Information Security and

Assurance
(INSY462… 3CrHr)

Sem. II - 2015

Department of Computer Science

College of Informatics
KIOT
Wollo University
 Computer Security and
Privacy
Computer/Information
Computer/Information security
security
is
is about
about provisions
provisions andand policies
policies
adopted
adopted to to protect
protect information
information and
and
property
property from
from theft,
theft, corruption,
corruption, oror
natural
natural disaster
disaster while
while allowing
allowing the
the
information
information andand property
property toto remain
remain
accessible
accessible and and productive
productive to to its
its
intended
intended users.
users.
 Computer Security and
Privacy
Network
Network security
security on
on the
the other
other hand
hand deals
deals with
with
provisions
provisions and
and policies
policies adopted
adopted toto prevent
prevent and
and
monitor
monitor unauthorized
unauthorized access,
access, misuse,
misuse, modification,
modification, or
or
denial
denial ofof the
the computer
computer network
network and
and network-
network-
accessible
accessible resources.
resources.

Not Sufficient!!

Internet
Internet
Computer Security and
Privacy
Security Goals

Confidentiality

Integrity
Availaibility
 Computer Security and
Privacy Spoofing
Assignment:
Assignment: SpoofingAttack
Attack GROUP
GROUP11
Brut
BrutForce
ForceAttack:
Attack:GROUP
GROUP22
•• Form
Formaagroup
groupof oftwo.
two. Malware
MalwareAttack:
Attack:GROUP
GROUP33
•• Read
Readabout
aboutthese
thesesecurity
security Virus/Worm
Virus/Worm Attack:
Attack:GROUP
GROUP44
attack
attackrelated
relatedkeywords
keywordsand and SMURF
SMURFAttack:
Attack:GROUP
GROUP55
write
writeaaone
onepage
page(maximum)
(maximum) SYN
SYNAttack:
Attack:GROUP
GROUP66
summary
summaryof ofyour
yourfindings
findings
including Trojan
TrojanHorse:
Horse:GROUP
GROUP77
includinganyanyrecorded
recorded
history Logic
LogicBomb:
Bomb:GROUP
GROUP88
historyofofsignificant
significant
damages Ping
Pingof
ofDeath:
Death:GROUP
GROUP99
damagescreated
createdby bythese
these
attacks. Packet
PacketSniffing
Sniffing::GROUP
GROUP10 10
attacks.
•• Send
Sendyour
yourreport
reportby byemail
emailinin
Eavesdropping:
Eavesdropping:GROUP
GROUP11 11
word Cracking:
Cracking:GROUP
GROUP12
wordformat
formatafter
aftertwo
twoweeks
weeks 12
(Use Session
SessionHijacking:
Hijacking:GROUP
GROUP13
(Useyour
yournames
namesas asthe
thefile
file 13
name
nameEx.Ex.Ali&Mahlet).
Ali&Mahlet). War
WarDialing:
Dialing:GROUP
GROUP19 19
•• Bonus:
Bonus:While
Whilereading,
reading,ififyou
you
DoS/DDoS
DoS/DDoS::GROUP
GROUP 1414
find Blackout/
Blackout/Brownout:
Brownout:GROUP
GROUP15
findkeywords
keywordsother otherthan
than 15
these, send them on
these, send them on the the Serge/Spike:
Serge/Spike:GROUP
GROUP16 16
second
secondpagepageof ofyour
yourreport.
report. Traffic
TrafficAnalysis:
Analysis:GROUP
GROUP17 17
Wire
WireTapping:
Tapping:GROUP
GROUP1818
 Course Outline
1.Fundamentals of computer security &
privacy
 Overview: history, vulnerabilities, countermeasures,
physical security
2.Computer security attacks/threats
 Viruses, Worms, Trojan horses, Crackers, Spy-wares …
3.Cryptography and Encryption Techniques
4.Network security concepts and mechanisms
 Transport and Application layer security, IP security, …
5.Security mechanisms and techniques
 Authentication, access control, firewall, …
6.Secure system planning and administration
 Analysing risks, planning, policies and procedures
7.Information Security
 Legal, ethical and policy issues
 References
1. Computer security basics, D. Russel and G.
Gangemi
2. Security Complete, BPB Publications
3. Computer Security Fundamentals, Chuck Easttom
4. Network Security Essentials, W. Stallings
5. Effective Physical Security, Lawrence Fennelly
6. Information Security Policies and Procedures,
Thomas R. Peltier
7. Physical Security for IT, Erbschloe Michael
8. Computer Security: Art and Science, Matt Bishop
 Computer Security and Privacy/
Overview
Definitions

