The meaning of the term

computer security has evolved

in recent years. Before the
problem of data security
became widely publicized in the
media, most people’s idea of
computer security focused on
the physical ma-
chine. Traditionally, computer
facilities have been physically
protected for three reasons:
• To prevent theft of or damage
to the hardware
• To prevent theft of or damage
to the information
• To prevent disruption of
service
The meaning of the term
computer security has evolved
in recent years. Before the
problem of data security
became widely publicized in the
media, most people’s idea of
computer security focused on
the physical ma-
chine. Traditionally, computer
facilities have been physically
protected for three reasons:
• To prevent theft of or damage
to the hardware
• To prevent theft of or damage
to the information
• To prevent disruption of
service
The meaning of the term
computer security has evolved
in recent years. Before the
problem of data security
became widely publicized in the
media, most people’s idea of
computer security focused on
the physical ma-
chine. Traditionally, computer
facilities have been physically
protected for three reasons:
• To prevent theft of or damage
to the hardware
• To prevent theft of or damage
to the information
• To prevent disruption of
service
The meaning of the term
computer security has evolved
in recent years. Before the
problem of data security
became widely publicized in the
media, most people’s idea of
computer security focused on
the physical ma-
chine. Traditionally, computer
facilities have been physically
protected for three reasons:
• To prevent theft of or damage
to the hardware
• To prevent theft of or damage
to the information
• To prevent disruption of
service
What is computer security?
Computer security basically is the protection of computer systems and information from harm, theft, and
unauthorized use. It is the process of preventing and detecting unauthorized use of your computer system.There are
various types of computer security which is widely used to protect the valuable information of an organization.
What is Computer Security and its types?
One way to ascertain the similarities and differences among Computer Security is by asking what is being secured.
For example,
 Information security is securing information from unauthorized access, modification & deletion
 Application Security is securing an application by building security features to prevent from Cyber Threats
such as SQL injection, DoS attacks, data breaches and etc.
 Computer Security means securing a standalone machine by keeping it updated and patched
 Network Security is by securing both the software and hardware technologies
 Cybersecurity is defined as protecting computer systems, which communicate over the computer networks
It’s important to understand the distinction between these words, though there isn’t necessarily a clear consensus on
the meanings and the degree to which they overlap or are interchangeable.
So, Computer security can be defined as controls that are put in place to provide confidentiality, integrity, and
availability for all components of computer systems. Let’s elaborate the definition.
Components of computer system:
The components of a computer system that needs to be protected are:
 Hardware, the physical part of the computer, like the system memory and disk drive
  Firmware, permanent software that is etched into a hardware device’s nonvolatile memory and is mostly
invisible to the user
 Software, the programming that offers services, like operating system, word processor, internet browser to
the user 
The CIA Triad

Computer security is mainly concerned with three main areas:

 Confidentiality is ensuring that information is available only to the intended audience

 Integrity is protecting information from being modified by unauthorized parties
 Availability is protecting information from being modified by unauthorized parties
 
In simple language, computer security is making sure information and computer components are usable but still
protected from people or software that shouldn’t access it or modify it.
Computer security threats:
Computer security threats are possible dangers that can possibly hamper the normal functioning of your
computer. In the present age, cyber threats are constantly increasing as the world is going digital. The most harmful
types of computer security are:
Viruses

A computer virus is a malicious program which is loaded into the user’s computer without
user’s knowledge. It replicates itself and infects the files and programs on the user’s PC. The ultimate goal of a virus
is to ensure that the victim’s computer will never be able to operate properly or even at all. 
Computer Worm
 A computer worm is a software program that can copy itself from one computer to another,
without human interaction. The potential risk here is that it will use up your computer hard disk space because a
worm can replicate in greate volume and with great speed.
Phishing

Cyber Security Training

Disguising as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information
through fraudulent email or instant messages. Phishing in unfortunately very easy to execute. You are deluded into
thinking it’s the legitimate mail and you may enter your personal information.
Botnet

A botnet is a group of computers connected to the internet, that have been compromised by a
hacker using a computer virus. An individual computer is called ‘zombie computer’. The result of this threat is the
victim’s computer, which is the bot will be used for malicious activities and for a larger scale attack like DDoS.
Rootkit

A rootkit is a computer program designed to provide continued privileged access to a

computer while actively hiding its presence. Once a rootkit has been installed, the controller of the rootkit will be
able to remotely execute files and change system configurations on the host machine.
Keylogger
 Also known as a keystroke logger, keyloggers can track the real-time activity of a user on
his computer. It keeps a record of all the keystrokes made by user keyboard. Keylogger is also a very powerful
threat to steal people’s login credential such as username and password.
These are perhaps the most common security threats that you’ll come across. Apart from these, there are others
like spyware, wabbits, scareware, bluesnarfing and many more. Fortunately, there are ways to protect yourself
against these attacks.

