Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in Computer System 491 CS-G(172) By Manesh T

Published byAshlynn Watts Modified over 8 years ago

Similar presentations

Presentation on theme: "Security in Computer System 491 CS-G(172) By Manesh T"— Presentation transcript:

1 Security in Computer System 491 CS-G(172) By Manesh T maneshpadmayil@gmail.com

2 AGENDA Overview of Security & Needs Concepts, Types of Viruses Different Types of Security Threats in Network Hacking, Ethical Hacking Attacks, services and mechanisms Security attacks-Types Security services Methods of Defense A model for Internetwork Security

3 Overview What is security? Why do we need security? Who is vulnerable?

4 What is “Security” Security is state of having 1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear Definition: Security is the protection of assets. Three main aspects of security are 1.Protection 2.Detection 3.Reaction.

5 Why do we need security? Protect vital information while still allowing access to those who need it –Trade secrets, medical records, etc. Provide authentication and access control for resources –Ex: Bank Identity Card, ATM Card Guarantee availability of resources –Must be available all the time

6 Need for Security The Information Age- Internet Highway Digital Assets- emails, documents Static Assets- pictures, databases Assets on Transit- emails(Comm. Networks)

7 Who is vulnerable? Financial institutions and banks Internet service providers Pharmaceutical companies Government and defense agencies Internet users Multinational corporations ANYONE ON THE NETWORK

8 Different Types of Security-Definitions Computer Security - generic name for the collection of tools designed to protect hardware or software modules. Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected network Information Security- All the three areas

9 Basic Terminologies Cryptography –Study of mathematical techniques related to aspects of information security (Set of techniques) Cryptanalysis –The process of breaking the security policies Cryptology - Cryptography + cryptanalysis Cryptosystems are computer systems used to encrypt data for secure transmission and storage

10 Types of Computer Virus 1.Time Bomb 2.Logical Bomb 3.Worm 4.Boot Sector Virus 5.Macros Virus 6.Trojan Horse

11 Types of Viruses Time Bomb – Active when time/date comes Logical Bomb – Active when some action comes Worm- Self replicating in networks Boot Sector Virus- During system boot, boot sector virus is loaded into main memory and destroys data stored in hard disk Micro Virus- It is associated with application software like word and excel Trojan Horse- usually email virus

12 Launching the attack Steps are 1.Vulnerability 2.Threat 3.Discovery of Vulnerability 4.Exploitation of Vulnerability 5.Attack

13 Attacks, Services and Mechanisms Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.

14 Different Types of Security Attacks

15 Security Attacks Interruption: This is an attack on availability Interception: This is an attack on confidentiality Modification: This is an attack on integrity Fabrication: This is an attack on authenticity

16 Security Goals

17 Threats in Networks

18 In This Section What makes a network Vulnerable –Reasons for network attacks Who Attacks Networks? –Who are the attackers? Why people attack? Threats in Network transmission: Eavesdropping and Wiretapping –Different ways attackers attack a victim

19 What Makes a Network Vulnerable How network differ from a stand-alone environment: –Anonymity Attacker can mount an attack from thousands of miles away; passes through many hosts –Many points of attack Both targets and origins An attack can come from any host to any host –Sharing More users have the potential to access networked systems than on single computers

20 How network differ from a stand-alone environment: –Complexity of System Reliable security is difficult to obtain Complex as many users do not know what their computers are doing at any moment –Unknown Perimeter One host may be a node on two different networks Causing uncontrolled groups of possibly malicious users –Unknown Path Can have multiple paths from one host to another. What Makes a Network Vulnerable

21 Who Attacks Networks 1.Challenge – what would happen if I tried this approach or technique? Can I defeat this network? 2.Fame 3.Money and Espionage(Spy) 4.Organized Crime Ideology Hacktivism – breaking into a computer system with the intent of disrupting normal operations but not causing serious damage Cyberterroism- more dangerous than hacktivism can cause grave harm such as loss of life or severe economic damage

22 Reference Asoke K Talukder, Manish Chaitanya, Architecting Secure Software System, Aeurbach Publication, 2008 Howard M, Lipner S, The Security Development Lifecycle, Microsoft Press, 2006 Frank Swiderski, Window Snyder, Threat Modeling, Microsoft Press, 2004 John Viega, Gary McGraw, Building secure Software, How to Avoid Security problems in the Right Way, Addison-Wesley 2001 Tom Gallagher, Bryan Jeffries, Lawrence Landauer, Hunting Security Bugs, Microsoft Press, 2006 Ross Anderson, Security Engineering: A guide to Building dependable Distributed systems, John wiley, 2001.

Download ppt "Security in Computer System 491 CS-G(172) By Manesh T"

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
1 Network Security Ola Flygt Växjö University +46 470 70 86 49.

1 Network Security Ola Flygt Växjö University
Computer Viruses.

Computer Viruses.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Blekinge Institute of Technology, Sweden

Blekinge Institute of Technology, Sweden
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Chapter 7 7.2 Threats in Networks Network Security / G. Steffen.

Chapter Threats in Networks Network Security / G. Steffen.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Securing Information Systems

Securing Information Systems
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

Similar presentations

Ads by Google