Security: The
Security: The prevention
prevention and
and protection
protection of
of
computer
computer assets
assets from
from unauthorized
unauthorized
access,
access, use,
use, alteration,
alteration, degradation,
degradation,
destruction,
destruction, and
and other
other threats.
threats.
Privacy: The
Privacy: The right
right ofof the
the individual
individual to
to be
be
protected
protected against
against intrusion
intrusion into
into hishis
personal
personal life
life oror affairs,
affairs, or
or those
those of
of his
his
family,
family, byby direct
direct physical
physical means
means oror byby
publication
publication ofof information.
information.
Security/Privacy Threat: Any
Security/Privacy Threat: Any person,
person, act,
act, or
or
object
object that
that poses
poses aa danger
danger to
to computer
computer
security/privacy.
security/privacy.
 Computer Security and Privacy/
History
Until
Until 1960s
1960s computer
computer security
security was
was
limited
limited to
to physical
physical protection
protection of
of
computers
computers
In
In the
the 60s
60s and
and 70s
70s

Evolutions
Evolutions
Computers
Computers became
became interactive
interactive
Multiuser/Multiprogramming
Multiuser/Multiprogramming was was invented
invented
More
More and
and more
more data
data started
started to
to be
be stored
stored in
in
computer
computer databases
databases

Organizations
Organizations and and individuals
individuals started
started to
to
worry about
worry about

What
What the
the other
other persons
persons using
using computers
computers are
are
doing
doing to
to their
their data
data

 Computer Security and Privacy/
History

In
In the
the 80s
80s and
and 90s
90s

Evolutions
Evolutions
Personal
Personal computers
computers werewere popularized
popularized
LANs
LANs and
and Internet
Internet invaded
invaded the
the world
world
Applications
Applications such
such asas E-commerce,
E-commerce, E-E-
government
government andand
E-health
E-health started
started to
to develop
develop
Viruses
Viruses become
become majors
majors threats
threats

Organizations
Organizationsand
andindividuals
individualsstarted
startedto
toworry
worryabout
about

Who
Who has
has access
access to
to their
their computers
computers and
and data
data

Whether they can trust a mail, a website, etc.
Whether they can trust a mail, a website, etc.

Whether
Whether their
their privacy
privacy is
is protected
protected in
in the
the
connected
connected world
world
 Computer Security and Privacy/
History
Famous
Famous security
security problems
problems

Morris worm –– Internet
Morrisworm Internet WormWorm
November
November 2, 2, 1988
1988 aa worm
worm attacked
attacked more
more than
than
60,000
60,000 computers
computers around
around the
the USA
USA
The
The worm
worm attacks
attacks computers,
computers, andand when
when itit has
has
installed
installed itself,
itself, it
it multiplies
multiplies itself,
itself, freezing
freezing the
the
computer
computer

Robert
Robert Morris
Morris became
became the the first person to
first person to be be
indicted
indicted under
under the
the Computer Fraud and
Computer Fraud and
Abuse
Abuse Act.
Act.

