1

2

What is security? Computer Security deals with the prevention and detection of, and the reaction to, unauthorized actions by users of a

computer system or network.

3

Attacks/Threats Physical Access Modification Denial of Service Invasions of Privacy

4

Physical Attacks Hardware theft File/Information Theft Information modification Software installation

5

Access Attacks Attempt to gain information that the

attacker is unauthorized to see Password pilfering An attack against confidentiality

Snooping Eavesdropping Interception

6

Modification Attacks An attempt to modify information an

attacker is not authorized to modify An attack against information

integrity Changes Insertion Deletion

7

Denial-Of-Service Attacks Deny the use of resources to

legitimate users of a system Denial of access to information Denial of access to applications Denial of access to systems Denial of access to communications

8

Privacy Attacks Collection of information about

you your computer configuration your computer use your surfing habits

9

Malware

Trap DoorLogic BombsTrojan HorsesWormsBacteriaVirusesMobile Code

10

Malware – collection of techniques/programs that produce undesirable effects on a computer system or network

Differentiate based on Needs host program Independent Replicate Don’t replicate

11

Malware

Needs HostProgram

Independent

Logic Bomb

WormsBacteriaTrapdoor

TrojanHorse

Virus

12

Worms Programs that use network connections to

spread from system to system Once active on a system can behave as

another form of malware Propagates

Search for other systems to infect Establish connection with remote system Copy itself to remote system and executes

13

The Great Worm Robert Morris released the most famous

worm in 1988 Crashed 6000 machines on the Internet

(10%) Exploited bug in fingerd program Bug in worm crashed machines which

prevented the worm from spreading Estimated damage $100 million Three years probation, 400 hrs community

service , $10,500 fine

14

Bacteria Programs that do not explicitly

damage files Sole purpose is to replicate

themselves within a system Reproduce exponentially taking up

Processor capacity Memory Disk space

15

Viruses Infect other programs by modifying

them First one written in 1983 by USC

student Fred Cohen to demonstrate the concept

Approximately 53,000 exist Modification includes copy of virus

16

How Virus are spread Peer to peer networks Via email attachments Via media FTP sites Chat and instant messaging Commercial software Web surfing Illegal software

17

Types of Viruses Parasitic

Traditional virus and most common Attaches itself to executable files and

replicates Memory resident

Lodges in memory as part of OS Infects every program that executes

18

Boot sector Infects master boot record or boot

record Spreads when system boots Seldom seen anymore

Stealth Designed to hide itself from detection

by antivirus software

19

Polymorphic Mutates with every infection Functionally equivalent but distinctly different

bit patterns Inserts superfluous instructions or interchange

order of independent instructions Makes detection of signature of virus difficult Mutation engine creates random key and

encrypts virus Upon execution the encrypted virus is

decrypted and then run

20

Macro Viruses Make up two thirds of all viruses Platform independent Word documents are the common

vehicle rather than executable code “Concept” 1995 first Word macro

virus Easily spread

21

Melissa Virus March 1999 Spread in Word documents via email Once opened virus would send itself

to the first 50 people in Outlook address book

Infected normal.dot so any file opened latter would be infected

Used Visual Basic for applications Fastest spreading virus ever seen

22

Antivirus software

Some of the common methods used are checksumming and signature based scanning.

Now a days antivirus softwares use a method called Heuristics.

Limits ability of virus to update files The common antivirus softwares available in

the market are

23

Virus Detection and Prevention Tips Do not open an email from an unknown,

suspicious or untrustworthy source Do not open any files attached to an email Turn off preview pane in email client Enable macro virus protection in all your

applications Beware of pirated software Don’t accept files while chatting or

messaging

24

Do not download any files from strangers. Exercise caution when downloading files

from the Internet. Turn on view file extensions so you can

see what type of file you are downloading Save files to disk on download rather than

launch application Update your anti-virus software regularly. Back up your files on a regular basis.

25

Privacy

CookiesSpyware

26

Cookies A cookie is a piece of text-based

information transmitted between a Web site (server) and your browser

Saved on your hard drive Netscape – cookies.txt IE – separate files in cookies folder

27

Sent by Web site for future retrieval Used to maintain state Can be

Persistent and have expiration date Session only Third party

Transferred via HTTP Headers JavaScript Java Applications Email with HTML content

28

How to disable cookies in MS Internet Explorer V6 – Default

29

Spyware

30

Spyware Spyware is software/hardware that spies

on what you do on your computer Often is it employs a user's Internet

connection in the background (the so-called "backchannel") without their knowledge or explicit permission.

Installed without the user’s knowledge with shareware/freeware

31

Spyware Capabilities Record addresses of

Web pages visited Record recipient

addresses of each email you send

Record the sender addresses of each email you receive

Recording the contents of each email you send/receive

Corporations to monitor computer usage of employees

Computer crackers to capture confidential information

Parents to monitor use of family computer

Advertising and marketing companies to assemble marketing data to serve personalized ads to individual users

Who uses SPYWARES?

32

What haven’t we covered? Security in the wireless environment Authentication systems and their

vulnerabilities Operating systems configuration Network security Security Appliances E-mail privacy

33

Thank you for attending

BY DWITIKRUSHNA NAYAK

24I&E/2K