JOMO KENYATTA UNIVERSITY

OF
AGRICULTURE AND TECHNOLOGY

COLLEGE OF HUMAN RESOURCE AND DEVELOPMENT

SCHOOL OF BUSINESS AND ENTREPRENUERSHIP

DEPARTMENT: BUSINESS ADMINISTRATION

COURSE: BSc PUBLIC ADMINISTRATION AND LEADERSHIP

UNIT CODE HPS 2106

TITLE: ASSIGNMENT 1

DATE:21/03/025

NAME:ROSEMARY WANJIKU

REG No:HDE217-2640/024
Table of Contents
Introduction .............................................................................................................................................. 1
Microcomputers .................................................................................................................................. 1
MINI COMPUTER ................................................................................................................................ 3
Mainframe ............................................................................................................................................. 4
Characteristics: ............................................................................................................................... 5
Supercomputer .................................................................................................................................... 5
Quantum computer super computer .......................................................................................... 6
2. HISTORICAL BACKGROUND OF COMPUTER: ......................................................................... 7
Early Computing Devices ............................................................................................................ 7
19th-Century Developments ..................................................................................................... 8
20th-Century Breakthroughs .................................................................................................... 8
Generations of Computers .......................................................................................................... 8
First Generation of Computer (1937 – 1946): Vacuum Tubes ......................................... 9
Second Generation of Computer (1947 – 1962) – Transistors......................................... 9
Third Generation of Computer (1963 – 1975) – Integrated Circuits .......................... 10
Characteristics: ............................................................................................................................ 10
Fourth Generation of Computer (PC 1975 – Present) – Microprocessors ................ 11
Characteristics: ............................................................................................................................ 11
Fifth Generation of Computers (Present and Beyond) ..................................................... 12
Characteristics: ............................................................................................................................ 12
3. NETWORK THREATS, ATTACKS AND SECURITY MEASURES: ................................. 13
I. INTRODUCTION ....................................................................................................................... 13
II. SECURITY .................................................................................................................................. 13
III. INFORMATION SYSTEMS .................................................................................................. 13
IV. NETWORK SECURITY ......................................................................................................... 14
V. CRYPTOGRAPHY ..................................................................................................................... 14
VI. ENCRYPTION .......................................................................................................................... 14
VII. TYPES OF THREATS ........................................................................................................... 15
VIII. TYPES OF ATTACKS .......................................................................................................... 17
IX. SECURITY MEASURES ......................................................................................................... 22
REFERENCES ..................................................................................................................................... 23
CATEGORIZATION OF COMPUTER SYSTEMS

Introduction
Categories Of Computer System

Microcomputers
Definition: They are commonly called as “Personal Computer” [PC]. They are the
smallest and the cheapest as compared with minicomputers, mainframe, and super
computers.
Despite this they are widely used among people or end-user client, due to their low in
cost they are so small that they can be kept on a table (PC) or even carry out in a bag
(Laptop) or even in a Palm (Mobile Devices).
Their users are fastest growing users compared to other different types of computers.
They are designed primarily for single operation but still they can be used as
a “workstation” in computer networking.
They are commonly called as “Personal Computer” [PC]. They are the smallest and the
cheapest as compared with minicomputers, mainframe, and super computers.
Despite this they are widely used among people or end-user client, due to their low in
cost they are so small that they can be kept on a table (PC) or even carry out in a bag
(Laptop) or even in a Palm (Mobile Devices).
Their users are fastest growing users compared to other different types of computers.
They are designed primarily for single operation but still they can be used as
a “workstation” in computer networking.

1
Examples of Micro-Computers:

• Desktop Computers [PC]

• Laptop
• PDA | Palmtop
• Tablet PC

Desktop Computers [PC]

These are the single user computer which can be fit on a table. They are small in size
usually with single or only 1 “microprocessor” (CPU) they are designed for a single
location, desktop computer s can be used for entertainment, graphics, and user can
perform high level language. with a single user operating system but it can also be used a
host in computer networking.

Laptop

They can perform with AC or with Battery, these computers are usually used by the
persons who have to work from one location to other not as PC which sticks to one place
as they need AC power to operate. There are wide range of people who use these types of
computers daily may be engineer who has to give a presentation, student who needs to
demonstrate his project, a lawyer, a businessman, a teacher, a graphic designer, a
salesperson etc. The biggest acid of laptops is their mobility.

