Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security Information Security in Today’s World Abdalla Al-Ameen Assistant Prof. Computer Science and information Dept. College of Arts and.

Similar presentations


Presentation on theme: "Information Security Information Security in Today’s World Abdalla Al-Ameen Assistant Prof. Computer Science and information Dept. College of Arts and."— Presentation transcript:

1 Information Security Information Security in Today’s World Abdalla Al-Ameen Assistant Prof. Computer Science and information Dept. College of Arts and Science in WadiAddawasir Salman Bin Abdulaziz University K.S.A Web site :http://faculty.sau.edu.sa/a.alameenhttp://faculty.sau.edu.sa/a.alameen

2 Information Security Protecting Your PC, Privacy and Self “The minute you dial in to your Internet service provider or connect to a DSL or cable modem, you are casting your computer adrift in a sea of millions of other computers – all of which are sharing the world's largest computer network, the Internet. Most of those computers are cooperative and well behaved, but some are downright nasty. Only you can make sure your computer is ready for the experience.” Daniel Appleman, Always Use Protection, A Teen's Guide to Safe Computing, (2004 – Apress) 2

3 Information Security Objectives : this seminar aims to cover the following topics m Computer Security definition m Information Security Topic areas m Core Security Concepts m Why Study Computer Security? m The Importance of Information Security m Security Services m Challenges m Latest Trends m Overview of Existing Security Systems m Protecting one Computer m Protecting a Wireless Local Area Network (WLAN) m What Can We Do?

4 Information Security Information security is defined as methods and technologies as methods and technologies for deterrence (scaring away hackers), protection, detection, response, recovery and extended functionalities Introduction OR Process by which digital information assets are protected 4

5 Information Security Information Assurance m A broader category than computer security, information security, etc. m Concerned with the Security of information in system Security of information in system Quality/Reliability of information in system Quality/Reliability of information in system 5

6 Information Security What Information Security Topic areas? m Policies and procedures, m authentication, m attacks, m remote access, , Web, wireless, m devices, media/medium, secure architectures, IDSes/IPSes, operating systems, secure code, Cryptography, m physical security, m digital media analysis… 6

7 Information Security Core Security Concepts m Vulnerability, Exploit, Threat Vulnerability – a weakness in some aspect of a system Vulnerability – a weakness in some aspect of a system Exploit – a known method for taking advantage of a vulnerability Exploit – a known method for taking advantage of a vulnerability Threat – the likelihood of some agent using an exploit to compromise security Threat – the likelihood of some agent using an exploit to compromise security – Note: not all users/groups are equal threats to various systems “Hackers” more of a threat to popular web sites, businesses “Hackers” more of a threat to popular web sites, businesses Disgruntled employees more of a threat to isolated businesses Disgruntled employees more of a threat to isolated businesses 7

8 Information Security Generic Security Principles Deterrence (Scare away) Deterrence (Scare away) Recovery Response Detection Protection Generic Security System Information while in storage Information while in transmission Hardware Hacker 8

9 Information Security Why Study Computer Security? m Increasingly important issue for: Computer system and network administrators Computer system and network administrators Application programmers Application programmers m Security issues follow technology Desktop systems, wireless networks, handheld devices Desktop systems, wireless networks, handheld devices m Security issues affect software, laws, profits and businesses 9

10 Information Security The Importance of Information Security m Prevents data theft m Avoids legal consequences of not securing information m Maintains productivity m Foils cyberterrorism m Thwarts identity theft 10

11 Information Security Security Services : Confidentiality To keep a message secret to those that are not authorized to read it Confidentiality Authentication Access Control Integrity Availability Availability Non-repudiation 11

12 Information Security Security Services: Authentication Confidentiality Authentication Access Control Integrity Availability Non-repudiation To verify the identity of the user / computer 12

13 Information Security Security Services: Access Control Confidentiality Authentication Access Control Integrity Availability Non-repudiation To be able to tell who can do what with which resource 13

14 Information Security Security Services: Integrity Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that a message has not been changed while on Transfer, storage, etc 14

15 Information Security Security Services: Non-repudiation Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that a user/server can’t deny later having participated in a transaction 15

16 Information Security Security Services: Availability Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that the services are always available to users. 16

17 Information Security Challenges m A number of trends illustrate why security is becoming increasingly difficult: Speed of attacks Speed of attacks Sophistication of attacks Sophistication of attacks Faster detection of weaknesses Faster detection of weaknesses Distributed attacks Distributed attacks Difficulties of patching Difficulties of patching 17

18 Information Security Latest Trends - Identity Theft m Crime of the 21 st century m Involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and destroy their credit rating m National, state, and local legislation continues to be enacted to deal with this growing problem. 18

19 Information Security Latest Trends - Identity Theft - continued m Phishing is a method used by identity thieves to take financial information from a computer user m The word “phishing” was made up by hackers as a cute word to use for the concept of fishing for information m One of the most profitable forms of spamming m Often used in conjunction with spoofed Web sites 19

