LECTURER CYBER SECURITY

DR. PROGRAM
MOHAMME
Introduction to
D
NASSER Information Security
AL-
KHWLANI
COMMUNICATION BY

TEL/WATSUP

777040098

EMAIL:

[email protected]
COURSE OUTLINE

INTRODUCTION -1,2
3- VULNERABILITIES
4-AUTHENTICATION
5-ACCESSES CONTROLS
6- SECURITY POLICIES
8,9,10 ENCRYPTION
11,12 DATABASE
SECURITY
Assements Methods

10% Attendance and Participants

20% Mid Exam
10% Assignments
60% Final Exam
 :Lecture 1

Introduction to
Information Security
 ?What Does "Secure" Mean
How do we protect our most valuable assets?
 One option is to place them in a safe place,
―like a bank.
Overview
• Early, the bank robberies
are more;
 Kept large amount of cash,
gold & silver, which could not
be traced easily,
 Communication &
transportation facilities it
might be;
― hours before the legal
authorities were informed of
a robbery, and
― days before they could
actually arrives at the scene
 Overview
Today; many factors work against the
potential criminal;
Very sophisticated
 alarm systems
 camera systems
 silently protect secure places;
 Ex.; banks.
 The techniques of criminal investigation have
become very effective;
a person can be identified by;
― Fingerprint, voice recognition, composite
sketch, ballistics evidence,
― retinal patterns, and
― genetic material (DNA).
 Overview (3)
 Much of a bank's business is
conducted with;
 checks,
 electronic transfers,
 credit cards, or
 debit cards.
 Sites that do stores large amounts of
cash or currency are protected with
many levels security:
 Several layers of physical systems,
 complex locks,
 multiple-party systems requiring the
agreement of several people to allow
access.
Characteristics of Computer
Intrusion(‫)تطفل‬
 Any part of a computing system can be the
target of a crime;
 A computing system is a collection of:
 HW, SW,
 storage media, data, and
 person that an organization uses to do
computing tasks.
 The obvious target of a bank robbery is each;
 A list of names & addresses of depositors,
 A list might be:
― On paper, Recorded on a magnetic medium,
― Stored in internal computer memory, or
― transmitted over telephone lines, or satellite
links.
Characteristics of Computer
Intrusion
A competing bank can use this information
to:
 steal clients or even to disrupt(‫ل‬3‫ )تعط‬service,
 Discredit(‫ )تشويه سمعة‬the bank,
 An unscrupulous(‫مير‬3‫ديم الض‬3‫ )ع‬individual could
move money from one account to another
without the owner's permission,
 A group of con artists could contact large
depositors and convince them to invest in
fraudulent(‫ )تضليل‬schemes.
Characteristics of Computer
Intrusion (3)
•Example:
A robber intent on stealing something from your
house will not attempt to penetrate(‫ )يتسلل‬a
two-inch-thick metal door if a window gives
easier access.
• The weakest point is the most serious
vulnerability;
• A Principle of Easiest Penetration(‫)التطفل‬:

‘An intruder) ( ‫ المتطفل‬must be expected to

use any available means of penetration’

 ?What Is Computer Security
 Computer security is the protection of the
items that have value, called the assets of a
computer or computer system;
 There are many types of assets, involving;
 HW, SW, data, people, processes, or
combinations of these.
 To determine what to protect;
 we must first identify
 what has value and to whom.
Computer Objects of Value
;Values of Assets
After identifying the assets to protect, we
next determine their value;
The value of an asset depends on;
 the asset owner’s or user’s perspective, and
 it may be independent of monetary(‫دي‬33‫)نق‬
cost,
Values of Assets
 Definition of Information
;Security
Information Security;
 is the protection of information and its critical
elements, including the systems and HW that
use, store, and transmit that information,
 information security includes the broad areas
of information security management, computer
& data security, and network security, and
Cyber Security.
The Vulnerability–Threat–Control
;Paradigm
The goal of computer security is
protecting valuable assets;
 To study different ways of protection, we use a
framework that describes;
 how assets may be harmed, and;
 how to counter or mitigate(‫ )تخفيف‬that harm.
An Exposure(‫رض‬333‫)تع‬: is a form of
possible loss or harm in a computing
systems;
 Examples;
─ Unauthorized disclosure) ( ‫كشف‬of data,
─ modification of data, or
─ Denial) ( ‫رفض‬ of legitimate) ( ‫رعي‬3333‫ش‬access to
computing.
 ;The Vulnerability
A vulnerability:
 isa weakness in the system, for example, in
procedures, design, or implementation, that
might be exploited(‫ )تستغل‬to cause loss or harm;
 Examples;
─ The system may be vulnerable to unauthorized
data manipulation,
the system does not verify a user's identity
before allowing data access.
Threats: a threats to computing
systems are circumstances that have
the potential to cause loss or harm;
 Ex.;
−Human attacks, Natural disasters, Inadvertent
human errors; and Internal HW or SW flaws.
 The Vulnerability
To see the difference between a
threat and a vulnerability;
 consider the illustration in the following figure;

