Information Security

Introduction

Prof. Dr. Salman A. Khan

Email: engr.ahmeds@gmail.com

© Salman Khan 1
Introduction
 Computer Security is the study of protection of
information and resources (which may include networks)
from illegal theft, corruption and misuse.

 Network Security is
 The study of protecting a computer network infrastructure from
illegal access,
 Definition of policies for use and access of network resources,
and
 Continuous monitoring of the network for illegal activity.

© Salman Khan 2
Terminology
 Attacker (Hacker): A person intending to cause
loss/damage to a system or a resource
 Vulnerability: A system or resource weakness that can be
exploited by an attacker
 Threat: A potential security harm to an asset
 Attack: is a threat in Action
 Active Attack: Actual damage is caused to a system or a
resource
 Passive Attack: Attempts to learn or study the system
without causing any damage
© Salman Khan 3
Terminology
Other Attack types:
 Insider Attacks: Initiated by the ‘enemy within’
 Outside Attacks: Initiated from outside the perimeter,
by an unauthorized or illegitimate user of a system
 Countermeasures: Any approach that is taken to handle
an attack
1. Prevent: an attack from transpiring (succeeding)
2. Detect: the attack once it takes place
3. Mitigate (Recover): minimize the damage & recover from the
attack
© Salman Khan 4
Vulnerabilities Reported

Total Internet-related vulnerabilities reported by the Computer Emergency

Response Team (CERT), USA, over the years (Source: www.cert.org)
© Salman Khan 5
Incidents (Attacks) Reported

© Salman Khan 6
Source: www.cert.org
 © Salman Khan 7

http://www.hostreview.com/blog/101130-network-security-facing-dual-challenge
Principle Components
Following are the five principle components of computer
security:
 Confidentiality
 Integrity
 Availability
 Authenticity
 Non-Repudiation

© Salman Khan 8
Confidentiality
 Confidentiality is to protect information from disclosure
 Started with the military’s need-to-know policy for secret
information – is now obligatory for lots of information types.
E.g. Industry needs to protect their trade secrets from
unlawful disclosure.
 Encryption of data is used to achieve confidentiality.
 Encrypted data is unreadable unless it is decrypted.
 Algorithms and standards exist to achieve data
confidentiality thru the use of encryption e.g. Data
Encryption Services, RSA

© Salman Khan 9
Integrity
 Integrity is to make sure that data has not changed unlawfully.
 If data sent by someone on the Internet is tampered with, then
the integrity of the data is affected.
 Integrity of data can be protected by preventing an
unauthorized user from changing the data.
E.g. 1 an accountant in a bank is not authorized to increase the
bank balance of a client. If he does so, integrity of the client’s
account is affected.
E.g. 2 A worker is not authorized to change the contents of the
email of a coworker when it is being sent over a network

© Salman Khan 10
Availability
 Availability refers to the constant presence of a service or
resource despite attempts to bring these down (kill a process
or avoid good users from smooth access)
 An unavailable resource is as good as a non-existent resource

E.g. If a website is down due to some reason, then it is

unavailable. If an attack caused it to go down, then this type
of situation is also referred to as a Denial of Service attack
 As part of network security, mechanisms and techniques are
proposed to protect services and resources from attacks
against the availability of all such assets

© Salman Khan 11
Authenticity
 Authenticity is the ability to validate a resource (person or a
machine) as well as data..
 In other words, the ability to validate a user who claims that
he is Mr. XYZ is authentication
E.g. Use of a student ID card to authenticate yourself as a student
to someone else
E.g. If a message is sent with a label (Sent by: Mr. X) by Mr. Y,
then you must verify whether the message is authentic or
not..

© Salman Khan 12
Non-Repudiation
 Also referred to as Accountability
 Non-repudiation is defined as the ability to confidently
relate a particular incident or event with a particular person or
entity
E.g. A person does an act of illegal intrusion into a computer
network and claims that he is innocent – this person is
attempting to repudiate his action
 A good security scheme must be able to trace actions to
entities correctly

© Salman Khan 13
Cost of Security!
 You must not spend BD 100 to provide security to a can of
Pepsi!
 The Cost of a security solution must not outweigh the cost of
the item (resource) being secured
 As a designer of a security solution one has to consider
several criteria such as: existing hardware, software, network
layout, number of users, user classes etc.
 Bottom line: Applying a security solution does not come for
zero cost to the organization + a strong security solution may
drive clients away from an organization due to user
unfriendliness
© Salman Khan 14
A Sample Attack in Action

http://www.ixiacom.com/products/display?skey=ixload_attack

© Salman Khan 15
© Salman Khan 16
Mobile Malware

© Salman Khan
http://www.businessinsider.com/mcafee-android-threats-report-2011-8 17
Mobile Malware

© Salman Khan
http://www.businessinsider.com/mcafee-android-threats-report-2011-8 18
In Summary
 Threats against information resources are increasing –
mobile technology will increase this further
 5 Key principles of Security remain the same 
 Malware analysis for mobile devices is fast emerging
 Other fields of security research include: Smart grid
Communication, Cloud computing, Sensors, and so
forth…

© Salman Khan 19