Palmtop

Palmtop: Palmtops are very small in size devices Which includes input
and output function. Users can attach mouse or keyboard They can perform each and
every task or operation as Personal Computer or Laptop. They have a graphical screen
where a client can do all the functions, for example, sending emails, office works, and
communication inside in a little package. These are the Different computer types which
are utilized or used as a part of gigantic numbers around the world.

Tablet
Tablet PC: Tablet computers are additionally called as notebook. Which enables clients

2
to communicate utilizing computerized pen or a fingertip without utilizing a mouse or
keyboard. They can't satisfy the functionality of Personal Computer or Laptops.

MINI COMPUTER
They are called as "Midrange Computers" and were produced in 1960's using transistor,
center memory technology and innovation. They are quite smaller in size, less expensive
and speedier yet not as quick as a mainframe or supercomputer, they are utilized or used
as a part of private company organizations, and in the production, department to monitor
or screen manufacturing process.
They help multi-client Operations and have a very difficult operating system to deal with
and can function as a "HOST" in a system where 100 terminals can be supported. The
effective and powerful minicomputer is called as "Super-Minis".

Example

VAX
VAX is a discontinued instruction set architecture (ISA) developed by Digital Equipment
Corporation (DEC) in the mid-1970s. The VAX-11/780, introduced on October 25, 1977,
was the first of a range of popular and influential computers implementing that
architecture.
VAX (Virtual Address extension) is an established line of mid-range server computers
from the Digital Equipment Corporation (DEC). It followed DEC's PDP-11 in 1978 and
also introduced a new operating system, VMS. VAX included a 32-bit processor
and virtual memory. Historically, VAX has competed with a number of Hewlett-Packard
and IBM computers in the small enterprise and university-scientific marketplace. In
earlier times, this size and price range of computer was known as the minicomputer.
Today, VAX and its competitors sell "servers" for business networks that use
the client/server computing model.

Texas Instrument TI-990

The TI-990 was a series of 16-bit minicomputers sold by Texas Instruments (TI) in the
1970s and 1980s. The TI-990 was a replacement for TI's earlier minicomputer systems,
the TI-960 and the TI-980. It had several uniquely innovative features, and was easier to
3
program than its predecessors.
The TI-990 had a unique concept that registers are stored in memory and are referred to
through a hard register called the Workspace Pointer. The concept behind the workspace
is that main memory was based on the new semiconductor RAM chips that TI had
developed and ran at the same speed as the CPU. This meant that it didn't matter if the
"registers" were real registers in the CPU or represented in memory. When the
Workspace Pointer is loaded with a memory address, that address is the origin of the
"registers".

Advantage

i. Cater to multiple users

ii. Lower costs than mainframes

Disadvantage

i. Large
ii. Bulky

Uses of Minicomputer
1.Control of Automated Teller Machine (ATMs)
2.Payroll
3.Hospital patients’ registration
4.Inventory Control for supermarket
5.Insurance claims processing
6.Small bank accounting and customer details tracking

Mainframe
-Large, fast and expensive computer
-Cost millions of dollars
e.g. IBM3091, ICL39, etc.

4
Characteristics:
• Bigger in size than minicomputers
• Very expensive
• Support a few hundred users simultaneously (Multi-Users)
• Difficult to use
• More computing power than minicomputers
• Have to be kept in a special air-conditioned room
• Used in big business organizations and government departments

-Known as enterprise servers

-Occupies entire rooms or floors
-Used for centralized computing
-Serve distributed users and small servers in a computing network

Areas where mainframes are used:

i. Airline reservation
ii. Big banks with hundreds of branches located all over the world
iii. Big universities with thousands of enrollments
iv. Natural gas and oil exploration companies
v. Space Vehicle control
vi. Weather forecasting
vii. Some mainframes are designed to be extremely fast and called super computers. It
is used for space launching, monitoring and controlling.

Supercomputer
Fastest and expensive
Used by applications for molecular chemistry, nuclear research, weather reports, and
advanced physics
Consists of several computers that work in parallel as a single system

5
Quantum computer super computer
• Google, IBM and a handful of startups are racing to create the next generation of
supercomputers. Quantum computers, if they ever get started, will help us solve
problems, like modelling complex chemical processes, that our existing
computers can't even scratch the surface of.
But the quantum future isn't going to come easily, and there's no knowing what
it'll look like when it does arrive. At the moment, companies and researchers are
using a handful of different approaches to try and build the most powerful
computers the world has ever seen. Here's everything you need to know about the
coming quantum revolution.

