Computer

Security
Introduction
Also known as Cyber Security or IT Security
Protection of computer system from theft and damage to hardware, software or
information
Protection of computing systems and the data that they store or access.
Also the protection from misdirection from the service computer system
provide
Includes controlling physical access to hardware
Good Security Standards follow the "90 / 10" Rule:
10% of security safeguards are technical
90% of security safeguards rely on the computer user ("YOU") to adhere to good
SECURITY THREAT AND SECURITY ATTACK
• A threat is a potential violation of security and causes harm
• A threat can be a malicious program, a natural disaster or a thief
• Vulnerability is a weakness of system that is left unprotected
• Systems that are vulnerable are exposed to threats
• Threat is a possible danger that might exploit vulnerability; the
actions that cause it to occur are the security attacks.
Types of security attack
• Passive Attack
• Active Attack
Passive Attack
• Passive Attack: Aims to get information from the system but it does
not affect the system resources.
• Passive attacks may analyze the traffic to find the nature of
communication that is taking place, or, release the contents of the
message to a person other than the intended receiver of the
message
• Passive attacks are difficult to detect because they do not involve
any alteration of the data
• Thus, the emphasis in dealing with passive attacks is on prevention
rather than detection.
Active attack
• Active attack: An active attack tries to alter the system resources or
affect its operations.
• Active attack may modify the data or create a false data. An active
attack may be a masquerade (an entity pretends to be someone
else), replay (capture events and replay them), modification of
messages, and denial of service.
• Active attacks are difficult to prevent.
• However, an attempt is made to detect an active attack and recover
from them.
Security attacks : On User
• to the identity of user (someone else acting on your behalf by using
personal information like password, PIN number in an ATM, credit
card number, social security number etc)
• to the privacy of user: (tracking of users habits and actions—the
website user visits, the buying habit of the user etc
• Cookies and spam mails are used for attacking the privacy of users.)
Security attacks : On Hardware:
• could be due to a natural calamity like floods or earthquakes
• due to power related problems like power fluctuations etc.;
• or by destructive actions of a burglar.
• Software Attacks:
• Harms data stored in Computer
• Software attacks may be due to malicious software, or, due to
hacking
• Malicious software or malware is a software code included into the
system with a purpose to harm the system.
Malicious Software(malware):
• Malicious Software(malware): Commonly known as malware is a software
that brings a harm to a computer system.
• It can take the form of executable code, scripts, active content, and other
software.
• It is commonly used for earning money illegally.
• It steals protected data, delete documents or add software not approved by
a user.
• Definition: “A program that is inserted into a program, usually covertly, with
the intent of compromising the confidentiality, integrity, or availability of the
victim’s data, applications, or Operating system or otherwise annoying or
disturbing the victim”
Malware can entry into your computer by :
• Questionable file downloads
• Visiting infected website
• Opening attachments or links from unknown or spoofed emails
• Downloading software from malicious sites
Common types of malware:
• Viruses
• Worms
• Trojan horse
• Rootkits
• Spyware
Virus:
• Computer virus is a small program written to alter the way a
computer operates, without the permission or knowledge of the
user.
• Virus programs have the following properties:
• It can attach itself to other healthy programs.
• It can mainly affects the executable files(i.e. .exe files)
• It can replicate itself and thus can spread across a network.
• It is difficult to trace a virus after it has spread across a network.
• e.g The Melissa virus, CrptoLocker, MyDoom etc.
Viruses can harm the computer in many
ways:
• Corrupt or delete data or files on the computer,
• Changes the functionality of software applications,
• Use e-mail program to spread itself to other computers,
• Erase everything on the hard disk
• Degrade performance of the system by utilizing resources such as
memory or disk space
Worms
• A computer worm is a standalone malware computer program that
replicates itself in order to spread to other computers.
• It uses a computer network to spread itself, relying on security
failures on the target computer to access it.
• Worms almost always cause at least some harm to the network
Trojan Horse
• A Trojan horse is a malicious computer program which
misrepresents itself to appear useful, routine, or interesting in order
to persuade a victim to install it.
• It is generally spread by some form of social engineering.
Rootkits
• Software packages known as rootkits allow this concealment, by
modifying the host's operating system so that the malware is hidden
from the user.
• Rootkits can prevent a malicious process from being visible in the
system's list of processes, or keep its files from being read
Spyware:
• Spyware is software that aims to gather information about a person
or organization without their knowledge, that may send such
information to another entity without the consumer’s consent.
Few Videos related to Virus , Worms ,
Trojans
• https://www.youtube.com/watch?v=V-WleeTocu4

