Addis Ababa University

Department of Computer
Science
College of Natural and
Computational Sciences

Computer Security
(CoSc 4171)

Chapter One
Fundamental of Computer Security
Outline
Overview of Security
History
Security Goals
Security Services
Attack, Threat and
Vulnerabilities
Countermeasures
Physical security
 Computer Security and
Privacy
“The most secure computers are those
not connected to the Internet and
shielded from any interference”
 Computer Security and
Privacy
Computer
Computer security
security isis about
about provisions
provisions and
and
policies
policies adopted
adopted to to protect
protect information
information and and
property
property from
from theft,
theft, corruption,
corruption, or
or natural
natural disaster
disaster
while
while allowing
allowing the
the information
information andand property
property to to
remain
remain accessible
accessible andand productive
productive toto its
its intended
intended
users.
users.
 Computer Security and
Privacy
Computer
Computer Security
Security when
when there
there isis connection
connection to
to networks
networks
(Network
(Network security)
security) on
on the
the other
other handhand deals
deals with
with
provisions
provisions and
and policies
policies adopted
adopted to to prevent
prevent and
and monitor
monitor
unauthorized
unauthorized access,
access, misuse,
misuse, modification,
modification, oror denial
denial of
of the
the
computer
computer network
networkand
andnetwork-accessible
network-accessibleresources.
resources.

Not Sufficient!!

Internet
Internet
 Computer Security and
Group Assignment:
Privacy
Group Assignment:
1. Blackout/Brownout 16. Server Spoofing
•• Read
Readabout
aboutthese
thesesecurity
securityattack
attack
related
relatedkeywords.
keywords.Study
Studyabout
about 2. Brute Force Attack 17. Session Hijacking
one
one of these keywords andwrite
of these keywords and write 3. Buffer Overflow 18. Smurf Attack
aaSeven pages (maximum)
Seven pages (maximum) 4. Cookie Injection/ 19. SNMP Community
summary
summaryof ofyour
yourfindings
findings
including Poisoning Strings
includingany
anyrecorded
recordedhistory
historyofof
significant damages created
significant damages created byby 5. Cracking 20. Spamming
these
theseattacks.
attacks. 6. DNS Poisoning 21. Scam & Phishing
7. DoS/DDoS Attack 22. Spoofing Attack
Activities:
Activities: 8. Eavesdropping 23. SQL Injection
•• For
Foraagroup
groupof
oftwo
twostudents.
students. 9. HTTP Tunnel 24. SYN Attack
•• Submit
Submit your
yourreport
report in
inhardcopy
hardcopy Exploit 25. Teardrop
on December 20,2022.
on December 20,2022.
10. ICMP Flood 26. Traffic Analysis
•• Presentation:
Presentation:TBATBA
11. Logic Bomb 27. Trojan Horses
12. Malware Attack 28. UDP Flood
13. Packet Sniffing 29. Viruses and Worms
14. Ping of Death 30. War Dialing
15. Serge/Spike 31. Wire Tapping
 Computer Security and
Privacy
Security Goals (Pillars)
Prevention of
unauthorized
disclosure of
information
Confidentiality

Prevention of Prevention of
unauthorized unauthorized
modification of withholding of
information Integrity Availability information or
resource
 Computer Security and
Privacy

Security
Security in
in general
general is
is about
about
protection
protection of
of assets.
assets.
•• To
To protect
protect our
our assets,
assets, we
we must
must know
know the
the
assets
assets and
and their
their values.
values.
Classification
Classification of of protection
protection measures
measures
includes
includes
•• Prevention:
Prevention: take
take measures
measures to
to prevent
prevent the
the
damage
damage
•• Detection:
Detection: when,
when, how
how and
and who
who of
of the
the
damage.
damage.
•• Reaction:
Reaction: take
take measures
measures to
to recover
recover from
from
 Computer Security and
Privacy

Example
Example (1):
(1): Protecting
Protecting voluble
voluble items
items
at
at home
home from
from aa burglar:
burglar:
•• Prevention:
Prevention: Locks
Locks on
on the
the door,
door, guards,
guards,
hidden
hidden places,
places, …
…
•• Detection:
Detection: Burglar
Burglar alarm,
alarm, guards,
guards, CCTV,
CCTV, ……
•• Reaction:
Reaction: Calling
Calling the
the police,
police, replace
replace the
the
stolen
stolen item,
item, …
…
 Computer Security and
Privacy

