Computer Security Overview

Different Elements in Computer Security

Confidentiality
Confidentiality is the concealment of information or
resources. Also, there is a need to keep information secret
from other third parties that want to have access to it, so just
the right people can access it.

Example in real life − Let’s say there are two people communicating via an encrypted
email they know the decryption keys of each other and they read the email by entering
these keys into the email program. If someone else can read these decryption keys when
they are entered into the program, then the confidentiality of that email is compromised.
Integrity
Integrity refers to the accuracy and completeness of data. Integrity
involves maintaining the consistency and trustworthiness of data over
its entire life cycle. Data must not be changed in transit, and
precautionary steps must be taken to ensure that data cannot be
altered by unauthorized people.

Example in real life − Let’s say you are doing an online payment of 100 USD, but your
information is tampered without your knowledge in a way by sending to the seller 1000
USD, this would cost you too much.
Availability
Availability means that information is accessible to authorized users.
It provides an assurance that your system and data can be accessed
by authenticated users whenever they’re needed. Similar to
confidentiality and integrity, availability also holds great value.

Example in real life − Let’s say a hacker has compromised a webserver of a bank and
put it down. You as an authenticated user want to do an e-banking transfer but it is
impossible to access it, the undone transfer is a money lost for the bank.
Attacks
• Attacks on computer systems
— break-in to destroy information
— break-in to steal information
— blocking to operate properly
— malicious software
• wide spectrum of problems

6
Services, Mechanisms, Attacks
• 3 aspects of information security:
— security attacks (and threats)
• actions that (may) compromise security
— security services
• services counter to attacks
— security mechanisms
• used by services
• e.g. secrecy is a service, encryption (a.k.a. encipherment) is
a mechanism

7
 Attacks
• Network Security
— Active attacks
— Passive attacks

8
Attacks

• Passive attacks
— An attacker observes the
messages and copies them
— victims do not get informed
about the attack
— It is difficult to detect as
there is no alteration in the
message.
— Passive attacks can be
prevented by using some
encryption techniques.

9
Attacks

• Active attacks
— Attacker actively manipulates
the communication
— Masquerade
• pretend as someone else
• possibly to get more privileges
— Replay
• passively capture data
and send later
— Denial-of-service
• prevention the normal use of
servers, end users, or network
itself

10
Security Services

• to prevent or detect attacks

• to enhance the security
• replicate functions of physical documents
— e.g.
• have signatures, dates
• need protection from disclosure, tampering, or
destruction
• notarize
• record

11
Basic Security Services
• Authentication
— assurance that the communicating entity is the one it
claims to be

• Access Control
— prevention of the unauthorized use of a resource
— to achieve this, each entity trying to gain access must
first be identified and authenticated, so that access
rights can be tailored to the individual

12
Basic Security Services
• Data Confidentiality
— Confidentiality means that only authorized
individuals/systems can view sensitive or classified
information.

• Data Integrity
— assurance that data received are exactly as sent by an
authorized sender
— i.e. no modification, insertion, deletion, or replay

13
 Security Mechanisms

• Cryptographic Techniques
— will see next
• Software and hardware for access limitations
— Firewalls
• Traffic Padding
— A continuous random data
stream is generated.
• Hardware for authentication
— Smartcards, security tokens.
• Physical security
— Keep it in a safe place with
limited and authorized physical access

14
Common Types of Networking
Attacks
• Malware
• Computer Virus
• Computer Worm
• Phishing
• DoS (Denial of Service) and DDoS
• Man-in-the-middle
• Ransomware
• SQL Injection Attacks
Malware
▪ Malware is a catch-all term
for any type of malicious
software, regardless of how
it works, its intent, or how
it's distributed

▪ Hackers attempt to gain

unauthorized access into the
target system and disrupt or
corrupt the files and data
through malicious codes
called malware.
Computer Virus
A type of malware, they are unique
pieces of code that can wreak havoc
and spread from computer to
computer.

If you click on an email with a

malicious link or download links
from infected websites, these viruses
can corrupt your files, infect other
computers from your list and steal
your personal information.
Computer Worm
Worms replicate itself to cause slow
down the computer system.

Worms are also replicates itself.

The main objective of worms to eat

the system resources.
Phishing
Phishing is a type of social
engineering where an attacker sends a
fraudulent (e.g., spoofed, fake, or
otherwise deceptive) message
designed to trick a person into
revealing sensitive information to the
attacker
DoS (Denial of Service) and
DDoS
A Denial-of-Service (DoS) attack is an attack meant to shut down
a machine or network, making it inaccessible to its intended users.
DoS attacks accomplish this by flooding the target with traffic, or
sending it information that triggers a crash.
Man-in-the-middle
A man-in-the-middle (MiTM) attack is a cyberattack where the attacker secretly
relays and possibly alters the communications between two parties who believe
that they are directly communicating with each other, as the attacker has
inserted themselves between the two parties.
Ransomware
▪ Ransomware is a type of malware that threatens to publish the
victim's personal data or block access to it unless a ransom is paid.

▪ While some simple ransomware may lock the system without damaging
any files.

▪ Advanced malware uses a technique called cryptoviral extortion.

It encrypts the victim's files, making them inaccessible, and demands a
ransom payment to decrypt them
SQL Injection Attacks
▪ SQL injection, also known as SQLI, is a common attack vector that uses
malicious SQL code for backend database manipulation to access
information that was not intended to be displayed. This information may
include any number of items, including sensitive company data, user lists
or private customer details.