Professional Documents
Culture Documents
Introduction
© Salman Khan 1
Introduction
Computer Security is the study of protection of
information and resources (which may include networks)
from illegal theft, corruption and misuse.
Network Security is
The study of protecting a computer network infrastructure from
illegal access,
Definition of policies for use and access of network resources,
and
Continuous monitoring of the network for illegal activity.
© Salman Khan 2
Terminology
Attacker (Hacker): A person intending to cause
loss/damage to a system or a resource
Vulnerability: A system or resource weakness that can be
exploited by an attacker
Threat: A potential security harm to an asset
Attack: is a threat in Action
Active Attack: Actual damage is caused to a system or a
resource
Passive Attack: Attempts to learn or study the system
without causing any damage
© Salman Khan 3
Terminology
Other Attack types:
Insider Attacks: Initiated by the ‘enemy within’
Outside Attacks: Initiated from outside the perimeter,
by an unauthorized or illegitimate user of a system
Countermeasures: Any approach that is taken to handle
an attack
1. Prevent: an attack from transpiring (succeeding)
2. Detect: the attack once it takes place
3. Mitigate (Recover): minimize the damage & recover from the
attack
© Salman Khan 4
Vulnerabilities Reported
© Salman Khan 6
Source: www.cert.org
© Salman Khan 7
http://www.hostreview.com/blog/101130-network-security-facing-dual-challenge
Principle Components
Following are the five principle components of computer
security:
Confidentiality
Integrity
Availability
Authenticity
Non-Repudiation
© Salman Khan 8
Confidentiality
Confidentiality is to protect information from disclosure
Started with the military’s need-to-know policy for secret
information – is now obligatory for lots of information types.
E.g. Industry needs to protect their trade secrets from
unlawful disclosure.
Encryption of data is used to achieve confidentiality.
Encrypted data is unreadable unless it is decrypted.
Algorithms and standards exist to achieve data
confidentiality thru the use of encryption e.g. Data
Encryption Services, RSA
© Salman Khan 9
Integrity
Integrity is to make sure that data has not changed unlawfully.
If data sent by someone on the Internet is tampered with, then
the integrity of the data is affected.
Integrity of data can be protected by preventing an
unauthorized user from changing the data.
E.g. 1 an accountant in a bank is not authorized to increase the
bank balance of a client. If he does so, integrity of the client’s
account is affected.
E.g. 2 A worker is not authorized to change the contents of the
email of a coworker when it is being sent over a network
© Salman Khan 10
Availability
Availability refers to the constant presence of a service or
resource despite attempts to bring these down (kill a process
or avoid good users from smooth access)
An unavailable resource is as good as a non-existent resource
© Salman Khan 11
Authenticity
Authenticity is the ability to validate a resource (person or a
machine) as well as data..
In other words, the ability to validate a user who claims that
he is Mr. XYZ is authentication
E.g. Use of a student ID card to authenticate yourself as a student
to someone else
E.g. If a message is sent with a label (Sent by: Mr. X) by Mr. Y,
then you must verify whether the message is authentic or
not..
© Salman Khan 12
Non-Repudiation
Also referred to as Accountability
Non-repudiation is defined as the ability to confidently
relate a particular incident or event with a particular person or
entity
E.g. A person does an act of illegal intrusion into a computer
network and claims that he is innocent – this person is
attempting to repudiate his action
A good security scheme must be able to trace actions to
entities correctly
© Salman Khan 13
Cost of Security!
You must not spend BD 100 to provide security to a can of
Pepsi!
The Cost of a security solution must not outweigh the cost of
the item (resource) being secured
As a designer of a security solution one has to consider
several criteria such as: existing hardware, software, network
layout, number of users, user classes etc.
Bottom line: Applying a security solution does not come for
zero cost to the organization + a strong security solution may
drive clients away from an organization due to user
unfriendliness
© Salman Khan 14
A Sample Attack in Action
http://www.ixiacom.com/products/display?skey=ixload_attack
© Salman Khan 15
© Salman Khan 16
Mobile Malware
© Salman Khan
http://www.businessinsider.com/mcafee-android-threats-report-2011-8 17
Mobile Malware
© Salman Khan
http://www.businessinsider.com/mcafee-android-threats-report-2011-8 18
In Summary
Threats against information resources are increasing –
mobile technology will increase this further
5 Key principles of Security remain the same
Malware analysis for mobile devices is fast emerging
Other fields of security research include: Smart grid
Communication, Cloud computing, Sensors, and so
forth…
© Salman Khan 19