Chapter 5 information assurance and security
myaandr0ids
57 views
22 slides
Jun 24, 2024
Slide 1 of 22
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
About This Presentation
Information security
Slide Content
Chapter 5
Program Security, Cybersecurity Threats
and Malicious programs
Program Security, Cybersecurity Threats
and Malicious programs
Protecting programs is at the heart of computer security
because programs constitute so much of a computing
system(the operating system, device drivers, the network
infrastructure, database management systems and other
applications, even executable commands on web pages).
For now, we call all these pieces of code "programs."
A Program Security Flaw is an undesired program behavior
caused by a program vulnerability.
So we need to ask two important questions:
How do we keep programs freefrom flaws?
How do we protect computing resources against programs
that contain flaws
Secure Programs
because programs constitute so much of a computing
system(the operating system, device drivers, the network
infrastructure, database management systems and other
applications, even executable commands on web pages).
For now, we call all these pieces of code "programs."
A Program Security Flaw is an undesired program behavior
caused by a program vulnerability.
So we need to ask two important questions:
How do we keep programs freefrom flaws?
How do we protect computing resources against programs
that contain flaws
Secure Programs
Cybersecurity threats & Malicious Code
Maliciouscode(rogueprogram)isthegeneralnamefor
unanticipatedorundesiredeffectsinprogramsorprogram
parts,causedbyanagentintentondamage.
Theagentisthewriteroftheprogramorthepersonwho
causesitsdistribution.
Malicioussoftware(malware)isasoftwaredesignedto
disruptcomputeroperations,orgainaccesstocomputer
systems,withouttheuser'sknowledgeorpermission
Thetermmalwareincludescomputerviruses,worms,
Trojanhorses,ransomware,spyware,adware,scareware,
andothermaliciousprograms
Maliciouscode(rogueprogram)isthegeneralnamefor
unanticipatedorundesiredeffectsinprogramsorprogram
parts,causedbyanagentintentondamage.
Theagentisthewriteroftheprogramorthepersonwho
causesitsdistribution.
Malicioussoftware(malware)isasoftwaredesignedto
disruptcomputeroperations,orgainaccesstocomputer
systems,withouttheuser'sknowledgeorpermission
Thetermmalwareincludescomputerviruses,worms,
Trojanhorses,ransomware,spyware,adware,scareware,
andothermaliciousprograms
Viruses
Avirusismaliciousexecutablecodeattachedtoanother
executablefile,suchasalegitimateprogram.
Itcanactivateataspecifictimeordate.
Computervirusesusuallyspreadinoneofthreeways:
fromremovablemedia
fromdownloadsoftheInternet
fromemailattachments
Example
TheMelissaViruswasanexampleofavirusspreadvia
email.Melissaaffectedtensofthousandsofusersandcaused
anestimated$1.2billionindamage.
Avirusismaliciousexecutablecodeattachedtoanother
executablefile,suchasalegitimateprogram.
Itcanactivateataspecifictimeordate.
Computervirusesusuallyspreadinoneofthreeways:
fromremovablemedia
fromdownloadsoftheInternet
fromemailattachments
Example
TheMelissaViruswasanexampleofavirusspreadvia
email.Melissaaffectedtensofthousandsofusersandcaused
anestimated$1.2billionindamage.
Aviruscanbeeithertransientorresident.
Atransientvirushasalifethatdependsonthelifeofitshost;
thevirusrunswhenitsattachedprogramexecutesand
terminateswhenitsattachedprogramends.
(Duringitsexecution,thetransientvirusmayspreadits
infectiontootherprograms.)
Aresidentviruslocatesitselfinmemory;thenitcanremain
activeorbeactivatedasastand-aloneprogram,evenafterits
attachedprogramends.
Atransientvirushasalifethatdependsonthelifeofitshost;
thevirusrunswhenitsattachedprogramexecutesand
terminateswhenitsattachedprogramends.
(Duringitsexecution,thetransientvirusmayspreadits
infectiontootherprograms.)
