Borg El Arab Technological University Lecture 1 - Cyber Security PDF

Summary

This document is a lecture on cybersecurity from the Borg El Arab Technological University. It covers topics such as introduction to security, cyber security, categories of cyber security, and types of cyber threats. The document includes theoretical concepts.

Full Transcript

Borg El Arab Technological University

Introduction to Cyber Security
‫مقدمة األمن السيبراني‬
1st Level – 1st Semester 2024-2025

‫ أشرف عبدالعزيز طه‬.‫أستاذ مساعد د‬
 Course Content in Lectures

Chapter 1 - Introduction

Chapter 2 - Classical Encryption/Decryption Techniques

Chapter 3 - Modern Encryption/Decryption Techniques

Chapter 4 - Attacks and Prevention Techniques

Chapter 5 - Virus and Antivirus

2
 Chapter 1- Introduction

– Introduction to Security

– Cyber Security

– Categories of Cyber Security

– Importance of Cyber Security

– Types of Cyber Threats

3
Introduction to Security

4
 Definition of Computer Security
The protection provided to a system in order to
attain the integrity, availability, and confidentiality
of information system resources

5
Confidentiality
Integrity
Availability
Data and Services

6
 Confidentiality
Data confidentiality: confidential information is not
made available to unauthorized persons.
Privacy: Users control what information related to
them to collect and store.
Integrity
Data integrity: information and programs are
changed only in a specified and authorized manner
System integrity: system performs its function free
from unauthorized manipulation
Availability
Systems work on time and service is provided to
authorized users
7
 Security attack:
Any action that caused dangerous to the security of information.

Security mechanism:
A process designed to detect, prevent, or recover from a
security attack.

Security service:
A processing or communication service that enhanced the
security of the data processing systems and the information
transfers.

Note terms
Threat: a potential for violation of system security.
Attack: an assault on system security 8
 Security Attacks

Passive attacks
Unauthorized reading of a message and traffic analysis.

Active attacks
Modification of messages or files, and denial of service.

9
Passive Attacks

Type 1: Release of message contents

Type 2: Traffic analysis

Very difficult to detect; no alteration of data

10
Passive Attacks

11
Passive Attacks

12
 Active Attacks
Modification of transmitted data or creating false data

Type 1: Masquerade
pretend to be a different entity

Type 2: Replay
capture data for subsequent retransmission
Type 3: Modification of message
some portion of legitimate message is altered
Type 4: Denial of service
disruption of network by disabling or overloading
13
Active Attacks

14
Active Attacks

15
Active Attacks

16
Active Attacks

17
Model for Network Security

18
 Model for Network Security

Four tasks in designing a particular security service
1. Design an algorithm for the security-related transformation.

2. Create the secret information to be used with the algorithm.

3. Develop methods to distribute and share the secret information

4. Specify a protocol to be used by the users.

19
Cyber Security

20
 Cyber Security
Cyber security is the practice of defending
computers, servers, mobile devices, electronic
systems, networks, and data from malicious attacks.

It's also known as information technology security
or electronic information security.

21
Categories of Cyber Security

22
 Categories of Cyber Security
The categories of Cyber Security:
1. Network security is securing a computer network from
intruders, whether attackers or malware.

2. Application security focuses on keeping software and
devices free of threats. Successful security begins in the design.

3. Information security protects the integrity and privacy of
data, both in storage and in transit.

23
 Categories of Cyber Security
4. Operational security
The processes and decisions for handling and protecting data.

5. Disaster recovery and business continuity
Define how an organization responds to the loss of operations/data.

6. End-user education
By mistake, Anyone can introduce a virus to a secure system.
Teaching users to delete suspicious email attachments,
Not plug in unidentified USB drives,
and other important lessons are vital for the security.

24
 Importance of Cyber Security

 Cyber attacks affect all people.

 Fast changes in technology will cause a boom in cyberattacks.

 Damage to businesses and loss of jobs.

 Cyber security threats faced by individuals.

 Cyber concerns may result in increased regulations.

25
 Types of Cyber Threats

1. Cybercrime ‫الجرائم اإللكترونية‬

Includes single actors or groups targeting systems for financial gain
or to cause disruption.

2. Cyber-attack ‫الهجوم السيبراني‬

Involves politically motivated information gathering.

3. Cyberterrorism ‫اإلرهاب السيبراني‬

Intended to undermine electronic systems to cause panic or fear.

26