6
2. HISTORICAL BACKGROUND OF COMPUTER:
The history of computer dated back to the period of scientific revolution (i.e. 1543 –
1678). The calculating machine invented by Blaise Pascal in 1642 and that of Gotfried
Leibnitz marked the genesis of the application of machine in industry.

This progressed up to the period 1760 – 1830 which was the period of the industrial
revolution in Great Britain where the use of machine for production altered the British
society and the Western world. During this period Joseph Jacquard invented the weaving
loom (a machine used in textile industry).

The computer was born not for entertainment or email but out of a need to solve a serious
number-crunching crisis. By 1880, the United State (U.S) population had grown so large
that it took more than seven years to tabulate the U.S. Census results. The government
sought a faster way to get the job done, giving rise to punch-card based computers that
took up entire rooms. Today, we carry more computing power on our smart phones than
was available in these early models. The following brief history of computing is a
timeline of how computers evolved from their humble beginnings to the machines of
today that surf the Internet, play games and stream multimedia in addition to crunching
numbers.

Early Computing Devices

The concept of computing dates back to ancient times when humans used simple
counting tools. Some of the earliest devices include:

• Abacus (c. 3000 BCE): Used by the Chinese and Babylonians for arithmetic
calculations.

• Napier’s Bones (1617): Invented by John Napier to simplify multiplication and

division.

• Pascaline (1642): Blaise Pascal designed this mechanical calculator capable of

performing addition and subtraction.

• Leibniz Calculator (1673): Built by Gottfried Wilhelm Leibniz, improving upon

Pascal’s design with multiplication and division capabilities.

7
19th-Century Developments
• Jacquard Loom (1804): Developed by Joseph Marie Jacquard, this machine used

punched cards to control weaving patterns, influencing later computing

technology.

• Difference Engine (1822): Designed by Charles Babbage, this mechanical

computer could perform mathematical calculations.

• Analytical Engine (1837): Babbage's conceptual design, which featured basic

elements of modern computers like loops and conditionals.

• Ada Lovelace’s Contribution (1843): She is considered the first computer

programmer, having written an algorithm for Babbage’s Analytical Engine.

20th-Century Breakthroughs
• Hollerith Tabulating Machine (1890): Herman Hollerith developed this punch-

card-based machine for processing census data, leading to the foundation of IBM.

• Turing Machine (1936): Conceptualized by Alan Turing, it laid the foundation

for modern computing.

• ENIAC (1946): The first general-purpose electronic computer, developed by

John Presper Eckert and John Mauchly.

• UNIVAC I (1951): The first commercial computer, used for business

applications.

Generations of Computers
In 19th century English mathematics professor name Charles Babbage referred as a
“Father of Computer”. He designed the Analytical Engine and it was this design that the
basic framework of the computers of today is based on. Generally speaking, computers
can be classified into five generations. Each generation lasted for a certain period of time
and each gave us either a new and improved computer or an improvement to the existing
computer.

The generations of computer are as follows:

8
First Generation of Computer (1937 – 1946): Vacuum Tubes
In 1937 the first electronic digital computer was built by Dr. John V. Atanasoff and
Clifford Berry. It was called the Atanasoff-Berry Computer (ABC). In 1943 an electronic
computer name the Colossus was built for the military. Other developments continued
until in 1946 the first general– purpose digital computer, the Electronic Numerical
Integrator and Calculator (ENIAC) was built. It is said that this computer weighed 30
tons, and had 18,000 vacuum tubes which was used for processing. When this computer
was turned on for the first time lights dim in sections of Philadelphia. Computers of this
generation could only perform single task, and they had no operating system.

Characteristics:
i. Sizes of these computers were as large as the size of a room.
ii. Possession of Vacuum Tubes to perform calculation.
iii. They used an internally stored instruction called program. iv. Use capacitors to
store binary data and information.
iv. They use punched card for communication of input and output data and
information

Examples:
i. Mark, I developed by Aiken in 1944.
ii. Electronic Numerical Integrator and Calculator (ENIAC) built at the Moore
School for Engineering of the University of Pennsylvania in 1946 by J. Presper
Eckert and William Mauchley. iii. Electronic Discrete Variable Automatic
Computer (EDVAC) also developed in 1947 by Eckert and Mauchley.

