Modules in

Current Events
Living andIT
in the Issues
Era in IT

SESSION TOPIC 2: Security

LEARNING OBJECTIVES:

At the end of the session you will:

1. Define the term computer security
2. Discuss the different concepts of security in term of surveillance, forensics, hacking,
encryption and predictive analytics.
3. Identify latest trends and development in cybersecurity.

KEY TERMS
Computer Security Confidentiality Integrity Availability
Authentication Surveillance CCTV RFID
GPS Forensics Phenom Sem DNA Sequencing
Hacking Ransomware DoS/DDoS Phishing
Encryption Cryptography Encryption Algorithm Predictive Analytics

CORE CONTENT

What is Computer Security?

Computer security, also known as cybersecurity or IT security, is the protection of

information systems from theft or damage to the hardware, the software, and to the
information on them, as well as from disruption or misdirection of the services they provide.
It includes controlling physical access to the hardware, as well as protecting against harm that
may come via network access, data and code injection, and due to malpractice by operators,
whether intentional, accidental, or due to them being tricked into deviating from secure
procedures.

What are the concerns of computer security?

Computer Security is concerned with four main areas:

 1. Confidentiality:- Only authorized users can access the data resources and information.
2. Integrity:- Only authorized users should be able to modify the data when needed.
3. Availability:- Data should be available to users when needed.
4. Authentication:- are you really communicating with whom you think you are
communicating with

Why is computer security important?

Prevention of data theft such as bank account numbers, credit card information,
passwords, work related documents or sheets, etc. is essential in today’s communications since
many of our day to day actions depend on the security of the data paths.
Data present in a computer can also be misused by unauthorized intrusions. An intruder
can modify and change the program source codes and can also use your pictures or email
accounts to create derogatory content such as pornographic images, fake misleading and
offensive social accounts.
Malicious intents can also be a factor in computer security. Intruders often use your
computers for attacking other computers or websites or networks for creating havoc. Vengeful
hackers might crash someone’s computer system to create data loss. DDOS attacks can be made
to prevent access to websites by crashing the server.
Above factors imply that your data should remain safe and confidential. Therefore, it is
necessary to protect your computer and hence the need for Computer Security arises.

SURVEILLANCE

Surveillance cameras (also known as Closed-Circuit Television or CCTV) are

increasingly being used to monitor public and private spaces throughout the world.
Governments and law enforcement authorities have used video surveillance in various
circumstances ranging from the investigation of crimes, the protection of urban environments
and government buildings, traffic control, the monitoring of demonstrators and in the context
of criminal investigations.

This is one of the most common security out there, monitoring of behavior, activities,
or information for the purpose of influencing, managing or directing. This can include
observation from a distance by means of electronic equipment, such as closed-circuit
television (CCTV), or interception of electronically transmitted information, such as Internet
traffic. It can also include simple technical methods, such as human intelligence
gathering and postal interception.
Types of Gadgets for Surveilling

• Camera - Digital Cameras are one of the common equipment used for surveilling and
is amazing for such a low cost.
• Audio Surveilling Equipment – there are different types of Audio equipment’s and here
are some example:

◦ Microphones – Most common used, small ones that is used for intercepting
conversations
◦ Parabolic Microphones – Designed to receive one-direction sound and is very
susceptible in crowds.
◦ Laser Microphones – It uses laser to detect a vibration in a hard surface, it comes
back to the transmitter then it will be recorded.
◦ Signal Tracking – Much like GPS it uses radio frequency ID tag, it can transmit
unique identifying signal allowing scanners to identify the tagged subject.
◦ Signal Interception – Electronic bugs can be physically attached in mother boxes
or switchboxes; the bug then hijacks the signal and can transfer when and
wherever its desire. This is commonly used for listening in some conversations.
◦ Computer Surveillance – Software or application imbedded or planted in hard
drives to monitor the internet traffic and data storage; you can associate this
with some viruses.

Strengths and Weaknesses

• Strengths
◦ Exposure status can be determined by analyzing the data gathered in the
surveillance.
◦ Very accurate information can be gathered.
◦ Can collect more detailed information.

• Weaknesses
◦ Costly
◦ Labor intensive
◦ Difficult to sustain over time
CCTV

As recording and storing technologies

and software such as video analytics have
become more efficient, CCTV surveillance
systems have evolved into a forensic tool that
is, collecting evidence after an event has
occurred.

RFID (Radio – Frequency Identification)

Some stores that have begun using

RFID tags have found that the technology
offers a better way to track merchandise for
stocking and marketing purposes. Through
RFID tags, stores can see how quickly the
products leave the shelves and which
shoppers are buying them.

