Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 14. Lecture’s outline Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended.

Published byMaximillian Fitzgerald Modified over 8 years ago

Similar presentations

Presentation on theme: "Lecture 14. Lecture’s outline Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended."— Presentation transcript:

1 Lecture 14

2

3 Lecture’s outline

4

5 Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended receiver and should be unintelligible to all others. Authentication The receiver is sure of the sender’s identity and that an imposter has not sent the message.

6 Integrity The data must arrive at the receiver exactly as it was sent by the original sender. There must be no changes in transmission, either accidental or malicious. Non-repudiation: A receiver must be able to prove that a received message came from a specified sender. The sender must not be able to deny sending a message that it has, in fact, sent.

7

8 Malware a The software that is written for malicious purposes Viruses Worms Trojan Horses Spyware Keyloggers

9 Reproduced with permission. Please visit www.SecurityCartoon.com for more materialwww.SecurityCartoon.com

10 Viruses A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels.programfile

11 Designing A Virus Locate the first executable instruction in the target program Replace the instruction with an instruction to jump to the memory location next to the last instruction of the target system Insert the virus code for execution at the end Insert an instruction after virus code that simulates the first instruction Then jump to the second instruction of original code

12 Brain Virus (Pakistani Flu) 1986 Credit: http://en.wikipedia.org/wiki/Brain_(computer_virus) The first computer virus

13 Virus vs. Worm

14 Credit: Yashar Ganjali; www.caida.orgwww.caida.org Propagation effect of worms Before slammer worm After slammer worm

15 Key-loggers and Spyware

16 Spoofing Attacks b where the attacker impersonates some one else Email spoofing URL spoofing DNS spoofing IP spoofing MAC spoofing

17 Email Spoofing (phishing) b.1

18

19

20

21 URL Spoofing (phishing) b.2

22 Genuine URL; Site: niit.edu.pk; directory: src; file: login.php https://webmail.niit.edu.pk/src/login.php 1

23 https://webmail.niit.org.pk/src/login.php Victim.ID ************** The second-level domain is.org and not.edu; faked website https://webmail.niit.org.pk/src/login.php 2

24 https://webmail.niit.edu.tk/src/login.php 3 The first-level domain is.tk and not.pk; faked website https://webmail.niit.edu.tk/src/login.php Victim.ID **************

25 https://202.125.111.57/src/login.php The IP address does not correspond to webmail.niit.edu.pk; faked website https://202.128.111.87/src/login.php 4 Victim.ID **************

26 DNS Spoofing b.3 IP Spoofing b.4 MAC Spoofing b.5

27 DNS spoofing WWWWWW Tell me the IP address of www.niit.edu.pk?www.niit.edu.pk WWWWWW DNS Request

28 WWWWWW Reply The IP address of www. niit.edu.pk is 110.125.157.198 www. niit.edu.pk DNS spoofing WWWWWW DNS The IP address of www.niit.edu.pk is 110.125.157.198 www.niit.edu.pk Fake NIIT site

29 Private network 192.168.1.0/24 MAC/ IP spoofing.254 00:aa:bb:cc:dd:ee:ff.1.254 00:aa:bb:cc:dd:ee:ff Malicious node A malicious node can pretend to be another node

30 Network-based attacks c where the attacker pretends to be something he/she/it is not Worms Denial of Service attacks

31

32 Social Engineering d Targets the weakest component of a security system---the users

33 Non-technical hacking

34 Greeting card phishing

35 Lottery winning phishing

36

Download ppt "Lecture 14. Lecture’s outline Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended."

Similar presentations

POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Lecturer: Fadwa Tlaelan

Lecturer: Fadwa Tlaelan
Security Risks. Introduction There are many security risks that can affect computers. How many of the following have you heard of before? We are going.

Security Risks. Introduction There are many security risks that can affect computers. How many of the following have you heard of before? We are going.
Unit 18 Data Security 1.

Unit 18 Data Security 1.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Threats To A Computer Network

Threats To A Computer Network
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Quiz Review.

Quiz Review.
Viruses & Security Threats Unit 1 – Understanding Computer Systems JMW 2012.

Viruses & Security Threats Unit 1 – Understanding Computer Systems JMW 2012.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
PART THREE E-commerce in Action Norton University E-commerce in Action.

PART THREE E-commerce in Action Norton University E-commerce in Action.

Similar presentations

Ads by Google