Second Generation of Computer (1947 – 1962) – Transistors

Second generation of computers used transistors instead of vacuum tubes which were
more reliable. In 1951 the first computer for commercial use was introduced to the
public; the Universal Automatic Computer (UNIVAC 1). In 1953 the International
Business Machine (IBM) 650 and 700 series computers made their mark in the computer
world. During this generation of computers over 100 computer programming languages
were developed, computers had memory and operating systems. Storage media such as
tape and disk were in use also were printers for output.

9
Characteristics:
i. The computers were still large, but smaller than the first generation of computers.
ii. They use transistor in place of Vacuum Tubes to perform calculation.
iii. They were produced at a reduced cost compared to the first generation of
computers.
iv. Possession of magnetic tapes as for data storage.
v. They were using punch cards as input and output of data and information. The use
of keyboard as an input device was also introduced.

Example:
i. Leprechaun, IBM built by Bell Laboratories in 1947
ii. Transits produced by Philco, GE and RCA.
iii. UNIVAC 1107, UNIVAC III.
iv. RCA 501.
v. IBM 7030 stretch.

Third Generation of Computer (1963 – 1975) – Integrated Circuits

The invention of integrated circuit brought us the third generation of computers. With this
invention computers became smaller, more powerful more reliable and they are able to
run many different programs at the same time.

Characteristics:
They used large-scale integrated circuits, which were used for both data processing and
storage.

Computers were miniaturized, that is, they were reduced in size compared to previous
generation.

Keyboard and mouse were used for input while the monitor was used as output device.

Use of programming language like COBOL and FORTRAN were developed.

They have hundred thousand circuits per cubic foot.

10
Examples:
i. Burroughs 6700, Mini computers
ii. Honeywell 200
iii. IBM system 360
iv. UNIVAC 9000 series.

Fourth Generation of Computer (PC 1975 – Present) – Microprocessors

At this time of technological development, the size of computer was redivided to what
we called Personal Computers, PC. This was the time the first Microprocessor was
created by Intel. The microprocessor was a very largescale, that is, VLS integrated circuit
which contained thousands of transistors.

Transistors on one chip were capable performing all the functions of a computer’s central
processing unit.

Characteristics:
i. Possession of microprocessor which performs all the task of a computer system
use today.
ii. The size of computers and cost was reduced.
iii. Increase in speed of computers.
iv. Very large scale (VLS) integrated circuits were used.
v. They have millions of circuits per cubic foot.

Examples:
i. IBM system 3090, IBM RISC6000, IBM RT.

ii. ILLIAC IV.

iii. Cray 2 XMP.

iv. HP 9000.

v. Apple Computers.

11
Fifth Generation of Computers (Present and Beyond)
Fifth generations computing devices, based on artificial intelligence (AI) are still in
development, although there are some applications such as voice recognition, facial face
detector and thumb print that are used today.

Characteristics:
i. Consist of extremely large-scale integration.

ii. Parallel processing

iii. Possession of high-speed logic and memory chip.

iv. High performance, micro-miniaturization.

v. Ability of computers to mimic human intelligence, e.g. voice recognition, facial

face detector, thumb print.

vi. Satellite links, virtual reality. vii. They have billions of circuits per cubic.

Examples:
i. Super computers ii. Robots
ii. Facial face detector

12
3. NETWORK THREATS, ATTACKS AND SECURITY MEASURES:

I. INTRODUCTION
Recent advancements in the field of information and technology and competitiveness on
real time data have led to an increase in the transmission of data and information
globally. As a result, the organizations have become more vulnerable to network threats
and attacks and are facing invasions in information security and computer networks as
the sources of bypassing and breaking through security have increased. The sensitive
information being transmitted within the network can easily be accessed by an
unauthorized user for malicious purposes The organizations have been facing
interruption, interception, modification and fabrication of their sensitive data from
unauthorized sources which break into their security codes. As a result, the information
security has become an extremely important aspect in ensuring safe and secured
transmission of data through global networks

II. SECURITY
Security has been described as a secure environment which is free from danger posed by
adversaries who can afflict harm both intentionally or accidently. Data security has
become of the major challenges for business organizations including securing
communication channel, encryption techniques and maintaining the databases. With
recent advances in technology the networks are no longer safe from attackers and any
unprotected system can easily be breached from unauthorized sources with an intention to
steal information for malicious purposes. A successful organization needs to implement
six kinds of layers of securities namely physical, personal, operational, communication,
network and information.