Example
Example (2):
(2): Protecting
Protecting aa fraudster
fraudster
from
from using
using our
our credit
credit card
card in
in Internet
Internet
purchase
purchase
•• Prevention:
Prevention: Encrypt
Encrypt when
when placing
placing order,
order,
perform
perform some
some check
check before
before placing
placing order,
order,
or
or don’t
don’t use
use credit
credit card
card number
number on on
internet.
internet.
•• Detection:
Detection: A A transaction
transaction that
that you
you had
had not
not
authorized
authorized appears
appears on on your
your credit
credit card
card
statement.
statement.
•• Reaction:
Reaction: AskAsk for
for new
new card,
card, recover
recover cost
cost
of
of the
the transaction
transaction from
from the
the insurance,
insurance, the
the
card
card issuer
issuer or
or the
the merchant.
merchant.
 Computer Security and Privacy/
Overview
Definitions

Security: The
Security: The protection
protection of
of computer
computer assets
assets
from
from unauthorized
unauthorized access,
access, use,
use, alteration,
alteration,
degradation,
degradation, destruction,
destruction, and
and other
other
threats.
threats.
Privacy: The
Privacy: The right
right ofof the
the individual
individual to
to be
be
protected
protected against
against intrusion
intrusion into
into hishis
personal
personal life
life oror affairs,
affairs, or
or those
those of
of his
his
family,
family, byby direct
direct physical
physical means
means oror byby
publication
publication ofof information.
information.
Security/Privacy Threat: Any
Security/Privacy Threat: Any person,
person, act,
act, or
or
object
object that
that poses
poses aa danger
danger to
to computer
computer
security/privacy.
security/privacy.
 Computer Security and Privacy/
History
Until
Until 1960s
1960s computer
computer security
security was
was
limited
limited to
to physical
physical protection
protection of
of
computers
computers
In
In the
the 60s
60s and
and 70s
70s

Evolutions
Evolutions
Computers
Computers became
became interactive
interactive
Multiuser/Multiprogramming
Multiuser/Multiprogramming was was invented
invented
More
More and
and more
more data
data started
started to
to be
be stored
stored in
in
computer
computer databases
databases

Organizations
Organizations and and individuals
individuals started
started to
to
worry about
worry about

What
What the
the other
other persons
persons using
using computers
computers are
are
doing
doing to
to their
their data
data

 Computer Security and Privacy/
History

In
In the
the 80s
80s and
and 90s
90s

Evolutions
Evolutions
Personal
Personal computers
computers werewere popularized
popularized
LANs
LANs and
and Internet
Internet invaded
invaded the
the world
world
Applications
Applications such
such asas E-commerce,
E-commerce, E-E-
government
government andand
E-health
E-health started
started to
to develop
develop
Viruses
Viruses become
become majors
majors threats
threats

Organizations
Organizationsand
andindividuals
individualsstarted
startedto
toworry
worryabout
about

Who
Who has
has access
access to
to their
their computers
computers and
and data
data

Whether they can trust a mail, a website, etc.
Whether they can trust a mail, a website, etc.

Whether
Whether their
their privacy
privacy is
is protected
protected in
in the
the
connected
connected world
world
 Computer Security and Privacy/
History
Famous
Famous security
security problems
problems

Morris worm –– Internet
Morrisworm Internet Worm Worm
November
November 2, 2, 1988
1988 aa worm
worm attacked
attacked moremore than
than
60,000
60,000 computers
computers around
around the
the USA
USA
The
The worm
worm attacks
attacks computers,
computers, andand when
when itit has
has
installed
installed itself,
itself, it
it multiplies
multiplies itself,
itself, freezing
freezing the
the
computer
computer
It
It exploited
exploited UNIX
UNIX security
security holes
holes inin Sendmail
Sendmail andand
Finger
Finger
AA nationwide
nationwide effort
effort enabled
enabled to
to solve
solve the
the problem
problem
within
within 12
12 hours
hours

Robert
Robert Morris
Morris became
became the the first person to
first person to be be
indicted
indicted under
under the
the Computer Fraud and
Computer Fraud and
Abuse
Abuse Act.
Act.

He was
He was sentenced
sentenced to
to three
three years
years of
of probation,
probation,
 Computer Security and Privacy/
History
Famous
Famous security
security problems
problems …
…
NASA shutdown

NASA shutdown

In 1990,
In 1990, an an Australian
Australian computer
computer
science
science student
student waswas charged
charged for for
shutting
shutting down
down NASA’s
NASA’s computer
computer system
system
for
for 24
24 hours
hours
Airline computers

Airline computers
In
In 1998,
1998, aa major major travel
travel agency
agency
discovered
discovered thatthat someone
someone penetrated
penetrated itsits
ticketing
ticketing system
system and
and has
has printed
printed airline
airline
tickets
tickets illegally
illegally
Bank theft