Aresidentviruslocatesitselfinmemory;thenitcanremain
activeorbeactivatedasastand-aloneprogram,evenafterits
attachedprogramends.
Worms
Wormsaremaliciouscodethatreplicatesbyindependently
exploitingvulnerabilitiesinnetworks.Wormsusuallyslow
downnetworks.Afterawormaffectsahost,itisableto
spreadveryquicklyoverthenetwork.
Example
Forexample,in2001,theCodeRedworminfected658
servers.Within19hours,theworminfectedover300,000
servers.
Wormsaremaliciouscodethatreplicatesbyindependently
exploitingvulnerabilitiesinnetworks.Wormsusuallyslow
downnetworks.Afterawormaffectsahost,itisableto
spreadveryquicklyoverthenetwork.
Example
Forexample,in2001,theCodeRedworminfected658
servers.Within19hours,theworminfectedover300,000
servers.
Trojanhorse
ATrojanhorseismalwarethatcarriesoutmalicious
operationsundertheguiseofadesiredoperationsuchas
playinganonlinegame.Thismaliciouscodeexploitsthe
privilegesoftheuserthatrunsit.ATrojanhorsediffersfrom
avirusbecausetheTrojanbindsitselftonon-executable
files,suchasimagefiles,audiofiles,orgames.
ATrojanhorseismalwarethatcarriesoutmalicious
operationsundertheguiseofadesiredoperationsuchas
playinganonlinegame.Thismaliciouscodeexploitsthe
privilegesoftheuserthatrunsit.ATrojanhorsediffersfrom
avirusbecausetheTrojanbindsitselftonon-executable
files,suchasimagefiles,audiofiles,orgames.
LogicBombs
Alogicbombisamaliciousprogramthatusesatriggerto
awakenthemaliciouscode.
Forexample,triggerscanbedates,times,otherprograms
running,orthedeletionofauseraccountAlogicbombcan
sabotagedatabaserecords,erasefiles,andattackoperating
systemsorapplications
Ransomware
Ransomwareholdsacomputersystem,orthedataitcontains,
captiveuntilthetargetmakesapayment.Ransomwareusually
worksbyencryptingdatainthecomputerwithakeyunknown
totheuser.
Theusermustpayaransomtothecriminalstoremovethe
restriction
Alogicbombisamaliciousprogramthatusesatriggerto
awakenthemaliciouscode.
Forexample,triggerscanbedates,times,otherprograms
running,orthedeletionofauseraccountAlogicbombcan
sabotagedatabaserecords,erasefiles,andattackoperating
systemsorapplications
Ransomware
Ransomwareholdsacomputersystem,orthedataitcontains,
captiveuntilthetargetmakesapayment.Ransomwareusually
worksbyencryptingdatainthecomputerwithakeyunknown
totheuser.
Theusermustpayaransomtothecriminalstoremovethe
restriction
Spam
Spam,alsoknownasjunkmail,isunsolicitedemail.
Itisamethodofadvertising.
Itcansendharmfullinks,malware,ordeceptivecontent.
Morecommonindicatorsofspam:
Anemailhasnosubjectline.
Anemailisrequestinganupdatetoanaccount.
Anemaillookslikecorrespondencefromalegitimate
business.
Theemailrequeststhattheuseropenanattachment.
Spam,alsoknownasjunkmail,isunsolicitedemail.
Itisamethodofadvertising.
Itcansendharmfullinks,malware,ordeceptivecontent.
Morecommonindicatorsofspam:
Anemailhasnosubjectline.
Anemailisrequestinganupdatetoanaccount.
Anemaillookslikecorrespondencefromalegitimate
business.
Theemailrequeststhattheuseropenanattachment.
Spyware,Adware,andScareware
Spywareissoftwarethatenablesacriminaltoobtain
informationaboutauser’scomputeractivities.Spyware
oftenincludesactivitytrackers,keystrokecollection,and
datacapture.