20 Information Security Latest Trends - Malicious Software (Malware) m Designed to operate without the computer user’s permission m May change or destroy data m May operate hardware without authorization m Can hijack your Web browser m Might steal information or otherwise cheat a computer user or organization 20

21 Information Security Malware: Includes computer viruses, worms, trojan horses, bots, spyware, adware, etc Includes computer viruses, worms, trojan horses, bots, spyware, adware, etc Software is considered malware based on the intent of the creator rather than any particular features Software is considered malware based on the intent of the creator rather than any particular features 21

22 Information Security Malware Trends m Spyware m Keyloggers m Rootkits m Mobile malware m Combined attack mechanisms 22

23 Information Security Malware Trends - Spyware m Advertisement-focused applications that, much like computer worms, install themselves on systems with little or no user interaction m While such an application may be legal, it is usually installed without the user’s knowledge or informed consent m A user in an organization could download and install a useful (often “free”) application from the Internet and in doing so, install a spyware component 23

24 Information Security Spyware: Spyware can collect many different types of information about a user: Spyware can collect many different types of information about a user: – Records the types of websites a user visits – Records what is typed by the user to intercept passwords or credit card numbers – Used to launch “pop up” advertisements Many legitimate companies incorporate forms of spyware into their software for purposes of advertisement(Adware) Many legitimate companies incorporate forms of spyware into their software for purposes of advertisement(Adware) 24

25 Information Security Spyware Example 25

26 Information Security Spyware Example (add-on toolbars) 26

27 Information Security Malware Trends - Keyloggers m Used to capture user’s keystrokes: Also known as Keystoke Logging Also known as Keystoke Logging m Hardware and software-based m Useful purposes: Help determine sources of errors on system Help determine sources of errors on system Measure employee productivity on certain clerical tasks Measure employee productivity on certain clerical tasks 27

28 Information Security Keystroke Logging: Can be achieved by both hardware and software meansCan be achieved by both hardware and software means Hardware key loggers are commercially available devices which come in three types:Hardware key loggers are commercially available devices which come in three types: –Inline devices that are attached to the keyboard cable –Devices installed inside standard keyboards –Keyboards that contain the key logger already built-in Writing software applications for keylogging is trivial, and like any computer program can be distributed as malware (virus, trojan, etc.)Writing software applications for keylogging is trivial, and like any computer program can be distributed as malware (virus, trojan, etc.) 28

29 Information Security Malware Trends - Rootkits m Is a set of software tools intended to hide running processes, files or system data, thereby helping an intruder to maintain access to a system while avoiding detection m Often modify parts of the operating system or install themselves as drivers or kernel modules m Are known to exist for a variety of operating systems m Are difficult to detect 29

30 Information Security Malware Trends - Mobile Malware m Increase in the number of mobile phone viruses being written m But, m Insignificant compared to the much larger number of viruses being written which target Windows desktop computers 30

31 Information Security Malware Trends - Combined Attack Mechanisms m SPAM with spoofed Web sites m Trojans installing bot software m Trojans installing backdoors m برنامج آلي 31

32 Information Security Spam: Spamming is the abuse of electronic messaging systems to send unsolicited, undesired bulk messages Spamming is the abuse of electronic messaging systems to send unsolicited, undesired bulk messages Spam media includes: Spam media includes: – spam (most widely recognized form) spam spam – instant messaging spam instant messaging spam instant messaging spam – Usenet newsgroup spam Usenet newsgroup spam Usenet newsgroup spam – Web search engine spam Web search engine spam Web search engine spam – spam in blogs spam in blogs spam in blogs – mobile phone messaging spam mobile phone messaging spam mobile phone messaging spam 32

33 Information Security Spam Example 33

34 Information Security Phishing: A criminal activity using social engineering techniques. A criminal activity using social engineering techniques.social engineeringsocial engineering An attempt to acquire sensitive data, such as passwords and credit card details, by appearing as a trustworthy person or business in an electronic communication. An attempt to acquire sensitive data, such as passwords and credit card details, by appearing as a trustworthy person or business in an electronic communication. Typically carried out using or an instant message Typically carried out using or an instant message instant message instant message 34

35 Information Security Phishing Example Points to “bad” IP Address! 35

36 Information Security Latest Trends - Ransomware m Type of malware that encrypts the victim’s data, demanding ransom for its returning. m Cryptovirology predates ransomware 36

37 Information Security Overview of Existing Security Systems : Firewalls Used even for Deterring (Scaring attackers) Firewalls  Designed to prevent malicious packets from entering Software based  Runs as a local program to protect one computer ( personal firewall ) or as a program on a separate computer ( network firewall ) to protect the network Hardware based  separate devices that protect the entire network (network firewalls) 37