Bank theft

 Computer Security and Privacy/
History
Famous
Famous security
security problems
problems …
…

In
In Ethiopia
Ethiopia

Employees of
Employees of aa company
company managed
managed to
to change
change their
their
salaries by
salaries by fraudulently
fraudulently modifying
modifying the
the company’s
company’s
database
database

InIn 1990s
1990s Internet
Internet password
password theft
theft
Hundreds
Hundreds of of dial-up
dial-up passwords
passwords were were stolen
stolen
and
and sold
sold to
to other
other users
users
Many
Many ofof the
the owners
owners lost
lost tens
tens of
of thousands
thousands of
of
Birr
Birr each
each

AA major
major company
company suspended
suspended the
the use
use of
of aa remote
remote login
login
software
software by
by technicians
technicians who
who were
were looking at the
looking at the
computer
computer of
of the
the General
General Manager
Manager

In
In Africa:
Africa: Cote
Coted’Ivoire
d’Ivoire

An
An employee
employee who
who has
has been
been fired
fired by
by his
his company
company
 Computer Security and Privacy/
History
Early
Early Efforts
Efforts

1960s:
1960s: Marked
Marked as
as the
the beginning
beginning of
of
true
true computer
computer security
security

1970s:
1970s: Tiger
Tiger teams
teams

Government
Government and
and industry
industry sponsored
sponsored crackers
crackers
who
who attempted
attempted to to break
break down
down defenses
defenses of
of
computer
computer systems
systems in in order
order to
to uncover
uncover
vulnerabilities
vulnerabilities so so that
that patches
patches can
can be
be

1970s:
1970s: Research
Research and
developed and modeling
modeling
developed
Identifying
Identifying security
security requirements
requirements
Formulating
Formulating security
security policy
policy models
models
Defining
Defining guidelines
guidelines and
and controls
controls
Development
Development of of secure
secure systems
systems
Computer Security and Privacy/ Legal
Issues
In
In the
the US,
US, legislation
legislation waswas enacted
enacted
with
with regards
regards to
to computer
computer security
security and
and
privacy
privacy starting
starting from
from late
late 1960s.
1960s.
European
European Council
Council adopted
adopted aa
convention
convention on
on Cyber-crime
Cyber-crime in
in 2001.
2001.
The
The World
World Summit
Summit forfor Information
Information
Society
Society considered
considered computer
computer security
security
and
and privacy
privacy as
as aa subject
subject of
of discussion
discussion
in
in 2003
2003 and
and 2005.
2005.
The
The Ethiopian
Ethiopian Penal
Penal Code
Code of
of 2005
2005 has
has
articles
articles on
on data
data and
and computer
computer related
related
crimes.
 Computer Security and
Privacy/Attacks
Categories
Categories of
of Attacks
Attacks

Interruption:
Interruption: An
An attack
attack on
on

availability
availability

Interception:
Interception: An
An attack
attack on
on

confidentiality
confidentiality

Modification:
Modification: An
An attack
attack on
on
 Computer Security and
Privacy/Attacks
Categories
Categories of
of Attacks/Threats
Attacks/Threats (W.
(W. Stallings)
Stallings)
Source

Destination
Normal flow of information
Attack

Interruption Interception

Modification Fabrication
 Security Services

AUTHENTICATION:
The assurance that the communicating entity is the one that it
claims to be.
ACCESS CONTROL
The prevention of unauthorized use of a resource (i.e., this
service controls who can have access to a resource, under what
conditions access can occur, and what those accessing the
resource are allowed to do).
DATA CONFIDENTIALITY
The protection of data from unauthorized
disclosure.

21
 Cont’d
DATA INTEGRITY
The assurance that data received are exactly as sent by an
authorized entity (i.e., contain no modification, insertion,
deletion, or replay).
NONREPUDIATION
Provides protection against denial by one of the entities involved
in a communication of having participated in all or part of the
communication.

22
 Threats and Attacks[RFC 2828]
Threat: A potential for violation of security, which exists
when there is a circumstance, capability, action, or event
that could breach security and cause harm. That is, a
threat is a possible danger that might exploit a
vulnerability.

Attack: An assault on system security that derives from

an intelligent threat

23
 Security Attacks

A useful means of classifying security attacks is in terms

of passive attacks and active attacks.

A passive attack attempts to learn or make use of

information from the system but does not affect system
resources.

An active attack attempts to alter system resources or

affect their operation.

24
 Passive Attacks
Passive attacks are in the nature of eavesdropping on, or
monitoring of, transmissions.

The goal of the opponent is to obtain information that is

being transmitted.

Two types of passive attacks are release of message

contents and traffic analysis.