Adwaretypicallydisplaysannoyingpop-upstogenerate
revenueforitsauthors.Themalwaremayanalyzeuser
interestsbytrackingthewebsitesvisited.Itcanthensend
pop-upadvertisingpertinenttothosesites
Scarewarepersuadestheusertotakeaspecificactionbased
onfear.
Spywareissoftwarethatenablesacriminaltoobtain
informationaboutauser’scomputeractivities.Spyware
oftenincludesactivitytrackers,keystrokecollection,and
datacapture.
Adwaretypicallydisplaysannoyingpop-upstogenerate
revenueforitsauthors.Themalwaremayanalyzeuser
interestsbytrackingthewebsitesvisited.Itcanthensend
pop-upadvertisingpertinenttothosesites
Scarewarepersuadestheusertotakeaspecificactionbased
onfear.
Phishing
Phishingisaformoffraud.
Cybercriminalsuseemail,instantmessaging,orothersocial
mediatotrytogatherinformationsuchaslogincredentials
oraccountinformationbymasqueradingasareputable
entityorperson.
Phishingoccurswhenamaliciouspartysendsafraudulent
emaildisguisedasbeingfromalegitimate,trustedsource.
Anexampleofphishingisanemailforgedtolooklikeitcamefromaretail
storeaskingtheusertoclickalinktoclaimaprize.Thelinkmaygotoa
fakesiteaskingforpersonalinformation,oritmayinstallavirus.
Phishingisaformoffraud.
Cybercriminalsuseemail,instantmessaging,orothersocial
mediatotrytogatherinformationsuchaslogincredentials
oraccountinformationbymasqueradingasareputable
entityorperson.
Phishingoccurswhenamaliciouspartysendsafraudulent
emaildisguisedasbeingfromalegitimate,trustedsource.
Anexampleofphishingisanemailforgedtolooklikeitcamefromaretail
storeaskingtheusertoclickalinktoclaimaprize.Thelinkmaygotoa
fakesiteaskingforpersonalinformation,oritmayinstallavirus.
Vishing,Smishing,Pharming,andWhaling
Vishingisphishingusingvoicecommunicationtechnology.
Criminalscanspoofcallsfromlegitimatesourcesusingvoice
overIP(VoIP)technology.
Smishing(ShortMessageServicephishing)isphishing
usingtextmessagingonmobilephones.
Pharmingistheimpersonationofalegitimatewebsiteinan
efforttodeceiveusersintoenteringtheircredentials.It
misdirectsuserstoafakewebsitethatappearstobeofficial.
Victimsthenentertheirpersonalinformationthinkingthat
theyconnectedtoalegitimatesite.
Whalingisaphishingattackthattargetshighprofiletargets
withinanorganizationsuchasseniorexecutives.Additional
targetsincludepoliticiansorcelebrities.
Vishingisphishingusingvoicecommunicationtechnology.
Criminalscanspoofcallsfromlegitimatesourcesusingvoice
overIP(VoIP)technology.
Smishing(ShortMessageServicephishing)isphishing
usingtextmessagingonmobilephones.
Pharmingistheimpersonationofalegitimatewebsiteinan
efforttodeceiveusersintoenteringtheircredentials.It
misdirectsuserstoafakewebsitethatappearstobeofficial.
Victimsthenentertheirpersonalinformationthinkingthat
theyconnectedtoalegitimatesite.
Whalingisaphishingattackthattargetshighprofiletargets
withinanorganizationsuchasseniorexecutives.Additional
targetsincludepoliticiansorcelebrities.
DefendingAgainstEmailandBrowserAttacks
Methodsfordealingwithspamincludefilteringemail,
educatingtheuseraboutbeingcautioustowardsunknown
email(s),andusinghost/serverfilters.
Keepingallsoftwareupdatedensuresthatthesystemhasall
ofthelatestsecuritypatchesappliedtotakeawayknown
vulnerabilities.
DefendingAgainstMalware
UsingAntivirusProgram
UsingUp-to-DateSoftware
Methodsfordealingwithspamincludefilteringemail,
educatingtheuseraboutbeingcautioustowardsunknown
email(s),andusinghost/serverfilters.
