View
214
Download
2
Category
Preview:
Citation preview
Outline :IntroductionIntroduction
Network SecurityNetwork Security
Basic Components Of Computer SecurityBasic Components Of Computer Security
Online Security Vs Online SafetyOnline Security Vs Online Safety
Risks & ThreatsRisks & Threats
Steps to protect informationSteps to protect information
Steps to protect computerSteps to protect computer
Ethical ImpactEthical Impact
Case studyCase study
Statistics about Internet CrimeStatistics about Internet Crime
surveysurvey
conclusionconclusion
ReferencesReferences
IntroductionIntroduction
Computer security is a branch of computer technology known as information security as applied to computers and networks.
computer security means the protection of computing systems and the data that they store or access
What is Computer Security ?
Network SecurityNetwork Security
Devices, tools, techniques and methodologies used to secure the network.
The basic component of network security is : Firewall . Encryption and Decryption : changing plaintext
into ciphertext using key (Encryption). Changing ciphertext back to plaintext using key (Decryption).
Two types of encryption : (Symmetric Encryption, Asymmetric Encryption) .
Symmetric Cipher Model
Public-Key Cryptography
Basic Components of CSBasic Components of CS
computer security involves providing appropriate levels of assurance of
– Availability of computing services and data/information stored in computing systems
– Confidentiality of data/information stored in computing
systems
– Integrity of computing systems and data/information stored therein
Online Security Versus Online Safety Online Security Versus Online Safety
Security: We must secure our computers with technology in the same way that we secure the doors to our offices
Safety: We must act in ways that protect us against the risks and threats that come with Internet use
Risks and ThreatsRisks and Threats
To Computer Security are :
Virus
Worm
Trojan Horse
Spyware
Hacking
Phishing
Spoofing
Denial of Service
Viruses/WormsSoftware programs designed to invade your computer, and copy, damage or delete your data
Trojan HorsesViruses that pretend to be programs that help you while destroying your data and damaging your computer
SpywareSoftware that secretly watches and records your online activities or send you endless pop-up ads
Did You Know …Did You Know …
All of these types of attacks are man-made and intentional.
There is no “natural” or “random” virus.
All of these ride the Internet services you invite in!
Internet services like : ( E-Mail, Peer To Peer Sharing, Online Gaming, Instant Messaging, Video and Audio Streaming )
VirusesViruses
a program or piece of code that is loaded onto your computer (without your knowledge and against your wishes), that (generally) replicates itself and (generally) delivers a payload.
File Infector Virus : attaches itself to a file on the computer and is executed when that application is opened.
( 1972 )
WormsWorms
A self-replicating computer program that uses networks to copy itself to other computers without user intervention.
infection by passively receiving object that gets itself executed.
Stand-alone.
( 1978 )
Trojan HorsesTrojan Horses
Hidden part of some otherwise useful software.
Generally, trojans do not replicate.
Today often on a Web page (Active-X, plugin)
( 1983 )
SpywareSpyware
Application installed, usually without the user’s knowledge, intercepting or taking partial control for the author’s personal gain
Estimates as high as 90% of Internet connected computers are infected with spyware.
Unlike a virus does not self-replicate.
Spyware symptomsSpyware symptoms
Sluggish PC performance
An increase in pop-up ads
Mysterious new toolbars you can’t delete
Unexplained changes to homepage settings
Puzzling search results
Frequent computer crashes
How does PC get infected ?How does PC get infected ?