25
 Cont’d

The release of message contents is easily

understood. A telephone conversation, an
electronic mail message, and a transferred file may
contain sensitive or confidential information.

We would like to prevent an opponent from

learning the contents of these transmissions.

26
 Cont’d
A second type of passive attack, traffic analysis, is subtler.

Suppose that we had a way of masking the contents of

messages or other information traffic so that opponents, even
if they captured the message, could not extract the
information from the message.

The common technique for masking contents is encryption. If

we had encryption protection in place, an opponent might still
be able to observe the pattern of these messages. The
opponent could determine the location and identity of
communicating hosts and could observe the frequency and
length of messages being exchanged.

This information might be useful in guessing the nature of the

communication that was taking place.

27
 Cont’d
Passive attacks are very difficult to detect because
they do not involve any alteration of the data.
Typically, the message traffic is sent and received
in an apparently normal fashion and neither the
sender nor receiver is aware that a third party has
read the messages or observed the traffic pattern.

However, it is feasible to prevent the success of

these attacks, usually by means of encryption.

Thus, the emphasis in dealing with passive attacks

is on prevention rather than detection.

28
 Active Attacks
Active attacks involve some modification of the
data stream or the creation of a false stream and
can be subdivided into four categories:
masquerade, replay, modification of messages, and
denial of service.

A masquerade takes place when one entity

pretends to be a different entity as shown below.

29
 Cont’d

Replay involves the passive capture of a data unit

and its subsequent retransmission to produce an
unauthorized effect as shown below.

30
 Cont’d

Modification of messages simply means that some

portion of a legitimate message is altered, or that
messages are delayed or reordered, to produce an
unauthorized effect as shown below.

31
 Cont’d

The denial of service prevents or inhibits the

normal use or management of communications
facilities as shown below.

32
 Cont’d
Active attacks present the opposite characteristics of
passive attacks.

Whereas passive attacks are difficult to detect, measures

are available to prevent their success.

On the other hand, it is quite difficult to prevent active

attacks absolutely, because of the wide variety of
potential physical, software, and network vulnerabilities.

Instead, the goal is to detect active attacks and to recover

from any disruption or delays caused by them.

33
 Computer Security and
Privacy/Vulnerabilities
Types
Types of
of Vulnerabilities
Vulnerabilities

Physical
Physical vulnerabilities
vulnerabilities (Eg.
(Eg. Buildings)
Buildings)

Natural
Natural vulnerabilities
vulnerabilities (Eg.
(Eg. Earthquake)
Earthquake)

Hardware
Hardware and
and Software
Software vulnerabilities
vulnerabilities (Eg.
(Eg.

Failures)
Failures)

Media
Media vulnerabilities
vulnerabilities (Eg.
(Eg. Disks
Disks can
can be
be

stolen)
stolen)
 Computer Security and Privacy/
Countermeasures

Computer
Computer security
security controls
controls

Authentication
Authentication (Password,
(Password, Cards,
Cards,
Biometrics)
Biometrics)
(What
(What we we know,
know,
have,
have, are!)
are!)

Encryption
Encryption

Auditing
Auditing

Administrative
Administrative procedures
procedures

Standards
Standards

Certifications
Certifications

 Computer Security and Privacy/ The
Human Factor

The
The human
human factor
factor is
is anan important
important
component
component of of computer
computer security
security
Some
Some organizations
organizations view
view technical
technical solutions
solutions
as
as “their
“their solutions”
solutions” for for computer
computer
security.
security.

Technology
Technology is
is fallible
fallible(imperfect)
(imperfect)

Ex.
Ex. UNIX
UNIX holes
holes that
that opened
opened the
the door
door for
for Morris
Morris
worm
worm

The
The technology
technology may not be
may not be appropriate
appropriate

Ex.
Ex. It
It is
is difficult
difficult toto define
define allall the
the security
security
requirements
requirements and and find
find aa solution
solution that
that satisfies
satisfies
those
those requirements
requirements

Technical
Technical solutions
solutions are are usually
usually (very)
(very) expensive
expensive

Ex.
Ex. Antivirus
Antivirus purchased
purchased by by EhioTelecom
EhioTelecom to to
protect
protect its
its Internet
Internet services
services
 Computer Security and Privacy/ The
Human Factor

Competence of
Competence of the
the security
security staff
staff

Ex.
Ex. Crackers
Crackers may
may know
know more
more than
than the
the
security
security team
team
Understanding
Understanding and
and support
support of
of
management
management
Ex.
Ex. Management
Management doesdoes not
not want
want to
to spend
spend
money
money on
on security
security
Staff’s
Staff’s discipline
discipline to
to follow
follow
procedures
procedures