He was
He was sentenced
sentenced to
to three
three years
years ofof probation,
probation,
400
400 hours
hours of
of community
community service
service and
and aa fine
fine of
of
$10,050
$10,050

He
He is
is currently
currently anan associate professor at
associate professor at the
the
Massachusetts Institute of Technology
 Computer Security and Privacy/
History
Famous
Famous security
security problems
problems …
…
NASA shutdown

NASA shutdown

In 1990,
In 1990, an an Australian
Australian computer
computer
science
science student
student waswas charged
charged for for
shutting
shutting down
down NASA’s
NASA’s computer
computer system
system
for
for 24
24 hours
hours
Airline computers

Airline computers
In
In 1998,
1998, aa major major travel
travel agency
agency
discovered
discovered thatthat someone
someone penetrated
penetrated itsits
ticketing
ticketing system
system and
and has
has printed
printed airline
airline
tickets
tickets illegally
illegally
Bank theft

Bank theft

 Computer Security and Privacy/
History
Famous
Famous security
security problems
problems …
…

In
In Ethiopia
Ethiopia

Employees of
Employees of aa company
company managed
managed to
to change
change their
their
salaries by
salaries by fraudulently
fraudulently modifying
modifying the
the company’s
company’s
database
database

InIn 1990s
1990s Internet
Internet password
password theft
theft
Hundreds
Hundreds of of dial-up
dial-up passwords
passwords were were stolen
stolen
and
and sold
sold to
to other
other users
users
Many
Many ofof the
the owners
owners lost
lost tens
tens of
of thousands
thousands of
of
Birr
Birr each
each

AA major
major company
company suspended
suspended the
the use
use of
of aa remote
remote login
login
software
software by
by technicians
technicians who
who were
were looking at the
looking at the
computer
computer of
of the
the General
General Manager
Manager

In
In Africa:
Africa: Cote
Coted’Ivoire
d’Ivoire

An
An employee
employee who
who has
has been
been fired
fired by
by his
his company
company
 Computer Security and Privacy/
History
Early
Early Efforts
Efforts

1960s:
1960s: Marked
Marked as
as the
the beginning
beginning of
of
true
true computer
computer security
security

1970s:
1970s: Tiger
Tiger teams
teams

Government
Government and
and industry
industry sponsored
sponsored crackers
crackers
who
who attempted
attempted to to break
break down
down defenses
defenses of
of
computer
computer systems
systems in in order
order toto uncover
uncover
vulnerabilities
vulnerabilities soso that
that patches
patches can
can be
be

1970s:
1970s: Research
Research and
developed and modeling
modeling
developed
Identifying
Identifying security
security requirements
requirements
Formulating
Formulating security
security policy
policy models
models
Defining recommended guidelines and
Defining recommended guidelines and
controls
controls

Computer Security and Privacy/ Legal
Issues
In
In the
the US,
US, legislation
legislation waswas enacted
enacted
with
with regards
regards to
to computer
computer security
security and
and
privacy
privacy starting
starting from
from late
late 1960s.
1960s.
European
European Council
Council adopted
adopted aa
convention
convention on
on Cyber-crime
Cyber-crime in
in 2001.
2001.
The
The World
World Summit
Summit forfor Information
Information
Society
Society considered
considered computer
computer security
security
and
and privacy
privacy as
as aa subject
subject of
of discussion
discussion
in
in 2003
2003 and
and 2005.
2005.
The
The Ethiopian
Ethiopian Penal
Penal Code
Code of
of 2005
2005 has
has
articles
articles on
on data
data and
and computer
computer related
related
crimes.
 Computer Security and
Privacy/Attacks
Categories
Categories of
of Attacks
Attacks

Interruption:
Interruption: An
An attack
attack on
on

availability
availability

Interception:
Interception: An
An attack
attack on
on

confidentiality
confidentiality

Modification:
Modification: An
An attack
attack on
on
 Computer Security and
Privacy/Attacks
Categories
Categories of
of Attacks/Threats
Attacks/Threats (W.
(W. Stallings)
Stallings)
Source

Destination
Normal flow of information
Attack

Interruption Interception

Modification Fabrication
 Computer Security and
Privacy/Vulnerabilities
Types
Types of
of Vulnerabilities
Vulnerabilities

Physical
Physical vulnerabilities
vulnerabilities (Ex.
(Ex. Buildings)
Buildings)

Natural
Natural vulnerabilities
vulnerabilities (Ex.
(Ex. Earthquake)
Earthquake)

Hardware
Hardware and
and Software
Software vulnerabilities
vulnerabilities (Ex.
(Ex.