Through CDs, DVDs, Floppy Disk, and Flash Memory
Accepting without reading
Opening e-mail attachments
Not running the latest updates
Pirating software, music, movies
No anti-virus spyware scanner
Steps To Protect InformationSteps To Protect Information
Practice Internet behavior that lowers your risk
Manage your business information carefully
Use technology to reduce nuisances
Raise the alarm when appropriate
Delete Spam without Opening ItDelete Spam without Opening It
Never reply to spam
Technology can help you identify spam so you can delete it
Many Internet providers delete it for you
Use Strong PasswordsUse Strong Passwords
Keep passwords private and create ones that are hard to “crack”
Never share your passwords with friends or be tricked into giving them away
Turn on an Internet firewall
Keep your operating system up to date
Install and maintain antivirus software
Install and maintain antispyware software
Steps To Protect ComputerSteps To Protect Computer
Turn on an Internet FirewallTurn on an Internet Firewall
An Internet firewall is like a moat around a castle, creating a barrier between your computer and the Internet
Keep Your System UpdatedKeep Your System Updated
Install all security updates as soon as they are available
Automatic updates provide the best protection
Install Antivirus SoftwareInstall Antivirus Software
Antivirus software can detect and destroy computer viruses before they can cause damage
Just like flu shots, for antivirus software to be effective, you must keep it up to dateDon’t let it expire
Example
Install & Maintain Antispyware SoftwareInstall & Maintain Antispyware Software
Use antispyware software so unknown people cannot lurk on your computer and potentially steal your information
Other Ways to Protect Your PCOther Ways to Protect Your PC
- Back up your files regularly
- Practice safe E-mail
- Read website privacy statements
- Close pop-ups using red “X”
- Lock your screen
- Install Spyware Blaster
- Update your Application
Back Up Your FilesBack Up Your Files
Save to CD or DVD
Use a Web-based backup service
Practice Safe E-MailPractice Safe E-Mail
Don’t open e-mail attachments unless you know what they contain and who sent them
Attachment ends with a .exe, .com, .bat, do not open the attachment unless you know for a fact that it is clean.
Don’t open, forward, or reply to suspicious e-mails
Delete spam
Close Pop-ups Using Red “X”Close Pop-ups Using Red “X”
Always use the red “X” in the corner of a pop-up screen
Never click “yes,” “accept” or even “cancel”, because it could be a trick that installs software on your PC
Install Spyware BlasterInstall Spyware Blaster
Spyware Blaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
Lock Your ScreenLock Your Screen
Locking your laptop or workstation while away from it is good security sense.Use a password to start up or wake-up your computer.
Update Your ApplicationUpdate Your Application
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
Ethical Impact
Question: should schools offer a course that teaches students how to hack systems, why?
Violating intellectual property : By Software piracy (cracking).
Hacking others’ devices and stolen their effort .
Computer security reduce this violating.
Ethical Impact(cont)
Many people used a cracked SW and claim that they want to test it before they buy it (is that true , why ?)
Other people said : why we have to pay money while these cracked SW is free? ( is that true , why ?)
Ethical Impact(cont)
Violating privacy : hacking other computers will violate the privacy and making hacker see what he is not suppose to see .
Case Study (1) : About PhishingCase Study (1) : About Phishing
example of a phishing published in the Washington Post (2004 ). Story of William Jackson from Katy, Texas. Jackson received e-mail from what appeared to be ( PayPal ) payment offices.
The e-mail warned him that his account would be suspended until he updated it with financial information. The e-mail provided a link for Jackson to the website where he could update his information. He entered in credit card numbers, bank numbers, social security numbers and other personal identification information.
The website ended up being fraudulent and Jackson lost several hundred dollars. William Jackson could have lost much more money as a result of the Phishing website he had entered.
Case Study (2) : About SpywareCase Study (2) : About Spyware
In March ( 2005 ), British police foiled a plot to steal £220 million from ( Sumitomo Mitsui Bank ) in London.
Cybercriminals had compromised the bank’s computer systems and secretly deployed a keylogger program that was perhaps part of a Trojan horse. The spyware relayed password and access information to the criminals, who intended to transfer the funds electronically. A man in Israel was arrested after allegedly trying to transfer £13.9 million into an Israeli account.
Statistics about Internet CrimeStatistics about Internet Crime
This statistic is done in USA, that include many types of crime, such as auction fraud, spam, credit card fraud and so on.
SurveySurvey
Survey(cont)Survey(cont)
Survey(cont)Survey(cont)
Survey(cont)Survey(cont)
ConclusionConclusion
Now that you have completed this web quest on Computer Security you are now aware of the possible security treats to computer systems. Not only that, but you are now better able to protect your computers as well as recommend security measures to others
ReferencesReferences
http://en.wikipedia.org/wiki/Computer_security
http://www.clearwisdom.net/emh/articles/2008/7/23/99177.html
http://its.ucsc.edu/security_awareness/intro.pdf
http://nurseweb.ucsf.edu/public/07fa-computer-security.ppt
http://www.acsac.org/secshelf/book001/02.pdf
Thank You For Listening
Any Question ?
Recommended