FIGURE 1-4: Threat and Vulnerability

The Vulnerability–Threat–Control
;Paradigm
 There are many threats to a computer system,
including human-initiated and computer initiated ones;
 We have all experienced, for example;
 the results of inadvertent(‫د‬3‫ير متعم‬3‫ )غ‬human errors, HW
design flaws(‫)عيوب‬, and SW failures,
 natural disasters(‫ )الكوارث‬are threats, too;
 they can bring a system down when the computer
room is flooded(‫رت‬WWW‫)غم‬ or the data center
collapses(‫ )انهيارات‬from an earthquake.
The Vulnerability–Threat–Control
;Paradigm
• Attacker: is a human who exploits a
vulnerability perpetrates(‫اب‬33‫ )ارتك‬an attack
on the system;
An attack can also be launched(‫ا‬3‫ )منطلق‬by
another system;
−one system sends
overwhelming(‫تعطافية‬3‫ )االس‬set of messages
to another,
virtually shutting down the second system's
ability to function.
How do we address these problems? We use
a control or countermeasure as Protection;
The Vulnerability–Threat–
;Control Paradigm
A Control; is a protective measure- an
action, a device, a procedure, or a
technique- that remove or reduces a
vulnerability;
 In general, we can describe the
relationship among threats, controls, and
vulnerabilities in this way:

A threat is blocked by control of a

vulnerability.
 Threats
 We can consider potential harm to assets in
two ways:
 we can look at what bad things can happen to
assets, and;
 we can look at who or what can cause or allow
those bad things to happen.
 These two perspectives enable us to determine
how to protect assets;
Threats
What makes your computer valuable to
you;
 First, you use it as a tool for;
−sending and receiving email, searching the web, writing papers,
and performing many other tasks,
 you expect it to be available for use when you want it.
 Second, you rely heavily on your computer’s integrity;
−When you write a paper and save it;
 When you write a paper and save it, you trust that the paper will reload
exactly as you saved it.
−you expect the “personal” aspect of a personal computer to stay
personal,
 meaning you want it to protect your confidentiality.
Computer security Goals
A Computer security mean that we are
addressing three important properties/goals of
any computer-related system;

1-Confidentiality: the ability of a system to

ensure that an asset is viewed only by
authorized parties,
─ means that the assets of computing system
are accessible only by authorized parties,
“read”-type access: reading, viewing, printing.
.
 Computer Security Goals
2-integrity: the ability of a system to ensure that an
asset is modified only by authorized parties,
─ means that assets can be modified by authorized
parties,
 writing, changing status, deleting, and creating
3-Availability: the ability of a system to ensure that
an asset can be used by any authorized parties,
─ means that assets are accessible to authorized
parties at appropriate times, (denial of service).
Balance of The Security
Goals

Confidentiality

Integrity Security Availability

Threats Kinds
1-Interruption

2-Interception

3-Modification;