Failures)
Failures)

Media
Media vulnerabilities
vulnerabilities (Ex.
(Ex. Disks
Disks can
can be
be

stolen)
stolen)
 Computer Security and Privacy/
Countermeasures

Computer
Computer security
security controls
controls

Authentication
Authentication (Password,
(Password, Cards,
Cards,
Biometrics)
Biometrics)
(What
(What we we know,
know,
have,
have, are!)
are!)

Encryption
Encryption

Auditing
Auditing

Administrative
Administrative procedures
procedures

Standards
Standards

Certifications
Certifications

 Computer Security and Privacy/ The
Human Factor
The
The human
human factor
factor is
is anan important
important
component
component of of computer
computer security
security
Some
Some organizations
organizations view
view technical
technical solutions
solutions
as
as “their
“their solutions”
solutions” for for computer
computer
security.
security. However:
However:

Technology
Technology is
is fallible
fallible(imperfect)
(imperfect)

Ex.
Ex. UNIX
UNIX holes
holes that
that opened
opened the
the door
door for
for Morris
Morris
worm
worm

The
The technology
technology may not be
may not be appropriate
appropriate

Ex.
Ex. It
It is
is difficult
difficult to to define
define allall the
the security
security
requirements
requirements and and find
find aa solution
solution that
that satisfies
satisfies
those
those requirements
requirements

Technical
Technical solutions
solutions are
are usually
usually (very)
(very) expensive
expensive

Ex.
Ex. Antivirus
Antivirus purchased
purchased by by ETC
ETC to to protect
protect its
its
Internet
Internet services
services
 Computer Security and Privacy/ The
Human Factor

Competence of
Competence of the
the security
security staff
staff

Ex.
Ex. Crackers
Crackers may
may know
know more
more than
than the
the
security
security team
team
Understanding
Understanding and
and support
support of
of
management
management
Ex.
Ex. Management
Management doesdoes not
not want
want to
to spend
spend
money
money on
on security
security
Staff’s
Staff’s discipline
discipline to
to follow
follow
procedures
procedures

Ex.
Ex. Staff
Staff members
members choose
choose simple
simple
passwords
passwords
 Computer Security and Privacy/
Physical Security

“The most robustly secured

computer that is left sitting
unattended in an unlocked room
is not at all secure !!”
[Chuck Easttom]
 Computer Security and Privacy/
Physical Security

Physical
Physical security
security is
is the
the use
use of
of physical
physical
controls
controls to
to protect
protect premises,
premises, site,
site,
facility,
facility, building
building oror other
other physical
physical
asset
asset of of anan organization
organization [Lawrence
[Lawrence
Fennelly]
Fennelly]
Physical
Physical security
security protects
protects your
your physical
physical
computer
computer facility
facility (your
(your building,
building, your your
computer
computer room, room, your
your computer,
computer, your your
disks
disks andand other
other media)
media) [Chuck
[Chuck Easttom].
Easttom].
 Computer Security and Privacy/
Physical Security
In
In the
the early
early days
days of
of computing
computing
physical
physical security
security was simple because
was simple because
computers
computers were
were big,
big, standalone,
standalone,
expensive
expensive machines
machines

It is
It is almost
almost impossible
impossible to move them
to move them
(not
(not portable)
portable)

They
They werewere very
very few
few and and itit is
is
affordable to
affordable to spend
spend on on physical
physical
security
security for
for them
them

Management
Management was willing to
was willing to spend
spend
money
money

Everybody understands and
Everybody understands and accepts
accepts
Computer Security and Privacy/ Physical
Security
Today
Today

Computers
Computers are
are more
more and
and more portable (PC,
more portable (PC,
laptop,
laptop, PDA,
PDA, Smartphone)
Smartphone)

There
There areare too many of
too many of them
them to to have
have good
good
physical
physical security
security for for each
each of
of them
them

They
They areare notnot “too“too expensive”
expensive” to to justify
justify
spending
spending more more money money on on physical
physical
security
security until
until aa major
major crisis
crisis occurs
occurs

