INFORMATION SECURITY
BIT-301 INFORMATION SECURITY (3-1-0) Credit-04
Module I (10 LECTURES) The Security Problem in Computing: The meaning of computer
Security, Computer Criminals, Methods of Defense, Elementary Cryptography: Substitution
Ciphers, Transpositions, Making “Good” Encryption algorithms, The Data Encryption
Standard, The AES Encryption Algorithms, Public Key Encryptions, Uses of Encryption.
Module II (10 LECTURES) Program Security: Secure Programs, Nonmalicious
Program Errors, viruses and other malicious code, Targeted Malicious code,
controls Against Program Threats, Protection in General- Purpose operating
system protected objects and methods of protection memory and addmens
protection, File protection Mechanisms, User Authentication Designing Trusted
O.S: Security policies, models of security, trusted O.S design, Assurance in
trusted O.S. Implementation examples.
Module III (10 LECTURES) Database Security: Security requirements, Reliability
and integrity, Sensitive data, Inference, multilevel database, proposals for
multilevel security.
Security in Network: Threats in Network, Network Security Controls,
Firewalls, Intrusion Detection Systems,Secure EMail.
Module IV (10 LECTURES) Administering Security: Security Planning, Risk Analysis,
Organizational Security policies, Physical Security. Legal Privacy and Ethical Issues in
Computer Security: Protecting Programs and data, Information and the law, Rights of
Employees and Employers, Software failures, Computer Crime, Praia, Ethical issues in
Computer Security, case studies of Ethics.
MODULE 1
,The security problem in computing
1.1 The meaning of computer security
The meaning of the term computer security has evolved in recent years. Before
the problem of data security became widely publicized in the media, most
people’s idea of computer security focused on the physical machine.
Traditionally, computer facilities have been physically protected for three
reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
Computer security is security applied to computing devices such as computers
and smartphones, as well as computer networks such as private and public
networks, including the whole Internet. The field covers all the processes and
mechanisms by which digital equipment, information and services are protected
from unintended or unauthorized access, change or destruction, and are of
growing importance in line with the increasing reliance on computer systems of
most societies worldwide. It includes physical security to prevent theft of
equipment, and information security to protect the data on that equipment. It is
sometimes referred to as "cyber security" or "IT security", though these terms
generally do not refer to physical security (locks and such).
Some important terms used in computer security are:
Vulnerability
Vulnerability is a weakness which allows an attacker to reduce a system's
information assurance. Vulnerability is the intersection of three elements: a
system susceptibility or flaw, attacker access to the flaw, and attacker capability
to exploit the flaw. To exploit vulnerability, an attacker must have at least one
applicable tool or technique that can connect to a system weakness. In this
frame, vulnerability is also known as the attack surface.
Vulnerability management is the cyclical practice of identifying, classifying,
remediating, and mitigating vulnerabilities.This practice generally refers to
,software vulnerabilities in computing systems.
Backdoors
A backdoor in a computer system, is a method of bypassing normal
authentication, securing remote access to a computer, obtaining access to
plaintext, and so on, while attempting to remain undetected.
The backdoor may take the form of an installed program (e.g., Back Orifice), or
could be a modification to an existing program or hardware device. It may also
fake information about disk and memory usage.
Denial-of-service attack
Unlike other exploits, denials of service attacks are not used to gain unauthorized
access or control of a system. They are instead designed to render it unusable.
Attackers can deny service to individual victims, such as by deliberately
entering a wrong password enough consecutive times to cause the victim
account to be locked, or they may overload the capabilities of a machine or
network and block all users at once. These types of attack are, in practice, very
hard to prevent, because the behavior of whole networks needs to be analyzed,
not only the behavior of small pieces of code. Distributed denial of service
(DDoS) attacks are common, where a large number of compromised hosts
(commonly referred to as "zombie computers", used as part of a botnet with, for
example; a worm, trojan horse, or backdoor exploit to control them) are used to
flood a target system with network requests, thus attempting to render it
unusable through resource exhaustion.
Direct-access attacks
An unauthorized user gaining physical access to a computer (or part thereof) can
perform many functions, install different types of devices to compromise
security, including operating system modifications, software worms, keyloggers,
and covert listening devices. The attacker can also easily download large
quantities of data onto backup media, for instance CD-R/DVD-R, tape; or
portable devices such as key drives, digital cameras or digital audio players.
