COMPUTER SECURITY

COMPUTER SECURITY

🞆 Security refers to the policies, procedures and

technical measures to prevent unauthorized access ,
alteration, theft or damage to the computer system.
🞆 Computer Security is the protection of computing
systems and the data that they store or access.

🞆 Primary Reasons To Secure Your Computer

To prevent theft of or damage to the hardware
To prevent theft of or damage to information
To prevent disruption of service
KEY AREAS OF CONCERN

🞆 Confidentiality - Only authorized users can

access the data resources and information.

🞆 •Integrity - Only authorized users should be

able to modify the data when needed.

🞆 •Availability - Data should be available to users

when needed.

🞆 •Authentication - The computer system should

be able to verify the identity of a user.
CONSEQUENCES OF IGNORING COMPUTER
SECURITY

🞆 Loss Of Confidential Data

🞆 Loss In Productivity
🞆 Identity Theft
🞆 Compromised Data Integrity
🞆 Unavailability Of Access To Data Or Computer
Network
🞆 Lawsuits & Judicial Actions
🞆 Termination Of Employment or Business
TYPES OF COMPUTER SECURITY THREATS
🞆 Interruption
•An asset of the system becomes lost, unavailable,
or unusable
•Attack on availability
•Destruction of hardware
•Cutting of a communication line
•Disabling the file management
system
TYPES OF COMPUTER SECURITY THREATS
🞆 Interception
•An unauthorized party gains access to an asset
•Attack on confidentiality
•Wiretapping to capture data in a network
•Illicit copying of files or programs
TYPES OF COMPUTER SECURITY THREATS
🞆 Modification
•An unauthorized party not only gains access but
tampers with an asset
•Attack on integrity
•Changing values in a data file
•Altering a program so that it performs differently
•Modifying the content of messages being transmitted in
a network
TYPES OF COMPUTER SECURITY THREATS
🞆 Fabrication
An unauthorized party inserts counterfeit objects into
the system
Attack on authenticity
Insertion of spurious messages in a network
Addition of records to a file
MALICIOUS SOFTWARE
🞆 Programs that create the threat
🞆 Also known as malware
🞆 For example: VIRUS, Worm, Trojan etc.
MALICIOUS SOFTWARE
TRAPDOOR OR BACKDOOR
🞆 Secret entry into a program
🞆 allows someone that is aware of it to gain access
without going through the usual security access
procedures.
🞆 Have been used legitimately for many years to
debug and test programs, but become a threat
when left in production programs.
🞆 It is difficult to implement operating system
controls for backdoors.
🞆 Security measures must focus on the program
development and software update activities.
LOGIC BOMB

🞆 one of the oldest types of program threat,

🞆 code embedded in some legitimate program that
is set to “explode” when certain conditions are
met.
- presence or absence of certain file
- particular date/ time
- particular user
🞆 Once triggered, a bomb may alter or delete data
or entire files, cause a machine halt, or do some
other damage.
TROJAN HORSE
🞆 useful, or apparently useful, program or command
procedure (eg. game, utility, s/w upgrade etc)
🞆 containing hidden code that performs some
unwanted or harmful function that an unauthorized
user could not accomplish directly.
🞆 Commonly used to make files readable, propagate a
virus or worm, or install a backdoor or simply to
destroy data.
ZOMBIE

🞆 secretly takes over another Internet-attached

computer
🞆 then uses that computer to launch attacks that
are difficult to trace to the zombie’s creator.
🞆 Zombies are used in denial-of-service attacks,
being planted on hundreds of computers
belonging to unsuspecting third parties, and then
used to overwhelm the target Web site by
launching an overwhelming onslaught of Internet
traffic.
🞆 Typically zombies exploit known flaws in
networked computer systems.
VIRUS
🞆 software that can “infect” other programs by
modifying them;
🞆 the modification includes a copy of the virus
program, which can then go on to infect other
programs.
🞆 It can be compared to biological viruses, and like
them, a computer virus carries in its
instructional code the recipe for making perfect
copies of itself.
🞆 Once a virus is executing, it can perform any
function, such as erasing files and programs.
VIRUS OPERATION
During its lifetime, a typical virus goes through the
following four phases:
🞆 Dormant phase: virus is idle, waiting for trigger
event (eg date, program or file , disk capacity).
Not all viruses have this stage.
🞆 Propagation phase: virus places a copy of itself
into other programs / system areas .
🞆 Triggering phase: virus is activated by some
trigger event to perform intended function.
🞆 Execution phase: desired function (which may
be harmless or destructive) is performed.
MACRO VIRUSES