Users
Users don’t
don’taccept restrictions easily
acceptrestrictions easily

Accessories
Accessories (ex. (ex. Network
Network components)
components)
are not considered
are not considered as important for
as important for security
security
until
untilthere
thereis
isaaproblem
problem

Access
Access to
to aa single
single computer
computer may
may endanger
endanger
Computer Security and Privacy/ Physical
Security

=>
=>
Physical
Physical security
security is
is much
much more
more
difficult
difficult to
to achieve
achieve today
today than
than some
some
decades
decades agoago
 Computer Security and Privacy/ Physical
Security
Threats and vulnerabilities
Natural
Natural Disasters
Disasters

Fire
Fire and
and smoke
smoke

Fire
Fire can
can occur
occur anywhere
anywhere

Solution – Minimize risk
Solution – Minimize risk
Good
Good policies:
policies: NO SMOKING,, etc..
NO SMOKING etc..
Fire
Fire extinguisher,
extinguisher, good
good procedure
procedure and
and
training
training
Fireproof
Fireproof cases
cases (and
(and other
other techniques)
techniques)
for
for backup
backup tapes
tapes
Fireproof
Fireproof doors
doors

Climate
Climate

Heat
Heat

Direct
Direct sun
sun
 Computer Security and Privacy/ Physical
Security
Threats and vulnerabilities …
Natural
Natural Disasters
Disasters …
…

Hurricane,
Hurricane, storm,
storm, cyclone
cyclone

Earthquakes
Earthquakes

Water
Water

Flooding
Flooding can
can occur
occur even
even when
when aa water
water tab
tab is
is not
not
properly
properlyclosed
closed

Electric
Electric supply
supply
Voltage
Voltage fluctuation
fluctuation
Solution:
Solution: Voltage
Voltage regulator
regulator

Lightning
Lightning
Solution
Solution

 Avoid
Avoidhaving
havingservers
serversin
inareas
areasoften
oftenhit
hitby
byNatural
NaturalDisasters!
Disasters!
 Computer Security and Privacy/ Physical
Security
Threats and vulnerabilities …
People
People

Intruders
Intruders

Thieves
Thieves

People
People who who havehave been been given
given access
access
unintentionally
unintentionally by by the
the insiders
insiders

Employees,
Employees, contractors,
contractors, etc.
etc. who
who have
have access
access
to
to the
the facilities
facilities

 External
External thieves
thieves

Portable computing
Portable computing devices
devices can
can be
be stolen
stolen
outside
outside the
the organization’s
organization’s premises
premises
Loss
Loss of
of aa computing
computing device
device

Mainly
Mainly laptop
laptop
 Computer Security and Privacy/ Physical
Security
Safe area

Safe
Safe area
area often
often isis aa locked
locked
place
place where
where only
only authorized
authorized
personnel
personnel can
can have
have access
access
Organizations
Organizations usually
usually have
have
safe
safe area
area for
for keeping
keeping
computers
computers and
and related
related devices
devices
 Computer Security and Privacy/ Physical
Security
Safe area … Challenges

Is
Is the
the area
area inaccessible
inaccessible through
through other
other
openings
openings (window,
(window, roof-ceilings,
roof-ceilings,
ventilation
ventilation hole,
hole, etc.)?
etc.)?

Design
Design of
of the
the building
building with
with security
security in
in
mind
mind
During
During

Know
Knowopening
opening
the hours,
the architecture
architecture ofis
hours,of is it
your always
itbuilding
your always
building
possible
possible to
to detect
detect when
when unauthorized
unauthorized
person
person tries
tries to
to get
get to
to the
the safe
safe area?
area?

Surveillance/guards, video-
Surveillance/guards, video-
surveillance,
surveillance, automatic-doors
automatic-doors withwith
security
security code
code locks,
locks, alarms,
alarms, etc.
etc.

Put
Put signs
signs soso that
that everybody
everybody sees
sees the
the
 Computer Security and Privacy/ Physical
Security
Safe area…Locks
Are
Are the
the locks
locks reliable?
reliable?

The
The effectiveness
effectiveness of
of locks
locks depends
depends on
on the
the design,
design,
manufacture,
manufacture, installation
installation and
and maintenance
maintenance of
of
the
the keys!
keys!