III. INFORMATION SYSTEMS

Information system is a combination of hardware and software components which enable
personnel working within as well as outside an organization to share and transfer data for
useful purposes. With increased cybercrime and hacking, the organizational networks
have come under great security threat. Therefore, knowledge, awareness and training are
essential for securing the information

13
IV. NETWORK SECURITY
Network security is a vital component of information technology and can be categorized
into four major areas including secrecy, authentication, nonrepudiation and integrity
control. It is a concept of securing and protecting network and data transmission from
unauthorized users who can use the information for malicious purposes. It focuses on
securing variety of networks including both public and private transactions and
communications among businesses, government institutions and individuals. Network
security has become a major component in the organization structure because the
information-maintained passes through large number of systems and devices such as
computers and routers and becomes very vulnerable to threats and attacks.

V. CRYPTOGRAPHY
Cryptography is the art of coding the information in such a way that it becomes difficult
for an unauthorized person to capture, disclose or transfer it. It is a science of writing
secret code by constructing and managing protocol in order to block the adversaries. It is
a vital component of computer and communication network and an emerging technology
which protects the information from eavesdropping. The process of securing the
information is known as encryption and a secret or disguised way of writing a code is
known as a cipher. The encrypted information can be transferred back to its original form
by an authorized user who has the cryptographic key. Different kinds of ciphers have
been used for encryption namely traditional and modern symmetric key ciphers.
Traditional ciphers include substitution and transposition ciphers and DES (Data
Encryption Standard) and AES (Advanced Encryption Standard) come under the category
of modern symmetric key ciphers.

VI. ENCRYPTION
There are two types of encryptions: symmetric and asymmetric in nature. Symmetric
encryptions use single key for encrypting as well as decrypting the code while
Asymmetric encryptions work with two keys, public and private for encrypting and
decrypting respectively. Below are the top 10 threats which have affected Small and

14
 VII. TYPES OF THREATS
Network security is highly threatened by the presence of various threats and attacks that
can lead to disclosure of sensitive and confidential information. The basic difference
between a threat and an attack is that while threat is a presence of a constant danger to the
integrity of information, an attack is an actual act of breaching the security of the network

Table 1: Network Threats

Threats Description Security measures

Insider attacks The insider is a part of the organization
that has full access and authorization of
the network system. The insider can be
of malicious or accidental nature and
can be a threat to organization’s
confidentiality and integrity.
Implementing dual control principle
helps more than one person to control
login credentials for organization’s
servers.

Lack of Many organizations suffer due to lack of Developing sound information

contingency planning for situations involving bad assurance methodologies helps develop
data failure. As a result, they do not personalized policies benchmarked from
have a backup system for restoring the other organizations.
lost data.

Poor Many organizations with lack of funds Automated vulnerability audit scan is a
configuration and experience often install networking method which performs check of the
leading to gear without having skilled personnel to entire network and must be conducted at
handle them. regular basis.
compromise

Reckless use Many attackers leave a key logger to Forbidding turning off defenses through
of hotel access passwords and credential certain anti-virus solutions which are
networks and information from personal devices configured in such a way that they
kiosks connected in an infected hotel network cannot be turned off without proper
authorization.

15
 that are not much protected enough
counter such attacks.
Reckless use Similar to key logger in hotel networks,
of Wi-Fi the attackers put up an unsecured Wi-Fi
hotspots network to capture secured information
such as username and passwords of
employees without making them aware
of any threat to their computer.
Data lost on It is a common problem with most of the Centralized management of mobile
portable device users who accidently leave their storage
devices such as mobile phones, pen
drives or USB stick in hotel rooms, taxis Server help the organization ensure
or trains making it easily available for
attackers to retrieve sensitive
information.
Web server Poorly written customer application on
compromise websites have made easier for the
attackers to penetrate thousands of
servers with automated SQL injection
attacks.
Reckless web Various spams, Trojans and viruses
surfing by penetrate into the organization’s
employees network systems when the employees
surf websites other than related to their
business and end up getting victimized
by pool of malware.
16
Using encrypting connections which can
be connected via Virtual Private
Networks and encrypts the
communication streams preventing
eavesdroppers to listen to the data
wirelessly.
devices through servers and software
such as RIM’s Blackberry Enterprise
encrypted transmissions and are capable
of remotely wiping out data of lost
devices.
Auditing web app code is a measure
which helps the users identify whether
the developed code has been performing
proper input validation or not.
Web content filtering such as
WatchGuard’s Web Blocker which
maintains updated URL of blocked
websites
Malicious This is a common email attack which Implementation of outbound web proxy
HTML email links the user to a malicious website and which includes setting up of LAN
triggers a drive by download by a single system redirecting all HTTP requests
click. and responses to a web proxy server
which monitors all the web traffic.

