socket Sending socket – :4532 Receiving socket – :80

12 TCP – Sockets Don’t specify port number when typing URL because applications “assume” the specific service you are using is using established port numbers that support the service Your Web browser generally addresses all URLs to TCP port 80 – default HTTP port A worm that “port hops” will basically move from one port to the next until it gains access to your computer

13 Threats Caused by Hackers and Viruses
Terms to be familiar with: Elevation of privilege - process by which a user misleads a system into granting unauthorized rights For example, an attacker might log on to a network by using a guest account, and then exploit a weakness in the software that lets the attacker change the guest privileges to administrative privileges

14 Threats Caused by Hackers and Viruses
Terms to be familiar with: Spoofing - forging the return address on an so that the message appears to come from someone other than the actual sender Sniffer - program or device that can monitor data traveling over a network Can show all the data being transmitted over a network, including passwords and sensitive information

15 Threats Caused by Hackers and Viruses
Terms to be familiar with: Packet tampering - altering the contents of packets as they travel over the network

16 Types of Malware Viruses Worms Spyware Adware
Intention is to capture activity or keystrokes unbeknownst to users or systems Adware Nuisance software that redirects web traffic or generates targeted advertisements using system resources without regard for user experience.

17 Anti-Virus and Anti-Spy Ware Software
An easy and effective way to protect yourself (to some degree) is to install anti-virus and anti-spy ware software There is no reason not to do this… Use common sense

18 People: 1st Line of Defense
To function, organizations must enable employees, customers, and partners to access information electronically The biggest issue surrounding information security is not a technical issue, but a people issue Insiders Social engineering Dumpster diving

19 Technology: 2nd Line of Defense
There are three primary information technology security areas 1) Authentication and authorization 2) Prevention and resistance 3) Detection and response

20 1) Authentication and Authorization
Authentication –Confirming users’ identities Authorization – The process of giving someone permission to do or have something The most secure type of authentication involves Something the user knows Something the user has Something that is part of the user

21 Something the User Knows:
Username and password is the most common way to identify individual users Also the most ineffective form of authentication Over 50 percent of help-desk calls are password related

22 Something the User Has:
Smart cards and tokens are more effective than a user ID and a password Tokens – Small electronic devices that change user passwords automatically Smart card – A device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing

23 Something That is Part of the User:
Biometrics – using physical characteristics such as a fingerprint, iris, face, voice, or handwriting to obtain access Unfortunately, this method can be costly and intrusive If your fingerprint is compromised, how do you change it?

24 Securing Data Communications
Encryption involves the conversion of plain text into code Both sender and receiver would have to translate the code to read the message Encryption Public key encryption (PKE) Certificate authority Digital certificate

25 Securing Data Communications
Encryption – two basic forms Symmetric or Private key encryption Asymmetric or Public key encryption (PKE) Encryption – scrambles information into an alternative form that requires a key or password to decrypt the information Public key encryption (PKE) – an encryption system that uses two keys: a public key for everyone and a private key for the recipient

26 Public Key Encryption An unpredictable (typically large and random) number is used to begin generation of a pair of keys suitable for use by an asymmetric key algorithm Source: Public-key cryptography [online] downloaded on 11/29/2010

27 Public key encryption In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt the message Security depends on the secrecy of that private key Source: Public-key cryptography [online] downloaded on 11/29/2010

28 Transit vs. Client Side Communications
Encryption protects data packets in transit it is virtually impossible to deduce the private key if you know the public key Clients can (and often are) compromised

29 Public key encryption In some related signature schemes, the private key is used to sign a message (using a digital signature); but anyone can check the signature using the public key Validity depends on private key security Source: Public-key cryptography [online] downloaded on 11/29/2010

30 Digital Signature Used to ensure that an electronic document is authentic (i.e. an is actually from the person you think it is from) A verifiable “stamp” of authenticity

31 Digital Signature Requires the ability to obtain a public key from a reputable and known 3rd party You need to be certain that the public key used for decryption actually belongs to the entity you think it belongs to Certificate Authority

32 Digital Signature 1) Hashing – transform message into shorter, fixed length value that represents the original message Highly unlikely that hashing other messages produces the same value 2) Message Digest – the output from hashing a message 3) Encrypting message digest with private key yields a digital signature

33 Digital Signature Plaintext Message Digest Digital Signature
Figure recreated from Kroenke (2008), Experiencing MIS Figure CE23-2, page 587 Hash plaintext, creating a message digest – this is not digital signature 2. Encrypt message digest with sender’s private key  creates digital signature 3. Combine plaintext and digital signature to create signed message and transmit both VERIFY DIGITAL SIGNATURE 5. Hash received plaintext msg with same hashing algorithm sender used  gives message digest 6. Decrypt digital signature with sender’s public key  gives message digest 7. Compare the two message digests Message Digest Digital Signature Digital Signature Plaintext Digital Signature Plaintext Plaintext Digital Signature = ? Message Digest Message Digest

34 Certificate Authority
VeriSign, Inc. provides authentication and verification of businesses worldwide

35 Detection and Response
Intrusion detection software – Network monitoring tools that search for patterns and anomalies in network traffic to identify possible security problems Numerous incorrect login attempts on a computer Unexplained shutdowns and reboots Incoming traffic from an unidentified source Attempted access to specific ports

36 Summary Viruses and worms Tunneling
Details of 1st and 2nd Lines of Defense People Technology Focus on public key encryption and digital signature

Download ppt "Information Security and Malicious Programs"

Similar presentations

Information and Ethics, Information Security and Malicious Programs BSAD 141 Dave Novak.

Information and Ethics, Information Security and Malicious Programs BSAD 141 Dave Novak.
CHAPTER OVERVIEW SECTION 4.1 – Ethics

CHAPTER OVERVIEW SECTION 4.1 – Ethics
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
BUSINESS PLUG-IN B6 Information Security.

BUSINESS PLUG-IN B6 Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
4-1 Chapter Four Overview SECTION 4.1 - ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.

4-1 Chapter Four Overview SECTION ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
CSUN Information Systems IS312 Information Systems for Business Lecture 9 Ethic & Information Security.

CSUN Information Systems IS312 Information Systems for Business Lecture 9 Ethic & Information Security.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS

CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) =.00625 * 5,349.44 = $33.434 What happens to the.004?.004+.004+.004=.012.004.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Similar presentations

Ads by Google