INTRODUCTION TO COMPUTER & NETWORK

SECURITYINSTRUCTOR: DANIA ALOMAR

Why Study Security? • Security threats are real…

• And need protection against

•Keeping information secure from modification and unauthorized access.• Keeping it available is getting increasingly difficult.

Computer vs. Network Security•Computer security is the generic term for a collection of tools designed to protect data and to thwart hackers.•Network security is the security measures that are needed to protect data during their transmission.•In most systems, the boundaries between computer security and network security are blurred since most, if not all, of today’s systems are distributed in nature.

Goals of Security• Confidentiality :prevents unauthorized use or disclosure of information.•Integrity: assurance that the information has not been tampered.• Availability: information is accessible to authorized entities at the proper time

Basic Terminology Authentication: Verification that the user’s claimed identity is valid, such as through the use of a password

Authorization: The privileges allocated to an individual (or process) that enable access to a computer resource

Cont. Non-repudiation: offer of evidence that a party is indeed the sender or a receiver of certain information. (prevents a party in a communication from later denying its participation in communication)

Access control: facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections

Data Origin Authentication: provides assurance that a piece of data originated from a particular source.

Mechanisms: e.g. passwords. ◦ Something you know (password, PIN)◦ Something you have (ID, smart card)◦ Something you are (fingerprint, DNA)

Threats and Attacks•A threat : A person, thing, event, or idea which poses some danger to an asset in terms of that asset's confidentiality, integrity or availability.

•An attack: A realization of a threat; Any action that attempts to compromise the security of the information owned by an organization/person.◦ Categories of Attacks

◦ Interruption◦ Interception◦ Modification◦ Fabrication

Interruption• Interruption: an asset of the system becomes lost, unavailable, or unusable. An example is destroy hardware (cutting fiber) or software, erasure of a program or data file, or malfunction of an operating system file manager so that it cannot find a particular disk file.

•Denial of service (DoS):◦ Crashing the server

Interception An interception means that some unauthorized party has gained access to an asset. An examples are Illicit copying of files and programs and packet sniffers and wiretapping.

Modification•Modification: If an unauthorized party not only accesses but tampers with an asset.

•Stop the flow of the message

•Delay and modify the message

•Release the message again

Fabrication•Unauthorized assumption of other’s identity•Generate and distribute objects under this identity

Security Attack•Interruption: This is an attack on availability•Interception: This is an attack on confidentiality•Modification: This is an attack on integrity•Fabrication: This is n attack on authenticity

Security attacks classification•Passive Attacks

◦The attacker eavesdrops and read/record messages in transit.

•Active Attacks◦The attacker may transmit new messages, replay old messages, modify/delete messages on transit.

Virus, Worms, and Trojan Horses•Trojan horse: instructions hidden inside an otherwise useful program that do bad things•Virus: a set of instructions that, when executed, inserts copies of itself into other programs.•Worm: a program that replicates itself by installing copies of itself on other machines across a network.•Trapdoor: an undocumented entry point, which can be exploited as a security flaw•Zombie: malicious instructions installed on a system that can be remotely triggered to carry out some attack with les traceability because the attack comes from another victim.