Upload
jason-freeman
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
COMPUTER SECURITY
AGENDA What is Computer Security
Key Components Levels Challenges Attacks
Desktop Security Why it is important Virus/Worms/Trojans Tips
Web Security Malwares: spyware, keylogger, rootkits. Wi-Fi security.
What is Computer SecurityKey concepts of
security includes : CIA.
Confidentiality Integrity Availability
Security Requirement
Confidentiality – student grades Integrity – patient information Availability – authentication service Authenticity – admission ticket Non-repudiation – stock sell order
Levels
Low: Minor damage to organizational assets, small financial loss, etc.
Moderate: Significant damage to organization. High: Causing life threatening injuries, organizations
financially crashed.
Challenges Not simple – easy to get it wrong Must consider potential attacks Must decide where to deploy mechanisms Requires regular monitoring : a process, not an
event Too often an after-thought
Note Terms:
ThreatVulnerabilityAttack
Attacks
Active Attacks: Interception, monitoring.
Passive Attacks: Man –in-the-middle, Denial of Service, Modification.
Desktop Security
In-secured compromised system implications Crash Sensitive, important data loss/leakage Financial loss Slow performance Programs/Software do not work as intended Network broadcast Infect other systems
Virus v/s Worm v/s Trojan
Virus: A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels.
Almost all viruses are attached to an executable file, which means the virus may exist on a system but will not be active or able to spread until a user runs or opens the malicious host file or program.
Contd… Worm: Computer worms are similar to viruses in
that they replicate functional copies of themselves and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate.
Trojans: It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems.
Trojans are also known to create back doors to give malicious users access to the system.
Tips Use Linux Anti-virus: Update, Real-time Scan, Full Scan Flash, Acrobat Reader, Java, Real Player, Quick Time needs
to be updated regularly Use Firewall Sandbox: Sandboxie Safe web browser File Sharing Management Network Connection Usage User Account Control
Contd.. Lock screen Avoid working in Administrator login Beware of social engineering tricks used to steal sensitive
information services.msc to know which programs are automatically
started Be cautious regarding removable storage Be cautious while browsing web and checking emails Peer-to-peer sharing like BitTorrent is dangerous Password management System password Boot loader password
Contd..
‘Delete’ does not permanently delete ‘Shift + Delete’ also does not permanently delete ‘format’ is misleading So, shred Sanitize browser of shared computer after use –
Clear History, cache, cookies, reset browser Sanitize your device before selling/giving for repair
Web Security
Malware: short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of executable code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software.
Spyware A small piece of software that watch web pages one
visit and report that information May allow people to record the information Install without knowledge or by tricking Often runs even when the program that it rides upon
is not running At the start up Watches web activities and tracks every web site Reports to the spyware website about the web activities
done by us Spyware website creates profile of every individual Website delivers targeted ads to the individual
Contd..
How it hides in the system Install at multiple locations at the hard disk Anti-spyware if detects any such spyware; other
spywares are still alive in the machine Spyware can inject itself in some other
application Silent Spyware vs. destructive program Hiding itself in the windows registry files
Keylogger Often installed in two parts
.exe file Automatically launches as startup
.dll file.exe file launches .dll file and it does most
of the damage Records all keystrokes :
Keystrokes recorded may be sent to the attacker directly or saved in a file and sent at regular intervalsAttacker examines the key strokes and gets necessary information
RootKits
Used by intruder to gain access to someone’s PC without being detected
Made of series of files and tools Can be installed similar to shareware Replace important components of OS with new
software of same size, creation date etc. Installs backdoor daemon, automatic program Many also install keyloggers or sniffers May also send the log of the system
Wi-Fi Security
WAR DRIVERS: Common kind of intruder which looks for unprotected networks which he can break into.
They user software which makes it easy to find unprotected networks. Some use high power antennas in order to find as many networks as they can.
In business networks they target, they look for proprietary business information or be looking to do malicious damage.
When they target a home network, they might look for personal information, such as credit card numbers, or be looking to damage computers.
Wi-Fi Hotspot
Wi-Fi hotspot allows people with laptops , PDAS or other devices
Food restaurants, hotels and airports , free Connected to a network and vulnerable to other
people ex file sharing feature Use of sniffer to capture packets of others
Evil Twins
Evil twin hack, hacker creates a twin of existing hotspot to fool the people. (SSID)
He uses special tool (hotspotter)
Hotspotter will act as an access point to allow the client to authenticate and associate
Security Tips for Wi-Fi
Use Encryption methods (WPA 2) WEP: Wireless Encryption Protocol. WPA: Wi-Fi Protected Access.
Use of Intrusion detection system. (Honeypot) Position network antennas so signal does not reach
outside the building
Thank You