Among
Among the
the attacks
attacks on
on locks
locks are:
are:

Illicit
Illicit keys
keys
Duplicate
Duplicatekeys
keys
Avoid
Avoidaccess
accessto
tothe
thekey
keyby
byunauthorized
unauthorizedpersons
personseven
evenfor
foraa
few
fewseconds
seconds
Change
Changelocks/keys
locks/keysfrequently
frequently
Key
Keymanagement
managementprocedure
procedure
Lost
Lostkeys
keys
Notify
Notifyresponsible
responsibleperson
personwhen
whenaakey
keyisislost
lost
There
Thereshould
shouldbe
beno
nolabel
labelon
onkeys
keys

Circumventing
Circumventingof
ofthe
the internal
internal barriers
barriers of
of the
the lock
lock
Directly
Directly operating
operating the
the bolt
bolt completely
completely bypassing
bypassing the
the
locking mechanism which remains locked
 Computer Security and Privacy/ Physical
Security
Safe area… Surveillance

Surveillance
Surveillance with
with guards
guards
The
The most
most common
common in in Ethiopia
Ethiopia
Not
Not always
always the the most
most reliable
reliable
since
since it
it adds
adds aa lot
lot of
of human
human factor
factor
Not
Not always
always practical
practical forfor users
users
(employees
(employees don’tdon’t like like toto bebe
questioned
questioned by by guards
guards wherever
wherever
they
they go)
go)
 Computer Security and Privacy/ Physical
Security
Safe area… Surveillance
Surveillance
Surveillance with
with video
video

Uses
Uses Closed
Closed Circuit
Circuit Television
Television (CCTV)
(CCTV)

Started in the 1960s
Started in the 1960s

Become
Become more
more and
and moremore popular
popular with
with the
the
worldwide
worldwide increase
increase of
of theft
theft and
and terrorism
terrorism

Advantages
Advantages

AA single
single person
person can
can monitor
monitor more
more than
thanone
one location
location

The intruder doesn’t see the security personnel
The intruder doesn’t see the security personnel

ItIt is
is cheaper
cheaperafter
afterthe
the initial
initial investment
investment

ItIt can
can bebe recorded
recordedandandbe be used
usedfor forinvestigation
investigation

Since
Since it it can
can be
be recorded
recorded thethe security
security personnel
personnel is
is
more
more careful
careful

Today’s
Today’s digital
digital video-surveillance
video-surveillance can can use
use advanced
advanced
techniques
techniques such such as as face
face recognition
recognition to to detect
detect
terrorists,
terrorists,wanted
wantedpeople,
people, etc.
etc.

Drawback
 Computer Security and Privacy/ Physical
Security
Internal Human factor - Personnel

Choose
Choose employees
employees carefully
carefully

Personal
Personal integrity
integrity should
should be
be as
as
important
important aa factor
factor in
in the
the hiring
hiring
process
process as
as technical
technical skills
skills
Create
Create an
an atmosphere
atmosphere in in which
which
the
the levels
levels of
of employee
employee loyalty,
loyalty,
morale,
morale, and
and job
job satisfaction
satisfaction are
are
high
high
Remind
Remind employees,
employees, onon aa regular
regular
basis,
basis, of
of their
their continuous
continuous
 Computer Security and Privacy/ Physical
Security
Internal Human factor – Personnel …
Establish
Establish procedures
procedures for
for proper
proper
destruction
destruction and and disposal
disposal of of obsolete
obsolete
programs,
programs, reports,
reports, and
and data
data
Act
Act defensively
defensively when
when anan employee
employee must
must
be
be discharged,
discharged, either
either for
for cause
cause or
or as
as
part
part of
of aa cost
cost reduction
reduction program
program
Such
Such an an employee
employee should
should notnot be
be
allowed
allowed access
access toto the
the system
system and
and
should
should be be carefully
carefully watched
watched until
until he
he
or
or she
she leaves
leaves the
the premises
premises
Any
Any passwords
passwords usedused byby the
the former
former
employee
employee shouldshould be be immediately
immediately
Computer Security and Privacy/ Attacks &
Threats

Computer
Computer Security
Security Attacks
Attacks and
and
Threats
Threats
 Computer security/ Attacks &
Threats

A
A computer
computer security
security threat
threat is
is
any
any person,
person, act,
act, or
or object
object that
that
poses
poses aa danger
danger to
to computer
computer
security
security
Computer
Computer world
world isis full
full of
of
threats!
threats!
…
… refer
refer to
to the
the first
first assignment…
assignment…
And
And so
so is
is the
the real
real world!
world!

