6. What does it mean to be secure?
• Include protection of information from
theft or corruption, or the preservation
of availability, as defined in the
security policy.
7. CIA Trial
It is combination of principles.
Security Objectives:
Confidentiality
Availability
Integrity
8. Confidentiality
• The information must just be
accessible to the authorized
people
• Confidentiality is keeping
information secret or private.
• Confidentiality might be important
for military, business or personal
reasons.
9. Integrity
• Integrity is the unauthorized writing or
modification of information.
• Guarantee that the data is what we
expect.
• Messages can’t be modified without
detection.
10. Availability
• System and networks must be up and
running.
• Availability is the prevention of
unauthorized withholding of information.
11. Malware
• Malware (short for malicious software)is any
software specifically designed to damage a computer
system without owner knowledge.
Examples:
Trojan Horses
Viruses
Worm
12. Trojan Horse
• A Trojan Horse is program that is
packaged with a useful application,
usually free, such as a screen or game
saver, but carries a destructive virus,
that creates problems for your
computer without your knowledge.
14. Some example of Trojan Horse
– TrojanDownloader:Win32/Zlob.gen!dll
– Trojan.Popuper.origin
– Downloader.Zlob.LI
15. Virus
• A computer virus is small software program
that can spread from one computer system
to another and cause interferences with
computer operations.
16. Worm
• A worm is a type of malicious software
(malware) that copies itself repeatedly into
a computers memory.
18. Spam
• Spam is flooding the Internet with many copies of the
same message, in an attempt to force the message on
people who would not otherwise choose to receive it.
• It is also known as Bulk-email or Junk email
20. Phishing:
Example:
• You type, by mistake, “gmale.com” instead of
“gmail.com”
• gmale.com designs the site to look like
gmail.com so the user types in their info as
usual
• BAD! Now an evil person has your info!
A fake login page to be a trusted login page.
21.
22. Pharm
• Software that's planted on a computer; redirects to
impostor web page even though you type in the right
URL. You can protect yourself against it by going to
websites that contain https not http.
23.
24. Hacker
• Hacker is a term used by some to mean "a
clever programmer" and by others, especially
those in popular media, to mean "someone who
tries to break into computer systems.
25. Cracker
• A cracker also a someone who access a computer or
network illegally but has the intent of destroying data,
stealing information or other malicious action.
• Both hacker and cracker have advanced computer
and network skills.
26. Cyber terrorism
• Cyber terrorism can be also defined as the intentional
use of computer, networks, and public internet to cause
destruction and harm for personal objectives. Objectives
may be political or ideological since this can be seen as
a form of terrorism.
27. Hacker Activists
• "Hacker Activists" are people with a politically or socially
motivated purpose who break into a computer system.
"Hacker Activists" are people with a politically or socially
motivated purpose who break into a computer system.
29. Antivirus
• Scans primary and secondary storage Devices.
• Detect & Destroy them.
• Keep update antivirus software.
It works in 2 ways:
1.It scans files to look for known viruses to
compare to a virus dictionary.
2. It analyzes suspicious behavior of computer
programs
31. Firewall
• Windows Firewall (or any other firewall) can help alert
you to suspicious activity if a virus or worm attempts to
connect to your computer. It can also block viruses,
worms, and hackers from attempting to download
potentially harmful programs to your computer.
32. Some Firewall Software
• http://www.zonealarm.com (ZoneAlarm)
• http://www.mcafee.com (McAfee Personal Firewall)
• http://www.symantec.com/sabu/nis/npf/ (Norton Personal Firewall)
33. Encryption
• Turning readable data into a form of unreadable data in
order to prevent access that is not authorized Often used
in the military.
34. Authentication
Authentication is the process of determining
whether someone or something is, in fact,
who or what it is declared to be.
Examples:
• Password
• Biometrics
• Palm/Finger Print
35. Password
• A password or watchword is a form of authentication used to guard
or control a "resource"
Tips for Creating Secure Passwords
• http://www.microsoft.com/athome/security/privacy/password.mspx
• http://www.us-cert.gov/cas/tips/ST04-002.html
• http://www.symantec.com/homecomputing/library/pass_w.html
Use complex password:
Hint: iMnew145
37. Palm/Finger Print
• Palm/Finger print scanning is a unique way to protect
your privacy. You run your finger across a window or
sensor to identify yourself.
38. Iris/Face
• Iris/ face scans are very reliable identifiers. Each individual person
has different eyes and face shape, making this type of scan very
effective.
39. Voice
• A systems that extract features from speech patterns in
order to recognize someone's voice which is then
digitalized and stored