Types of Computer Security:

Here are a few types of computer security tactics that are used widely for the protection of software, hardware,
electronic data, and network in computer systems.

Application Security

Application security is the introduction of security features in applications during their development process. This
actively helps prevent potential cyber threats such as data breaches, denial-of-service attacks (DoS), SQL injection,
and many others. Some examples of application security tools are antivirus software, firewalls, web application
firewalls, encryption, etc.

Information Security

Information security is a set of practices that aim to protect the confidentiality, integrity, and availability (known as
the CIA triad) of data from unauthorized access and misuse.

Network Security

Network security is any activity that aims to protect the integrity and usability of a network and data. It consists of
both hardware and software technologies that are specifically designed to prevent unauthorized intrusion into
computer systems and networks.

Endpoint Security

End-users are increasingly becoming the biggest security risk unintentionally. With no-fault from their end,
exempting the lack of awareness, the virtual gates of an organization are open to hackers and attacks. Most of the
end-users are unaware of the ICT policy, and therefore, it is imperative that the users who handle sensitive
information on a regular basis understand and be knowledgeable about all comprehensive security policies,
protocols, and procedures.

Internet Security

Internet security is one of the most important types of computer security that come with a set of rules and protocols
that focus on specific threats and activities that happen online. It provides protection against hacking, DoS attacks,
computer viruses, and malware.
 Vulnerability

Vulnerability in cyber security refers to any weakness in an information system, system processes, or internal
controls of an organization. These vulnerabilities are targets for lurking cybercrimes and are open to exploitation
through the points of vulnerability.

Threat
A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach
security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.

Attack
An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt
(especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
A useful means of classifying security attacks, used both in X.800 and RFC 4949, is
in terms of passive attacks and active attacks.
A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active
attack attempts to alter system resources or affect their operation.

Passive Attacks
Passive attacks (Figure 1.2a) are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is
to obtain information that is being transmitted. Two types of passive attacks are the release of message contents and traffic
analysis.

The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred
file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these
transmissions.
A second type of passive attack, , is subtler. Suppose that we had a way of masking the contents of messages or other information
traffic so that opponents, even if they captured the message, could not extract the information
from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an
opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity
of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be
useful in guessing the nature of the communication that was taking place.
Passive attacks are very difficult to detect, because they do not involve any alteration of the data. Typically, the message traffic is
sent and received in an apparently normal fashion, and neither the sender nor receiver is aware that a third party has read the
messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of
encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.

Active Attacks
Active attacks (Figure 1.2b) involve some modification of the data stream or the creation of a false stream and can be subdivided
into four categories: masquerade, replay, modification of messages, and denial of service.

A masquerade takes place when one entity pretends to be a different entity (path 2 of Figure 1.2b is active). A masquerade
attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and
replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain
extra privileges by impersonating an entity that has those privileges.

Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect (paths 1,
2, and 3 active).

Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or
reordered, to produce an unauthorized effect (paths 1 and 2 active). For example, a message meaning “Allow John Smith to read
confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts.”

The denial of service prevents or inhibits the normal use or management of communications facilities (path 3 active). This attack
may have a specific target; for example, an entity may suppress all messages directed to a particular destination
(e.g., the security audit service). Another form of service denial is the disruption of an entire network, either by disabling the
network or by overloading it with messages so as to degrade performance.
Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are
available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely because of the wide
variety of potential physical, software, and network vulnerabilities. Instead, the goal is to detect active attacks and to recover
from any disruption or delays caused by them. If the detection has a deterrent effect, it may also contribute to prevention.
ERROR -404
You know the page you click on a link, but instead of getting the site you want, an error pops up Indicating that the
requested page is not available something along the lines of 1404 Not found". A 404 error is the standardized HTTP
status code. is sent from the webserver of The message offline presence, to the web browser (usually the client) that
sent the HTTP request. The browser. then displays this error code.
How does a '404 error' come about?
The typical trigger for when website. an error 404 message content has been removed or moved to another URL.
There are also other reasons why error message could appear. These include:
I) The URL of its content (such as files or images) either deleted or mould (without adjusting any internal
links accordingly)
II) The URL was written incorrectly (during the creation process or a redesign), linked incorrectly, or
typed into the browser correctly.
III) The server responsible for the website is not running or the connection is broken.
IV) The requested domain name of can't be converted to an IP by the DNS (Domain Name Space).
V) The entered domain name doesn’t exist (anymore).
How to fix the error 404 not found:
1) Reload the Page: It might be that the error 404 has appeared for the simple reason that the page I did not load
property. These can be checked quite easily by clicking your browser on the 'Refresh' button in or also by presing
the F5 buttons.
2) Check the URL: Regardless of you whether have entered the URL address manually or been directed. via a link,
could be that a mistake has been made. For this reason you should check the specified path of the website.
3) Delete the browser cache and cookies: If you can access the website from another device, and the HTTP 404
error only seems to appear on a certain computer, then the problem could lie with your browser. Therefore you
should delete the browser cache as well as all cookies for this site.