Ex.
Ex. Staff
Staff members
members choose
choose simple
simple
passwords
passwords
 Computer Security and Privacy/
Physical Security

“The most robustly secured

computer that is left sitting
unattended in an unlocked room
is not at all secure !!”
[Chuck Easttom]
 Computer Security and Privacy/
Physical Security

Physical
Physical security
security is
is the
the use
use of
of physical
physical
controls
controls to
to protect
protect premises,
premises, site,
site,
facility,
facility, building
building oror other
other physical
physical
asset
asset of of anan organization
organization [Lawrence
[Lawrence
Fennelly]
Fennelly]
Physical
Physical security
security protects
protects your
your physical
physical
computer
computer facility
facility (your
(your building,
building, your your
computer
computer room, room, your
your computer,
computer, your your
disks
disks andand other
other media)
media) [Chuck
[Chuck Easttom].
Easttom].
 Computer Security and Privacy/
Physical Security
In
In the
the early
early days
days of
of computing
computing
physical
physical security
security was simple because
was simple because
computers
computers were
were big,
big, standalone,
standalone,
expensive
expensive machines
machines

It is
It is almost
almost impossible
impossible to move them
to move them
(not
(not portable)
portable)

They
They werewere very
very few
few and and itit is
is
affordable to
affordable to spend
spend on on physical
physical
security
security for
for them
them

Management
Management was willing to
was willing to spend
spend
money
money

Everybody understands and
Everybody understands and accepts
accepts
Computer Security and Privacy/ Physical
Security
Today
Today

Computers
Computers are
are more
more and
and more portable (PC,
more portable (PC,
laptop,
laptop, PDA,
PDA, Smartphone)
Smartphone)

There
There areare too many of
too many of them
them to to have
have good
good
physical
physical security
security for for each
each of
of them
them

They
They areare notnot “too“too expensive”
expensive” to to justify
justify
spending
spending more more money money on on physical
physical
security
security until
until aa major
major crisis
crisis occurs
occurs

Users
Users don’t
don’taccept restrictions easily
acceptrestrictions easily

Accessories
Accessories (ex. (ex. Network
Network components)
components)
are not considered
are not considered as important for
as important for security
security
until
untilthere
thereis
isaaproblem
problem

Access
Access to
to aa single
single computer
computer may
may endanger
endanger
Computer Security and Privacy/ Physical
Security

=>
=>
Physical
Physical security
security is
is much
much more
more
difficult
difficult to
to achieve
achieve today
today than
than some
some
decades
decades agoago
 Computer Security and Privacy/ Physical
Security
Threats and vulnerabilities
Natural
Natural Disasters
Disasters

Fire
Fire and
and smoke
smoke

Fire
Fire can
can occur
occur anywhere
anywhere

Solution – Minimize risk
Solution – Minimize risk
Good
Good policies:
policies: NO SMOKING,, etc..
NO SMOKING etc..
Fire
Fire extinguisher,
extinguisher, good
good procedure
procedure and
and
training
training
Fireproof
Fireproof cases
cases (and
(and other
other techniques)
techniques)
for
for backup
backup tapes
tapes
Fireproof
Fireproof doors
doors

Climate
Climate

Heat
Heat

Direct
Direct sun
sun
 Computer Security and Privacy/ Physical
Security
Threats and vulnerabilities …
Natural
Natural Disasters
Disasters …
…

Hurricane,
Hurricane, storm,
storm, cyclone
cyclone

Earthquakes
Earthquakes

Water
Water

Flooding
Flooding can
can occur
occur even
even when
when aa water
water tab
tab is
is not
not
properly
properlyclosed
closed

Electric
Electric supply
supply
Voltage
Voltage fluctuation
fluctuation
Solution:
Solution: Voltage
Voltage regulator
regulator

Lightning
Lightning
Avoid
Avoidhaving
havingservers
serversin
inareas
areasoften
oftenhit
hitby
byNatural
NaturalDisasters!
Disasters!
 Computer Security and Privacy/ Physical
Security
Threats and vulnerabilities …
People
People

Intruders
Intruders

Thieves
Thieves

People
People who who havehave been been given
given access
access
unintentionally
unintentionally by by the
the insiders
insiders

Employees,
Employees, contractors,
contractors, etc.
etc. who
who have
have access
access
to
to the
the facilities
facilities

 External
External thieves
thieves

Portable computing
Portable computing devices
devices can
can be
be stolen
stolen
outside
outside the
the organization’s
organization’s premises
premises
Loss
Loss of
of aa computing
computing device
device

Mainly
Mainly laptop
laptop
 Computer Security and Privacy/ Physical
Security
Safe area

Safe
Safe area
area often
often isis aa locked
locked
place
place where
where only
only authorized
authorized
personnel
personnel can
can have
have access
access
Organizations
Organizations usually
usually have
have
safe
safe area
area for
for keeping
keeping
computers
computers and
and related
related devices
devices
 Computer Security and Privacy/ Physical
Security
Safe area … Challenges

Is
Is the
the area
area inaccessible
inaccessible through
through other
other
openings
openings (window,
(window, roof-ceilings,
roof-ceilings,
ventilation
ventilation hole,
hole, etc.)?
etc.)?

