Outline

• Common Security Principles

• Types of attacks
• Antivirus
 Common Security Principles
• Confidentiality
• Authentication
• Integrity
• Access Control
• Availability
 Confidentiality
• The degree of confidentiality determines the secrecy of the
information. The principle specifies that only the sender and
receiver will be able to access the information shared between
them. Confidentiality compromises if an unauthorized person
is able to access a message.

• For example, let us consider sender A wants to share some

confidential information with receiver B and the information
gets intercepted by the attacker C. Now the confidential
information is in the hands of an intruder C.
 Authentication
• Authentication is the mechanism to identify the user
or system or the entity. It ensures the identity of the
person trying to access the information.

• The authentication is mostly secured by using

username and password. The authorized person
whose identity is preregistered can prove his/her
identity and can access the sensitive information.
 Integrity
• Integrity gives the assurance that the information
received is exact and accurate.

• If the content of the message is changed after the

sender sends it but before reaching the intended
receiver, then it is said that the integrity of the
message is lost.
 Access Control
• The principle of access control is determined by role
management and rule management.

• Role management determines who should access the

data while rule management determines up to what
extent one can access the data. The information
displayed is dependent on the person who is
accessing it.
 Availability
• The principle of availability states that the resources
will be available to authorize party at all times.

• Information will not be useful if it is not available to

be accessed. Systems should have sufficient
availability of information to satisfy the user request.
 Types of Attack
• Active Attacks
• Passive Attacks
 Active Attacks
• Active attacks are the type of
attacks in which the attacker
efforts to change or modify the
content of messages. Active attack
is danger for Integrity as well as
availability.

• Due to active attack system is

always damaged and System
resources can be changed.

• The most important thing is that

in active attack, victim gets
informed about the attack.
 Passive Attack
• Passive attacks are the type of
attacks in which the attacker
observes the content of messages
or copy the content of messages..

• Passive Attack is danger for

confidentiality.

• Due to passive attack, there is no

any harm to the system. The most
important thing is that In passive
attack, victim does not get
informed about the attack..
 Antivirus -
Introduction, Working
 What is Antivirus
• Software that is created specifically to help detect, prevent and remove
malware (malicious software).

• Antivirus is a kind of software used to prevent, scan, detect and delete

viruses from a computer. Once installed, most antivirus software runs
automatically in the background to provide real-time protection against
virus attacks.

• Comprehensive virus protection programs help protect your files and

hardware from malware such as worms, Trojan horses and spyware, and
may also offer additional protection such as customizable firewalls and
website blocking.
Common Antivirus
 What is Malware?
• Malware, short for “malicious
software,” is a blanket term that refers
to a wide variety of software
programs designed to do damage or
do other unwanted actions to a
computer, server or computer
network. Common examples include
viruses, spyware and Trojan horses.

• Malware can slow down or crash your

device or delete files. Criminals often
use malware to send spam, obtain
personal and financial information
and even steal your identity.
 How does Antivirus Work?
Antivirus software begins operating by checking your computer
programs and files against a database of known types of malware.
Since new viruses are constantly created and distributed by
hackers, it will also scan computers for the possibility of new or
unknown type of malware threats.

Approaches
Broadly these approaches can be distinguished into these two
categories
• Signature based detection
• Suspicious behavior based detection
 Signature Based Scanning
• During the scanning process, it compares
content of all computer programs with the
library of viruses. If there is such a
program found that matches with a
signature that is defined as virus, an alert
is made to the user about this program and
further actions are taken as per the user’s
choice.

• For example, a program 10235 is

considered as virus and stored in the
library of antivirus as a virus signature
then if the computer finds a program
10235 in the computer while scanning
then it considers it as a virus and alerts the
user to choose the required action on the
virus (like remove, repair or no action).
 Suspicious Behavior Scanning
• The other type of antivirus identifies suspicious behavior of programs (like modification of
critical files/programs) and alerts the user about the suspicious program or stop the program
from running.
• These types of antivirus software may be effective for the new viruses but the accuracy or these
software are less as they may identify legitimate files as virus.
 Class Activity
• Download and Install an Antivirus
• Scan
• Delete Suspicious Files / Viruses

What did you learn? Briefly describe