Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS426Fall 2010/Lecture11 Computer Security CS 426 Lecture 1 Overview of the Course.

Published byJeffery Hodges Modified over 9 years ago

Similar presentations

Presentation on theme: "CS426Fall 2010/Lecture11 Computer Security CS 426 Lecture 1 Overview of the Course."— Presentation transcript:

1 CS426Fall 2010/Lecture11 Computer Security CS 426 Lecture 1 Overview of the Course

2 In Recent (Last Week)’s News Intel buys McAfee for $7.7B in push beyond PCs Intel buys McAfee for $7.7B in push beyond PCs HP to Buy Vulnerability Specialist Fortify Software HP to Buy Vulnerability Specialist Fortify Software CS426Fall 2010/Lecture12 The market for computer security knowledge will grow.

3 More In the News Malware Call to Arms: Threat at All-Time High and Rising Malware Call to Arms: Threat at All-Time High and Rising Beware the Facebook "Dislike" Button Scam Facebook Warns of Clickjacking Scam Android Game Is a Spy App in Disguise Cameron Diaz hot bait for online traps Virus Fools People Into Uninstalling Their Antivirus Software Virus Fools People Into Uninstalling Their Antivirus Software CS426Fall 2010/Lecture13 What are some common themes of the attacks?

4 CS426Fall 2010/Lecture14 Why Do Computer Attacks Occur? Who are the attackers? –bored teenagers, criminals, organized crime organizations, rogue states, industrial espionage, angry employees, … Why they do it? –fun, –fame, –profit, … computer systems are where the moneys are

5 CS426Fall 2010/Lecture15 Computer Security Issues Computer viruses Trojan horses Computer worms –E.g., Morris worm (1988), Melissa worm (1999), etc. Distributed denial of service attacks Computer break-ins Email spams –E.g., Nigerian scam, stock recommendations

6 More Computer Security Issues Identity theft Zero-day attacks Botnets Serious security flaws in many important systems –electronic voting machines, ATM systems Spywares Driveby downloads Social engineering attacks CS426Fall 2010/Lecture16

7 CS426Fall 2010/Lecture17 Why do these attacks happen? Software/computer systems are buggy Users make mistakes Technological factors –Von Neumann architecture: stored programs –Unsafe program languages –Software are complex, dynamic, and increasingly so –Making things secure are hard –Security may make things harder to use

8 CS426Fall 2010/Lecture18 Why does this happen? Economical factors –Lack of incentives for secure software –Security is difficult, expensive and takes time Human factors –Lack of security training for software engineers –Largely uneducated population

9 CS526Spring 2009/Lecture 39 Security is Secondary What protection/security mechanisms one has in the physical world? Why the need for security mechanisms arises? Security is secondary to the interactions that make security necessary.

10 CS526Spring 2009/Lecture 310 Security is not Absolute Is your car secure? What does “secure” mean? Are you secure when you drive your car? Security is relative –to the kinds of loss one consider security objectives/properties need to be stated –to the threats/adversaries under consideration. security is always under certain assumptions

11 CS526Spring 2009/Lecture 311 Information Security is Interesting The most interesting/challenging threats to security are posed by human adversaries –security is harder than reliability Information security is a self-sustained field Security is about benefit/cost tradeoff –thought often the tradeoff analysis is not explicit Security is not all technological –humans are often the weakest link

12 CS526Spring 2009/Lecture 312 Information Security is Challenging Defense is almost always harder than attack. In which ways information security is more difficult than physical security? –adversaries can come from anywhere –computers enable large-scale automation –adversaries can be difficult to identify –adversaries can be difficult to punish –potential payoff can be much higher In which ways information security is easier than physical security?

13 CS426Fall 2010/Lecture113 What is This Course About? Learn how to prevent attacks and/or limit their consequences. –No silver bullet; man-made complex systems will have errors; errors may be exploited –Large number of ways to attack –Large collection of specific methods for specific purposes Learn to think about security when doing things Learn to understand and apply security principles

14 CS426Fall 2010/Lecture114 See the Course Homepage http://www.cs.purdue.edu/homes/ninghui/courses/ 426_Fall10/index.html http://www.cs.purdue.edu/homes/ninghui/courses/ 426_Fall10/index.html

15 Course Outline Introduction/review of cryptography Operating system security Software security Access control models Network security Web security CS426Fall 2010/Lecture115

16 CS426Fall 2010/Lecture116 Ethical use of security information We discuss vulnerabilities and attacks –Most vulnerabilities have been fixed –Some attacks may still cause harm –Do not try these at home

17 CS426Fall 2010/Lecture117 Readings for This Lecture Required readings: –Information Security on WikipediaInformation Security on Wikipedia Optional Readings: –Counter Hack Reloaded Chapter 1: Introduction –Security in Computing Chapter 1: Is There a Security Problem in Computing

18 CS426Fall 2010/Lecture118 Coming Attractions … Cryptography: terminology and classic ciphers. Readings for next lecture: –Cryptography on wikipediaCryptography on wikipedia –Interesting reading The Code Book by Simon SinghThe Code Book

Download ppt "CS426Fall 2010/Lecture11 Computer Security CS 426 Lecture 1 Overview of the Course."

Similar presentations

© Ravi Sandhu www.list.gmu.edu Introduction to Information Security Ravi Sandhu.

© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk email o Over 70% of email traffic  Bugs ---

Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk o Over 70% of traffic  Bugs ---
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
CS5261 Information Security CS 526 Topic 1 Overview of the Course Topic 1.

CS5261 Information Security CS 526 Topic 1 Overview of the Course Topic 1.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
Welcome to EECS 354 Network Penetration and Security.

Welcome to EECS 354 Network Penetration and Security.
1 Securing the Net: Where the Holes Are Steven M. Bellovin AT&T Labs – Research

1 Securing the Net: Where the Holes Are Steven M. Bellovin AT&T Labs – Research
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Similar presentations

Ads by Google