Automated Such kind of attacks affect the SMEs 1. Investing in patch management which
who are not able to install Windows maintains the network up to date by
exploit of a
patches within the same month their scanning the systems and identifying
known
release and later on fall prey to attacks missing patches and software updates
vulnerability in the form of malicious patches.

2. Building an inexpensive test

network which helps the
organization to simulate a patch by
installing it into a test system and
studying its behavior.

VIII. TYPES OF ATTACKS

The networking attacks can be grouped into two major categories namely passive attacks
and active attacks.

Detailed description of both kinds of attacks is given below.

A. Passive attacks
In passive attacks the attacker eavesdrops or monitors the data transmitted to find the
content of data transmitted or to analyses the nature of communication. Such attacks
analyses traffic, monitors unprotected communications, decrypts weakly encrypted data
and captures authentic information such as passwords. Such attacks can lead to disclosure
of sensitive information without the knowledge or consent of the user [10]. These attacks
are hard to detect as there is no loss and alteration of data. Therefore, there are various
Networking attacks that have been damaging companies globally are listed below:

17
B. Active attacks

Table 2: Network Attacks

18
Network Percentage Description
Attacks

Browser 36% In these kinds of attacks the hackers add scripts without altering
website’s appearance which may lead the user to another website
and may cause programs of malicious nature to be downloaded to
the system. The attacker can then control the user’s system
remotely capturing personal information such as credit card and
banking details to perform identity theft.

Brute Force 19% It is a guessing technique of decoding password and pin number
through trial-and-error basis. The attackers use automated
software to guess thousands of combinations of passwords.
Locking account after failed multiple login attempts is one of the
ways to prevent such attacks.

Denial of 16% These kinds of attacks block the user’s access to a particular
service network to prevent them from retrieving information and
services. The attacker creates an overloading traffic through
malicious bot to a targeted IP address and floods network with
more requests than the server can process.

SSL 11% It is a kind of attack in which the attacker interrupts the data
before its encryption and hence gets access to sensitive
information of the system.

Scan 3% It is a kind of application software which tries to retrieve

information regarding open ports in server or host. They are
combination of hostile searches which an attacker uses in order to
gain access to a computer.

DNS 3% It is an attack which redirects the network traffic to another

system which is being controlled by the attacker. This attack
corrupts the DNS server by introducing data into a domain name
system cache to return an incorrect IP address.

19
 Backdoor 3% Such attacks bypass the intrusion detection systems and allow the
hackers to access the information remotely. Many strategies may
be adopted in backdoor attacks such as port-binding, connect
back and connect availability.

Others 9% The other attacks constitute to around 9% of the total attacks and
may include all attacks which may be of small in nature but have
significant impact on the security of network systems.

In active attacks, the attacker tries to circumvent or break into protected systems in the
on-going communication networks. Such kind of attacks includes breaking into secured
features, injecting a malicious code and stealing or modifying sensitive information. In
these kinds of attacks the data transmitted can be altered by the attacker or the whole data
stream can be changed. Active attacks can be detected but these are difficult to prevent.
Various error detection and correction techniques are used at various network layers to
acquire a safe data transmission. Active attacks can take place in four ways:
Masquerading, Replay, and Modification of message and Denial of Service.

Various attacks have been listed by in their paper which includes e-mail containing virus,
network virus, web-based virus, attack on the server, service rejection attacks and
network user attacks. They have mentioned that the major problem faced by the IT
infrastructure is the vulnerability of computer networks and such problems arise mainly
due to faulty implementation and design of information system including security
procedures and controls. Another kind of security threat named insider attack which is
being mentioned by is capable of causing irreparable damage to the activities and
reputation of the organization.

There are other kinds of network’s attacks which pose serious threat to the confidentiality
of the organization.