Another common technique is to boot an operating system contained on a
CD-ROM or other bootable media and read the data from the hard drive(s) this
way. The only way to defeat this is to encrypt the storage media and store the
key separate from the system. Direct-access attacks are the only type of threat
to Standalone computers (never connect to the internet), in most cases.
, Eavesdropping
Eavesdropping is the act of surreptitiously listening to a private conversation,
typically between hosts on a network. For instance, programs such as Carnivore and
NarusInsight have been used by the FBI and NSA to eavesdrop on the systems of internet
service providers. Spoofing
Spoofing of user identity describes a situation in which one person or program successfully
masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Tampering
Tampering describes an intentional modification of products in a way that would make them
harmful to the consumer.
Repudiation
Repudiation describes a situation where the authenticity of a signature is being challenged.
Information disclosure
Information Disclosure (Privacy breach or Data leak) describes a situation where information,
thought as secure, is released in an untrusted environment.
Elevation of privilege
Elevation of Privilege describes a situation where a person or a program wants to gain
elevated privileges or access to resources that are normally restricted to him/it. Exploits
An exploit is a piece of software, a chunk of data, or sequence of commands that takes
advantage of a software "bug" or "glitch" in order to cause unintended or unanticipated
behavior to occur on computer software, hardware, or something electronic (usually
computerized). This frequently includes such things as gaining control of a computer system
or allowing privilege escalation or a denial of service attack. The term "exploit" generally
refers to small programs designed to take advantage of a software flaw that has been
discovered, either remote or local. The code from the exploit program is frequently reused in
Trojan horses and computer viruses.
Indirect attacks
An indirect attack is an attack launched by a third-party computer. By using someone else's
computer to launch an attack, it becomes far more difficult to track down the actual attacker.
There have also been cases where attackers took advantage of public anonymizing systems,
such as the tor onion router system.
Computer crime: Computer crime refers to any crime that involves a computer and a
network.
Top 10 Cyber Crime Prevention Tips
BIT-301 INFORMATION SECURITY (3-1-0) Credit-04
Module I (10 LECTURES) The Security Problem in Computing: The meaning of computer
Security, Computer Criminals, Methods of Defense, Elementary Cryptography: Substitution
Ciphers, Transpositions, Making “Good” Encryption algorithms, The Data Encryption
Standard, The AES Encryption Algorithms, Public Key Encryptions, Uses of Encryption.
Module II (10 LECTURES) Program Security: Secure Programs, Nonmalicious
Program Errors, viruses and other malicious code, Targeted Malicious code,
controls Against Program Threats, Protection in General- Purpose operating
system protected objects and methods of protection memory and addmens
protection, File protection Mechanisms, User Authentication Designing Trusted
O.S: Security policies, models of security, trusted O.S design, Assurance in
trusted O.S. Implementation examples.
Module III (10 LECTURES) Database Security: Security requirements, Reliability
and integrity, Sensitive data, Inference, multilevel database, proposals for
multilevel security.
Security in Network: Threats in Network, Network Security Controls,
Firewalls, Intrusion Detection Systems,Secure EMail.
Module IV (10 LECTURES) Administering Security: Security Planning, Risk Analysis,
Organizational Security policies, Physical Security. Legal Privacy and Ethical Issues in
Computer Security: Protecting Programs and data, Information and the law, Rights of
Employees and Employers, Software failures, Computer Crime, Praia, Ethical issues in
Computer Security, case studies of Ethics.
MODULE 1
,The security problem in computing
1.1 The meaning of computer security
The meaning of the term computer security has evolved in recent years. Before
the problem of data security became widely publicized in the media, most
people’s idea of computer security focused on the physical machine.
Traditionally, computer facilities have been physically protected for three
reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
Computer security is security applied to computing devices such as computers
and smartphones, as well as computer networks such as private and public
networks, including the whole Internet. The field covers all the processes and
mechanisms by which digital equipment, information and services are protected
from unintended or unauthorized access, change or destruction, and are of
growing importance in line with the increasing reliance on computer systems of
most societies worldwide. It includes physical security to prevent theft of
equipment, and information security to protect the data on that equipment. It is
sometimes referred to as "cyber security" or "IT security", though these terms
generally do not refer to physical security (locks and such).
