Computer security and privacy

Presented by:
Sarmila khatri
Muskan shah
Akshana basnet
Aarati kumara
meheta
What is computer security and
privacy??
• Computer security involves safeguarding computer
systems, networks, and data from unauthorized access,
attacks and damage.

• Privacy involves to the protection of individual‘s personal

information, and controls they have how it is collected
used and shared.
 Concerned about network
and security
• Network and internet security are crucial
to protect sensitive information prevent
unauthorized access and safeguards
against various cyber threats.
• Cybercrime: an illegal activities carried-
out using computers or the internet ,
such as hacking, identity theft, online
fraud, etc.
 Safety measures against
cyber crime
• Strong password
• Multi-factor authentication
• update software
• Data-backup, etc..
• Unauthorized access
Unauthorized access refers to entering or attempting to enter a
computer system or network or device without permission such
hacking password cracking. etc..

• Unauthorized used
Unauthorized used refers to actions taken within a network
without proper authorization such as modification without
permission, copying..etc.
 Unauthorized access and
unauthorized used
• Hacking: it refers to unauthorized access,
manipulation, breakdown of computer system,
network, or data.
• It can involved finding weakness, gaining access
to information for various purpose like theft…
• often performed via wireless network
 War driving: it is a act of searching WiFi or wireless
network while moving around in a vehicle.
 WiFi piggybacking: it is the practice of using
someone else’s wireless internet connection without
their permission typically by accessing unsecured or
poorly secured network from near location.
 Interception of communication: It refers to the
act of secretly monitoring or eavesdropping on
electronic communication such phone calls, emails,
text..etc.
 Protecting against unauthorized access and
unauthorized used
1.Access control system
used to control access to facilities, computer networks, company
database and website accounts.
Authentication system: it is the mechanisms used to verify the
identity of users to accessing the system. It main aim is to ensure
that only authorized users can gain access to the system.
Identification system: used to determined or recognize the
individuals or entities within a system.
2. Possessed knowledge Access System :
– uses information only the individual should know to identify
that individual.
– password and cognitive authentication system fall into this
category.
• It includes typically passwords
• Passwords should be strong and changed frequently.
–Advantages
• Enhanced security
• Personalized access
–Disadvantages
• forgotten or Lost password
• Vulnerability to hacking
 Password Strategies:
1. Make the password word at least eight characters and include both
uppercase and lowercase letters, as well as numbers and special symbols.
2. Don’t use information in your password that others might know about you or
that is in your social media (example: birthdays, children's name, pets name,
or address).
3. To make a password easier to remember make a sentences and ( use first
letter of each word) and add some symbol & numbers . Example: My
password is not strong –Mp&2ins!.
4. Use different password for different accounts i.e if one account is
compromised, at least the other won’t be at risk.
5. Do not keep a written copy of the password in your desk or tapped to your
monitor. Use a password manager to help create and manage strong ,
unique password for all your accounts . Example: Enpass premium,1
password, sticky password.
6. Change your password frequently at least every 6 months.
 Cognitive authentication system:

Use Information the individual knows or can easily

remember (birthplace, pet names, etc.)
1. Used in many password recovery systems.
 3. Two –factor authentication
– Using two different methods to authenticate users.

• Typically the methods used are some type of :

– Possessed knowledge: (something you know),
like a password or pin.
– possessed object. : (something you have),
like your ATM card or
your phone.
– biometric feature. : ( something you are),
like a fingerprint or voice
print.
4. Possessed Object Access System:
–Use a physical object an individual has
in his/her possession to identify that individual
• key-cards,
• smart cards,

–Disadvantages:
• Can be lost or used by an unauthorized
individual.
 5. Biometric Access System:
–uses one unique physical characteristic of an
individual to authenticate that individual.
–Example
• Fingerprint,
• a face, veins,
• a voice.
–Advantages:
very accurate
cannot be lost or forgotten .
–Disadvantages:
Cannot be reset if compromised
Hardware and software are expensive
 6. Controlling Access to Wireless Networks:

-In general, Wi-Fi is less secure than wired networks.

-Wireless network owners should:

•Change the default network administrator password.
•Enable encryption (WPA2 is more secure than WPA).
•Not broadcast the network name.(SSID)
•Can use Media Access Control (MAC) address filtering.

–Advantages: 1. Enhanced Security.

. 2. Reduce cost .
 How It Works Box
Securing a wireless Home Router :

• Set up secure & unique password.

• Change default network name (SSID).
• Enable encryption (WPA2).
• Consider enabling MAC address filtering.
• Keep the router in secure location.
 Computer Sabotage
• Disruption of computer operations by means of a
virus , worms, or logic bomb
• Includes any hacking or theft of someone personal
data
 Botnet
• A network of infected computer that work together to
carryout an attacker’s goals
• Hackers then control those computer remotely without the
knowledge of the owners
 Malware
• Program or file that is intentionally harmful to a computer
network or server.
• Classified into:
1)Computer viruses
2) Computer worm
3) Spyware
4) Trojan horse
 Computer viruses
• Spreads between computers and causes damage to data
and software.
• Attaches to another program and can replicate and
spreads to another computers
 Trojan horse
• Typically get hidden as an attachment in a email or a free
to download file, then transfer on to the user’s device
• Download on to computer disguised as legitimate program
• Installed on a computer than appears harmless but is
infact malicious
 Computer worm
• Subset of the trojan horse malware that can self replicate
from one computer to another without human activation.
• Worm spreads across a network through internet or LAN
connection.
 Spyware
• Explicitly used to profit from stole data.
• Refers to legitimate software that monitors data for
commercial purpose like advertising
 Computer sabotage
• Mobile malware
• Malicious software specifically designed to
target mobile devices to gain access to private
• Ransomware, Crypto-mining malware,
Advertising click fraud are some examples
• Smartphones with Bluetooth are mainly
vulnerable to attack
 Computer sabotage
• Denial-of-services (DoS)attack
• Cyber attack that render a computer
unavailable to its intended user by
interrupting the devices normal functioning
• Function by overwhelming or flooding a
target machine with request until normal
traffic is unavailable to process
 Computer sabotage
• Data ,Program or Website alteration
• Sabotage occurs when hacker breaches to a
computer system to delete/change or modify
program of a computer system
• Student changing grades
• Employee performing vengeful act
• Data on web site can also be altered
 Protecting against computer
sabotage
• Security software

Antivirus software
 Trend box
• Beyond Fingerprint Readers- Digital tattos and more
• Facial gesture can be used to unlock a phone by smiling or
wrinkling at it
• Some include liveness check
• Future alternatives for logging individuals on to devices or
secure websites
• Digital tattoos are stamped onto skin
• Authentication pills are swallowed