Thieves,
Thieves, pick-pockets,
pick-pockets,
burglars,
burglars, murderers,
murderers, drunk
drunk
Computer security/ Attacks &
Threats
What
What is
is the
the right
right attitude?
attitude?

To
To do
do what
what you
you do
do in
in real
real life
life
What
What do
do you
you do
do in
in real
real life?
life?

You
You learn
learn about
about thethe threats
threats
What
What are
are the
the threats
threats
How
How can
can these
these threats
threats affect
affect you
you
What
What isis the
the risk
risk for
for you
you toto be
be attacked
attacked by by these
these
threats
threats
How
How you
youcan
canprotect
protect yourself
yourself from
fromthese
these risks
risks
How
How much
much does
does the
the protection
protection costcost
What
What you
you can
can do
do to
to limit
limit the
the damage
damage in in case
case you
you
are
are attacked
attacked
How
How you
youcan
canrecover
recoverin in case
case you
you are
are attacked
attacked

Then, you protect yourself in order to limit the
Then, you protect yourself in order to limit the
You
risk
You need
risk but
need toto
but to to do
do exactly
continue to
to live
exactly
continue the
live your same
thelife
your same thing
life thing
with computers!
 Computer security/ Attacks &
Threats
Types of Threats/Attacks … (Chuck Eastom)

Hacking
Hacking Attack:
Attack:

Any
Any attempt
attempt to
to gain
gain unauthorized
unauthorized
access
access to
to your
your system
system

Denial
Denial of
of Service
Service (DoS)
(DoS) Attack
Attack

Blocking
Blocking access
access from
from legitimate
legitimate
users
users
Physical
Physical Attack:
Attack:

Stealing,
Stealing, breaking
breaking or
or damaging
damaging of
of
computing
computing devices
devices
 Computer security/ Attacks &
Threats
Types of Threats/Attacks (Chuck Eastom)

Malware
Malware Attack:
Attack:

AA generic
generic term
term for
for software
software that
that
has
has malicious
malicious purpose
purpose

Examples
Examples
Viruses
Viruses
Trojan
Trojan horses
horses
Spy-wares
Spy-wares

New
New ones:
ones: Spam/scam,
Spam/scam, identity
identity theft,
theft, e-
e-
payment
payment frauds,
frauds, etc.
etc.
 Computer security/Threats
Malware Attack:
Viruses
Viruses

“A
“A small
small program
program that
that replicates
replicates and
and
hides
hides itself
itself inside
inside other
other programs
programs usually
usually
without
without your
your knowledge.”
knowledge.” Symantec
Symantec

Similar
Similar to
to biological
biological virus:
virus: Replicates
Replicates and
and
Spreads
Spreads
Worms
Worms

An
An independent
independent program
program that
that reproduces
reproduces
by
by copying
copying itself
itself from
from one
one computer
computer to
to
another
another

It
It can
can do
do as
as much
much harm
harm asas aa virus
virus

It
It often
often creates
creates denial
denial of
of service
service
 Computer security/Threats
Malware Attack…
Trojan
Trojan horses
horses

(Ancient
(Ancient Greek
Greek tale
tale of
of the
the city
city of
of Troy
Troy and
and
the
the wooden
wooden horse)
horse) -- ??
??

Secretly
Secretly downloading
downloading aa virus
virus or
or some
some
other
other type
type of
of mal-ware
mal-ware onon to
to your
your
computers.
computers.
Spy-wares
Spy-wares

“A
“A software
software that
that literally
literally spies
spies on
on what
what
you
you do
do on
on your
your computer.”
computer.”