Design
Design of
of the
the building
building with
with security
security in
in mind
mind

Know the architecture of your building
Know the architecture of your building
During
During opening
opening hours,
hours, isis it
it always
always
possible
possible to
to detect
detect when
when unauthorized
unauthorized
person
person tries
tries to
to get
get to
to the
the safe
safe area?
area?

Surveillance/guards, video-surveillance,
Surveillance/guards, video-surveillance,
automatic-doors
automatic-doors with with security
security code
code locks,
locks,
alarms,
alarms, etc.
etc.

Put
Put signs
signs so
so that
that everybody
everybody sees
sees the
the safe
safe area
area
 Computer Security and Privacy/ Physical
Security
Safe area…Locks
Are
Are the
the locks
locks reliable?
reliable?

The
The effectiveness
effectiveness of
of locks
locks depends
depends on
on the
the design,
design,
manufacture,
manufacture, installation
installation and
and maintenance
maintenance of
of
the
the keys!
keys!

Among
Among the
the attacks
attacks on
on locks
locks are:
are:

Illicit
Illicit keys
keys
Duplicate
Duplicatekeys
keys
Avoid
Avoidaccess
accessto
tothe
thekey
keyby
byunauthorized
unauthorizedpersons
personseven
evenfor
foraa
few
fewseconds
seconds
Change
Changelocks/keys
locks/keysfrequently
frequently
Key
Keymanagement
managementprocedure
procedure
Lost
Lostkeys
keys
Notify
Notifyresponsible
responsibleperson
personwhen
whenaakey
keyisislost
lost
There
Thereshould
shouldbe
beno
nolabel
labelon
onkeys
keys

Circumventing
Circumventingof
ofthe
the internal
internal barriers
barriers of
of the
the lock
lock
Directly
Directly operating
operating the
the bolt
bolt completely
completely bypassing
bypassing the
the
locking mechanism which remains locked
 Computer Security and Privacy/ Physical
Security
Safe area… Surveillance with Guards

Surveillance
Surveillance with
with guards
guards
The
The most
most common
common in in Ethiopia
Ethiopia
Not
Not always
always the the most
most reliable
reliable
since
since it
it adds
adds aa lot
lot of
of human
human factor
factor
Not
Not always
always practical
practical forfor users
users
(employees
(employees don’tdon’t like like toto bebe
questioned
questioned by by guards
guards wherever
wherever
they
they go)
go)
 Computer Security and Privacy/ Physical
Security
Safe area… Surveillance with Video
Surveillance
Surveillance with
with video
video

Uses
Uses Closed
Closed Circuit
Circuit Television
Television (CCTV)
(CCTV)

Started in the 1960s
Started in the 1960s

Become
Become more
more and
and moremore popular
popular with
with the
the
worldwide
worldwide increase
increase of
of theft
theft and
and terrorism
terrorism

Advantages
Advantages

AA single
single person
person can
can monitor
monitor more
more than
thanone
one location
location

The intruder doesn’t see the security personnel
The intruder doesn’t see the security personnel

ItIt is
is cheaper
cheaperafter
afterthe
the initial
initial investment
investment

ItIt can
can bebe recorded
recordedandandbe be used
usedfor forinvestigation
investigation

Since
Since it it can
can be
be recorded
recorded thethe security
security personnel
personnel is
is
more
more careful
careful

Today’s
Today’s digital
digital video-surveillance
video-surveillance can can use
use advanced
advanced
techniques
techniques such such as as face
face recognition
recognition to to detect
detect
terrorists,
terrorists,wanted
wantedpeople,
people, etc.
etc.

