Computer security Computer securityissecurityapplied to computing de- vices such as computers and smartphones, as well as computer networkssuch as private and public networks, including the whole Internet. The field cov ers al l the processes and mechanisms by which digital equipment, information and services are protected from unintended or unautho rized acce ss, change or des truc tion , and is of growing importance due to the increasing reliance of comp uter systems in mostsocieties. [1] It includes physical security to prevent theft of equipment and information securityto protect the data on that equip ment. It is some- times referred to as “cyber security” or “IT security”. Those terms generally do not refer to physical security, but a common belief among computer security experts is that a physical security breach is one of the worst kinds security breaches as it generally allows full access to both data and equipme nt. Cybersecurity is the process of applying security mea- sures to ensure confidentiality, integrity, and availability of data . Cybe rsec urit y assures prot ect ion of asse ts, whi ch includes data, desktops, servers, buildings, and most im- porta ntl y, huma ns. Th e goal of cy bers ecur ity is to prot ect data both in transit and at rest. Countermeasures can be put in place in order to ensure security of data. Some of these me as ure s incl ude , but are not limit ed to, ac cess con- trol, awareness training, audit and accounta bility, risk as- sessment, penetration testing, vulnerability management, and security assessmen t and authoriza tion. [2] 1 Vulne rab ili ti es Main article: Vulnerability (computing) A vulnerability is a weakne ss which allows an attack er to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker acc ess to the flaw, and att ack er capa bil ity to exploit the flaw. To exploit a vulnerabili ty, an attack er must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulner- ability is also known as the attack surface. Vul nera bili ty mana gement is the cy cli cal prac tice of ide n- tifyi ng, classif ying, remedi ating, and mitig ating vulnera- bilities. This practice generally refers to software vulner- abilities in computing systems. A security risk may be classified as a vulnerability. The use of vulnerability with the same meaning of risk can lea d to conf usi on. The risk is tied to the poten tia l of a signifi cant loss. There can also be vulnerabili ties with- out risk, like when the asset has no value. A vulnerabili ty with one or more known (publicly orprivately) instances of working and fully implemented attacks is classified as an exploitable vulnerability- a vulnerability for which an explo it exists. To exploi t those vulnerabilities, perpetra- tors (individual hacker,criminal organization, or anation state) most commonly usemalware(malicious software), worms, viruses, and targeted attacks. Diff er ent sca le s ex is t to assess the ris k of an at tac k. In the United States, authorities use theInformation Operations Condition (INF OCON) syste m. This sys tem is scaled from 5 to 1 (INFOCON 5 being an harmless situation and INFOCON 1 representing the most critical threats). To understand the techniques for securing a computer sys tem, it is impo rtant to firs t unde rsta nd the vario us type s of “attacks” that can be made against it. Thes e threats can typically be classified into one of the cate- gories in the section below. 1. 1 Back door s Abackdoorin a computer system, a cryptosystemor an algorithm, is a method of bypassing normal authentica- tion, securing remote access to a computer, obtaining ac- cess to plaintext, and so on, while attempting to remain undetec ted. A special form ofasymmetric encryptionat- tacks, known askleptographic attack, resists to be useful to the reverse engineer even after it is detected and ana- lyzed. The backdoor may take the form of an installed program (e.g., Bac k Orifi ce), or could be a modi fic ation to an exist- ing pro gra m or har dw are de vice. A specifi c f orm of bac k- door is a rootkit, which replaces system binaries and/or hooks into the function calls of an operating system to hide the presence of other programs, users, services and open ports. It may also fake information about disk and memory usage. 1.2 Deni al-of -serv ic e atta ck Main article : Denial-of-service attack Unlike other exploits, denial of service attacks are not used to gain unauthorized access or control of a system. They are instead designed to render it unusable. Attack- 1
