Introduction to Security - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Introduction to Security

Description:

System security -- User access and authentication controls, assignment of ... Malicious Code or malware. Trapdoors. Trojan Horses. Bacterium. Logic Bombs. Worms. Virus ... – PowerPoint PPT presentation

Number of Views:110
Avg rating:3.0/5.0
Slides: 22
Provided by: prashantkr
Category:

less

Transcript and Presenter's Notes

Title: Introduction to Security


1
Introduction to Security
  • Overview of Computer Security

2
Why is security important?
  • Computers and networks are the nerves of the
    basic services and critical infrastructures in
    our society
  • Financial services and commerce
  • Transportation
  • Power grids
  • Etc.
  • Computers and networks are targets of attacks by
    our adversaries

3
Why is security so hard?
  • The complexity of computers and networks
  • Increases Internet usage
  • User expectation
  • Lack of awareness of threats and risks
  • Software by peopleware
  • Social engineering
  • Defense is inherently more expensive
  • Offense only needs the weakest link
  • Ample cracking tools

4
(No Transcript)
5
Tempset Attack
  • Tempest
  • is an acronym for Transient ElectroMagnetic Pulse
    Emanation Surveillance.
  • This is the science of monitoring at a distance
    electronic signals carried on wires or displayed
    on a monitor.
  • It is of enormous importance to serious
    cryptography snoopers.
  • To minimize a tempest attack you should screen
    all the cables between your computer and your
    accessories, particularly your monitor.
  • A non CRT monitor screen such as those used by
    laptops (or plasma TV) offers a considerable
    reduction in radiated emissions and is
    recommended.

6
Type of Attackers
  • Amateurs regular users, who exploit the
    vulnerabilities of the computer system
  • aka Smart kiddies
  • Less experienced
  • Motivation easy access to vulnerable resources
  • Hackers/Crackers attempt to access computing
    facilities for which they do not have the
    authorization
  • Experts
  • Motivation enjoy challenge, curiosity
  • Career criminals professionals who understand
    the computer system and its vulnerabilities
  • Motivation personal gain (e.g., financial)
  • Intruders are all of the above

7
Methods of Defense
  • Prevent block attack
  • Deter make the attack harder
  • Deflect make other targets more attractive
  • E.g. is honeypots
  • Detect identify misuse
  • Tolerate function under attack
  • Recover restore to correct state

8
Computer Security Domains
  • Physical security -- Controlling the comings and
    goings of people and materials protection
    against the elements and natural disasters
  • Operational/procedural security -- Covering
    everything from managerial policy decisions to
    reporting hierarchies
  • Personnel security -- Hiring employees,
    background screening, training, security
    briefings, monitoring, and handling departures
  • System security -- User access and authentication
    controls, assignment of privilege, maintaining
    file and filesystem integrity, backups,
    monitoring processes, log-keeping, and auditing.
    OS and database systems.
  • Network security -- Protecting network and
    telecommunications equipment, protecting network
    servers and transmissions, combating
    eavesdropping, controlling access from untrusted
    networks, firewalls, and detecting intrusions
  • Information Security Hiding of information
    (cryptography) and also security of information
    in transit over a network. Examples e-commerce
    transactions, online banking, confidential
    e-mails, file transfers, record transfers,
    authorization messages, etc.

9
What is Security?
  • Keeping something (information in our case)
    secure against
  • Someone stealing it
  • Someone destroying it
  • Someone changing it
  • Someone preventing me from using it
  • More Specifically
  • Confidentiality nobody else can see it
  • Integrity nobody else can change it
  • Availability I can get at it whenever I want

10
Basic Components of Security
  • Confidentiality
  • Keeping data and resources secret or hidden
  • Integrity
  • Ensuring authorized modifications
  • Includes correctness and trustworthiness
  • Availability
  • Ensuring authorized access to data and resources
    when desired
  • Accountability
  • Ensuring that an entitys action is traceable
    uniquely to that entity
  • Security assurance
  • Assurance that all four objectives are met

11
What secure means
Secure
Confidentiality
Availability
Integrity
12
Information security today
  • Emergence of the Internet and distributed systems
  • Increasing system complexity
  • Digital information needs to be kept secure
  • Competitive advantage
  • Protection of assets
  • Liability and responsibility
  • Financial losses
  • There are reports that the annual financial loss
    due to information security breaches is between 5
    and 45 billion dollars
  • National defense
  • Protection of critical infrastructures
  • Power Grid
  • Air transportation
  • Interlinked government agencies
  • Severe concerns regarding security management and
    access control measures

13
Terminology
Security Architecture
Security Features or Services
Attackers/Intruders/ Malfeasors
Security Mechanisms
14
Attack Vs Threat
  • A threat is a potential violation of security
  • The violation does not need actually occur
  • The fact that the violation might occur makes it
    a threat
  • It is important to guard against threats and be
    prepared for the actual violation
  • being paranoid
  • The actual violation of security is called an
    attack

15
Common security attacks
  • Interruption, delay, denial of receipt or denial
    of service
  • System assets or information become unavailable
    or are rendered unavailable
  • Interception or snooping
  • Unauthorized party gains access to information by
    browsing through files or reading communications
  • Modification or alteration
  • Unauthorized party changes information in transit
    or information stored for subsequent access
  • Fabrication, masquerade, or spoofing
  • Spurious information is inserted into the system
    or network by making it appear as if it is from a
    legitimate entity

16
Malicious Code or malware
X Files
Trojan Horses
Bacterium
Trapdoors
Logic Bombs
Worms
Virus
17
DOS and DDOS
18
Trojan/Backdoor Program
  • Trojan part masquerades itself as a nice program
  • WildAnimals.scr (Any executable can be saved as
    .scr)
  • YourDocumnet.doc
    .exe
  • 100 spaces followed by .exe
  • Backdoor
  • Once launced, it opens a communication channel
    (IRC, FTP, telnet, etc) with a certain machine
  • Can be used to hijack a machine if running proxy
    communication protocols (ssh or socks4) and
    bypassing firewalls
  • Internet traffic would seem to be coming/outgoing
    from infected system and routed to attacker
    machine

19
Goals of Security
  • Prevention
  • To prevent someone from violating a security
    policy
  • Detection
  • To detect activities in violation of a security
    policy
  • Verify the efficacy of the prevention mechanism
  • Recovery
  • Stop policy violations (attacks)
  • Assess and repair damage
  • Ensure availability in presence of an ongoing
    attack
  • Fix vulnerabilities for preventing future attack
  • Retaliation against the attacker

20
Operational Issues
  • Cost-Benefit Analysis
  • Benefits vs. total cost
  • Is it cheaper to prevent or recover?
  • Risk Analysis
  • Should we protect something?
  • How much should we protect this thing?
  • Risk depends on environment and change with time
  • Laws and Customs
  • Are desired security measures illegal?
  • Will people do them?
  • Affects availability and use of technology

21
Human Issues
  • Organizational Problems
  • Power and responsibility
  • Financial benefits
  • People problems
  • Outsiders and insiders
  • Which do you think is the real threat?
  • Social engineering
Write a Comment
User Comments (0)
About PowerShow.com