Lec-3: Network Security

Mr. Rahmatullah Haidari

MS of Computer Science

ALLAMAH INSTITUTE OF HIGHER EDUCATION – ‫موسسه ت حصیالتعا لیعالمه‬

Outlines to be discussed…. Today
• Different types of Attacks and Threats
• Virus
• Worms
• Trojan Horse
• Trojan Horse Types
• Other malwares
• Ransomware
• Scareware
• Spyware
• Adware
• Phishing
• Rootkit
• AAA Concepts
Virus
• Infects Executable program by appending its own code so that it is run
every time the program runs.
Virus Cont.
• Types:
• Static viruses
• Static viruses that propagated from computer to computer via floppy disks and boot
sectors of hard drives.
• These viruses propagated themselves, but few of them actually impacted system
operations.
• Network-based viruses
• Network-based viruses that propagated across the open Internet from computer to
computer, exploiting weaknesses in operating systems.
• Computers were often directly connected to each other without firewalls or other
protections in between.
Worms
• A Worm is a piece of software that uses computer networks (and
security flaws) to create copies of itself.

Initial Worm Infection

Worm Infection 19 Hours Later

Trojan Horse
• A Trojan is (non-self-replicating program) that appears to perform a
desirable function for the user but instead facilitates unauthorized access to
the user's computer system.
• It is embedded within or disguised ‫پ(((نه(ان‬as legitimate software.
• Trojans may look interesting to the unsuspecting user, but are harmful
when actually executed.
Types of Trojan Horse
• Remote Access Trojans
• Proxy Trojans
• Data-Sending Trojans
Types Cont.
• Remote Access Trojans
• Enable the attacker to read every keystroke of the victim.
• Proxy Trojans
• Turn host computer into a proxy server.
• The whole point of a proxy Trojan is to hide the attacker, making it harder to
trace the true origin of an attack since the attack will look like they are coming
from random and multiple directions.
Types Cont.
• Data-Sending Trojans
• Are used by attackers to gather certain data or sensitive information include
credit card information, email addresses, passwords, contact lists, log files
and so on.
• Hackers use data-sending Trojans to gain data about user activity on the web
such as the sites visited and the ads or other icons clicked.
• Using this information, the Trojan serve the relevant ads to the user.
Other Malware

Ransomware Scareware
Spyware Phishing
Adware Rootkits
Other Malware Cont.
• Ransomware
• Ransomware compromises computers by encrypting the data.
• Charges a ransom to get the keys to decrypt the data.
• Scareware
• Scareware is malicious software that tricks (‫ حیله‬computer users into visiting
malware-infested websites. 
• Spyware
•  Spyware is software that is installed on your computer either directly or
inadvertently. It runs in the background of your computer and secretly
monitors different programs
Other Malware Cont.
• Phishing
• The fraudulent attempt to obtain sensitive information such as username,
passwords and credit card numbers by disguising oneself as a trustworthy
entity in an electronic communication.
• Adware
• Adware is designed to display advertisements on your computer, redirect
your search requests to advertising websites.
• Rootkits
• Rootkits is a set of software tools that enable an unauthorized user to gain
control of a computer system without being detected.
Phishing Example
AAA Concepts
• AAA – Authentication
• Provide identification of who you are
• Username, Password, Certificate
• User or machine gets authenticated with identification
AAA Concepts Cont.
• AAA – Authorization
• Defines what you are allowed to do
• Device access – Privilege levels, allow commands
• Example: ACL
AAA Concepts Cont.
• AAA – Accounting
• Provide evidence of what you have done
• Command used
• Session identification (MAC, IP, Username)
AAA
Summary
Thank You
For Your Patience