HTTP 404 errors can damage a website's ranking and reputation

Search engines, such as Google and bring, will have a negative impression of a site of it has many errors. Once the
crawlers have established many request are being met with 404 codes, it presumes the site is not very well
maintained.
Dead links affects a racking can decrease its placement in the and Google SERP'S even stop indexing it if there are
too many 404 errors pages occurring. This may result in a considerable decrease visitor numbers for the website.

Error 404 Hacking Digital India Part Chase I:

 Creating a trojan file such as android apk. file that will be distributed all over the internet and the person
whosoever download this file, their mobile phone will be hacked easily.
 They are always bounded with other games like candy crush, Mini-Militia and clash.
 We may never know that but that file may contain may a backdoor.
 "Wannalry" rausmware is a cyber attack which is like a crypto locker that will not harm your system but it
wall encrypt everything inside your computer.
 Once data is encrypted then it will ask for decryption password and to encrypt decrypt data need a key.
 That key will be only when you will pay a certain amount of money into a bit win address ( bit coin is a
kind of virtual address) that is why it's called Rausmware.
 The more things you connect on the internet greater vulnerabilities over there. Assure everything you do on
the internet is already hacked:
There are 3 potential cyber attacks:
1) Web Application Attack
2) Mobile Application Attack
3) Network Attack.
A Maximum hacks happen because people were asked to chick on certain links and then certain
technical controls exploited on their systems use and systems, people either pivoted to other servers or
extracted their own systems.
 Control Hijacking
Control Hijacking is a way of preventing hijacking attacks.
These are 3 types:
1. Buffer Overflow Attack
2. Integer Overflow Attack
3. Format String Attack

1. Buffer Overflow Attacks: A buffer is a temporary area for originally program data storage. When
more data (than was allocated to be stored) gets placed by ar system process, It cause some of the a extra
data overflow that data to leak out into other buffers, which can corrupt or overwrite whatever data they
were holding. In an overflow-buffer attack, the data / extra data sometimes holds specific instructions for
actions intended by hacker or malicious user; for a example: the data could trigger a response that
damages files, changes data or unveils private information
Defending against Buffer Overflow:
There are four basic mechanisms of defence against buffer overflow attacks.
1) Writing correct programs.
2) Enlisting the help of the operating system make storage areas for buffers non-executable.
3) Enhanced compilers that perform checking
4) Performing integrity checks on code pointers before bounds dereferencing them.
Buffer Overflow Preventions:
Developers can protect against buffer overflow Vulnerabilities via security measures in there code, or by
using languages that offer built in protection.
In addition, modern operating systems have runtime Protection:
1) Address space randomization (ASLR): randomly moves around the address space locations of data
regions. Typically, buffer Overflow attacks need to know the locality of executable code, and
randomizing address spaces makes this virtually impossible. .
2) Data Execution prevention: flags within areas of memory as non-executable or executable, which
stops an attack from running code in a non-executable region.
3) Structured exception handler overwrite protection (SEHOP): helps stop malicious code from
attacking structured Exception Handling (SEH), a built-in system for managing hardware and software
exceptions.
It thus prevents to make attacker from being able of the SEH overwrite exploitation technique. At a
functional level, an SEH overwrite is achieved using an a stack based buffer overflow to overwrite an
exceptions registration record, stored on a thread's stack.
Security measures in code and operating system protection are not enough. When an organization
discovers a buffer overflow vulnerability, it must react quickly to patch me affected software and make
sure that users of the software can access the patch.

