Chapter 4 Computer Science :: Computer Ethics and Security

http://www.azcomputertechs.com/wp-content/uploads/2013/07/pc-security.jpg

Why ?

At the end of this chapter, student should be able to :● defining ;

○ computer ethics, computer security risks● list areas of computer ethics.● identify types of security risks.● identify different ways to overcome security risks● identify types of Intellectual Property● describe the importance of Intellectual Property

why peoples, especially students who enrolled SC015 need to acquire the knowledge of - Computer Ethics & Security ?

Ethics and Society

Ethics, standards determine whether an action is good or badComputer Ethics, moral guidelines that govern the use of computers and information systems.

Chapter 11 - Manage Computing Securely. Safely and Ethically page 581

Ethics and Society cont'

Seven (7) frequently discussed areas of computer ethics are :-1. unauthorized use of computers & networks.2. software theft (piracy).3. information accuracy.4. intellectual property rights.5. codes of conduct.6. information privacy, and7. green computing.





We discuss about these list later, :)

http://www.avensis.in/images/personal_trollface_hd.png

Computer Security Risks


Computer Security Risks any event or action that could cause a loss or damage to computer

Computer Crimeany illegal act involving a computer.

Cybercrimeonline or Internet-based illegal acts.

Computer Security Risks cont'


*Perpetrators of cybercrime fall into seven (7) basic categories :-hacker, cracker, script kiddie, corporate spy, unethical employee, cyberextortionist and cyberterrorist.

perpetrators - someone who has committed a crime

http://3.bp.blogspot.com/_VDmxk13I3SA/SROu0wTK-jI/AAAAAAAAAH0/8zqvcHe9laM/s320/Kiddie.jpg

http://www.macforensicslab.com/ProductsAndServices/images/whitepaper-image003.png



#1. Hacker● a computer *enthusiast.● accessing computer or network illegally.● the intention of their security breaches is to

improve security.● advanced computer & network skills.

enthusiast - person who is highly interested in a particular activity or subject.

http://the278thword.files.wordpress.com/2011/11/assassins_creed_by_panelgutter.jpg



#2. Cracker● illegally accessing computer with intention to,● destroy data, stealing information and

attempting several malicious act.● advanced computer & network skills.

http://upload.wikimedia.org/wikipedia/commons/thumb/4/40/Ritz_cracker.jpg/465px-Ritz_cracker.jpg



#3. Script Kiddie● same intention with cracker BUT,● lack technical skills knowledge.● depends on prewritten hacking and cracking

programs to break into computers.

enthusiast - person who is highly interested in a particular activity or subject.

http://cache.ohinternet.com/images/e/e9/Skid.jpg



#4. Corporate Spy● excellent computer & networking skills.● hired to break & steals *proprietary data &

informations in a computers, OR● to help identify security risks in own

companies.

proprietary - relating to an owner or ownership.

http://www.teamshatter.com/wp-content/uploads/2012/05/Hack.jpg



#5. Unethical Employee● exploiting a security weakness.● seeking financial gains from selling

confidential information.● unsatisfied employees may want to revenge.

proprietary - relating to an owner or ownership.

http://woman.thenest.com/DM-Resize/photos.demandstudios.com/getty/article/112/38/stk76619cor.jpg?w=600&h=600&keep_ratio=1



#6. Cyberextortionist● uses e-mail for extortion.● threatening (if they are not paid with money)

actions such as :-○ exposing confidential information○ exploit security flaw○ launch an attack (compromising the

organization's network)

http://cdn.theatlanticwire.com/img/upload/2012/06/27/youvegotmail/large.jpg

http://costello.astonishlive.com/cyber%20extortion%20insurance.png



#7. Cyberterrorist● uses Internet or network to,● destroy or damage computers for,● political reasons● targetting :-

○ nation's air traffic control system○ electricity-generating companies○ telecommunications infrastructures.

http://3.bp.blogspot.com/-tSjSB8JjCNs/Tbgbg9PhM5I/AAAAAAAABkw/GnOYV35Zn7g/s1600/cyber_terrorism3+copy.jpg



The more common computer security risks include :-Internet and Networks Attacks, Unauthorized Access and Use, Hardware/Software/Information Theft and System Failure





The more common computer security risks include :-






after completing this section you will be able to

Describe various types of Internet and network attacks (computer viruses, worms, Trojan horses, rootkits, botnets,

denial of service attacks, back doors, spoofing), and

Identify ways to safeguard (safety/security measures) against these attacks, including using firewalls, intrusion

detection software and honeypots.


