Scribd
Upload
572 views6 pages

Internet Security T1

This document provides an introduction to internet security. It defines and distinguishes between computer security, network security, and internet security. It discusses the differences between passive and active security attacks, providing examples of each. Categories of passive and active attacks are defined along with diagrams. The differences between threats and attacks are outlined with examples. Finally, the document analyzes a 2009 denial-of-service attack on Twitter and Facebook and defines the security concept of availability.

Uploaded by

CHEE HAN LO
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
572 views6 pages

Internet Security T1

This document provides an introduction to internet security. It defines and distinguishes between computer security, network security, and internet security. It discusses the differences between passive and active security attacks, providing examples of each. Categories of passive and active attacks are defined along with diagrams. The differences between threats and attacks are outlined with examples. Finally, the document analyzes a 2009 denial-of-service attack on Twitter and Facebook and defines the security concept of availability.

Uploaded by

CHEE HAN LO
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

BAIT2023 INTRODUCTION TO INTERNET SECURITY

Tutorial 1

1. Explain the difference between computer security, network security and


internet security by giving an example for each term.

Type of Security Definitions Example

Computer Security generic name for the Information security is


collection of tools designed securing information from
to protect data unauthorized access,
and to thwart hackers modification & deletion

Network Security measures to protect These security devices


data during their block the surplus traffic.
transmission Firewalls, antivirus
scanning devices, and
content filtering devices are
examples of such devices.

Internet Security measures to protect Malicious software comes


data during their in many forms, such as
transmission over a viruses, Trojan horses,
collection of interconnected spyware, and worms.
networks
BAIT2023 INTRODUCTION TO INTERNET SECURITY

2. In both X.800 and RFC4949, security attacks have been classified in terms of
passive attacks and active attacks. What is the difference between the term
passive attack and active attack? Give one example for each term.

Active Attack Different Passive Attack

Modification in Modification Modification in the


information take place. information does not take
place.

danger for Integrity as well Danger Danger for Confidentiality.


as availability.

Due to active attack system Damage While due to passive


is always damaged. attack, there is no harm to
the system.

3. List and briefly define categories of passive and active security attacks. Use
diagrams to explain your answer.

Active Attack
Masquerade – Masquerade attack takes place when one entity
pretends to be a different entity. A Masquerade attack involves one of the
other form of active attacks.

Passive Attack
The release of message content – Telephonic conversation, an
electronic mail message or a transferred file may contain sensitive or
BAIT2023 INTRODUCTION TO INTERNET SECURITY

confidential information. We would like to prevent an opponent from


learning the contents of these transmissions.

4. What is the difference between the term threat and attack? Give one example
for each term.

Threat Different Attack

Comparatively hard to detect Comparatively easy to


detect detect
BAIT2023 INTRODUCTION TO INTERNET SECURITY

5. 7th August 2009: The well-known Twitter and Facebook websites suffered
from a form of attack. Some of the users reported that the access to the
websites became slower and degraded. After these attacks, Facebook was still
working whereas Twitter remained offline for 2 hours.
Source:
http://www.bbc.co.uk/blogs/technology/2009/08/the_day_twitter_stopped.htm

(i) Name this type of attack.


Denial-of-service (DDoS) attack
(ii) Is this attack a passive attack or an active attack? Support your answer
with an explanation.
The users are degraded.

(iii) This type of attack usually attacks on availability of the websites.


From the perspective of security services, describe the term availability.
The property of a system or a system resource being accessible and usable
upon demand by an authorized system entity, according to performance
specifications for the system.

6. Briefly describe the following terms and provide ONE (1) example each.

(i) Security attack.


A means of classifying security attacks, used both in X.800 and
RFC4949, is in terms of passive attacks and active attacks.

Example: Phishing
BAIT2023 INTRODUCTION TO INTERNET SECURITY

(ii) Security service.


Defined by X.800 as: A service provided by a protocol layer of
communicating open systems and that ensures adequate security of
the systems or of data transfers

Defined by RFC 4949 as:


A processing or communication service provided by a system to give a
specific kind of protection to system resources

Example:Data loss prevention


BAIT2023 INTRODUCTION TO INTERNET SECURITY

(iii) Security mechanism.

Security mechanisms are technical tools and techniques that are used
to implement security services. A mechanism might operate by itself,
or with others, to provide a particular service. Examples of common
security mechanisms are as follows: Cryptography. Message digests
and digital signatures.

Example: Authorization

BAIT2023 INTRODUCTION TO INTERNET SECURITY Tutorial 1 1. Explain the difference between computer security, network security a
BAIT2023 INTRODUCTION TO INTERNET SECURITY 2. In both X.800 and RFC4949, security attacks have been classified in terms of pa
BAIT2023 INTRODUCTION TO INTERNET SECURITY confidential information. We would like to prevent an opponent from learn
BAIT2023 INTRODUCTION TO INTERNET SECURITY 5. 7th August 2009: The well-known Twitter and Facebook websites suffered from a f
BAIT2023 INTRODUCTION TO INTERNET SECURITY (ii) Security service. Defined by X.800 as: A service provided by a protocol laye
BAIT2023 INTRODUCTION TO INTERNET SECURITY (iii) Security mechanism. Security mechanisms are technical tools and techniques

You might also like