mis group prasentation
TRANSCRIPT
-
8/10/2019 Mis Group Prasentation
1/30
MODERN TRENDS IN
INFORMATION
SECURITYHari KrishnaSanal Michael
Seethu Soman
Sujai jaiLal
Vishnu KC
1
MODERN TRENDS IN INFORMATION
SECURITY
-
8/10/2019 Mis Group Prasentation
2/30
INTRODUCTION
2
-
8/10/2019 Mis Group Prasentation
3/30
The U.S. National Information Systems Security Glossary defines
"Information Systems Security" as the protection of information
systems against unauthorized access or modification ofinformation, whether in storage, processing or transit, and against
the denial of service to authorized users or the provision of service
to unauthorized users, including those measures necessary to
detect, document, and counter such threats.
Information security
3
-
8/10/2019 Mis Group Prasentation
4/30
Principles of Information Security
Confidentiality
Concealment of data from unauthorized parties
Integrity
In information security, data integrity means maintaining and
assuring the accuracy and consistency of data over its entire life-cycle
Availability
For any information system to serve its purpose, the information
must be available when it is needed 4
-
8/10/2019 Mis Group Prasentation
5/30
Non-repudiation
Non-repudiation implies one's intention to fulfil their
obligations to a contract
AuthenticityIt is necessary to ensure that the data, transactions,
communications or documents are genuine
5
-
8/10/2019 Mis Group Prasentation
6/30
Threats in information security
BOTNETS collection of software robots, or bots, that creates an
army of infected computers
HACKING
actions taken to gain unauthorized access to a computer
6
-
8/10/2019 Mis Group Prasentation
7/30
MALWARE
any software used to disrupt computer operation, gather
sensitive information, or gain access to private computer
systems
includes computer viruses, worms, trojan
horses, ransomware, spyware, adware, scareware
PHISHING/SPOOFING
acquire sensitive information such as
usernames, passwords, and credit card details, money bymasquerading as a trustworthy entity in an electronic
communication
7
-
8/10/2019 Mis Group Prasentation
8/30
RANSOMWARE
Ransomware is a type of malware that restricts access toyour computer or your files and displays a message that
demands payment in order for the restriction to be
removed
8
-
8/10/2019 Mis Group Prasentation
9/30
SPYWARE
software that aids in gathering information about aperson or organization without their knowledge and thatmay send such information to another entity without the
consumer's consent, or that asserts control over a
computer without the consmer's knowledge
WIFI-EAVESDROPPING
The interception of personal information sent usingwireless signals.
Virtual listening in on information that's shared over an
unsecure (not encrypted) WiFi network.9
-
8/10/2019 Mis Group Prasentation
10/30
10
DISTRIBUTED DENIAL-OF-SERVICE
A distributed denial-of-service (DDoS) attack is one in
which a multitude of compromised systems attack a
single target, thereby causing denial of service for usersof the targeted system
Two types of DDoS attacks:
a network-centric attack which overloads a service by
using up bandwidth
an application-layer attack which overloads a service or
database with application calls
-
8/10/2019 Mis Group Prasentation
11/30
-
8/10/2019 Mis Group Prasentation
12/30
Firewall
It is a hardware or software network security device that locate
between two networks to control what information is allowed topass between those networks.
12
-
8/10/2019 Mis Group Prasentation
13/30
Encryption
Encryptionis the transformation of data into a form unreadable by
anyone without the secret decryption key.
13
-
8/10/2019 Mis Group Prasentation
14/30
Secured wireless
A secured wireless network is a network created for a domain
with limited and known people. So that data security can be
maintained between them.
14
-
8/10/2019 Mis Group Prasentation
15/30
Virtual Private Network (VPN)
A secure communication channel that enables peoples to access
their office computers from off campus via a secure web
interface.
15
-
8/10/2019 Mis Group Prasentation
16/30
Password Management A password is a convenientand easy method of authentication for users entering a
computer system. Password approach is subject to a number of
security threats.
Virus protection tool
Anti-virus, is computer software used to prevent, detect and
remove malicious computer viruses.
