Cyber Security

Lecture 1
By: Naveed Husain
MS Information Security | NUST
Certified Ethical Hacker (CEH) |
EC-Council (ANSI Accredited)
IT Support Specialist| Google
Project Management | Google
Lecturer
Department of Informatics & Systems (SST)
University of Management and Technology

Email: naveed.husain@umt.edu.pk
What is Information Security?
Information security (also known as InfoSec) ensures that both physical and digital data
is protected from unauthorized access, use, disclosure, disruption, modification,
inspection, recording, or destruction.

Information security differs from cybersecurity in that InfoSec aims to keep data in any
form secure, whereas cybersecurity protects only digital data.

If your business is starting to develop a security program, information security is where

you should begin, as it is the foundation for data security.

What is Cybersecurity?
Cybersecurity, a subset of information security, is the practice of defending your
organization's cloud, networks, computers, and data from unauthorized digital access,
attack, or damage by implementing various defense processes, technologies, and
practices.
With the countless sophisticated threat actors targeting all types of organizations, it's
critical that your IT infrastructure is secured at all times to prevent a full-scale attack on
your clouds, networks, or endpoints and risk exposing your company to fines, data losses,
and damage to reputation.
 Cyber Security
• Computer security, also known as cyber security or IT
security, is the protection of computer systems from the
theft or damage to hardware/ software/ information, as
well as from disruption or misdirection of the services they
provide.

• Cryptography is the practice and study of techniques for

ensuring secure communication.

• National Institute of Standards and Technology (NIST)

produces many standards and procedures for the security
industry.
 Security: Core Elements
• Computation device - PC, laptop, tablet, smartphone,
watch, tv,… Remember the word asset
• Information – The basic building block of all
communications. This is what the attacker is after
• Internet Security – Protect against fraud and attacks on
the internet
– Establishing trust between parties
– Ensuring secrecy of communications
– Protect against malicious entities, software and exploits
• Communication Security – prevention of unauthorized
access to telecommunications traffic
– Intercepting traffic
– Service Interruption
 Threat Vs Attack
• Vulnerability is a weakness which allows an attacker to
reduce a system’s security
assurance. Attackers view of a
– a system weakness or flaw, vulnerability
– attacker access to the flaw,
– attacker capability to exploit
• Threat - A potential for violation of security. Hence a
threat is a possible danger that might exploit a
vulnerability.
• Attack - an intelligent act that is a deliberate attempt to
evade security services and violate the security policy of
a system.
 OSI Security Architecture
• Consists of three elements
Security Attack – Any action that can cause a
compromise
Security Service - A processing or communication
service that enhances security. Security services are
intended to counter security attacks, and they make
use of one or more security mechanisms to provide
the service.
Security Mechanism – A process designed to
detect, prevent or recover from an attack
  Security Attack
Passive Attacks
Passive attacks are in the nature of eavesdropping on, or
monitoring of, transmissions. The goal of the opponent is to
obtain information that is being transmitted.
Happens through traffic analysis, silent listening/
eavesdropping, release of message content (by somebody
else)
Active Attacks
Active attacks involve some modification of the data stream
or the creation of a false stream. Generally happens
through masquerading, replay, modification of messages,
and denial of service.
Masquerading
Takes place when one entity pretends to be a different entity.
Happens through defeating authentication, obtaining
privileges etc.

Replay
Capture a message and replay it later

Modification of messages
Messages are entirely or partially modified.
Denial of Service
Block services to cause unavailability of services.
Particularly dangerous in internet systems like e-health
systems.

Security Services: CIA triad

• Three security goals that need to be addressed
• Confidentiality
– Data Confidentiality
– Privacy
• Integrity – Data integrity
– System Integrity
• Availability

Confidentiality

Confidentiality: Preserving authorized restrictions

on information access and disclosure, including
means for protecting personal privacy and
proprietary information. A loss of confidentiality is
the unauthorized disclosure of information.

Integrity

Guarding against improper information

modification or destruction. A loss of integrity is the
unauthorized modification or destruction of
information.

Ideally should protect against intentional and

unintentional modification.
no modification, no insertion, no deletion, no replay
Availability
Ensuring timely and reliable access to and use of
information. A loss of availability is the disruption of
access to or use of information or an information
system.

Particularly targets Denial of Service attacks

 Other Goals
• Authentication - verifying that users are who they
say they are and that each input arriving at the
system came from a trusted source.
• Authorization - the function of specifying access
rights/privileges to resources.
• Nonrepudiation - is the assurance that a party
cannot deny a particular action.
  Security Mechanisms
• Security mechanisms are used to implement security
services.
• Encipherment
• Digital signature
• Access Control mechanisms
• Data Integrity mechanisms
• Authentication Exchange