GPS (Global Positioning System)

GPS tracking is an easy and affordable

way to monitor a person, vehicle, or asset.
With minimal effort, you can know where
someone is, where they've been, where
they're going, and how fast they're traveling.
GPS is a great option for parents concerned
about their children getting to school safely,
or business owners looking to optimize their
fleet of vehicles. Before you decide to begin
tracking, however, it's important to consider the legality of your GPS solution.
FORENSICS

Technology is quickly taking over every aspect of our lives, and solving crimes is no
different. In fact, the rapid changes and improvements in technology have meant that solving
crimes almost takes on a futuristic factor, like something from a work of fiction. During the
forensic science process, forensic equipment is used to process samples and evidence and
hopefully solve crimes. Measurements include analysis of evidence, fingerprinting or DNA
identification, analyzing drugs or chemicals and dealing with body fluids. Importantly, it is the
fusion of science and technology that allows forensic scientists to do a lot of their work.
Sciences such as biology, chemistry and mathematics are combined with various technologies
to process evidence.

Computer Forensics

There is different type of forensics like crime lab forensics, crime scene investigator
forensics, etc. Digital Forensics, also known as Computer forensics. Computer forensics is a
branch of digital forensic science pertaining to evidence found in computers and digital storage
media. The goal of computer forensics is to examine digital media in a forensically sound
manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and
opinions about the digital information.

Computer Forensics Tools

• Disk and data capture tools

• File viewers
• File analysis tools
• Registry analysis tools
• Internet analysis tools
• Email analysis tools
• Mobile devices analysis tools
• Mac OS analysis tools
• Network forensics tools
• Database forensics tools

Examples of Computer Forensic Software

• Digital Forensics Framework – One of the popular platforms for digital forensics work,
it is open source and comes under GPL (General Public License). Can be used in
Microsoft and Linux
 • Open Computer Forensics Architecture (OCFA) - Another popular open source
platform, but this is it develop and built on Linux platform and uses PostgreSQL
database for storing data.
• CAINE – Computer Aided Investigative Environment, a Linux distro creation for digital
forensics.
• X-Ways Forensics – A advance platform for digital forensics examiners. It runs all
throughout the different version of Window OS.
• EnCase - multi-purpose forensic platform with many nice tools for several areas of the
digital forensic process. This tool can rapidly gather data from various devices and
unearth potential evidence. It also produces a report based on the evidence.
• Registry Recon – It’s an amazing analysis tool, it extracts the registry information from
the evidence and then rebuilds the registry representation. It can rebuild registries from
both current and previous Windows installations. However, it’s not free, it cost $399.
• The Sleuth Kit - A windows-based tool which helps in forensic analysis of computers.
It comes with various tools which helps in digital forensics. These tools help in analyzing
disk images, performing in-depth analysis of file systems.

Phenom Sem

The technology then characterizes the

residue using energy dispersive spectroscopy
quickly distinguishing the gunshot particles
from dust, dirt and other fibers. It’s all
automated, and the software and hardware are
fully integrated so it’s very user-friendly.

Alternative Light Photography

One of the quickest ways to

detect whether damage has been done to
a body before it even surfaces on the skin,
alternative light photography is used by
forensic nurses and can sometimes mean
the difference between life and death.
The camera uses blue light and orange
filters to see whether bruising has
occurred below the skin’s surface.
Facial Reconstruction

This equipment is also used by many forensic labs to determine the appearance of
victims who are too
decomposed or damaged to
make a visual identification.
The user inputs data into the
software, including
information regarding human
remains, and a possible
physical appearance is deduced.

DNA Sequencing

DNA is used to identify both

criminals and victims by using trace
evidence such as hair or skin. DNA
Sequences come a variety of strengths
and the degradation of the sample will
largely determine how powerful the
DNA Sequencer must be. The sequencer
identifies a unique pattern of DNA that
can possibly help identify a person.

Drug Testing

Labs use colour testing, which

indicates there is a substance present
and confirmatory testing, which
specifically identifies what kind of
substance it is. Other tests also include
ultraviolent spectrophotometry, using
ultraviolent and infrared lights to see
how the substance reacts; gas
chromatography, which isolates the
drug from mixing agents that may be
present; and microcrystalline testing,
which uses the crystal patterns formed to determine what drug is present.
HACKING

Hacking generally refers to

unauthorized intrusion into a computer or
a network. The person engaged in hacking
activities is known as a hacker. This hacker
may alter system or security features to
accomplish a goal that differs from the
original purpose of the system.

Ransomware

Ransom malware, or ransomware, is a type of malware that prevents users from

accessing their system or personal files and demands ransom payment in order to regain access.
Hackers took it to the next level with crypto-ransomware in 2017. The most
notorious, Cryptolocker Trojan,
sent a shocking message to
victims that their files had been
encrypted and would be deleted
if a ransom wasn’t paid within
three days. It was almost
impossible to defend against;
Cryptolocker’s programmers had
found a way to generate
strong 2048-bit RSApublic and
private key encryptions to infect
files. Even though IT staff could
remove the Trojan, affected files
remained inaccessible in a way
that was difficult to decrypt.

