Scribd
Upload
1K views

Cyber Security Lecture Notes 01

This document provides an overview of the topics that will be covered in the COMP40451 Cyber Security module. It discusses module information including the title, code, leader, and assessment. It then covers attacks and attackers, defining security as protection of assets using concepts of confidentiality, integrity, and availability. It also discusses security management, risk analysis involving assessing assets, vulnerabilities, and threats, and concludes with a summary of the module outline.

Uploaded by

Sampath Darshana
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
1K views

Cyber Security Lecture Notes 01

This document provides an overview of the topics that will be covered in the COMP40451 Cyber Security module. It discusses module information including the title, code, leader, and assessment. It then covers attacks and attackers, defining security as protection of assets using concepts of confidentiality, integrity, and availability. It also discusses security management, risk analysis involving assessing assets, vulnerabilities, and threats, and concludes with a summary of the module outline.

Uploaded by

Sampath Darshana
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 19

Department of Computer Science

COMP40451 Cyber Security

Lecture 1
Introduction

Dr Xiaoqi Ma
Outline
1 Module information

2 Attacks and attackers

3 Concepts of cyber security

4 Security management

5 Risk analysis

6 Summary
Module Information
Module Title Cyber Security

Module Code COMP40451

Module Leader Dr Xiaoqi Ma

Credit Points 20 Credit Points

Assessment Coursework (100%)


Text and Reference Books

Pfleeger, C.P. and


Pfleeger, S.L. (2015), Gollmann, D. (2011) Stallings, W. and Brown,
Security in Computer Security, L. (2018), Computer
Computing, 5th Ed., 3rd ed., John Wiley & Security: Principles
Prentice Hall Sons and Practice, 4th Ed.,
Pearson
Attacks and Attackers
 A vulnerable world where attacks happen very often
 By attacking, attackers can potentially gain access to resources and devices, demonstrate
their technical expertise, perform revenge, or be just for fun
 Attackers can be from both outside and inside, with the latter being more dangerous and
causing more damage
 Examples of attacks – Identity theft, denial of service (DoS), Internet worm
 We need security to protect our assets and information
What is Security?
Prevention
Preventing your assets from being damaged

Security is
Protection
of Assets
Reaction Detection
Recovering your assets or Detecting when an asset has been damaged, how it
recovering from damage to has been damaged and who has caused the damage
your assets

So, how are they explained in Cyber Security?


Cyber Security
Confidentiality

C Cyber Security may also arguably


Cyber
include:
Security Accountability
Nonrepudiation
I A ……

Integrity Availability
Confidentiality
 Historically, security means secrecy and confidentiality
 Confidentiality is defined as “Ensuring that information is accessible only to those
authorized to have access” by ISO (ISO-17799)
 Confidentiality includes privacy and secrecy, which have similar meanings but have
subtle difference:
 Privacy concerns protection of personal data
 Secrecy concerns protection of data belonging to an organisation
 Sometimes confidentiality means not only hiding the content of a document from
unauthorised view, but also hiding its existence
Integrity
 Integrity is generally about making sure that everything is as it is supposed to be
 It means that data cannot be modified without authorisation (prevention of unauthorised
writing)
 Integrity is defined as “Safeguarding the accuracy and completeness of information and
processing methods” by ISO (ISO-17799)
 Even authorised users still can breach integrity by not following correct procedures
Availability
 Availability is defined as “ensuring that authorized users have access to information and
associated assets when required” by ISO (ISO-17799)
 Availability means that the computing systems used to store and process the information,
the security controls used to protect it, and the communication channels used to access it
must be functioning correctly
 Ensuring availability also involves preventing denial of service attack
 Denial of service: the prevention of authorised access to resources or the delaying of
time-critical operations
Accountability
 The above core concepts emphasise on the prevention of unwelcome events
 However, for authorised users, they should take responsibilities for their own actions.
Therefore we have ...
 Accountability: audit information must be selectively kept and protected so that actions
affecting security can be traced to the responsible party
 So, the system should be able to identify and authenticate users, and keep an audit trail of
security events
Nonrepudiation
 In law, nonrepudiation implies one’s intention to fulfil his obligations to a contract
 It also implies that one party of a transaction cannot deny having received a
transaction nor can the other party deny having sent a transaction
 Nonrepudiation services provide unforgeable evidence that a specific action
occurred
 Typical nonrepudiation services include:
 Nonrepudiation of origin: providing evidence about the sender of a document
 Nonrepudiation of delivery: providing evidence about the fact that a message was delivered
to a specific recipient
Cyber Security

What we do? Why we do it?


Concerned with the
Deals with the
measures we can
prevention and Cyber take to deal with
detection of
Securit intentional actions
unauthorised
by parties behaving
actions by users of a y in some unwelcome
computer system
fashion
Security Management
 Protecting the assets of an organisation is the
responsibility of management
 Security management includes the identification of an
organisation’s information assets and the development,
documentation and implementation of policies, standards,
procedures and guidelines
Risk Analysis
 Risk is the possibility that some incident or attack can cause damage to your
system/enterprise
 To assess the risk posed by an attack we have to evaluate the amount of damage being
done and the likelihood of the attack occurring
 Informally

Risk = Assets ×Threats ×Vulnerabilities


Assets
 Assets should be identified and valued
 In an IT system, assets include:
 Hardware: laptops, servers, routers ...
 Software: applications, operating systems, database management systems, source code ...
 Data and information: essential data for running and planning your business, design documents, data
about your customers ...
 Reputation
 Valuation of assets is sometimes difficult
Vulnerabilities
 Vulnerabilities are weaknesses of a system that could be accidentally or intentionally
exploited to damage assets
 Typical vulnerabilities include:
 Accounts with system privileges where the default password has not been changed
 Programs with unnecessary privileges
 Weak access control settings on resources
 Weak firewall configurations that allow access to vulnerable services
 Vulnerability scanners provide a systematic and automated way of identifying
vulnerabilities
Threats Identity spoofing

Privilege elevation Threats Data tempering

Actions by
adversaries trying to
exploit
vulnerabilities to
damage assets
Denial of service Repudiation

Information disclosure
Summary
1 Module information
2 Attacks and attackers
3 What are security and cyber security?
4 Security management
5 Risks

You might also like