Chapter 2

Information Security Concept

Outline
Information Security Overview: Back Ground &
Current Scenario
Types Of Attack
Goals Of Security
E-commerce Security
Computer Forensics
Steganography
Introduction
Information:- Computers, Networks, Internet, Mobile.
Security:-trying to understand how to protect.
The various dangers & pitfalls when we use technology.
The consequences of not setting up the right
 Security Policies
 Security Framework
 Security Technology
Why is Security Required?
Business & different types of transactions r being

conducted to a large extent over Internet.

Inadequate or improper security mechanism can bring

whole business down or play havoc with people’s lives!

Since Electronic Documents & Messages r now

becoming equivalent to proper documents in terms of

their legal validity & binding.
Why Study Information Security
Businesses collect mass amounts of data about their

customers, employees, and competitors.

Most of this data is stored on computers and transmitted

across networks.
If this information should fall into the hands of a

competitor, the result could be loss of business, lawsuits and

bankruptcy.
Protecting corporate data is no longer an option, it is a

requirement.
Information Security
Protecting information and information systems
from unauthorized access, use, disclosure,
disruption, modification, or destruction.

Background
Throughout history, confidentiality of information
has always played a key role in military conflict.
In Past No or little security.
The Need for Security(Current Scenario)
Now a days Importance of data was truly realized.
 Financial & Personal data
Therefore various areas in security began to gain
prominence.
Typical Examples of Basic Security Mechanism:
 Authenticate a User->id, pw
 Encode->DB->Not Visible to user who do not have the
right permission.
Organization employed their own mechanism.
The Need for Security In Modern Life
Internet took the world by storm.
Technology Improved
Communication Infrastructure became extremely
mature.
Newer & newer applications begins to developed for
various user demands & need.
Soon peoples realized that basic security measures
were not quite enough.
Information traveling from a client to a
server over the internet.
Some real time attacks
Russian Attacker Maxim actually manage to intruder
into a merchant Internet site & obtained 300,000
credit card numbers from its DB.
He then attempted extortion by demanding
protection money($100,000) from the merchant.
The merchant refused to oblige.
Following this, the attacker published about
25,000 of the credit card numbers on the internet!
Some banks reissued all the credit cards at a cost
of $20 per card & others forewarned their
customers about unusual entries in their
statements.
Consequences of Attack
Great Losses-both in terms of finance & goodwill.
Cost of attack $20*300000=$6M
Another Example:-
1999 Swedish hacker broke into Microsoft’s Hotmail
Website & created a mirror site.
This allowed anyone to enter any Hotmail user’s email
id & read their emails.
2005 survey about the losses that occur due to
successful attacks on security. $455,848,000
Next year this figure reduced to $201,757340!
Modern Nature Of Attack
1. Automating Attacks:-
 Traditional Attack: Produce Coins using machinery &
Bring them into circulation.
 Modern Attack: Steal half a dollar from million
accounts in a few minutes time digitally.
2. Privacy Concern:-Every Company are collecting &
processing lots of information about us. Without we
realizing when & how it is going to be used.
3. Distance does not matter:- Attack Can be launched
from the distance.
E.g:- In 1995, a Russian hacker broke into Citibank’s
computer remotely, stealing $12M.
Although the attacker was traced, it was very
Principle/Goals Of Security
This will Help us understand the attacks better & also
help us in thinking about the possible solution to
tackle it.
These r the 4 chief principles of security.
1. Confidentiality:- Is msg seen by someone else?
2. Authentication:- Do u trust the sender of msg?
3. Integrity:- Is the meg changed during transmit?
4. Non-repudiation:- Can sender refute the msg?
 Above principles r related to a particular message.
 There r 2 more linked to overall system as a whole.
5. Access Control:- Who can Access what? [ACL]
6. Availability:- Information should be available timely.
Confidentiality
Confidentiality is the process of preventing
disclosure of information to unauthorized
individuals or systems.

Examples: Credit card

Confidentiality is necessary, but not sufficient to

maintain privacy
Interception Causes Loss of Message
Confidentiality
Authenticity
In computing, e-Business and information security it is
necessary to ensure that the data , transactions,
communications or documents (electronic or physical)
are genuine (i.e. they have not been forged or fabricated.)

Examples: Passport, Credit card Accounts, academic

transcripts
Fabrication is possible in absence of proper
authentication
Integrity
Integrity means that data cannot be modified
without Authorization

Examples: Manual deletion or alteration of

important data files, Virus infection, Employee
altering their own salary , website vandalism,
polling fraud.
Modification Causes Loss of Message
integrity
Non-Repudiation
It is a complex term used to describe the lack of deniability
of ownership of a message, piece of data, or Transaction.

Examples: Proof of an ATM transaction, a stock trade, or an

email
It does not allow the sender of
a message to refute the claim
of not sending that message
Access Control
Role Management->User Side->Which user can do
what.
Rule Management->Resource Side->Which resources
r accessible and under what circumstances.
Access Control List is subset of Access Control Matrix.
Availability
For any information system to serve its purpose,
The information must be available when it is
needed.
Computing systems used to store and process the
information, the security controls used to protect
it, and the communication channels used to access
it must be functioning correctly.

Examples: Power outages, Hardware failures,

System upgrades and Preventing denial-of-service
attacks
Interruption puts the availability of
resources in danger.
Types Of Attack
Attacks: A Technical View
1. Theoretical Concepts behind this attack.
 Inception:- Copying of data & program & listening to
N/W Traffic.
 Fabrication:-Attacker may add fake records to a
database. Creation of illegal objects on the computer
system.
 Modification:-Attacker modifies Value of DB
 Interruption:- Resources became unavailable, lost or
unusable. Causing problems to a H/W device,
erasing program, Data or OS components.
Further Grouped in to types:
Passive Attack
Attacker eavesdropping or monitoring of data
transmission.
Aims to obtain information that is in transmit.
No Modification
Detection harder.
Solution prevention
Classification of Passive Attack
Active Attack
Modification
Creation of False Msg
No prevention
Solution Detection & Recovery
Classification of Active Attack
2.Practical Side Of Attack
Program That Attacks
Virus
Worms
Trojan Horse
Applets & ActiveX Controls
Cookies
Java Script VB Script Jscript
Etc.
 Program That Attacks to cause some damage or to
create confusion.
1.virus
Practical Side Of Attack
A piece of program code that attaches itself to another
legitimate program & causes damage to the computer
system or to the N/W.

1.virus
Properties Of Virus
 Self-propagates
 Action /Event Driven
Solution->Good backup, recovery Procedure.
During its life time Virus goes through four phases:-
1. Dormant
2. Propagation
3. Triggering
4. Execution
1.virus
Virus can be classified into following categories:-
1. Parasitic->.EXE
2. Memory-Resident Virus->.EXE
3. Boot Sector->MBR->Disk->OS
4. Stealth->Intelligence Built in->prevent detection AV
5. Polymorphic->changing its signature->difficult detectio
6. Metamorphic->5+rewriting itself everytime->more hard
7. Macro virus->Application S/W->like MS office Docs.