Computer Security Overview

Different Elements in Computer Security

Confidentiality

Confidentiality is the concealment of information or resources. Also, there is a need to keep information secret from other third parties that want to have access to it, so just the right people can access it.

Example in real life − Let’s say there are two people communicating via an encrypted email they know the decryption keys of each other and they read the email by entering these keys into the email program. If someone else can read these decryption keys when they are entered into the program, then the confidentiality of that email is compromised.

Integrity

Integrity refers to the accuracy and completeness of data. Integrity involves maintaining the consistency and trustworthiness of data over its entire life cycle. Data must not be changed in transit, and precautionary steps must be taken to ensure that data cannot be altered by unauthorized people.

Example in real life − Let’s say you are doing an online payment of 100 USD, but your information is tampered without your knowledge in a way by sending to the seller 1000 USD, this would cost you too much.

Availability

Availability means that information is accessible to authorized users. It provides an assurance that your system and data can be accessed by authenticated users whenever they’re needed. Similar to confidentiality and integrity, availability also holds great value.

Example in real life − Let’s say a hacker has compromised a webserver of a bank and put it down. You as an authenticated user want to do an e-banking transfer but it is impossible to access it, the undone transfer is a money lost for the bank.

Attacks

• Attacks on computer systems
• break-in to destroy information
• break-in to steal information
• blocking to operate properly
• malicious software
• wide spectrum of problems

6

Services, Mechanisms, Attacks

• 3 aspects of information security:
• security attacks (and threats)
• actions that (may) compromise security
• security services
• services counter to attacks
• security mechanisms
• used by services
• e.g. secrecy is a service, encryption (a.k.a. encipherment) is a mechanism

7

Attacks

• Network Security
• Active attacks
• Passive attacks

8

Attacks

• Passive attacks
• An attacker observes the messages and copies them
• victims do not get informed about the attack
• It is difficult to detect as there is no alteration in the message.
• Passive attacks can be prevented by using some encryption techniques.

​

9

Attacks

• Active attacks
• Attacker actively manipulates �the communication
• Masquerade
• pretend as someone else
• possibly to get more privileges
• Replay
• passively capture data �and send later
• Denial-of-service
• prevention the normal use of �servers, end users, or network itself

10

Security Services

• to prevent or detect attacks
• to enhance the security
• replicate functions of physical documents
• e.g.
• have signatures, dates
• need protection from disclosure, tampering, or destruction
• notarize
• record

11

Basic Security Services

• Authentication
• assurance that the communicating entity is the one it claims to be

​

• Access Control
• prevention of the unauthorized use of a resource
• to achieve this, each entity trying to gain access must first be identified and authenticated, so that access rights can be tailored to the individual

​

​

12

Basic Security Services

• Data Confidentiality
• Confidentiality means that only authorized individuals/systems can view sensitive or classified information.

​

• Data Integrity
• assurance that data received are exactly as sent by an authorized sender
• i.e. no modification, insertion, deletion, or replay

13

Security Mechanisms

• Cryptographic Techniques
• will see next
• Software and hardware for access limitations
• Firewalls
• Traffic Padding
• A continuous random data

stream is generated.

• Hardware for authentication
• Smartcards, security tokens.
• Physical security
• Keep it in a safe place with

limited and authorized physical access

14

Common Types of Networking Attacks

• Malware
• Computer Virus
• Computer Worm
• Phishing
• DoS (Denial of Service) and DDoS
• Man-in-the-middle
• Ransomware
• SQL Injection Attacks

Malware

• Malware is a catch-all term for any type of malicious software, regardless of how it works, its intent, or how it's distributed

​

​

• Hackers attempt to gain unauthorized access into the target system and disrupt or corrupt the files and data through malicious codes called malware. 

Computer Virus

A type of malware, they are unique pieces of code that can wreak havoc and spread from computer to computer.

​

​

If you click on an email with a malicious link or download links from infected websites, these viruses can corrupt your files, infect other computers from your list and steal your personal information.

Computer Worm

Worms replicate itself to cause slow down the computer system.

​

Worms are also replicates itself.

​

The main objective of worms to eat the system resources.

Phishing

Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker

DoS (Denial of Service) and DDoS

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.

Man-in-the-middle

A man-in-the-middle (MiTM) attack is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties.

Ransomware

• Ransomware is a type of malware that threatens to publish the victim's personal data or block access to it unless a ransom is paid.

​

• While some simple ransomware may lock the system without damaging any files.

​

• Advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them

SQL Injection Attacks

• SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details.