Denial of Service (DoS\DDoS)

A Denial of Service attack is a hacking

technique to take down a site or server by
flooding that site or server with a lot of
traffic that the server is unable to process all
the requests in the real time and finally
crashes down.
Largest DDoS Attack Ever

When a massive DDoS attack hit code-hosting site Github on Feb. 28, 2018 traffic
peaked at 1.3 terabytes per-second, setting a new record for attack size. On March 5, a US-based
“wired telecommunication carrier” received a massive wave of traffic hitting 1.7 terabytes per
second and shattering the previous record by nearly a third. Two years ago, the record was less
than half this size, set by an attack that knocked out the BBC’s website and hit 602 gigabytes
per second.

Phishing

Phishing is a hacking technique

using which a hacker replicates the
most-accessed sites and traps the
victim by sending that spoofed
link. Once the victim tries to login
or enters some data, the hacker gets
that private information of the
target victim using the trojan
running on the fake site.

Bait and Switch

Using bait and switch hacking technique, an attacker can buy advertising spaces on the
websites. Later, when a user clicks on the ad, he might get directed to a page that’s infected
with malware. This way, they can further install malware or adware on your computer. The ads
and download links shown in this technique are very attractive and users are expected to end
up clicking on the same.

Man-in-the-middle (MitM)

A hacker inserts itself between the communications of a client and a server. (Hijacking,
Ip spoofing.)

Drive-by

Hackers look for insecure websites and plant a malicious script into HTTP or PHP code
on one of the pages. This script might install malware directly onto the computer of someone
who visits the site, or it might re-direct the victim to a site controlled by the hackers.
Malware Attacks

Malicious software can be described as unwanted software that is installed in your

system without your consent. It can attach itself to legitimate code and propagate; it can lurk
in useful applications or replicate itself across the Internet.

ENCRYPTION

The word encryption comes from the Greek word kryptos, meaning hidden or secret.
The use of encryption is nearly as old as the art of communication itself. As early as 1900 B.C.,
an Egyptian scribe used nonstandard hieroglyphs to hide the meaning of an inscription.

Encryption is widely used on the internet to protect user information being sent
between a browser and a server, including passwords, payment information and other personal
information that should be considered private. Organizations and individuals also commonly
use encryption to protect sensitive data stored on computers, servers and mobile devices like
phones or tablets.

Types of Encryption

Symmetric Cryptography

This form of encryption uses a secret

key, called the shared secret, to scramble the
data into unintelligible gibberish. The person
on the other end needs the shared secret (key)
to unlock the data—the encryption
algorithm.

Asymmetric Cryptography

Asymmetric cryptography is
usually implemented by the use of one-
way functions. In mathematic terms, these
are functions that are easy to compute in
one direction but very difficult to compute
in reverse. This is what allows you to
publish your public key, which is derived
from your private key.
Latest Encryption Technology

Hardware-based whole Disk encryption

Hardware-based disk encryption will continue to

grow and bypass whole disk encryption software products.
With this type of encryption, after a key has been given,
the entire contents of a volume encrypts it after it is used.
This doesn’t protect against network attacks via emails or
websites, but it does protect data when a laptop or device
is lost or stolen and a key is required to decrypt it.

Wearable two-factor authentication

Passwords are important but so is the ease of use and

functionality. Large cryptographically generated
passwords are more powerful than typical use-and-
remember passwords. Having wearable devices that
will connect and convey this type of information can
be very powerful and eliminate the challenges of
multiple passwords.

Quantum cryptography

This is the only proven method for transmitting a secret key or password over a
distance. It functions by using photons of light to physically move a shared file between two
parties. These photons might be intercepted by another technology, however they can’t be
cloned or copied.
Types of Encryption Algorithm

• Blowfish - a 64-bit block cipher that uses a key length that can vary between 32 and
448 bits.
• AES – Advance Encryption Standard, a symmetric 128-bit block data encryption
technique.
• DES – Data Encryption Standard, a popular symmetric-key encryption method
developed in 1975 and standardized by ANSI in 1981 as ANSI X.3.92. DES uses a 56-bit
key and uses the block cipher method, which breaks text into 64-bit blocks and then
encrypts them.

Strengths and Weakness of Encryption

◦ Strength
◦ Private keys in cryptography is resilient, it is immune in some brutal force
attacks.
◦ It is very secure.
◦ If an attack does happen, you can immediately change the algorithm for more
safety measures.
◦ In symmetrical cryptography, every participant has identical private keys.
◦ Weakness –
◦ Very Difficult to develop
◦ If an attacker gets in the algorithm, every user is at risk.
◦ Is it very difficult to be completed because it’s in a secure manner.