Some important terms used in computer security are:
Vulnerability
Vulnerability is a weakness which allows an attacker to reduce a system's
information assurance. Vulnerability is the intersection of three elements: a
system susceptibility or flaw, attacker access to the flaw, and attacker capability
to exploit the flaw. To exploit vulnerability, an attacker must have at least one
applicable tool or technique that can connect to a system weakness. In this
frame, vulnerability is also known as the attack surface.
Vulnerability management is the cyclical practice of identifying, classifying,
remediating, and mitigating vulnerabilities.This practice generally refers to
,software vulnerabilities in computing systems.
Backdoors
A backdoor in a computer system, is a method of bypassing normal
authentication, securing remote access to a computer, obtaining access to
plaintext, and so on, while attempting to remain undetected.
The backdoor may take the form of an installed program (e.g., Back Orifice), or
could be a modification to an existing program or hardware device. It may also
fake information about disk and memory usage.
Denial-of-service attack
Unlike other exploits, denials of service attacks are not used to gain unauthorized
access or control of a system. They are instead designed to render it unusable.
Attackers can deny service to individual victims, such as by deliberately
entering a wrong password enough consecutive times to cause the victim
account to be locked, or they may overload the capabilities of a machine or
network and block all users at once. These types of attack are, in practice, very
hard to prevent, because the behavior of whole networks needs to be analyzed,
not only the behavior of small pieces of code. Distributed denial of service
(DDoS) attacks are common, where a large number of compromised hosts
(commonly referred to as "zombie computers", used as part of a botnet with, for
example; a worm, trojan horse, or backdoor exploit to control them) are used to
flood a target system with network requests, thus attempting to render it
unusable through resource exhaustion.
Direct-access attacks
An unauthorized user gaining physical access to a computer (or part thereof) can
perform many functions, install different types of devices to compromise
security, including operating system modifications, software worms, keyloggers,
and covert listening devices. The attacker can also easily download large
quantities of data onto backup media, for instance CD-R/DVD-R, tape; or
portable devices such as key drives, digital cameras or digital audio players.
Another common technique is to boot an operating system contained on a
CD-ROM or other bootable media and read the data from the hard drive(s) this
way. The only way to defeat this is to encrypt the storage media and store the
key separate from the system. Direct-access attacks are the only type of threat
to Standalone computers (never connect to the internet), in most cases.
, Eavesdropping
Eavesdropping is the act of surreptitiously listening to a private conversation,
typically between hosts on a network. For instance, programs such as Carnivore and
NarusInsight have been used by the FBI and NSA to eavesdrop on the systems of internet
service providers. Spoofing
Spoofing of user identity describes a situation in which one person or program successfully
masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Tampering
Tampering describes an intentional modification of products in a way that would make them
harmful to the consumer.
Repudiation
Repudiation describes a situation where the authenticity of a signature is being challenged.
Information disclosure
Information Disclosure (Privacy breach or Data leak) describes a situation where information,
thought as secure, is released in an untrusted environment.
Elevation of privilege
Elevation of Privilege describes a situation where a person or a program wants to gain
elevated privileges or access to resources that are normally restricted to him/it. Exploits
An exploit is a piece of software, a chunk of data, or sequence of commands that takes
advantage of a software "bug" or "glitch" in order to cause unintended or unanticipated
behavior to occur on computer software, hardware, or something electronic (usually
computerized). This frequently includes such things as gaining control of a computer system
or allowing privilege escalation or a denial of service attack. The term "exploit" generally
refers to small programs designed to take advantage of a software flaw that has been
discovered, either remote or local. The code from the exploit program is frequently reused in
Trojan horses and computer viruses.
Indirect attacks
An indirect attack is an attack launched by a third-party computer. By using someone else's
computer to launch an attack, it becomes far more difficult to track down the actual attacker.
There have also been cases where attackers took advantage of public anonymizing systems,
such as the tor onion router system.
Computer crime: Computer crime refers to any crime that involves a computer and a
network.
Top 10 Cyber Crime Prevention Tips
