2. Hardware (Physical Assets)
Software
System interfaces (e.g., internal and external
connectivity)
Data and information
Persons who support and use the IT system
System mission (e.g., the processes performed
by the IT system)
System and data criticality (e.g., the system’s
value or importance to an organization)
System and data sensitivity
NIST SP 800-30
3. Information is an asset which,
like other important business
assets, has value to an
organization and consequently
needs to be suitably protected
ISO/IEC17799: 2000
5. Information security protects information from
wide range of threats in order to
Ensure Business Continuity
Minimize Business Damage
Maximize ROI and Business Opportunities
Business : Stable service to customer
Education : Availability of resources and integrity of
information e.g. grade, profile, etc.
ISO/IEC17799: 2000 page iii, Introduction
6. Security is preservation of confidentiality, integrity
and availability of information
Confidentiality
Ensuring that information is accessible only to those
authorized to have access
Integrity
Safeguarding the accuracy and completeness of information
and processing methods
Availability
Ensuring that authorized users have access to information
and associated assets when required
BS7799-2: 2002 page3, 3.1, 3.2, 3.3
8. Could be anything that harm your system
e.g.
User
Hacker/ cracker
Virus
Spam
Etc.
9. Non-Computerized system
Masquerade
Social Engineering
Theft
System malfunction (disaster, power
interruption)
IT Network Threat
Network Level
Application Level
10. Denial of Services
Services has been disable by excessive workload.
Information sniffing
Information has been tapped and viewed by
unauthorized person
Unauthorized access
Low level worker can access to critical information.
12. 3-way handshake
SYN REQ
SYN ACK
ACK
DATA TRANSFER
WWW
3-way handshake
13. SYN attack
203.152.145.121
Internet WWW
Attacker
SYN REQ D=203.152.145.121 S=202.104.10.5
202.104.10.5
SYN ACK D=202.104.10.5 S=203.152.145.121
WAIT
1
2
15. Virus vs Worms..?
Virus
Viruses are computer programs that are designed to spread
themselves from one file to another on a single computer.
A virus might rapidly infect every application file on an
individual computer, or slowly infect the documents on that
computer,
but it does not intentionally try to spread itself from that
computer to other computers.
Worms
Worms, on the other hand, are insidious
because they rely less (or not at all) upon human behavior in
order to spread themselves from one computer to others.
The computer worm is a program that is designed to copy itself
from one computer to another over a network (e.g. by using
e-mail).
16. E-mail spoofing
Pretend to be someone e.g.
bill_gate@microsoft.com,
Spam Mail
Unsolicited or unwanted e-mail or Phising
18. We need “control” which are
Policy & Process security control to provide
guideline and framework
People to control user behavior
Technology will be a tool in order to enforced
Policy throughout the organization effectively.
19. Policy Compliance
ISO 17799
Compliance Checking
CobiT Audit Tools
NIST security standard guideline
NIST – 800 series
Organization Control
Business Continuity Plan
20. Security Awareness Training
Security Learning Continuum
Awareness, Training, Education
Responsibility Control
Need to know basis
21. Computer Security is the process of preventing
and detecting unauthorized use of your
computer
Prevention measures help you to stop
unauthorized users (intruders) from accessing
any part of you computer network
Detection helps you to determine whether or
not someone attempted to break into your
system, if they were successful, and what they
may have done.
Network and Host Based Security
Security Devices (Hardware) or Security Software
30. Why do they spam?
0.0005$ vs 1.21$ -> 0.02B vs 48.4B
1/100,000 count as success
How much does spam is? <spamcorp.net>
~6 e-mail/sec 360 e-mail/min 21,600 e-mail/hr
How do they get my e-mail?
Webboard, forum, etc.
Does spam legal?
How to Protect yourself from getting spam?