16
-
8/10/2019 Mis Group Prasentation
17/30
Intrusion Detection System
is a device or software application that monitors network or
system for malicious activities or policy violations and
produces reports to a management station
There are broadly two types of Intrusion Detection systems
Host based intrusion detection system
Network based intrusion detection system
17
-
8/10/2019 Mis Group Prasentation
18/30
NETWORK INTRUSION
DETECTION SYSTEM placed at a strategic point or points within the network to
monitor traffic to and from all devices on the network
Once the attack is identified, or abnormal behavior is sensed,
the alert can be sent to the administrator
NIDS server can also scan system files looking for
unauthorized activity and to maintain data and file integrity.
Possible uses include scanning local firewalls or network
servers for potential exploits, or for scanning live traffic to see
what is actually going on. 18
-
8/10/2019 Mis Group Prasentation
19/30
HOST INTRUSION DETECTION
SYSTEM
run on individual hosts or devices on the network
monitors the inbound and outbound packets from the device
only and will alert the user or administrator if suspicious
activity is detected
A host Intrusion detection systems (HIDS) can only monitor
the individual workstations on which the agents are installed
and it cannot monitor the entire network. Host based IDSsystems are used to monitor any intrusion attempts on critical
servers.
19
-
8/10/2019 Mis Group Prasentation
20/30
INTRUSION PREVENTION SYSTEM are network security appliances that monitor network or
system activities for malicious activity.
The main functions of intrusion prevention systems are
to identify malicious activity, log information about this
activity, attempt to block/stop it, and report it.
extensions of intrusion detection system
20
-
8/10/2019 Mis Group Prasentation
21/30
DETECTION METHODS
Signature-Based Detectionmonitors packets in the Network and compares with pre-
configured and pre-determined attack patterns known as
signatures.
Statistical anomaly-based detection
Stateful Protocol Analysis Detection
21
-
8/10/2019 Mis Group Prasentation
22/30
ISO/IEC 27001
22
-
8/10/2019 Mis Group Prasentation
23/30
ISMS
ISMSstands for Information Security Management System.
An ISMS is a systematic approach to managing sensitive
company information so that it remains secure. It includes
people, processes and IT systems by applying a risk
management process.
It can help small, medium and large businesses in any sector
keep information assets secure.
23
-
8/10/2019 Mis Group Prasentation
24/30
-
8/10/2019 Mis Group Prasentation
25/30
Reasons for adopting ISO 27001
It is suitable for protecting critical and sensitiveinformation
It provides a holistic, risk-based approach to secureinformation and compliance
Demonstrates credibility, trust, satisfaction andconfidence with stakeholders, partners, citizens andcustomers
Demonstrates security status according to internationallyaccepted criteria
Creates a market differentiation due to prestige, imageand external goodwill
If a company is certified once, it is accepted globally 25
-
8/10/2019 Mis Group Prasentation
26/30
26
-
8/10/2019 Mis Group Prasentation
27/30
Identity Management
Identity management (IdM) describes the management of
individual principals, their authentication, authorization, and
privileges within or across system and enterprise
boundaries with the goal of increasing security and
productivity while decreasing cost, downtime and repetitive
tasks.
27
-
8/10/2019 Mis Group Prasentation
28/30
Identity Management Functions
The pure identity function: Creation, management and deletionof identities without regard to access or entitlements.
The user access (log-on) function: For example: a smart
card and its associated data used by a customer to log on to a
service or services (a traditional view). The service function: A system that delivers personalized, role-
based, online, on-demand, multimedia (content), presence-
based services to users and their devices
28
-
8/10/2019 Mis Group Prasentation
29/30
Identity Theft
Identity theft happens when thieves gain access to identity
information such as the PIN that grants access to a bankaccount.
Privacy
Putting personal information onto computer networksnecessarily raises privacy concerns. Absent proper protections,
the data may be used to implement a surveillance society.
Social web and online social networking services make heavy
use of identity management. Helping users decide how to
manage access to their personal information has become an
issue of broad concern.
29
-
8/10/2019 Mis Group Prasentation
30/30
30