4-Fabrication
Threats Kinds
 Threats Kinds
Threats Kinds to computing system
security:
1-Interruption;
―an asset of the system becomes lost or
unavailable or unusable;
 malicious destruction of a HW device,
 Erasure of a program or data file, or
 Malfunction or failure of an OS file
manager.
Effect on availability.
 Threats Kinds
2-Interception
―means that some unauthorized party has
gained access to an asset;
 The outside party can be a person, a
program, or a computing system,
 Ex: illicit(‫روع‬3‫ير مش‬3‫ )غ‬copying of program or
data files; or wiretapping to obtain data in
network,
 a silent interceptor may leave no traces by
which the interception can be readily
detected,
Effect on confidentiality
Threats Kinds
3-Modification;
―when an unauthorized party can be access
and tampers with an asset;
 modify the values in a data base,
 Alter program, or
 Modify data being transmitted electrically,
 It is possible to modify HW,
 Some cases of modification can be
detected with simple measures, but other,
more subtle,
 changes may be almost impossible to
detect.
 Effect on integrity.
 Threats Kinds

4-Fabrication
― when an unauthorized party can be
fabricates counterfeit objects for a computing
system;
 The intruder may wish to;
- add spurious(‫ة‬WW‫ )زائف‬transactions to a
network communication system,
- add records to an existing data base.
 Effect on authenticity
Types of Threats Based on
Sources

−Nonhuman threats
− include;

 natural disasters like fires or floods;

 loss of electrical power;
 failure of a component such as a
communications cable, processor chip, or disk
drive;
 or attack by a wild boar.
 Types of Threats

Human threats

Non malicious include:

someone’s accidentally spilling a soft drink on a
laptop, unintentionally deleting text or file,
inadvertently sending an email message to the
wrong person, and carelessly typing “12” instead
of “21” or clicking “yes” instead of “no” to
overwrite a file.
Human threats
malicious
 Most computer security activity
relates to malicious, human-
caused harm:
A malicious person actually wants
to cause harm, and so we often
use the term attack for a malicious
computer security event.
Kinds of Threats Based on
Sources
Computer Crimes
Computer criminals have access to
enormous(‫خمة‬3‫ )ض‬amounts of, HW, SW, and
data;
 they have the potential to cripple(‫ل‬33‫)تعطي‬
much of effective business and government
throughout the world.
the purpose of computer security is to
prevent these criminals from doing damage;
Computer Crimes
Computer crime
 is any crime involving a computer or
aided by the use of one.
this definition is admittedly(‫اعتراف‬333‫ب‬
‫ع‬3‫ )الجمي‬broad, it allows us to consider
ways to protect;
 ourselves,
 our businesses, and
 our communities against those who use
computers maliciously(‫)بشكل ضار‬.
Types of Attackers;

Amateurs have committed most of the

computer crimes reported to date;
 Most embezzlers(‫ين‬3‫ )المختلس‬are not career
criminals;
Normal people who observe a weakness
in a security system that allows them to
access cash or other valuables;
In the same sense, most computer
criminals are;
 Ordinary(‫ادي‬3‫ )ع‬computer professionals or
 users who, while doing their jobs, discover
they have access to something valuable.
Types of Attackers
System crackers;
often high school or university students,
attempt to access computing facilities for which
they have not been authorized,
 Cracking a computer's defenses is seen as the ultimate
victimless crime.
 The security community
distinguishes between;
a "hacker," someone who (non maliciously)
programs, manages, or uses computing
systems;
—hacker is benign and malicious users.
a "cracker," someone who attempts to access
computing systems for malicious purposes;
 Types of Attackers;
Terrorists
The link between computers and
terrorism is quite(‫ا‬3‫ )تمام‬evident(‫ح‬3‫;)واض‬
they using computers in 4-ways:
 Computer as targets of attack:
− denial-of-service attacks and web site
defacements are popular for any political
organization, because;
 they attract attention to the cause and bring
undesired negative attention to the target of the
attack.
 Computer as enabler of attack:
− web sites, web logs, and e-mail lists are:
 effective, fast, and inexpensive ways to get a
 Types of Attackers;
Terrorists
 Computer as methods of attack:
− to launch(‫ )إطالق‬offensive(‫ة‬33‫ )معادي‬attacks
requires use of computers.
 Computer as enhance of attack:
− The Internet has proved to be an
invaluable(‫ية‬33‫ )نفس‬means for terrorists to
spread propaganda(‫ات‬3‫ )دعاي‬and recruit(‫د‬3‫)تجني‬
agents.