CommonInternet/Network Attacks

http://oregonstate.edu/helpdocs/sites/default/files/Test/alert.png


Common Computer Security Risks #1Internet and Networks Attacks


Internet and networks attacks that *jeopardize security includes :-

jeopardize - put (someone or something) into a situation in which there is a danger of loss, harm, or failure

● rootkits;● botnets;● denial of service

attacks;● spoofing

● computer viruses,● worms,● Trojan horses


Computer Viruses, Worms, Trojan Horses, and Rootkits


● Every unprotected computer is susceptible to the first type of computer security risk

● Computer viruses, worms, Trojan horses, and rootkits are classified as malware (short for malicious software).

● Malware - program that act without user's knowledge and deliberately alter the computer's operation.




● Virus or computer virus is a program (computer program)

● create to infects a computer, and gives negatives effects (damaging files, system software, and operating system)

● altering the operation of a computer without user's knowledge or permission.

http://images2.wikia.nocookie.net/__cb20130429224156/powerlisting/images/e/e3/Computer-virus.jpg




● Worm is also a program (computer program)

● create to copy itself in a computer, and gives negatives effects (using up resources and possibly shutting down a computer or network)

● repeatedly copies and resides in memory of a computer, or even in the network.

http://www.slate.com/content/dam/slate/archive/2009/03/1_123125_2126996_2208023_2212799_090330_tech_confickerwormtn.jpg.CROP.original-original.jpg




● Trojan horse is also a program (computer program)

● looks like a legitimate program, and gives negatives effects when being triggered (damaging files, system software, and operating system)

● does not replicate such as worms.

http://images.pcworld.com/news/graphics/182889-01sa_trojan_original.jpg

Who ? who creates - Computer Viruses, Worms, Trojan horse ?

Why ? why they creates these malicious program ?

What ? What is the similarities of Computer Viruses, Worms and Trojan horse ?and what about Rootkits ?

How ?.. how does a viruses, or a worm infected computer ?

http://pixabay.com/static/uploads/photo/2012/04/11/16/17/head-28741_640.png

img src : http://www.microsoft.com/security/pc-security/conficker.aspx


http://www.microsoft.com/security/pc-security/conficker.aspx



What ? What are the symptoms if a computer has been compromised by a virus, worm, trojan horse

How ?.. to secure (safeguards) computer from all threats (Computer Virus, Worm, Trojan horse and rootkits - and all of their siblings ? (spyware, back door)




What ?What are the symptoms if a computer has been compromised by a virus, worm, trojan horse

● operating system (OS) run much slower than usual● available memory is less than expected● files becomes corrupted● screen displays unusual message or image

● musics or unusual sounds play randomly

● existing programs and files disappear

● system properties change● OS does not start-up● OS shuts down unexpectedly

http://blog.brickhousesecurity.com/wp-content/uploads/2010/07/dellvirus.jpg


Howto safeguards a computer from viruses ?


http://www2.internetnow.com.my/Internetnow/newsletter/images/jackieChan.jpg

http://www.mkc.com.ec/images/noadoad.jpg


http://now.symassets.com/now/en/pu/images/Product_Family/NAV/Norton_AntiVirus_2013/Boxes/BX_NAV_Y13_r_r_EN_342.png

http://img2.findthebest.com/sites/default/files/259/media/images/Avira_Free_Antivirus_2012_Anti-Virus_Software.png

● by using any antivirus program, user can safeguards a computer system from viruses and other malware.

● Antivirus program - a program that protects computer against viruses by identifying and removing any computer viruses found in memory, on storage media or on incoming files.

● Popular antivirus program ;○ Kaspersky Anti-Virus○ avast! antivirus○ CA Anti-Virus○ McAfee VirusScan○ AVG Anti-Virus


Safeguards against Computer Viruses and other Malware



Internet and networks attacks that jeopardize security includes :-





http://wordrant.com/wp-content/uploads/2012/08/done1.gif

Common Computer Security Risks #1Internet and Networks Attacks Botnets; Denial of Services (DoS) Attacks; and Spoofing.


● group of compromised computers in a network.

● compromised computers also known as zombies - a computer that being controlled remotely by an outsider.

● used as a part of network to attack other networks, usually for *nefarious purposes.

nefarious - wicked or criminal: "the nefarious activities of the organized-crime syndicates"..

http://upload.wikimedia.org/wikipedia/commons/thumb/c/c6/Botnet.svg/350px-Botnet.svg.png



● an assault to an Internet services (example of Internet services : web e-mails).

● purpose to disrupt computer access to an Internet services

● variant of DoS is distributed DoS or DDoS (using zombies).

http://1.bp.blogspot.com/_TUZOJcmlBhM/TR2oI-IQzlI/AAAAAAAAADQ/WoiW_gT3nGk/s1600/DOS.jpg



● technique that make their network or Internet transmission appear legitimate to a victim computer or network.

● spoofing variants includes ;○ e-mail spoofing○ IP-spoofing

http://3.bp.blogspot.com/-2jMujnIIRjY/Tle8doq7_vI/AAAAAAAAApM/MA4r_m3qg9U/s400/main_the_middle1.jpg

Common Computer Security Risks #1

Internet and Networks Attacks


Internet and networks attacks that *jeopardize security includes :-








Howto safeguards a computer from ..Botnets, DoS, DDoS, Spoofing - and all of their siblings ? (rootkit, back doors)


http://www.cs.wustl.edu/~jain/cse571-09/ftp/honey/fig2.png

https://si0.twimg.com/profile_images/1082008910/honeypot.jpg

http://upload.wikimedia.org/wikipedia/commons/thumb/5/5b/Firewall.png/300px-Firewall.png

http://img.ashampoo.com/ashampoo.com_images/img/1/products/0050/en/box_ashampoo_firewall_free_en_800x800.jpg

http://www.filebuzz.com/software_screenshot/full/37372-privatefirewall_w_pest_patrol.gif


Safeguards against Botnets, DoS/DDoS Attacks, Back Doors and Spoofing

some of the latest antivirus programs include provisions to protect a computer from DoS/DDoS attacks.user also can ; ● use firewall solutions, ● install an *intrusion detection software, and● setup *honeypots


http://cfnewsads.thomasnet.com/images/large/600/600275.jpg

http://computerservernetwork.com/wp-content/uploads/2013/05/firewall-hacker.jpg

https://si0.twimg.com/profile_images/1082008910/honeypot.jpg

Firewall ;● is a hardware and/or software● protect a network’s resources from intrusion by users on

another network (i.e Internet)● should be implemented in all networked computer.



http://www.64bit.eu/gallery/3490/juniper-srx-650-gateway-firewall-2-gb-right-angle-view-default.jpg

http://upload.wikimedia.org/wikipedia/en/thumb/7/78/Norton_Personal_Firewall.png/300px-Norton_Personal_Firewall.png

Personal Firewall ;● is a utility program (firewall software)● detects and protects personal computer and its data

from unauthorized intrusions.● constantly monitor transmissions and inform user of any

attempted intrusion.



Stand-Alone Personal Firewall Software

● Norton Personal Firewall● CA Personal Firewall● McAfee Internet Security● Webroot Desktop Firewall● ZoneAlam Pro● *Windows Firewall

* included with the installation of Windows-based operating system

http://upload.wikimedia.org/wikipedia/en/thumb/7/78/Norton_Personal_Firewall.png/300px-Norton_Personal_Firewall.png

example concept, the uses of Firewall ;










Unauthorized Accessand Use

● Unauthorized access - the use of a computer without permission.

● Unauthorized use - the use of computer or its data for unapproved or possibly illegal act.○ illegal act includes;

■ sending personal e-mail messages.■ accessing to a bank computer and perform

unauthorized transfer,■ etc




Howto safeguards a computer from ..Unauthorized Access and Use


http://docs.cpanel.net/twiki/pub/AllDocumentation/WHMDocs/CustomBrandedLoginPages/main.png


Safeguards against Unauthorized Access and Use

● organizations should use access control to minimize the chance of a perpetrator intentionally accessing confidential information on a computer.

● Access control - a security measure that defines who can access computer, what actions they can take while accessing the computer.

● Two-phases process in implementing access-control is ;○ identification ,

■ process to verifies the validity of a user.○ authentication

■ process to verifies the individual is the person he or she claims to be.


Safeguards against Unauthorized Access and Use

● Identification and Authentication Methods○ user name○ password

● User name or user ID (identification), is a unique combination of characters (alphanumeric) that identifies one specific user.

● Password, private combination of characters associated with the user name that allow access to certain computer resources.







Common Computer Security Risks #3Hardware/Software/Information

Theft

● hardware theft - act of stealing computer equipment.● software theft's variants act includes;

■ steals software media■ intentionally erases programs■ illegally copies a programs, OR/AND■ illegally registers and/or activates program

● information theft - act of stealing personal or confidential info.




Howto safeguards a computer from ..Hardware, Software, Information Theft


http://support.lenovo.com/ContentResources/Migrated%20Assets/pc/support/site_wss/51242_security3.gif

http://www.mrgadget.com.au/catalog/images/kensington_slim_microsaver_security_cable_demo.gif

http://business.panasonic.co.uk/computer-product/sites/default/nfsfiles/styles/accessory_extra_image/public/accessory_images/Kensington%20Lock.jpg


Safeguards against Hardware Theft

● using physical access controls such as ;○ locked doors and windows

● installing alarm systems for additional security.● attach physical security devices such as cables that lock

○ equipment to desk.○ mobile computer to a stationary object.

http://ecx.images-amazon.com/images/I/61K9F2Ha4pL._SL1000_.jpg

http://store.mbsdirect.com/main/images/P/H7769.jpg

● to protect software media from being stolen owners should keep ..○ original software boxes and media in

secure location (i.e media cabinets with lock).

● to protect from software piracy, software manufacturers should .. ○ issue users license agreement,

■ the right to use the software ● (single user license/end-user license

agreement)


Safeguards against Software Theft

http://img.bhs4.com/56/B/56B3F48796B59ACE7E6CEB217F354F8BF07B1D41_large.jpg

http://media.sundaysky.com/tigerdirect/images/3179222/_ti/_0.jpg

● to protect information on the Internet and networks, organizations and individuals use a variety of encryption techniques.○ encryption - converting readable data (plaintext) into

unreadable characters (ciphertext), preventing unauthorized access.

○ decryption - converting unreadable data (ciphertext) to its original state/data (plaintext)

○ the study of encryption and decryption process (to promote a secure communication) is often known as a cryptography.


Safeguards against Information Theft








System Failure

● System failure is a prolonged malfunction of a computer.

● It can cause loss of ;○ hardware, software, data and information.

● Cause ;○ aging hardware○ natural disasters (fires, flood, hurricanes,

earthquake)○ random events (*electrical power problems)○ error in computer program

* the most common cause of system failure

http://static.tumblr.com/dff9c1ea6a73629fc3b0fc91f2d2dfb0/qdxa2gl/EHUmfntm8/tumblr_static_systemfailurealert_logo_color_tp.gif

http://static.tumblr.com/dff9c1ea6a73629fc3b0fc91f2d2dfb0/qdxa2gl/EHUmfntm8/tumblr_static_systemfailurealert_logo_color_tp.gif


Howto safeguards a computer from ..System Failure ?

http://cdn.slashgear.com/wp-content/uploads/2009/10/belkinsurgemaster-sg.jpg


http://images.costco.com/image/media/350-547088-847__1.jpg

● to protect against electrical power variations, use

■ surge protector (also called surge-protector)● uses special electrical components to ;

○ stabilize current flow, and keep out

overvoltage from reaching computer/electronic equipment.

■ uninterruptable power supply (UPS)● a device that contains surge protection

circuit and a batteries - that provide temporary power during loss of power.


Safeguards against System Failure

http://upload.wikimedia.org/wikipedia/commons/f/fa/Belkin-Surge-Protector.jpg

http://www.chinatraderonline.com/Files/Computer-Accessories/Uninterruptible-Power-Supply/Line-interactive-Uninterruptible-Power-Supply-21542099656.jpg

http://www.cannoncorp.us/wp-content/uploads/2012/07/electrical-Medium.jpg


Howto safeguards a computer from ..ALL OF THE ABOVE ?Common Security Risk ;#1 Internet & Network Attacks#2 Unauthorized Access & Use#3 Theft (Hardware/Software/Information)#4 System Failure

http://tctechcrunch2011.files.wordpress.com/2009/01/why-backup.jpg

http://www.esoftload.info/wp-content/uploads/2012/04/mysql-backup.jpg


● to protect against all computer security risk, computer user should ;

■ back-up (duplicates files,program or disk) so it can be used (restore) if the original is lost, damage or destroyed.● to back-up is to make a copy of files,

program or disk

○ manually back-up - copy data to any available storage media.

○ back-up program/software


Ultimate Safeguards - Back-up

http://h10025.www1.hp.com/ewfrf-JAVA/Doc/images/1010/c00859547.jpg

http://tctechcrunch2011.files.wordpress.com/2009/01/why-backup.jpg

http://upload.wikimedia.org/wikipedia/en/5/51/Backup_center_icon.png

Ultimate Safeguards - Human Aspects : Awareness

previous CS015 Computer Security Risk slideshow

● expose employees or staff to computer security through continuously security training, courses.

● make a systematic routine check to update (security patches, virus definition,other malicious code) a computer system - early preventing a threat/risks.

● proper handling of computer and information

http://rigidsecurity.com/wp-content/uploads/2013/02/ceh.png

http://photos2.meetupstatic.com/photos/event/9/1/0/8/highres_11557128.jpeg

http://www.wgu.edu/sites/wgu.edu/files/images/Online-IT-Network-Admin-Student.jpg

Objectives check ! ● defining ;

○ computer ethics, computer security risks● list areas of computer ethics.● identify types of security risks.● identify different ways to overcome security risks● identify types of Intellectual Property● describe the importance of Intellectual Property




OK let’s discuss, :)

http://www.avensis.in/images/personal_trollface_hd.png

Ethics and Society

Ethics, standards determine whether an action is good or badComputer Ethics, moral guidelines that govern the use of computers and information systems.





Ethics and Society cont'Information AccuracyTerminologies and their meaning ;● Intellectual Property (IP) - unique and original works (i.e ideas,

inventions,art,writing,product,logos)○ Intellectual property rights - rights to which creator are

entitled for their work.■ Copyright - exclusive rights given to author/artist for their

materials.● copyright infringement is piracy

○ infringement is a violation (an act that disregard an agreement of a right)

● Code of Conduct - written guideline that help determine whether a specific computer action is ethical or unethical.


Ethics and Society cont'Importance of Intellectual PropertyThe importance of Intellectual Property ;● to protect the original creation from individuals.● to preserve features and process that make thing work ( inventor

will therefore benefits - get a profit , from their work)

previous CS015 Computer Security Risk slideshow

http://clancco.com/wp/wp-content/uploads/2010/02/CopyrightPic5.jpg

http://cdncms.fonts.net/images/8b554ed78cb5ec36/fontology_register_trademark_copyright_symbols_1.gif

Ethics and Society cont'Type of Intellectual Property

http://www.myipo.gov.my/home

A patent is an exclusive right granted for an invention, which is a product or a process that provides a new way of doing something, or offers a new technical solution to a problem.

A trade mark is a sign which distinguishes the goods and services of one trader from those of another. A mark includes words, logos, pictures, names, letters, numbers or a combination of these.

A copyright exclusive rights given to author/artist for their materials (literary works; musical works; artistic works; films; sound recordings; broadcasts; and derivative works)






Ethics and Society cont'Code of ConductCode of Conduct - written guideline that help determine whether a specific computer action is ethical or unethical.

The sample of IT Code of Conduct ;


Ethics and Society cont'Information PrivacyTerminologies and their meaning ;● Information Privacy - right of individuals and companies to deny

or restrict the collection and use of information about them.○ Risk relating to privacy of information ;

■ Spam■ Phishing■ Pharming■ Spyware and Adware


http://2.bp.blogspot.com/-UNS-DZkMFj4/TZ_5qIzH0II/AAAAAAAAAGY/2TKwCx0Dves/s1600/gangguan+copy.jpg

Ethics and Society cont'Information Privacy : Risk#1 SpamSpam (also known as Internet junk mail)● Spam - unsolicited e-mail message or newsgroup posting sent to

many recipients or newsgroup at once.○ *unsolicited - not asked for, given or done voluntarily : “unsolicited junk mail”

● content of spam ranges from ○ selling product or service○ promoting business opportunity○ advertising offensive material

Safeguard your privacy from Spam ! 1. use e-mail filtering - a service that block e-mail messages from

designated sources2. purchase and use anti-spam program - help to remove spam before it

reaches your inbox


http://thedailyrecord.com/ontherecord/files/2011/05/spam.jpg

Ethics and Society cont'Information Privacy : Risk#1 Spamexample (spam e-mail message)


http://thedailyrecord.com/ontherecord/files/2011/05/spam.jpg

Ethics and Society cont'Information Privacy : Risk#2 PhishingPhishing (also known as Scam)● Phishing - a scam in which perpetrator sends and official looking

e-mail message that attempt to obtain individuals personal and financial information.

● method of operations ;○ an e-mail asking to reply a personal information, or○ an e-mail with a link that direct individuals to a phony (fake)

Web to collect the information.

Safeguard your privacy from Phishing ! 1. if an e-mail looks legitimate, it is recommend to visit the official site

directly (never click the link provided in the e-mail)2. use phishing filter (available in some Web browsers) - a program that

warns or block user from potentially fraudulent (fake) or suspicious sites.


Ethics and Society cont'Information Privacy : Risk#3 PharmingPharming (also known as Scam, similar to Phishing)● Pharming - a scam in where perpetrator attempts to get individuals

personal and financial information via spoofing process● method of operations ;

○ user type in a Web address in the Web browser, user will redirected to a phony Web sites that looks legitimate.

○ the phony (fake) Web sites is use to collect the victim information.

Safeguard your privacy from Pharming ! 1. if an e-mail looks legitimate, it is recommend to visit the official site directly (never

click the link provided in the e-mail)2. use phishing filter (available in some Web browsers) - a program that warns or

block users from potentially fraudulent (fake) or suspicious sites.


Ethics and Society cont'Information Privacy : Risk#4 Spyware & AdwareSpyware● a program placed on a computer without the user’s knowledge.● the program secretly collect information about the user.● method of operations ;

○ collect information regarding user’s Web browsing habits by hiding spyware in adware - a program display an online advertisement in a banner or pop-up windows on Web page, e-mail messages, or other Internet services.

Safeguard your privacy from Spyware & Adware ! 1. use spyware and adware remover - a program that helps to detect and

remove/delete spyware and adware.2. some operating systems and Web browsers include spyware removers.


http://www.pccleanerpro.com/wp-content/uploads/2012/05/spyware.png


Ethics and Society cont'Green Computing● involves reducing the electricity and

environmental waste while using a computer

http://www.thegeeksclub.com/wp-content/uploads/2011/05/GREEN-1.jpg

ConclusionThis chapter identified some potential computer security risks and the safeguards (security measure) that organizations and individuals can implement to minimize the risks.

http://1.bp.blogspot.com/_pOW-sItH-eQ/S9QqQYI2IBI/AAAAAAAAAGs/Q6FXirp4-HI/s320/hands_clapping.jpg

Date post:	22-Jan-2018
Category:	Education
Upload:	fizaril-amzari-omar
View:	3,664 times
Download:	0 times

Chapter 4 Computer Science :: Computer Ethics and Security

Education