Professional Documents
Culture Documents
L 23 Security
L 23 Security
1 2
n Types of threats are classified by the way the information is asset availability secrecy integrity
compromised on its way from its storage to consumption stolen and disabled
passive threats - hard to detect, have to prevent hardware
n
thus denying service
u interception - unauthorized party gains access to an asset.
modified to cause it to
(attack on part of secrecy - confidentiality) programs deleted or unauthorized copy
software fail during execution or
n active threats corrupted made
to do unintended task
u interruption - the system asset becomes unavailable or unusable
(attack on availability) unauthorized read
existing data modified,
data deleted or corrupted performed,
u modification - unauthorized party gains access and modifies the new data fabricated
asset (attack on secrecy and integrity) statistical analysis
u fabrication - unauthorized party inserts counterfeit assets into messages destroyed messages modified,
the system (attack on part of secrecy - authenticity and integrity) messages read,
or deleted, reordered, duplicated,
network traffic pattern of
communcication lines false messages
messages observed
made unavailable inserted
3 4
7 8
9 10
to grant access without normal methods of access authentication u stealth - hides from being detected - may use compression so
u logic bomb - logic embedded in a computer program that checks that the length of infected program is the same as uninfected,
for certain set of conditions and executes some unauthorized intercepts disk I/O commands to give an impression that the
action when these conditions are met executable is not infected
u Trojan horse - secret undocumented routine embedded within u polymorphic - replicates by creating copies that are functionally
useful program. Execution of program results in the execution of equivalent but have different patterns
the routine
11 12
Anti-virus approaches
n Ideal solution - prevention. Do not allow virus to get into
system
n otherwise:
u detection - check if the virus is present
n how to detect
u scan for virus “signature”
13