Network security

Dr.Aida Aasr
Eng.Mahmoud Goda
Network security

• Network Security consists of the provisions and policies adapted

by network Administrator to prevent and monitor unauthorized
access, misuse, modification, or denial of a computer network and
network-accessible resources.
• Cybersecurity is a broader field that encompasses various
practices and measures aimed at protecting information
technology systems, networks, and data from unauthorized
access, breaches, and damage
Computer Security

➢ the protection afforded to an automated information system in

order to attain the applicable objectives of preserving the integrity,
availability and confidentiality of information system resources
(includes hardware, software, firmware, information/data, and
telecommunications)
Information Security:

1. Confidentiality: Ensuring that information is only accessible to

authorized individuals and remains protected from unauthorized
disclosure.
2. Integrity: Ensuring that information is accurate, complete, and
remains unaltered during transmission or storage.
3. Availability: Ensuring that information is accessible and
available to authorized users whenever needed.
Types of hackers

• Hackers can be categorized into several types based on

their intentions and objectives in using their hacking skills.
Here are some common types of hackers:
1. Ethical Hackers :They are professionals who use their hacking skills
for legal and ethical purposes. Ethical hackers perform penetration testing
and security assessments to discover security vulnerabilities and improve
cyber security for organizations and businesses.
2. Black Hat Hackers :They are cyber attackers who use their hacking
skills for illegal and unethical purposes. Black hat hackers target systems,
networks, and users with malicious intent, aiming for theft, sabotage, or
unauthorized gains.
 Thank you
any questions ?
Cont.

3. Gray Hat Hackers :They fall somewhere between ethical and

black hat hackers. Gray hat hackers may use their skills to test
security without explicit permission, but they might also report the
vulnerabilities they find rather than exploiting them maliciously.
Techniques of attacks

• "payload" : refers to the part of a data transmission or message

that carries the actual data or information that is being
transmitted
• “exploit” refers to a piece of code, software, or technique that
takes advantage of a vulnerability or weakness in a computer
system, application, or network to gain unauthorized access,
control, or perform malicious actions on the target system
• "Doxing" is the act of publicly revealing or publishing private and
sensitive information about an individual or an organization
without their consent.
cont

• A "zero-day attack" is a type of cyber attack that exploits a

software vulnerability that is not known to the software vendor or
the public. It occurs on the same day the vulnerability is
discovered, hence the term "zero-day," meaning there are zero
days between the discovery of the vulnerability and the attack.
Cryptographic Attacks

• Accessing of data by unauthorized entity is called as attack

• Passive Attacks :In a passive attack, the attacker’s goal is just to

obtain information. This means that the attack does not modify
data or harm the system
• Active Attacks :An active attack may change the data or harm the
system. Attacks that threaten the integrity and availability are
active attacks.
Types of Malware

• The viruses : are just programs in the form of executable files.

They do not get activate without running those executable files on
your computer
• Worms: Installs copies of itself on other machines on a network.
• Trojan is a type of malware that disguises (hide) itself as
legitimate code or software.
• Trojans may be packaged in downloads for games, tools, apps or
even software patches.