Chapter 5

COMPUTER SECURITY
Content Outlines

 Computer Security

 Computer Security Goals

 Computer Security Threats

 Computer Security Solutions

2
 What is Computer Security?
 Security is the quality or state of being secure or to be
free from danger.
 Computer security, also known as cyber security or
IT security, is the protection of:
 Computer systems (Hardware and Software)
 Data/Information
 Networks and
 Computing power from theft or damage to the
hardware, software or the information on
them, as well as from disruption or
misdirection of the services they provide
3
 Why Security?
 Computer security is required because most
organizations can be damaged by software or
intruders.
 The damages include:
 Damage of computer systems.
 Damage of internal data.
 Loss of sensitive information to third parties.
 Losing the ability to use the system
4
Who is vulnerable?
 Financial institutions and banks
 Internet service providers
 Educational Institutions
 Government and defense agencies
 Contractors to various government agencies
 Multinational corporations
 ANYONE ON THE NETWORK/INTERNET

5
 Who is Secured?

 The most secure

computers are those
not connected to the
Internet/Network and
shielded from any
interferences (external
storage device)
6
 Computer Security Goals
 Computer security addresses the following goals:

oConfidentiality
Confidentiality

oIntegrity
Integrity
Availability
oAvailability

7
 Security Goals
 Confidentiality
• Refers to information protection from
unauthorized read/access operations
 Integrity
• Refers to the trustworthiness of data or
resources within a computer system
• It is preventing from unauthorized change
 Availability
• Availability refers to the ability to use the
computer system and information resources at
desired times by authorized parties
8
 Security Threats
 A computer security threat is any person,
act, or object that poses a danger to
computer security.
 A threat is a potential violation of security.
 The effects of threats can be an affect on the
 Confidentiality of data
 Integrity of data
 Availability of a system.

9
 Causes of Security Threats
 Physical Threats: Loss of physical support
 Weather, natural disaster, bombs, power
failures, terrorism, etc.
 Human Threats:
 Stealing, fraud, bribery, spying, sabotage,
accidents.
 Software Threats: Malicious Software
 viruses, Trojan horses, Worms.
10
 Human Threat- Intruders
 Intruders are usually trying to gain access to a
system, or to increased privileges to which they
are not entitled, often by obtaining the password
for a legitimate account.
 Hacking: is any attempt to intrude or gain
unauthorized access to your system.
 It may or may not be for malicious purposes.
 Cracking: Criminal who breaks into computer
systems for the purpose of doing damage.
11
 Intruders/Hackers

12
 Malicious Software
 Malware, short for “malicious software,” refers to
any intrusive software developed by
cybercriminals (often called “hackers”).

 Malware are designed to steal data and damage or

destroy computers and computer systems.

 Malware is a malicious software that invades a

computer system without the knowledge of the
13
owner.
 Malicious Software
Examples of Malicious Software:
 Virus
 Trojan Horse
 Worm
 Spyware
 Logic bomb
 Trap door
 Zombie
 Adware
 Bots
 Bugs
 Rootkits
 Adware
14
 Virus
 A small program that replicates and hides itself
inside other programs usually without your
knowledge
 A virus is a program that can ”infect” other
programs by modification, as well as causing
local damage
 The new copy of the virus is executed when a
user executes the new host program.
 Similar to biological virus: Replicates and Spreads
15
 Worm
 Worm is an independent program that
spreads via network connections, typically
using either email, remote execution etc.
 Worm reproduces by copying itself from
one computer to another and causes it to
execute; no user intervention is required
 It can do as much harm as a virus

16
 Trojan Horse
 Secretly downloading a virus or some other type
of mal-ware on to your computers.
 Seems to do something good but covertly doing
something else
 Popular mechanism for hiding a virus or a worm

17
 Spyware
 Spyware is designed to enter your computer
device, gather data about you, and forward it to a
third-party without your consent.

18
 The effects of Malware
 Corrupting the systems data
 Increasing file size
 Formatting the hard disk
 Slowing down the computer system
 Renaming all files with different name
 Disrupts operations.
 Steals sensitive information.
 Allows unauthorized access to system resources.
 Creates problems connecting to networks.
 Results in frequent freezing or crashing.

19
 Security Solutions
There are a number of basic ways that a computer can
be made more secure.
 Backups/disaster recovery
 Anti-Viruses
 Cryptography (Encryption)
 Authentication
 Validation
 Data Protection-using password
 Firewall

20
 Backups
 Backup is sometimes called redundancy/disaster
recovery
 The purpose of a backup is to make a copy of data,
which is unlikely to be lost or destroyed.
 If we want a backup to be protected from the some
accidents that would destroy the data, we have to
store it in a different physical location.
 Backups can be done on magnetic tapes, Magnetic
disks, CD/DVD or on the cloud (Internet).
21
 CRYPTOGRAPHY
 Encryption is the process of converting plaintext
(readable data) into ciphertext (unreadable characters) to
prevent unauthorized parties from viewing or modifying it.
 Decryption is the process of converting Ciphertext to
plaintext

22
 Authentication
 Authentication is the process of logging in a manner
that proves his or her identity using username and
password to gain access to a system, network or web
site.
 Example of authentication
 Password
 Fingerprint
 Hand Geometry
 Voice
 Signature
 Iris
23
 Antiviruses
To prevent viruses from entering a computer
system there are two options.
▪ Isolate the machine
▪ disconnect it from the Internet or any other
network, not using USB disks or any other
removable disks.
▪ Install updated Antivirus program
 Antivirus programs are designed to keep a watch
at all incoming files so that no malicious code
can enter the computer.

24
 Functions of Anti-virus
 Antivirus software is a program that is designed to
PREVENT, DETECT, and REMOVE and
RECOVER malicious software like worms,
viruses, trojan horses….
Identification of known viruses
Detection of suspected viruses
Blocking of possible viruses
Disinfection of infected objects
Deletion infected objects
Overwriting of infected objects
25
 Example of Antivirus
Anti-viruses
 Norton Antivirus
 McAfee Antivirus
 AVG Antivirus
 Bitdefender Antivirus
 Avira Antivirus
 ESET NOD32 Antivirus
 Kaspersky Antivirus
 …..

26
 Firewall
 A firewall is a security system consisting of hardware
and/or software that prevents unauthorized network
access.
 A firewall provides a security barrier between networks
or network segments.

27