Drawback
 Computer Security and Privacy/ Physical
Security
Internal Human factor - Personnel

Choose
Choose employees
employees carefully
carefully

Personal
Personal integrity
integrity should
should be
be as
as
important
important aa factor
factor in
in the
the hiring
hiring
process
process as
as technical
technical skills
skills
Create
Create an
an atmosphere
atmosphere in in which
which
the
the levels
levels of
of employee
employee loyalty,
loyalty,
morale,
morale, and
and job
job satisfaction
satisfaction are
are
high
high
Remind
Remind employees,
employees, onon aa regular
regular
basis,
basis, of
of their
their continuous
continuous
 Computer Security and Privacy/ Physical
Security
Internal Human factor – Personnel …
Establish
Establish procedures
procedures for
for proper
proper
destruction
destruction and and disposal
disposal of of obsolete
obsolete
programs,
programs, reports,
reports, and
and data
data
Act
Act defensively
defensively when
when anan employee
employee must
must
be
be discharged,
discharged, either
either for
for cause
cause or
or as
as
part
part of
of aa cost
cost reduction
reduction program
program
Such
Such an an employee
employee should
should notnot be
be
allowed
allowed access
access toto the
the system
system and
and
should
should be be carefully
carefully watched
watched until
until he
he
or
or she
she leaves
leaves the
the premises
premises
Any
Any passwords
passwords usedused byby the
the former
former
employee
employee shouldshould be be immediately
immediately
Computer Security and Privacy/ Attacks &
Threats

Computer
Computer Security
Security Attacks
Attacks and
and
Threats
Threats
 Computer security/ Attacks &
Threats

A
A computer
computer security
security threat
threat is
is
any
any person,
person, act,
act, or
or object
object that
that
poses
poses aa danger
danger to
to computer
computer
security
security
Computer
Computer world
world isis full
full of
of
threats!
threats!
…
… refer
refer to
to the
the first
first assignment…
assignment…
And
And so
so is
is the
the real
real world!
world!

Thieves,
Thieves, pick-pockets,
pick-pockets,
burglars,
burglars, murderers,
murderers, drunk
drunk
Computer security/ Attacks &
Threats
What
What is
is the
the right
right attitude?
attitude?

To
To do
do what
what you
you do
do in
in real
real life
life
What
What do
do you
you do
do in
in real
real life?
life?

You
You learn
learn about
about thethe threats
threats
What
What are
are the
the threats
threats
How
How can
can these
these threats
threats affect
affect you
you
What
What isis the
the risk
risk for
for you
you toto be
be attacked
attacked by by these
these
threats
threats
How
How you
youcan
canprotect
protect yourself
yourself from
fromthese
these risks
risks
How
How much
much does
does the
the protection
protection costcost
What
What you
you can
can do
do to
to limit
limit the
the damage
damage in in case
case you
you
are
are attacked
attacked
How
How you
youcan
canrecover
recoverin in case
case you
you are
are attacked
attacked

Then, you protect yourself in order to limit the
Then, you protect yourself in order to limit the
You
risk
You need
risk but
need toto
but to to do
do exactly
continue to
to live
exactly
continue the
live your same
thelife
your same thing
life thing
with computers!
 Computer security/ Attacks &
Threats
Types of Threats/Attacks … (Chuck Eastom)
Physical
Physical Attack
Attack
Stealing,
Stealing, breaking
breaking or or damaging
damaging of of
computing
computing devices
devices
Malware Attack
Malware Attack
AA generic
generic term
term forfor software
software that
that has
has
malicious
malicious purpose
purpose
Hacking
Hacking Attack
Attack
Any
Any attempt
attempt to to gain
gain unauthorized
unauthorized access
access to
to
your
your system
system
Denial
Denial of
of Service
Service (DoS)
(DoS) Attack
Attack

Blocking
Blocking access
access from
from legitimate
legitimate users
users
 Computer security/ Attacks &
Threats
Malware Attack: Examples
 Viruses
Viruses
 Worms
Worms
 Trojan horses
Trojan horses
 Spy-wares
Spy-wares
 New
ones:
Newones: Spam/scam,
Spam/scam, identity
identity theft,
theft, e-
e-
payment
payment frauds,
frauds, etc.
etc.
 Computer security/Threats
Malware Attack …
Viruses
Viruses

“A
“A small
small program
program that
that replicates
replicates and
and
hides
hides itself
itself inside
inside other
other programs
programs usually
usually
without
without your
your knowledge.”
knowledge.” byby Symantec
Symantec

Similar
Similar to
to biological
biological virus:
virus: Replicates
Replicates and
and
Spreads
Spreads byby its
its own
own

Worms
Worms

An
An independent
independent program
program that
that reproduces
reproduces
by
by copying
copying itself
itself from
from one
one computer
computer to
to
another
another

It
It can
can do
do as
as much
much harm
harm asas aa virus
virus

It
It often
often creates
creates denial
denial of
of service
service
 Computer security/Threats
Malware Attack…

Trojan
Trojan horses
horses

(Ancient
(Ancient Greek
Greek tale
tale of
of the
the city
city of
of Troy
Troy and
and
the
the wooden
wooden horse)
horse) -- ??
??