TYPES OF BUFFER OVERFLOW:

1. HEAP OVERFLOW: Heap is a region of process's memory which is used to store dynamic variables. These
variables are allocated using malloc() and calloc() functions and resize using realloc() function, which are
inbuilt functions of c. These variables can be accessed globally and once we allocate memory on heap it is our
responsibility to free that memory space after use. There are two situations which can result in heap overflow.
1. If we continuously allocate memory and do not free that memory space after use it may result in memory
leakage - memory is still being used but not available for other processes.
2. If we dynamically allocate large number of variable.
2 Stack Overflow: Stack is a special region of our process's memory which is used to store local variables used
inside the functions, parameters passed through function and their return addresses. Whenever a new local
variable is declared it is pushed onto the stack. All the variables associated with a function are deleted and
 memory they use is freed up, after the function finishes running. The user does not have any need to free up stack
space manually Stack is hast-in-first-out data structure
In our computer's memory, stack is limited. If a program uses more memory space than the Stack size then stack
overflow will occur and can result in a program crash. There are two cases in which Stack overflow can occur.
1) If we declare large number of local variables or declare an array or matrix or any higher dimensional array of large
size can result in overflow of stack.
2) If functions recursively call itself infinite times then the stack is unable to store large local variables used by every
function call and will result in overflow of stack.

2. FORMAT STRING VULNERABILITIES.

Before explain the format string Attack, we need to know what the format string bug is... Format string bug is the
one of the most common vulnerability in programs C. Format string bug is a bug that occurs when format string
printf (%d.%s) used in the printf() function is used in the wrong form.

Two Vulnerabilities used in format bring Attack:

1. There is no format string facter after last entered format string, in terms of stack, from the time the printf ()
function is called, printf () consider in order from the stack top's content as printf()'s factors.
2. These format string store the number of bytes printed by printf () to int type pointer. %n store as 4 bytes
and %hn store as the 2 bytes.

So, if we give proper values in front of %n %hn , %n %hn would consider that value as address and store
the number of bytes printed at the corresponding address on the memory.

How we can prevent format string Atacks?

There are several prevention methods that we can use:
1) Always specify a format string as part of a program not as an input.
2)If possible, make the format string a constant. Extract all the variable parts as other arguments to the call.
3) Use defenses such as format – Guard Rare at design time.
4) Steadily to the patch system. The kernel development and security settings are more about Set UID and
complement these vulnerabilities.
5) Normal use of the printf function like below does not cause any problems. pruitf ("%s\n" buffer);

3. Integer Overflow Attack:

An integer overflow is a type of an arithmetic overflow error when the result of an integer operation does
not fit within the allocated memory space. Instead of an error in the program, it usually causes the result to
be unexpected. Integer overflow have been listed as the number 8 most dangerous software ever in the most
recent CNE 2019 list, mostly because they often lead to buffer overflows, which are currently actually the
number 1 most dangerous software errors according to that list.
How integer overflows happen:
In most programming languages, integer values are usually allocated a certain number of memory. For
example, space reserved for 32 bit integer data type store an unsigned integer between 0 and 4299167295
or a signed integer betwren 0 -2147,483,648 and 2,147,483,647.
In the case of signed integers, the most significant (first) bit usually signifies whether the integer is a
positive value or a negative value.
However, what happens when you perform the Calculation 4,294, 967, 295 +1 and attempt to store the result that is
greater than the maximum value for the integer type? It depends compeletly on the language and the complier.

And unfortunately, most languages and most compilers raise no error at all and simply perform a modulo operation,
wrap around, or truncation, or they have other undefined behavior
For example:
One operation may treat an integer as an unsigned one and another operation may treat exactly the same integer as a
signed one, therefore interpreting the value incorrectly.
Integer Overflow Risks: Most integer overflow conditions simply lead to erroneous program behaviour but do not
cause any vulnerabilities. However, in some cases, integer overflows may have severe consequences.

 If an integer overflow happens when you calculate the length of a buffer, you may end up with a buffer
overflow. A buffer overflow lets the attacker gain shell access and attempt further. Privilege escalation.
 If an integer overflow, overflow happens during financial calculations, it may, for example, result in the
customer receiving credit instead of paying for a purchase or may cause a negative account balance to
become positive.

PREVENTING INTEGER OVERFLOWS:

The biggest issue with even the most basic integer overflows is that they are very hard to discover and prevent.
There is no error, there is no warning, you simply get a wrong result of the operation. The only way to discover then
is to examine the operands before the operation or examine the result after ( for example checking wgether the
addition result for two positive numbers is smaller than the operands.)
Depending on the language, you may be able to come across libraries or mechanicms that help you prevent and
discover integer overflows.