• https://www.youtube.com/watch?v=c34QwtYI40g

• https://www.youtube.com/watch?v=y8a3QoTg4VQ
Hacking:
• Hacking is the unauthorized intrusion into a computer or a network
• Hacking may result in a Denial of Service (DoS) attack
• The DoS attack prevents authorized users from accessing the
resources of the computer
• It aims at making the computer resource unusable or unavailable to
its intended users.
• Packet sniffing, e-mail hacking and password cracking are used to
get the username and password of the system to gain access of the
system.
Ways to protect PC from malwares
Keep your software, browsers, OS and plugins up to date
Don’t click on links within emails
Use antivirus software
Use a firewall
Minimize downloads
Use a strong password
Use a pop-up blocker
Security Mechanism
•  A process(or a device incorporating such a process) that is designed
to prevent, detect or recover from a security attack.
• Prevention involves mechanisms to prevent the computer from
being damaged.
• Detection requires mechanisms that allow detection of when, how,
and by whom an attacked occurred.
• Recovery involves mechanism to stop the attack, assess the damage
done, and then repair the damage.
Security Mechanisms:
• Cryptography
• Digital Signatures
• Firewall
• User Identification and Authentication
• Intrusion Detection System(IDS)
Cryptography
• Derived from the Greek word ‘Kryptos’ which means ‘Secret’.
• Method of storing and transmitting data in a particular form so that
only those for whom it is intended can read and process it.
• Uses a mathematical algorithm to transfer the data into a form that
cannot be read by unauthorized user
• The algorithm turns our data into machines codes, then stores them
and then provides the info to the authorized person only.
• Applications: ATM , Email-Passwords, E-Payment, Electronic Voting
etc.
Components of Cryptography
• Plaintext: It is the data to be protected during transmission.
• Encryption Algorithm: It is a mathematical process that produces a cipher text for
any given plaintext and encryption key.
• Encryption Key: It is a value that is known to the sender. The sender inputs the
encryption key into the encryption algorithm along with the plaintext in order to
compute the cipher text.
• Cipher and Code: bit-by-bit or character-by-character transformation without
regard to the meaning of the message. Code replaces one word with another word
or symbol.
• Cipher text: It is the scrambled version of the plaintext produced by the encryption
algorithm using a specific the encryption key. It can be intercepted or
compromised by anyone who has access to the communication channel
• Decryption Algorithm: It is a mathematical process, that produces a
unique plaintext for any given cipher text and decryption key.
• Decryption Key: It is a value that is known to the receiver. The decryption
key is related to the encryption key, but is not always identical to it. The
receiver inputs the decryption key into the decryption algorithm along
with the cipher text in order to compute the plaintext.
• Certification Authorities (CA): CAs are trusted third parties that issue
digital certificates for use by other parties. A CA issues digital certificates
which contains a public key, a name, an expiration date, the name of
authority that issued the certificate, a serial number, any policies
describing how the certificate was issued, how the certificate may be used,
the digital signature of the certificate issuer, and any other information.
• Hash Function: •A hash function is a mathematical function that converts a
numerical input value into another compressed numerical value. The
input to the hash function is of arbitrary length but output is always of
fixed length.
Digital Signatures
• A type of electronic signature that encrypts the documents with digital
codes that are particularly difficult to duplicate.
• Takes the concept of traditional paper based signing and turns them into
an electronic fingerprint or code.
• This code used is unique to both the document and the signer
• Used to validate authenticity and integrity of a document.
• Cryptographically binds an electronic identity into electronic document
• Similar to public key cryptography(assymetric cryptography)
• Here, the message is encrypted by a private key and decrypted by a public