Keepingallsoftwareupdatedensuresthatthesystemhasall
ofthelatestsecuritypatchesappliedtotakeawayknown
vulnerabilities.
DefendingAgainstMalware
UsingAntivirusProgram
UsingUp-to-DateSoftware
Controls Against Program Threats
DevelopmentalControls
TheNatureofSoftwareDevelopment
Softwaredevelopmentisoftenconsideredasolitaryeffort;a
programmersitswithaspecificationordesignandgrindsout
lineafterlineofcode.
Butinfact,softwaredevelopmentisacollaborativeeffort,
involvingpeoplewithdifferentskillsetswhocombinetheir
expertisetoproduceaworkingproduct.
Developmentrequirespeoplewhocan
Specifythesystem,bycapturingtherequirementsandbuilding
amodelofhowthesystemshouldworkfromtheusers'pointof
view
Designthesystem,byproposingasolutiontotheproblem
describedbytherequirementsandbuildingamodelofthe
solution
Implementthesystem,byusingthedesignasablueprintfor
buildingaworkingsolution
DevelopmentalControls
TheNatureofSoftwareDevelopment
Softwaredevelopmentisoftenconsideredasolitaryeffort;a
programmersitswithaspecificationordesignandgrindsout
lineafterlineofcode.
Butinfact,softwaredevelopmentisacollaborativeeffort,
involvingpeoplewithdifferentskillsetswhocombinetheir
expertisetoproduceaworkingproduct.
Developmentrequirespeoplewhocan
Specifythesystem,bycapturingtherequirementsandbuilding
amodelofhowthesystemshouldworkfromtheusers'pointof
view
Designthesystem,byproposingasolutiontotheproblem
describedbytherequirementsandbuildingamodelofthe
solution
Implementthesystem,byusingthedesignasablueprintfor
buildingaworkingsolution
Testthesystem,toensurethatitmeetstherequirements
andimplementsthesolutionascalledforinthedesign
Reviewthesystematvariousstages,tomakesurethatthe
endproductsareconsistentwiththespecificationand
designmodels
Documentthesystem,sothatuserscanbetrainedand
supported
Managethesystem,toestimatewhatresourceswillbe
neededfordevelopmentandtotrackwhenthesystemwill
bedone
Maintainthesystem,trackingproblemsfound,changes
needed,andchangesmade,andevaluatingtheireffectson
overallqualityandfunctionality
andimplementsthesolutionascalledforinthedesign
Reviewthesystematvariousstages,tomakesurethatthe
endproductsareconsistentwiththespecificationand
designmodels
Documentthesystem,sothatuserscanbetrainedand
supported
Managethesystem,toestimatewhatresourceswillbe
neededfordevelopmentandtotrackwhenthesystemwill
bedone
Maintainthesystem,trackingproblemsfound,changes
needed,andchangesmade,andevaluatingtheireffectson
overallqualityandfunctionality
Modularity, Encapsulation, and
Information Hiding
Letusbeginwiththeproduct,togetasenseofhowwe
recognizehigh-qualitysecuresoftware.
Codeusuallyhasalongshelf-lifeandisenhancedover
timeasneedschangeandfaultsarefoundandfixed.
akeyprincipleofsoftwareengineeringistocreatea
designorcodeinsmall,self-containedunits,called
componentsormodules;whenasystemiswrittenthis
way,wesaythatitismodular.
Modularityoffersadvantagesforprogramdevelopmentin
generalandsecurityinparticular
Information Hiding
Letusbeginwiththeproduct,togetasenseofhowwe
recognizehigh-qualitysecuresoftware.
Codeusuallyhasalongshelf-lifeandisenhancedover
timeasneedschangeandfaultsarefoundandfixed.
akeyprincipleofsoftwareengineeringistocreatea
designorcodeinsmall,self-containedunits,called
componentsormodules;whenasystemiswrittenthis
way,wesaythatitismodular.