Pattern Recognition

Pattern recognition is the process of recognizing patterns by using machine learning

algorithm. Pattern recognition can be defined as the classification of data based on
knowledge already gained or on statistical information extracted from patterns and/or their
representation. One of the important aspects of the pattern recognition is its application
potential.

Types of Pattern Recognition Algorithm

◦ Machine Learning – the scientific study of algorithms and statistical models that
computer systems use to perform a specific task without using explicit instructions,
relying on patterns and inference instead. It is seen as a subset of artificial intelligence.
 ◦ Deep learning - a part of a broader family of machine learning methods based on
artificial neural networks with representation learning. Learning can be supervised,
semi-supervised or unsupervised. This is commonly used in self-learning video games
and A.I’s.
◦ Speech Recognition - an interdisciplinary subfield of computational linguistics that
develops methodologies and technologies that enables the recognition and
translation of spoken language into text by computers. It is also known as automatic
speech recognition, computer speech recognition or speech to text.
◦ Stock Market Forecasting - pattern recognition is used for comparative analysis of the
stock exchanges and predictions of the possible outcomes.
◦ Text correction and adaptation - in addition to correcting grammar and formal
mistakes, this technique can be used for the simplification of the text - from the
structure to the choice of words.
◦ Face Pattern – It uses the points in your face to determine the features of your face.

Modern Technologies in Pattern Recognition:

Finger print identification

The fingerprint recognition

technique is a dominant technology in
the biometric market. A number of
recognition methods have been used to
perform fingerprint matching out of
which pattern recognition approaches is
widely used.

Facial Recognition

Real time face recognition is part of the

field of biometrics. Biometrics is the ability for
a computer to recognize a human through a
unique physical trait. Face recognition provides
the capability for the computer to recognize
a human by facial characteristics.
Character Recognition

CAPTCHAs (Completely Automated Public

Turing test to tell Computers and Humans Apart)
are widespread security measures on the World
Wide Web that prevent automated programs from
abusing online services. They do so by asking
humans to perform a task that computers cannot
yet perform, such as deciphering distorted
characters.

Iris Recognition

It is an automated method of biometric

identification that uses mathematical pattern-
recognition techniques on video images of one
or both of the irises of an individual's eyes,
whose complex patterns are unique, stable, and
can be seen from some distance.

Voice Recognition

Voice recognition technology uses

distinctive aspects of the human voice to verify the
identity of the person. Once enough data is
obtained, the system processes the vocal
recordings, which includes eliminating pauses and
other frequencies such as background noise.

PREDICTIVE ANALYTICS

Predictive analytics is a category of data analytics aimed at making predictions about

future outcomes based on historical data and analytics techniques such as statistical modeling
and machine learning. The science of predictive analytics can generate future insights with a
significant degree of precision.
 Predictive analytics can discover a data
breach before it happens. Like a radar that shows the
enemy approaching, these analytics determine when
and where attacks may occur. This gives your
company time to raise the alarm, pull up the
drawbridge, and ready your men. Instead of
discovering a breach after the war has already been
lost, predictive analytics enable you to outmaneuver
hackers and come out victorious.

Critical data breaches are in the news on a regular basis these days. A single breach can
result in massive losses, both in money and reputation. Stock prices drop, customers become
angry and business goals are jeopardized.

Example: Predictive Analytics Software: (RapidMiner Studio, KNIME Analytics Platform)

Types of Predictive Analytics Algorithm

◦ Linear Regression - one of the most basic algorithms of

advanced analytics. This also makes it one of the most
widely used. People can easily visualize how it is working
and how the input data is related to the output data.
◦ Logistics Regression - Logistic regression sounds like linear
regression but is focused on problems involving
categorization instead of quantitative forecasting. Here the
output variable values are discrete and finite rather than
continuous and with infinite values as with linear regression.

◦ Classification and Regression Trees - use a decision to

categorize data. Each decision is based on a question
related to one of the input variables. With each question
and corresponding response, the instance of data gets
moved closer to being categorized in a specific way. This
set of questions and responses and subsequent divisions
of data create a tree-like structure.

◦ K-Nearest Neighbor’s - K-nearest neighbor is also a

classification algorithm. It is known as a "lazy learner"
because the training phase of the process is very limited. The
learning process is composed of the training set of data being
stored. As new instances are evaluated, the distance to each
data point in the training set is evaluated and there is a
consensus decision as to which category the new instance of
data falls into based on its proximity to the training
instances.

◦ K-Mean Cluster - K-means clustering focuses on creating

groups of related attributes. These groups are referred to as
clusters. Once these clusters are created, other instances can be
evaluated against them to see where they best fit.