38 Information Security Overview of Existing Security Systems : Detection - Intrusion Detection Systems Intrusion Detection System (IDS)  Examines the activity on a network Goal is to detect intrusions and take action Two types of IDS: Host-based IDS  Installed on a server or other computers (sometimes all) Monitors traffic to and from that particular computer Network-based IDS  Located behind the firewall and monitors all network traffic 38

39 Information Security Overview of Existing Security Systems : Network Address Translation (NAT) Network Address Translation (NAT) Systems  Hides the IP address of network devices Located just behind the firewall. NAT device uses an alias IP address in place of the sending machine’s real one “You cannot attack what you can’t see” 39

40 Information Security Overview of Existing Security Systems :Proxy Servers Overview of Existing Security Systems : Proxy Servers Proxy Server  Operates similar to NAT, but also examines packets to look for malicious content Replaces the protected computer’s IP address with the proxy server’s address Protected computers never have a direct connection outside the networkThe proxy server intercepts requests. Acts “on behalf of” the requesting client 40

41 Information Security Adding a Special Network called Demilitarized Zone (DMZ) Demilitarized Zones (DMZ)  Another network that sits outside the secure network perimeter. Outside users can access the DMZ, but not the secure network Some DMZs use two firewalls. This prevents outside users from even accessing the internal firewall  Provides an additional layer of security 41

42 Information Security Overview of Existing Security Systems : Virtual Private Networks (VPN) m Virtual Private Networks (VPNs)  A secure network connection over a public network Allows mobile users to securely access information Allows mobile users to securely access information Sets up a unique connection called a tunnel Sets up a unique connection called a tunnel 42

43 Information Security Overview of Existing Security Systems :Virtual Private Networks (VPN) Overview of Existing Security Systems : Virtual Private Networks (VPN) 43

44 Information Security Overview of Existing Security Systems : Honeypots Honeypots  Computer located in a DMZ and loaded with files and software that appear to be authentic, but are actually imitations Intentionally configured with security holes Goals: Direct attacker’s attention away from real targets; Examine the techniques used by hackers 44

45 Information Security Overview of Existing Security Systems : Secure Socket Layer (SSL) SSL is used for securing communication between clients and servers. It provid es mainly confidentiality, integrity and authentication WWW Server Client Establish SSL connection - communication protected 45

46 Information Security Protecting one Computer Summary (continued) m Operating system hardening is the process of making a PC operating system more secure Patch management Patch management Antivirus software – to protect your pc from viruses Antivirus software – to protect your pc from viruses Antispyware software Antispyware software Firewalls – to deter (scare), protect Firewalls – to deter (scare), protect Setting correct permissions for shares Setting correct permissions for shares Intrusion detection Systems – to detect intrusions Intrusion detection Systems – to detect intrusions Cryptographic systems Cryptographic systems 46

47 Information Security Protecting a Wireless Local Area Network (WLAN) 47

48 Information Security Security in a Wireless LAN m WLANs include a different set of security issues m Steps to secure: Turn off broadcast information Turn off broadcast information MAC address filtering MAC address filtering Encryption Encryption Password protect the access point Password protect the access point Physically secure the access point Physically secure the access point Use enhanced WLAN security standards whenever possible Use enhanced WLAN security standards whenever possible Use cryptographic systems Use cryptographic systems 48

49 Information Security What Can We Do? m Security Assessment Identify areas of risk Identify areas of risk Identify potential for security holes, breakdown Identify potential for security holes, breakdown Identify steps to mitigate Identify steps to mitigate m Security Application Multi-layered Approach (there is no single solution) Multi-layered Approach (there is no single solution) Policies and Procedures Policies and Procedures m Security Awareness Not just for the geeks! Not just for the geeks! Security Training at all levels (external and/or internal) Security Training at all levels (external and/or internal) Continuing education and awareness – not a one-time shot! Continuing education and awareness – not a one-time shot! Make it part of the culture Make it part of the culture 49

50 Information Security What Can We Do? m Security Awareness Not just for the geeks! Not just for the geeks! Security Training at all levels (external and/or internal) Security Training at all levels (external and/or internal) Continuing education and awareness – not a one-time shot! Continuing education and awareness – not a one-time shot! Make it part of the culture Make it part of the culture 50

51 Information Security References 1. visited at Allen, Julia, (2012) The CERT Guide to System and Network Security Practices, 3. Addison-Wesley, New York 4. Ratzan, Lee, (2012) Understanding Information Systems, American Library Association, Chicago 5. The Information Security Process: Prevention,Detection and Response, James LaPiedra,GIAC practical repository, SANS Institute, visited at InformIT Reference Guides, visited at

52 Information Security Thank you for coming!!


Download ppt "Information Security Information Security in Today’s World Abdalla Al-Ameen Assistant Prof. Computer Science and information Dept. College of Arts and."

Similar presentations


Ads by Google