Secretly
Secretly downloading
downloading aa virus
virus or
or some
some
other
other type
type of
of mal-ware
mal-ware onon to
to your
your
computers.
computers.
Spy-wares
Spy-wares

“A
“A software
software that
that literally
literally spies
spies on
on what
what
you
you do
do on
on your
your computer.”
computer.”

Example:
Example: Simple
Simple Cookies
Cookies and
and Key
Key Loggers
Loggers
 Computer security/Threats
Most software based attacks are
commonly called Viruses: How do
viruses work?
Infection
Infection mechanisms
mechanisms

First,
First, the
the virus
virus should
should search
search for
for and
and
detect
detect objects
objects to
to infect
infect

Installation
Installation into
into the
the infectable
infectable object
object

Writing
Writing on
on the
the boot
boot sector
sector

Add
Add some
some code
code to
to executable
executable programs
programs

Add
Add some
some code
code to
to initialization/auto-
initialization/auto-
executable
executable programs
programs

Write
Write aa macro
macro in
in aa word
word file
file

……
 Computer security/Threats
How do viruses work? …
Trigger
Trigger mechanism
mechanism

Date
Date

Number
Number of
of infections
infections

First
First use
use

Effects:
Effects: It
It can
can be
be anything
anything

AA message
message

Deleting
Deleting files
files

Formatting
Formatting disk
disk

Overloading
Overloading processor/memory
processor/memory

Etc.
Etc.
 Computer security/Threats
Who Writes Virus

Adolescents
Adolescents

Ethically
Ethically normal
normal and
and of
of
average/above
average/above average
average intelligence.
intelligence.

Tended
Tended to
to understand
understand the the difference
difference
between
between what
what isis right
right and
and wrong
wrong

Typically
Typically do
do not
not accept
accept any
any
responsibility
responsibility for
for problems
problems caused
caused
 Computer security/Threats
Who Writes Virus …

College
College Students
Students

Ethically
Ethically normal
normal

Despite
Despite expressing
expressing that
that what
what is
is
illegal
illegal is
is “wrong”
“wrong”

Are
Are notnot typically
typically concerned
concerned about
about
the
the results
results ofof their
their actions
actions related
related
to
to their
their virus
virus writing
writing
Adults
Adults (smallest
(smallest category)
category)

Ethically
Ethically abnormal
abnormal
 Computer security/Threats
Anti-Virus

There
There are
are

Generic
Generic solutions
solutions

Ex.
Ex. Integrity
Integrity checking
checking

Virus
Virus specific
specific solution
solution

Ex.
Ex. Looking
Looking for
for known
known viruses
viruses

Three
Three categories
categories

Scanners
Scanners

Activity
Activity monitors
monitors

Change
Change detection
detection software
software
 Computer security/Threats
Anti-Virus …

Functions
Functions of
of anti-viruses
anti-viruses

Identification
Identification of
of known
known viruses
viruses

Detection
Detection of
of suspected
suspected viruses
viruses

Blocking
Blocking of
of possible
possible viruses
viruses

Disinfection
Disinfection of
of infected
infected objects
objects

Deletion
Deletion and
and overwriting
overwriting of
of
infected
infected objects
objects
 Computer security/Threats
Hacking /Intrusion/ Attack:

Hacking:
Hacking: is
is any
any attempt
attempt to
to intrude
intrude or
or
gain
gain unauthorized
unauthorized access
access toto your
your
system
system either
either viavia some
some operating
operating
system
system flaw
flaw oror other
other means.
means. The The
purpose
purpose may
may or or may
may not
not bebe for
for
malicious
malicious purposes.
purposes.

Cracking:
Cracking: isis hacking
hacking conducted
conducted for
for
malicious
malicious purposes.
purposes.
 Computer security/Threats
Denial of Service (DoS) Attack:
DoS
DoS Attack:
Attack: isis blocking
blocking access
access of
of legitimate
legitimate
users
users to
to aa service.
service.

Distributed
Distributed DoSDoS Attack:
Attack: is
is accomplished
accomplished by by
tricking
tricking routers
routers into
into attacking
attacking aa target
target or
or using
using
Zumbie
Zumbie hosts
hosts toto simultaneously
simultaneously attack
attack aa given
given
target
target with
with large
large number
number ofof packets.
packets.
 Computer security/Threats

Simple
Simpleillustration
illustrationof
ofDoS
DoSattack
attack(from
(fromEasttom)
Easttom)

C:\>Ping 169.10.10.3 -l 65000 -t

Web Server X 169.10.10.3

Ping
Ping

Ping

Legitimate User Ping