Computer and Network Security Lecture 1 Fall 2024 PDF

Computer and Network Security (SET-413) Dr. Allam Ameen Assistant Professor Egyptian Chinese University, Faculty of Engineering and Technology Electronics Research Institute, Microstrip Department Lecture 1 Fall 2024 Introduction  Computer Network security is the branch of computer science that consists of protecting all components of a computer network in order to prevent unauthorized access, data stealing, misuse of a network connection, modification of data, etc.  The aim of network security is to provide proactive defense methods and mechanisms to protect a network against internal and external threats. 2 Dr. Allam Ameen Computer and Network Security Introduction The main objectives of securing a network The three main objectives in securing a network are to ensure (CIA Triad):  Confidentiality: this consists of protecting data stored on or traveling over a computer network from unauthorized persons;  Integrity: this maintains or ensures the reliability of data. The data received by a recipient must be identical to the data transmitted by the sender;  Availability: this ensures that network data or services are constantly accessible to users. 3 Dr. Allam Ameen Computer and Network Security Introduction 4 Dr. Allam Ameen Computer and Network Security Information security terminology A resource: any object that has value for an organization and must be protected. A vulnerability: a weakness in a system, which may be exploited by a threat. A threat: a potential danger to a resource or to the functioning of a network. An attack: this is an action carried out to harm a resource. A risk: the possibility of an organization’s resource being lost, modified, destroyed or suffering other negative consequences. 5 Dr. Allam Ameen Computer and Network Security Information security terminology Authentication: Verifying the identity of users or systems to ensure they are who they claim to be. Authorization: Granting or denying access to resources based on a user’s permissions or privileges limits what actions they can perform. Non-repudiation: Providing proof that a specific action or transaction occurred, makes it difficult for individuals to deny their involvement. Data Encryption: Securing data by converting it into a coded format to protect against unauthorized access or interception. Network Segmentation: Dividing a network into smaller segments to contain and limit the impact of potential security breaches. 6 Dr. Allam Ameen Computer and Network Security Information security terminology Intrusion Detection: Monitoring systems to identify and respond to unauthorized access or suspicious activities. Intrusion Prevention: Implementing measures to actively block or stop unauthorized access or malicious activities. Patch Management: Keeping systems and software up to date by applying security patches to address known vulnerabilities. Vulnerability Assessment: Identifying and evaluating weaknesses in systems or networks to proactively address security risks. Incident Response: Developing plans and processes to manage and mitigate the impact of security incidents when they occur. 7 Dr. Allam Ameen Computer and Network Security Information security terminology Firewalls: Implementing security barriers that filter and control network traffic to prevent unauthorized access. Malware Protection: Employing defenses to detect, prevent, and remove malicious software such as viruses, worms, and Trojans. Access Control: Regulating access to resources based on user authentication and authorization, and enforcing security policies. Security Awareness Training: Educating users and employees about security best practices and potential threats to enhance their awareness and vigilance. 8 Dr. Allam Ameen Computer and Network Security Information security terminology Data Backup and Recovery: Creating and maintaining copies of data to restore information in case of data loss or disaster. Secure Software Development: Integrating security practices and controls into the software development lifecycle to prevent vulnerabilities. Penetration Testing: Conducting controlled simulated attacks on systems to identify and address security weaknesses. Mobile Device Security: Implementing measures to protect mobile devices and their data from security threats. Cloud Security: Ensuring the security of data and applications hosted in cloud environments, addressing unique cloud-related risks. 9 Dr. Allam Ameen Computer and Network Security Hackers “hackers”: defined as an individual with technical computer skills but often refers to individuals who use their skills to breach cybersecurity defenses. Or defined as people who are “network maniacs” and only wish to understand the working of computer systems, while also testing their own knowledge and tools. 10 Dr. Allam Ameen Computer and Network Security Types of hackers 11 Dr. Allam Ameen Computer and Network Security Types of hackers “white hat hackers”: these are individuals who carry out safety audits in order to test that an organization’s computer networks are well-protected. “black hat hackers”: these are experienced individuals who work towards illegal ends by carrying out data theft, hacking accounts, infiltrating systems etc. “gray hat hackers”: individuals who are a mix of a “white hat” and “black hat” hackers. 12 Dr. Allam Ameen Computer and Network Security Types of hackers “blue hat hackers”: what motivates them is revenge or to use hacking as a strategy to gain popularity on the Internet. “Green hat hackers”: what motivates this type of hacker is the desire to learn more about the hacking world. “Red hat hackers”: what gets this type of hacker out of bed is the desire to stop black hat hackers. 13 Dr. Allam Ameen Computer and Network Security Types of hackers “script-kiddies”: these are individuals with very basic IT security management skills and who try to infiltrate systems using scripts and programs developed by others. “hacktivists”: these are individuals who are chiefly driven by ideological motives. “phreakers”: these are individuals who are specialized in attacking telephonic systems. In general, they work towards placing free calls. “carders”: these are individuals who specialize in attacking smart card systems. 14 Dr. Allam Ameen Computer and Network Security Malicious codes Malicious code, also known as malware, is any type of code or software designed to harm, exploit, or compromise a computer system or network. Malicious code can include viruses, worms, Trojans, ransomware, spyware, and adware, among others. 15 Dr. Allam Ameen Computer and Network Security Types of malwares 1. virus: this is a program that attaches itself to a software to carry out a specific, undesirable function on a computer. Most viruses need to be activated by the user. However, they can also be set to “idle mode” for prolonged periods as they can also be programmed to avoid detection. 16 Dr. Allam Ameen Computer and Network Security Types of malwares 2. worms: these are independent programs that exploit known vulnerabilities with the aim of slowing down a network. They do not need to be activated by the user, and they can duplicate themselves and attempt to infect other hosts in the network. 17 Dr. Allam Ameen Computer and Network Security Types of malwares 3. spyware: these are spy software that are generally used in order to influence the user, to buy certain products or services. Spyware is not usually automatically self propagating but install themselves without permission. They are programmed to: collect the user’s personal information. track browsing activity on the internet in order to detect the user’s preferences. redirect HTTP requests towards pre-set advertising sites. 18 Dr. Allam Ameen Computer and Network Security Types of malwares 4. adware: this refers to any software that displays advertisements without the user’s permission, often in the form of pop-up windows. 5. scaryware: this refers to a category of software that is used to convince users that their system has been infected by viruses and suggests solutions, with the goal being to sell software. 19 Dr. Allam Ameen Computer and Network Security Types of malwares 6. Trojan horse: this is a program characterized by two features: behavior that is apparently useful to the user. hidden malicious behavior, which usually leads to access to the machine on which this software is executed. 20 Dr. Allam Ameen Computer and Network Security Types of malwares 7. ransomware: ransomware is a program that is designed to block access to a computer system, by encrypting the contents until a certain amount of money is paid in order to restore the system. 21 Dr. Allam Ameen Computer and Network Security 22 Dr. Allam Ameen Computer and Network Security

Computer and Network Security Lecture 1 Fall 2024 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue