Outline :IntroductionIntroduction

Network SecurityNetwork Security

Basic Components Of Computer SecurityBasic Components Of Computer Security

Online Security Vs Online SafetyOnline Security Vs Online Safety

Risks & ThreatsRisks & Threats

Steps to protect informationSteps to protect information

Steps to protect computerSteps to protect computer

Ethical ImpactEthical Impact

Case studyCase study

Statistics about Internet CrimeStatistics about Internet Crime

surveysurvey

conclusionconclusion

ReferencesReferences

IntroductionIntroduction

Computer security is a branch of computer technology known as information security as applied to computers and networks.

computer security means the protection of computing systems and the data that they store or access

What is Computer Security ?

Network SecurityNetwork Security

Devices, tools, techniques and methodologies used to secure the network.

The basic component of network security is : Firewall . Encryption and Decryption : changing plaintext

into ciphertext using key (Encryption). Changing ciphertext back to plaintext using key (Decryption).

Two types of encryption : (Symmetric Encryption, Asymmetric Encryption) .

Symmetric Cipher Model

Public-Key Cryptography

Basic Components of CSBasic Components of CS

computer security involves providing appropriate levels of assurance of

– Availability of computing services and data/information stored in computing systems

– Confidentiality of data/information stored in computing

systems

– Integrity of computing systems and data/information stored therein

Online Security Versus Online Safety Online Security Versus Online Safety

Security: We must secure our computers with technology in the same way that we secure the doors to our offices

Safety: We must act in ways that protect us against the risks and threats that come with Internet use

Risks and ThreatsRisks and Threats

To Computer Security are :

Virus

Worm

Trojan Horse

Spyware

Hacking

Phishing

Spoofing

Denial of Service

Viruses/WormsSoftware programs designed to invade your computer, and copy, damage or delete your data

Trojan HorsesViruses that pretend to be programs that help you while destroying your data and damaging your computer

SpywareSoftware that secretly watches and records your online activities or send you endless pop-up ads

Did You Know …Did You Know …

All of these types of attacks are man-made and intentional.

There is no “natural” or “random” virus.

All of these ride the Internet services you invite in!

Internet services like : ( E-Mail, Peer To Peer Sharing, Online Gaming, Instant Messaging, Video and Audio Streaming )

VirusesViruses

a program or piece of code that is loaded onto your computer (without your knowledge and against your wishes), that (generally) replicates itself and (generally) delivers a payload.

File Infector Virus : attaches itself to a file on the computer and is executed when that application is opened.

( 1972 )

WormsWorms

A self-replicating computer program that uses networks to copy itself to other computers without user intervention.

infection by passively receiving object that gets itself executed.

Stand-alone.

( 1978 )

Trojan HorsesTrojan Horses

Hidden part of some otherwise useful software.

Generally, trojans do not replicate.

Today often on a Web page (Active-X, plugin)

( 1983 )

SpywareSpyware

Application installed, usually without the user’s knowledge, intercepting or taking partial control for the author’s personal gain

Estimates as high as 90% of Internet connected computers are infected with spyware.

Unlike a virus does not self-replicate.

Spyware symptomsSpyware symptoms

Sluggish PC performance

An increase in pop-up ads

Mysterious new toolbars you can’t delete

Unexplained changes to homepage settings

Puzzling search results

Frequent computer crashes

How does PC get infected ?How does PC get infected ?

Through CDs, DVDs, Floppy Disk, and Flash Memory

Accepting without reading

Opening e-mail attachments

Not running the latest updates

Pirating software, music, movies

No anti-virus spyware scanner

Steps To Protect InformationSteps To Protect Information

Practice Internet behavior that lowers your risk

Manage your business information carefully

Use technology to reduce nuisances

Raise the alarm when appropriate

Delete Spam without Opening ItDelete Spam without Opening It

Never reply to spam

Technology can help you identify spam so you can delete it

Many Internet providers delete it for you

Use Strong PasswordsUse Strong Passwords

Keep passwords private and create ones that are hard to “crack”

Never share your passwords with friends or be tricked into giving them away

Turn on an Internet firewall

Keep your operating system up to date

Install and maintain antivirus software

Install and maintain antispyware software

Steps To Protect ComputerSteps To Protect Computer

Turn on an Internet FirewallTurn on an Internet Firewall

An Internet firewall is like a moat around a castle, creating a barrier between your computer and the Internet

Keep Your System UpdatedKeep Your System Updated

Install all security updates as soon as they are available

Automatic updates provide the best protection

Install Antivirus SoftwareInstall Antivirus Software

Antivirus software can detect and destroy computer viruses before they can cause damage

Just like flu shots, for antivirus software to be effective, you must keep it up to dateDon’t let it expire

Example

Install & Maintain Antispyware SoftwareInstall & Maintain Antispyware Software

Use antispyware software so unknown people cannot lurk on your computer and potentially steal your information

Other Ways to Protect Your PCOther Ways to Protect Your PC

- Back up your files regularly

- Practice safe E-mail

- Read website privacy statements

- Close pop-ups using red “X”

- Lock your screen

- Install Spyware Blaster

- Update your Application

Back Up Your FilesBack Up Your Files

Save to CD or DVD

Use a Web-based backup service

Practice Safe E-MailPractice Safe E-Mail

Don’t open e-mail attachments unless you know what they contain and who sent them

Attachment ends with a .exe, .com, .bat, do not open the attachment unless you know for a fact that it is clean.

Don’t open, forward, or reply to suspicious e-mails

Delete spam

Close Pop-ups Using Red “X”Close Pop-ups Using Red “X”

Always use the red “X” in the corner of a pop-up screen

Never click “yes,” “accept” or even “cancel”, because it could be a trick that installs software on your PC

Install Spyware BlasterInstall Spyware Blaster

Spyware Blaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

Lock Your ScreenLock Your Screen

Locking your laptop or workstation while away from it is good security sense.Use a password to start up or wake-up your computer.

Update Your ApplicationUpdate Your Application

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.

Ethical Impact

Question: should schools offer a course that teaches students how to hack systems, why?

Violating intellectual property : By Software piracy (cracking).

Hacking others’ devices and stolen their effort .

Computer security reduce this violating.

Ethical Impact(cont)

Many people used a cracked SW and claim that they want to test it before they buy it (is that true , why ?)

Other people said : why we have to pay money while these cracked SW is free? ( is that true , why ?)

Ethical Impact(cont)

Violating privacy : hacking other computers will violate the privacy and making hacker see what he is not suppose to see .

Case Study (1) : About PhishingCase Study (1) : About Phishing

example of a phishing published in the Washington Post (2004 ). Story of William Jackson from Katy, Texas. Jackson received e-mail from what appeared to be ( PayPal ) payment offices.

The e-mail warned him that his account would be suspended until he updated it with financial information. The e-mail provided a link for Jackson to the website where he could update his information. He entered in credit card numbers, bank numbers, social security numbers and other personal identification information.

The website ended up being fraudulent and Jackson lost several hundred dollars. William Jackson could have lost much more money as a result of the Phishing website he had entered.

Case Study (2) : About SpywareCase Study (2) : About Spyware

In March ( 2005 ), British police foiled a plot to steal £220 million from ( Sumitomo Mitsui Bank ) in London.

Cybercriminals had compromised the bank’s computer systems and secretly deployed a keylogger program that was perhaps part of a Trojan horse. The spyware relayed password and access information to the criminals, who intended to transfer the funds electronically. A man in Israel was arrested after allegedly trying to transfer £13.9 million into an Israeli account.

Statistics about Internet CrimeStatistics about Internet Crime

This statistic is done in USA, that include many types of crime, such as auction fraud, spam, credit card fraud and so on.

SurveySurvey

Survey(cont)Survey(cont)

Survey(cont)Survey(cont)

Survey(cont)Survey(cont)

ConclusionConclusion

Now that you have completed this web quest on Computer Security you are now aware of the possible security treats to computer systems. Not only that, but you are now better able to protect your computers as well as recommend security measures to others

ReferencesReferences

http://en.wikipedia.org/wiki/Computer_security

http://www.clearwisdom.net/emh/articles/2008/7/23/99177.html

http://its.ucsc.edu/security_awareness/intro.pdf

http://nurseweb.ucsf.edu/public/07fa-computer-security.ppt

http://www.acsac.org/secshelf/book001/02.pdf

Thank You For Listening

Any Question ?