1 Lecture 1: Introduction Outline course’s focus intruder’s capabilities motivation for security worms, viruses, etc. legal and patent issues.

Slides:



Advertisements
Similar presentations
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Advertisements

Virus Code Actions Clara Pirie & Eilidh Currie. Viruses A virus is a computer program that can copy itself and infect a computer without the permission.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Unit 18 Data Security 1.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Lecture 14. Lecture’s outline Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended.
The Internet Netiquette and Dangers. Outline Netiquette Dangers of the Internet.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
Computer Threats Cybercrimes are criminal acts conducted through the use of computers by cybercriminals. © 2009 Prentice-Hall, Inc. 1.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Types of Electronic Infection
Name: Perpetual Ifeanyi Onyia Topic: Virus, Worms, & Trojan Horses.
Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.
Network Security Jiuqin Wang June, 2000 Security & Operating system To protect the system, we must take security measures at two levels: Physical level:
Computer Defining denial of service, worm, virus and hoax. Examples of negligence or incompetence that leads to crime. CI R M E By: Megan Price.
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Telecommunications Networking II Lecture 41a Information Assurance.
Malicious Software.
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Overview of Database Security Introduction Security Problems Security Controls Designing Database Security.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.
Virus Infections By: Lindsay Bowser. Introduction b What is a “virus”? b Brief history of viruses b Different types of infections b How they spread b.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
COMPUTER VIRUSES Computer Technology. What is a Computer Virus? A kind of A kind of Malicious software written intentionallyMalicious software written.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.
Network System Security - Task 2. Russell Johnston.
Unit 3 Section 6.4: Internet Security
Security Issues in Information Technology
Chapter 40 Internet Security.
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
COMPUTER VIRUSES Computer Technology.
Chap 10 Malicious Software.
Faculty of Science IT Department By Raz Dara MA.
Security.
Chap 10 Malicious Software.
Computer Security By: Muhammed Anwar.
ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.
Presentation transcript:

1 Lecture 1: Introduction Outline course’s focus intruder’s capabilities motivation for security worms, viruses, etc. legal and patent issues

2 Course Focus Focus on network protocols Cryptography: especially practical issues, and intuition. How to design a secure protocol Recognizing snake oil and common flaws Conceptual overview of standards and deployed systems

3 Intruders: What Can They Do? Eavesdrop Send Messages Impersonate an address and lie in wait Replay recorded messages Modify messages in transit Write malicious code and trick people into running it

4 Example 2: Electronic Mail Send private messages Know who sent a message (and that it hasn’t been modified) Non-repudiation - ability to forward in a way that the new recipient can know the original sender Anonymity

5 Ex 3: Electronic commerce –Pay for things without giving away my credit card number to an eavesdropper or phony merchant –Buy anonymously –Verifiability: merchant wants to be able to prove I placed the order

6 Security and functionality goals may conflict nonrepudiation vs plausible deniability privacy vs company (or govt) wants to be able to see what you’re doing avoiding false positives vs false negatives safety vs functionality losing data vs disclosure (copies of keys) denial of service vs preventing intrusion

7 Motivating example: Sharing files between users –File store must authenticate users –File store must know who is authorized to read and/or update the files –Information must be protected from disclosure and modification on the wire –Users must know it’s the genuine file store (so as not to give away secrets or read bad data)

8 Active Content: Threat or Menace? If you run a program I wrote, it can do things with your rights behind your back –Read your private files and send them to me –Delete or mangle files you have rights to access –Send composed by me but sent (proveably!) by you –Authorize me to do things later (if you can add me to ACLs)

9 Active Content: What were they thinking!? (or… why can’t I only run software from trustworthy sources?) Bandwidth and Storage Efficiency –A program to generate a graphic could be much smaller than the bitmap (particularly for animations) Extensibility –Application designer can add capabilities not envisioned by the platform designer Push computation out to the client –Where CPU cycles tend to be cheaper

10 Other threats Denial of service: Used to be ignored… “it would be illogical” Traffic analysis

11 Digital Pests Trojan horse: malicious code hidden inside an otherwise useful program (waiting for someone with interesting privileges to run it) Virus: malicious code hidden inside a program that when run “reproduces” by installing copies of itself inside programs the person running it has permission to modify

12 Digital Pests Worm: A program that replicates over a network by finding nodes willing to accept copies and run them Trapdoor: An undocumented entry point intentionally written into a program Logic Bomb: malicious code triggered on a future event Letter Bomb: malicious code executed upon opening an message

13 Spreading Pests Booting from an infected floppy disk Loading and executing infected software from the Internet or other untrusted source Extracting and running untrustworthy code from an message Displaying a Postscript or Word file with “autolaunch” capability Bugs (e.g., bounds checking)

14 What Protection Is There? Decent operating systems Interpreted languages in “sandboxes” Digitally signed content Content scanners (at WS or Firewall) Connectivity restrictions (through Firewall) Educating users Genetic diversity

15 Legal Issues Past (hopefully) All Public Key cryptographic algorithms were patented until September RSA patent expired September 20, 2000 Patents in general a real problem. Export controls Usage controls

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.