Some these attacks are listed below:

20
A. Phishing attacks
These kinds of attackers pretend to be as trustworthy persons with an intention to capture
sensitive information through fraud email and messages. They often create a fake website
such as SBI bank or PayPal and try to trick the users by getting them click on a link and
later on record their personal information including username and password. Such kind of
attacks take as much as 9 to 10 days to resolve.

B. Close in attacks/Social Engineering

Known as bugs in the human hardware these attacks involve physical interaction with the
network, systems and components for getting unauthorized access to the information. The
attackers establish social interaction with the victims through e-mail, messages or phone
and tricking the latter to reveal personal information regarding the security of the system.
The attackers try to exploit the emotional response of the victim who falls for their trust
revealing to them their username, passwords and email address. These kinds of attacks
also take around 9 to 10 days for getting resolved.

C. Viruses Worms and Trojans

Virus are programs that are written in order to alter the working of the victim’s computer
without its permission and authorization. There are three ways in which a virus can enter
an organization’s system. Firstly, E-mail containing viruses which can infect system’s
email and spread throughout the organization. Secondly, Network viruses which breach
the system through unprotected ports and can affect the entire network. Thirdly, Web
based viruses that infect the system which visit their web page and also affects other
internal network systems.

D. Hijack
This is a kind of an attack in which the hacker intercepts or takes over session between
the user and another system and finally disconnects the later from the communication.
The user remains under the impression that system is still connected and may send
sensitive and confidential information to the hacker by accident.

21
IX. SECURITY MEASURES

A. Firewalls
A firewall can be defined as a device which may be a computer or router acting between
the internet and the organization network. Firewall lets only those packets to be
transmitted through it into an organization’s internal network which fulfils its perimeters
configured by the firewall administrator to be a safe data packet and filters the other
packets. Firewall acts at network, transport and application layers. Packet –filter firewall
acts at network and transport layer and proxy firewall acts on the application layer.
Firewall checks the traffic according to the specific rules it has been configured for but
there may be chances when the attacker can portray the harmful data to have perimeters
which firewall finds safe to be transmitted through it.

B. Antivirus Systems
These systems are used to detect and eradicate malware from our systems. The antivirus
system should be kept updated with the latest updates so that it would be easy for it to
scan the latest virus signatures. Sometimes an antivirus system is not able to detect the
infected file if it is encrypted or zipped.

C. Intrusion detection systems

It is a network monitoring device or software application which keeps track of any
malicious actions and policy desecrations and if found it immediately reports about the
intrusion to the administrator. They are a set of programs which help detect intrusions
and save the system from getting affected. There are two kinds of intrusion detection
systems, namely Anomaly Intrusion Detection and Misuse Detection or Signature Based
IDS. The Anomaly Intrusion Detection system includes neutral networks and prediction
pattern generation, while the Misuse Detection or Signature Based IDS includes state
transition tables, pattern matching, genetic algorithms, fuzzy logic, immune systems, and
Bayesian method and decision tree. These systems may be Host –based IDS or Network
–based IDS.The system matches the traffic with the attack pattern and if match is
detected it gives the alarm to the administrator. However, the attacker may be clever
enough to change the signature of the malicious traffic which the IDS fail to detect.

22
REFERENCES
i. "Charles Babbage Institute: Who Was Charles Babbage?" . cbi.umn.edu.
Retrieved December 28, 2016.
ii. "Ada Lovelace | Babbage Engine | Computer History Museum" .
www.computerhistory.org. Retrieved December 28, 2016.
iii. "Wilhelm Schickard – Ein Computerpionier" (PDF) (in German).
iv. Keates, Fiona (June 25, 2012). "A Brief History of Computing" . The Repository.
The Royal Society.
v. "Science Museum—Introduction to Babbage" . Archived from the original on
September 8, 2006. Retrieved September 24, 2006.
vi. Anthony Hyman (1982). Charles Babbage, pioneer of the computer.

"In this sense Aiken needed IBM, whose technology included the use of punched
cards, the accumulation of numerical data, and the transfer of numerical data from
one register to another", Bernard Cohen, p.44 (2000).

vii. F. S. Roozbahani and R. Azad, “Security Solutions against Computer

Networks Threats,” Int. J, pp. 2576–2581, 2015.
viii. S. Kaushik and A. Singhal, “Network Security Using Cryptographic
Techniques,” Int. J. Adv. Res. Comput. Sci. Soft w. Eng., vol. 2, no. 12, pp.
2277–128, 2012.

23