Modularityoffersadvantagesforprogramdevelopmentin
generalandsecurityinparticular
Ifacomponentisisolatedfromtheeffectsofother
components,thenitiseasiertotraceaproblemtothefault
thatcauseditandtolimitthedamagethefaultcauses.
Itisalsoeasiertomaintainthesystem,sincechangestoan
isolatedcomponentdonotaffectothercomponents.
Anditiseasiertoseewherevulnerabilitiesmaylieifthe
componentisisolated.Wecallthisisolationencapsulation.
Informationhidingisanothercharacteristicofmodular
software.Wheninformationishidden,eachcomponent
hidesitspreciseimplementationorsomeotherdesign
decisionfromtheothers.
components,thenitiseasiertotraceaproblemtothefault
thatcauseditandtolimitthedamagethefaultcauses.
Itisalsoeasiertomaintainthesystem,sincechangestoan
isolatedcomponentdonotaffectothercomponents.
Anditiseasiertoseewherevulnerabilitiesmaylieifthe
componentisisolated.Wecallthisisolationencapsulation.
Informationhidingisanothercharacteristicofmodular
software.Wheninformationishidden,eachcomponent
hidesitspreciseimplementationorsomeotherdesign
decisionfromtheothers.
Thus,whenachangeisneeded,theoveralldesigncan
remainintactwhileonlythenecessarychangesaremadeto
particularcomponents.
Letuslookatthesecharacteristicsinmoredetail.
Modularity
Modularizationistheprocessofdividingataskinto
subtasks.Thisdivisionisdoneonalogicalorfunctional
basis.
Eachcomponentperformsaseparate,independentpartof
thetask.
remainintactwhileonlythenecessarychangesaremadeto
particularcomponents.
Letuslookatthesecharacteristicsinmoredetail.
Modularity
Modularizationistheprocessofdividingataskinto
subtasks.Thisdivisionisdoneonalogicalorfunctional
basis.
Eachcomponentperformsaseparate,independentpartof
thetask.
Thereareseveraladvantagestohavingsmall,independent
components.
Maintenance.Ifacomponentimplementsasingle
function,itcanbereplacedeasilywitharevisedoneif
necessary.
Understandability.Asystemcomposedofmanysmall
componentsisusuallyeasiertocomprehendthanone
large,unstructuredblockofcode.
Reuse.Componentsdevelopedforonepurposecanoften
bereusedinothersystems.
Correctness.Afailurecanbequicklytracedtoitscauseif
thecomponentsperformonlyonetaskeach.
Testing.Asinglecomponentwithwell-definedinputs,
outputs,andfunctioncanbetestedexhaustivelybyitself,
withoutconcernforitseffectsonothermodules.
components.
Maintenance.Ifacomponentimplementsasingle
function,itcanbereplacedeasilywitharevisedoneif
necessary.
Understandability.Asystemcomposedofmanysmall
componentsisusuallyeasiertocomprehendthanone
large,unstructuredblockofcode.
Reuse.Componentsdevelopedforonepurposecanoften
bereusedinothersystems.
Correctness.Afailurecanbequicklytracedtoitscauseif
thecomponentsperformonlyonetaskeach.
Testing.Asinglecomponentwithwell-definedinputs,
outputs,andfunctioncanbetestedexhaustivelybyitself,
withoutconcernforitseffectsonothermodules.
GoodDesign
Severaldesign-relatedprocessactivitiesareparticularly
helpfulinbuildingsecuresoftware:
usingaphilosophyoffaulttolerance
havingaconsistentpolicyforhandlingfailures
usingdesignpatterns
Severaldesign-relatedprocessactivitiesareparticularly
helpfulinbuildingsecuresoftware:
usingaphilosophyoffaulttolerance
havingaconsistentpolicyforhandlingfailures
usingdesignpatterns
Thank You!
Any Query
Any Query
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 57
- Slides 22
- Age 535 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
37 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
40 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
36 views
14
Fertility awareness methods for women in the society
Isaiah47
33 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
32 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
34 views