Computer Security Overview
Different Elements in Computer Security
Confidentiality
Confidentiality is the concealment of information or resources. Also, there is a need to keep information secret from other third parties that want to have access to it, so just the right people can access it.
Example in real life − Let’s say there are two people communicating via an encrypted email they know the decryption keys of each other and they read the email by entering these keys into the email program. If someone else can read these decryption keys when they are entered into the program, then the confidentiality of that email is compromised.
Integrity
Integrity refers to the accuracy and completeness of data. Integrity involves maintaining the consistency and trustworthiness of data over its entire life cycle. Data must not be changed in transit, and precautionary steps must be taken to ensure that data cannot be altered by unauthorized people.
Example in real life − Let’s say you are doing an online payment of 100 USD, but your information is tampered without your knowledge in a way by sending to the seller 1000 USD, this would cost you too much.
Availability
Availability means that information is accessible to authorized users. It provides an assurance that your system and data can be accessed by authenticated users whenever they’re needed. Similar to confidentiality and integrity, availability also holds great value.
Example in real life − Let’s say a hacker has compromised a webserver of a bank and put it down. You as an authenticated user want to do an e-banking transfer but it is impossible to access it, the undone transfer is a money lost for the bank.
Attacks
6
Services, Mechanisms, Attacks
7
Attacks
8
Attacks
9
Attacks
10
Security Services
11
Basic Security Services
12
Basic Security Services
13
Security Mechanisms
stream is generated.
limited and authorized physical access
14
Common Types of Networking Attacks
Malware
Computer Virus
A type of malware, they are unique pieces of code that can wreak havoc and spread from computer to computer.
If you click on an email with a malicious link or download links from infected websites, these viruses can corrupt your files, infect other computers from your list and steal your personal information.
Computer Worm
Worms replicate itself to cause slow down the computer system.
Worms are also replicates itself.
The main objective of worms to eat the system resources.
Phishing
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker
DoS (Denial of Service) and DDoS
A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
Man-in-the-middle
A man-in-the-middle (MiTM) attack is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties.
Ransomware
SQL Injection Attacks