🞆 In the mid-1990s, macro viruses became by far the

most prevalent type of virus, and were particularly
threatening because they’re platform independent,
infect documents not executable code, and are easily
spread.
🞆 Macro viruses take advantage of the macro feature
found in Word and other office applications. A macro
is an executable program embedded in a word
processing document or other type of file, blurring
distinction between document & program. There is a
continuing arms race in the field of macro viruses.
Successive releases of Word provide increased
protection against macro viruses, and they no longer
are the predominant virus threat.
E-MAIL VIRUS
🞆 A more recent development in malicious software is
the e-mail virus. The first rapidly spreading e-mail
viruses, such as Melissa, made use of a Microsoft
Word macro embedded in an attachment, triggered
when the attachment was opened. At the end of 1999,
a more powerful version of the e-mail virus appeared,
activated merely by opening an e-mail that contains
the virus rather than opening an attachment. As a
result, instead of taking months or years to
propagate, now take only hours. This makes it very
difficult for antivirus software to respond before much
damage is done. Ultimately, a greater degree of
security must be built into Internet utility and
application software on PCs to counter this growing
threat.
WORM
🞆 replicate itself and send copies from computer to
computer across network connections.
🞆 Replicate only but not infecting the program
🞆 replicate and propagate again, and also perform
some unwanted function.
🞆 To replicate itself, a network worm uses some
sort of network vehicle such as email, remote
execution, or remote login.
🞆 Once active within a system, a network worm can
behave as a computer virus or bacteria, or it
could implant Trojan horse programs or perform
any number of disruptive or destructive actions.
MORRIS WORM
🞆 best known classic worm
🞆 released onto the Internet by Robert Morris in 1988.
🞆 designed to spread on UNIX systems and
🞆 used a number of different techniques for propagation,
including
-cracking the local password file
-exploiting a bug in the finger protocol, or
-exploiting a trapdoor at debug option of sent mail
o If any attack succeeded, then run on another system
and replicate itself.
DISTRIBUTED DENIAL OF SERVICE (DDOS)

🞆 significant security threat to corporations and in

growing stage.
🞆 make computer systems inaccessible by flooding
servers, networks, or even end user systems
🞆 a large number of compromised (zombie) hosts
are amassed to send useless packets.
🞆 In recent years, the attack methods and tools
have become more sophisticated, effective, and
more difficult to trace.
HACKER VS CRACKER
❑ Hacker is an individual who intends to gain
unauthorized access to the computer system

❑ Cracker is a hacker with criminal intention

TOP SECURITY ACTION
1.Patch, Patch, Patch!
Set up your computer for automatic software and operating system updates. An
unpatched machine is more likely to have software vulnerabilities that can be
exploited.
2. Install Security Software
When installed, the software should be set to scan your files and update your virus
definitions on a regular basis.
3. Choose Strong Passwords
Choose strong passwords with letters, numbers, and special characters to create a
mental image or an acronym that is easy for you to remember. Create a different
password for each important account, and change passwords regularly.
4. Backup, Backup, Backup!
Backing up your machine regularly can protect you from the unexpected. Keep a
few months' worth of backups and make sure the files can be retrieved if needed.
5. Control access to your machine
Don't leave your computer in an unsecured area, or unattended and logged on,
especially in public places. The physical security of your machine is just as
important as its technical security
6. Use email and the Internet safely
Ignore unsolicited emails, and be wary of attachments, links and forms in emails
that come from people you don't know, or which seem "phishy."
 Thanks
for your kind patience