Download presentation
Presentation is loading. Please wait.
1
James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures
2
James Tam Malicious Computer Programs Computer Viruses Trojan Horses WORMS
3
James Tam Computer Viruses A program that spreads from computer to computer making copies of itself. It may include a payload (action that modifies or destroys data) Most (but not all) viruses are written for a particular operating system Picture from Computer Confluence by Beekman
4
James Tam An Infamous Computer Virus The “I Love You” virus To read more about this virus http://www.cnn.com/2000/TECH/computing/05/04/iloveyou.01/
5
James Tam Computer Viruses (Prevention and Treatment) Many viruses are spread through email Avoid opening suspicious email attachments Get a good anti-virus program (works for Trojan horses and WORMS too) E.g., Symantec’s Norton Anti-virus (www.symantec.com) McAfee’s Virus Scan (http://www.mcafee.com which can be downloaded from http://www.ucalgary.ca/it/virus/)http://www.mcafee.com Update the virus definitions regularly
6
James Tam Trojan Horses Comes from Greek Mythology A computer version of the Trojan horse is a program that looks useful (or at least benign) that if used could cause many problems e.g., unleashing a virus Alternatively it can be a modified form of an existing program that results in unexpected side effects when run
7
James Tam An Infamous Trojan Horse Happy ‘ 99 Picture care of www.isdnllc.com
8
James Tam WORMS Can travel from computer to computer without human assistance. A famous WORM
9
James Tam Malicious Computer Usage Hacking Denial of service attacks Login spoofing Identity spoofing Logic bombs Trap doors
10
James Tam Hackers and Hacking The meaning changed over time Originally it referred to a 'Creative Enthusiast' From http://www.funfiles.net/pics/computer/index2.html
11
James Tam Hackers and Hacking (Continued) Now it refers to a person who tries to break into or damage other computers (also referred to as a 'cracker') From http://www.charlotte.com/siers.htm
12
James Tam Denial Of Service Attacks A special form of hacking Typically it involves tying up the resources of a computer to deny legitimate users access Connection busy Hacker tying up the resources of the web server Legitimate web site visitors can't access the site
13
James Tam Login Spoofing Real login Fake login Password file Match login name and password to existing list Either allow person to login or ask person to try again Your login name and password is given to the bad guy's program
14
James Tam Login Spoofing (Continued) This person can then login as you and damage the computer system or steal information I'm in!
15
James Tam Identity Spoofing When another person gathers enough personal information about you in order to impersonate you e.g., You buy stuff from a site I wanna buy some stuff on the Internet… Friendly web site? Hi I'm James Tam. Let's max out my VISA!
16
James Tam Logic Bombs Imbedded within a regular computer system is the Logic Bomb If the conditions stated in the bomb aren't met then the bomb 'goes off'.
17
James Tam Trap Doors Provide a secret way of accessing a computer system Computer is secure (password access only)
18
James Tam Security Measures Physical security Passwords Firewalls Encryption Audits Backups
19
James Tam Physical security Reduce physical access to sensitive information or expensive equipment Physically secure expensive equipment
20
James Tam Passwords Reminder: Some operating systems are better at securing information than others! Single user operating systems provide poor security
21
James Tam Passwords (Continued) General guide for choosing a good password 1 1.Don't pick your login name 2.Don't use your name (or anyone else's name) 3.Don't use a word out of the dictionary 4.Don't choose a number that is meaningful to you 5.Do not choose a password that is even remotely related to Star Trek or Monty Python Other password precautions 1 1.Never write your password down on a piece of paper 2.Change your password regularly 3.Don't tell anyone your password! 1 Paraphrased from Harley Hahn's Student Guide to Unix by Hahn
22
James Tam Passwords (Continued) Examples of bad passwords James – a name Tamj – my login name Chocolate – a real dictionary word Example of a good passwords Xwii2nd3 – a bunch of random characters
23
James Tam Firewalls Firewall software: http://www.zonelabs.com
24
James Tam Encryption Recall that information is sent across the internet in packets that are routed dynamically The Internet
25
James Tam Encryption (Continued) Hey Bob, how about a beer? Hey Bob, how about a beer? Hey Bob, how about a beer? Hey Bob, how about a beer?
26
James Tam Encryption (Continued) Send the message in code (encrypted) Hey Bob, how about a beer? +1~820#k>1fja*4df Hey Bob, how about a beer? +1~820#k>1fja*4df
27
James Tam Encryption (Continued) Indicators that your information is encrypted Internet Explorer Netscape General
28
James Tam Encryption (Continued) Keys Used to encode information into an encrypted form or decode information from an encrypted form Public and Private Keys Public keys are used by someone sending information to you in order to encode it (almost anyone can access it) A particular private key is used only by an individual to decode messages that were encoded with that person's public key
29
James Tam Audits Software that looks for and records suspicious activity. e.g., ACS login e.g., VirusScan
30
James Tam Backups A RAID system Backup mechanisms TapeCD-ROM Hard drive
31
James Tam Security: Always-on Internet Connections Be cautious of sharing information
32
James Tam Security: Always-on Internet Connections Picture from Gibson research corporation http://grc.com
33
James Tam Summary Types of malicious software Viruses Trojan Horses WORMS Examples of malicious computer usage Hacking Denial of service attacks Login spoofing Identity spoofing Logic bombs Trap doors Security Measures Anti-virus programs Physical security Passwords Firewalls Encryption Audits Backups The Potential Dangers of always-on internet connections
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.