Example:
Example: Simple
Simple Cookies
Cookies and
and Key
Key Loggers
Loggers
 Computer security/Threats
Most software based attacks are
commonly called Viruses: How do
viruses work?
Infection
Infection mechanisms
mechanisms

First,
First, the
the virus
virus should
should search
search for
for and
and
detect
detect objects
objects to
to infect
infect

Installation
Installation into
into the
the infectable
infectable object
object

Writing
Writing on
on the
the boot
boot sector
sector

Add
Add some
some code
code to
to executable
executable programs
programs

Add
Add some
some code
code to
to initialization/auto-
initialization/auto-
executable
executable programs
programs

……
 Computer security/Threats
How do viruses work? …

Trigger
Trigger mechanism
mechanism

Date
Date

Number
Number of
of infections
infections

First
First use
use

Effects:
Effects: It
It can
can be
be anything
anything

AA message
message

Deleting
Deleting files
files

Formatting
Formatting disk
disk

Overloading
Overloading processor/memory
processor/memory

Etc.
Etc.
 Computer security/Threats
Who Writes Virus

Adolescents
Adolescents

Ethically
Ethically normal
normal and
and of
of
average/above
average/above average
average
intelligence.
intelligence.

Tended
Tended to to understand
understand the the
difference
difference between
between what
what is is
right
right and
and wrong
wrong

Typically
Typically dodo not
not accept
accept any
any
responsibility
responsibility for
for problems
problems
 Computer security/Threats
Who Writes Virus …
The
The College
College Student
Student

Ethically
Ethically normal
normal

Are
Are not
not typically
typically concerned
concerned about
about
the
the results
results of
of their
their actions
actions related
related
to
to their
their virus
virus writing
writing

The
The Adult
Adult (smallest
(smallest category)
category)

Ethically
Ethically abnormal
abnormal
 Computer security/Threats
Anti-Virus
There
There are
are

Generic
Generic solutions
solutions

Ex.
Ex. Integrity
Integrity checking
checking

Virus
Virus specific
specific solution
solution

Ex.
Ex. Looking
Looking for
for known
known viruses
viruses

Three
Three categories
categories

Scanners
Scanners

Activity
Activity monitors
monitors

Change
Change detection
detection software
software
 Computer security/Threats
Anti-Virus …

Functions
Functions of
of anti-viruses
anti-viruses

Identification
Identification of
of known
known viruses
viruses

Detection
Detection of
of suspected
suspected viruses
viruses

Blocking
Blocking of
of possible
possible viruses
viruses

Disinfection
Disinfection of
of infected
infected objects
objects

Deletion
Deletion and
and overwriting
overwriting of
of
infected
infected objects
objects
 Computer security/Threats
Hackers/Intrusion Attack:

Hacking:
Hacking: is
is any
any attempt
attempt to
to intrude
intrude or
or
gain
gain unauthorized
unauthorized access
access toto your
your
system
system either
either viavia some
some operating
operating
system
system flaw
flaw oror other
other means.
means. The The
purpose
purpose may
may or or may
may not
not bebe for
for
malicious
malicious purposes.
purposes.

Cracking:
Cracking: isis hacking
hacking conducted
conducted for
for
malicious
malicious purposes.
purposes.
 Computer security/Threats
Denial of Service (DoS) Attack:
DoS
DoS Attack:
Attack: isis blocking
blocking access
access of
of legitimate
legitimate
users
users to
to aa service.
service.

Distributed
Distributed DoSDoS Attack:
Attack: is
is accomplished
accomplished by by
tricking
tricking routers
routers into
into attacking
attacking aa target
target or
or using
using
Zumbie
Zumbie hosts
hosts toto simultaneously
simultaneously attack
attack aa given
given
target
target with
with large
large number
number ofof packets.
packets.
 Computer security/Threats

Simple
Simpleillustration
illustrationof
ofDoS
DoSattack
attack(from
(fromEasttom)
Easttom)

C:\>Ping <address of X> -l 65000 –w 0 -t

Web Server X

Ping
Ping

Ping

Legitimate User Ping