Introduction

Module I
IT425: Information and Cyber Security
 Contents

 Introduction to Information, Computer and Network Security,

 Security Concepts,
 Kinds of security breaches, Threats and Risks, Point of vulnerability, Attacks-
Passive and Active,
 Security Services, Confidentiality, Authentication, Non-Repudiation,
Integrity, Access Control, Availability,
• Model for Internetwork Security, Internet Standards and RFCs
 Introduction
• Computer security basically is the protection of computer systems and
information from harm, theft, and unauthorized use. It is the process of
preventing and detecting unauthorized use of your computer system.
• Network Security - measures to protect the hardware, software amd data
during their transmission
• Internet Security - measures to protect data during their transmission over a
collection of interconnected networks
• Information security is securing information from unauthorized access,
modification & deletion
• Application Security is securing an application by building security features to
prevent from Cyber Threats such as SQL injection, DoS attacks, data breaches
and etc.
• Computer Security means securing a standalone machine by keeping it
updated and patched
• Cybersecurity is defined as protecting computer systems, which communicate
over the computer networks
Security Attacks, Services
and Mechanisms

• Security attack – Any action that compromises the

security of information owned by an organization.
• Security mechanism – A mechanism that is designed
to detect, prevent or recover from a security attack.
• Security service – A service that enhances the
security of the data processing systems and the
information transfers of an organization. The services
are intended to counter security attacks and they
make use of one or more security mechanisms to
provide the service.
Computer Security Services
• Confidentiality is ensuring that information
is available only to the intended audience.

• Integrity is protecting information from being

modified by unauthorized parties.

• Availability is protecting information from

being modified by unauthorized parties
• Access Control
• Non-Repudiation
• Confidentiality: access (reading, viewing, printing,
knowing, etc.) –
• Contents : encryption (cryptography)
• Existence of data: steganography. For example, stock investigation,
prisoner, spy, watermarking
• – Resource hiding: operating system information and configuration
• – Fingerprinting
• – Identity: (anonymity)

• Integrity: modification (includes writing, changing,

changing status, deleting, and creating).
• Data integrity
• Program integrity
• System integrity
• Identity integrity (non-repudiation)
• Origin (location) integrity (e.g. network traceback)

• Availability.
• Denial of service

• Examples: what category do they belong to?

• TCP SYN flooding, Sniffering, Faked identity
• ATM machine spoofing – Saving passwords in a plaintext file
 Vulnerabilities, Threats,
Attacks

• A vulnerability is a weakness in the security system

• Threat: A potential for violation of security, which exists
when there is a circumstance, capability, action, or event
that could breach security and cause harm. That is, a
threat is a possible danger that might exploit vulnerability.
• Attack: An assault on system security that derives from
an intelligent threat; that is, an intelligent act that is a
deliberate attempt (especially in the sense of a method or
technique) to evade security services and violate the
security policy of a system.
 Security Attacks

• Passive attack: The attacker collects the

information or make use of collected
information but do not modify any resources
so system resources are not affected.

• Active attack: The attacker changes or

actions are altered.
Security Attacks
 A Model of Inter
Network Security
1. Design an algorithm for performing the security-related transformation.
The algorithm should be such that an opponent cannot defeat its
purpose

2. Generate the secret information to be used with the algorithm

3. Develop methods for the distribution and sharing of the secret

information

4. Specify a protocol to be used by the two principals that makes use of the
security algorithm and the secret information to achieve a particular
security service

5. Information access threats intercept or modify data on behalf of users

who should not have access to that data

6. Service threats exploit service flaws in computers to inhibit use by

legitimate users
• Placing a gatekeeper function, which includes a password-based login methods that provide
access to only authorized users and screening logic to detect and reject worms, viruses etc

• An internal control, monitoring the internal system activities analyzes the stored information and
detects the presence of unauthorized users or intruders.

1.
Internet Standards
• INTERNET ARICHITECTURE BOARD (IAB): Responsible for
defining the overall architecture of the internet, providing guidance
and broad direction to IETF
• INETRNET ENGINEERING TASK FORCE (IETF): The protocol
engineering and development arm of the internet
• IETF carry out actual development of new standards and
protocols for the internet
• responsible for publishing the RFC’S with approval of
IESG.
• INTERNET ENGINEERING STEERING GROUP (IESG):
Responsible for technical management of IETF activities and the
internet standards process
• IESG may approve the draft as an RFC or else it is
withdrawn from directory,
• IESG decides which RFC’s become internet standard based on
IETF recommendations. To become a standard, a specification
must meet the following criteria.
• BE stable and easily understandable
• Be technically competent
• Have multiple, independent and interoperable implementations
with substantial operations experience.
• Enjoy significant public support.
• Be recognizably useful in some or all parts of internet

• The RFC’S are working notes of the internet research and

development community.
RFC

• All the internet standards fall into two categories

• TECHINICAL SPECIFICATION (TS): TS defines
a protocol, service, procedure, convention or
format. Most internet standards are TS‘s.
• APPLICABILITY STATEMENT (AS): AS
specifies how, and under what circumstances,
one or more TS may be applied to support a
particular internet capability. It identifies one or
more TS’s that are relevant to the capability and
may specify values or ranges for particular
parameters associated with a TS or functional
subsets of a TS that are relevant for the
capability.