Lecture 01 Information Security BS computer Science
maqib8373
136 views
54 slides
May 19, 2024
Slide 1 of 54
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
About This Presentation
Information Security
Slide Content
Lecture 01
InformationSecurity
1
InformationSecurity
1
2
3
WhatisSecurity?
•Thestateofbeingfreefromdangeror
threat
•Freedomformthreat
Ingeneral,securitymeansbeingfree
from danger.Tobesecureistobe
protectedfrom theriskofloss,damage,
unwanted modificationorother
hazards.
WhatisSecurity?
•Thestateofbeingfreefromdangeror
threat
•Freedomformthreat
Ingeneral,securitymeansbeingfree
from danger.Tobesecureistobe
protectedfrom theriskofloss,damage,
unwanted modificationorother
hazards.
Securityiseverywhere..
4
4
Whatis
privacy
•Astateinwhichoneisnotobserved ordisturbedby
other.
•Securityisthetechnicalmethodsusedtoprotectthedata
and notconcernedwithhowandwhenitused.
•PrivacyishowanorganizationprocessPersonal
Datato complywithlaws,regulations.
5
privacy
•Astateinwhichoneisnotobserved ordisturbedby
other.
•Securityisthetechnicalmethodsusedtoprotectthedata
and notconcernedwithhowandwhenitused.
•PrivacyishowanorganizationprocessPersonal
Datato complywithlaws,regulations.
5
•Securitycanbeachievedwithoutprivacy
but Privacycannotbeachievedwithout
security.
6
but Privacycannotbeachievedwithout
security.
6
7
WhatisInformation
Security?
8
Security?
8
9
DescriptionofInfoSec
•Informationsecurity(sometimesreferred
toas InfoSec)
–coversthetoolsandprocesses
•Itincludespolicysettings
–Preventunauthorizedpeoplefrom
accessing businessorpersonal
information
•Protectssensitiveinformation
–includinginspection,modification,recording,
and anydisruptionordestruction
DescriptionofInfoSec
•Informationsecurity(sometimesreferred
toas InfoSec)
–coversthetoolsandprocesses
•Itincludespolicysettings
–Preventunauthorizedpeoplefrom
accessing businessorpersonal
information
•Protectssensitiveinformation
–includinginspection,modification,recording,
and anydisruptionordestruction
10
•Theconsequencesofsecurity
incidents include
–Theftofprivateinformation
–Datatampering
–Datadeletion
–Attackscandisruptworkprocessesand
damagea company’sreputation,andalso
haveatangible cost
•Organizationsmustallocatefundsfor
security
–Ensurethattheyarereadytodetect,
respondto, andproactivelyprevent,attacks
suchas
•Phishing,malware,viruses,maliciousinsidersetc.
•Theconsequencesofsecurity
incidents include
–Theftofprivateinformation
–Datatampering
–Datadeletion
–Attackscandisruptworkprocessesand
damagea company’sreputation,andalso
haveatangible cost
•Organizationsmustallocatefundsfor
security
–Ensurethattheyarereadytodetect,
respondto, andproactivelyprevent,attacks
suchas
•Phishing,malware,viruses,maliciousinsidersetc.
Termswe
heard….
NETWORK
SECURITY
11
INFORMATION
SECURITY
heard….
NETWORK
SECURITY
11
INFORMATION
SECURITY
12
13
DifferenceBetweenCyberSecurity,
Network Security,andInformation
Security
Sr.# CyberSecurity NetworkSecurity InformationSecurity
01.
Cybersecurityisthemethod
ofprotectingsystems,
networks,andprogramsfrom
digitalattacks.
NetworkSecurityisthe
methodofprotectingthe
usabilityandintegrityof
yournetworkanddata.
Informationsecurityisthe
measurestakentoprotect
therecordsfrom
unauthorizedentryand
use.
02.
CyberSecurityisasubpartof
InformationSecurity.
NetworkSecurityisa
subpartofCyberSecurity.
CyberSecurity&
NetworkSecuritycomes
underInformation
Security.
03.
Itprotectsanythinginthe
cyberarea.
Itprotectsanythinginthe
networkarea.
Informationsecurityisfor
informationirrespectiveof
thespace.
DifferenceBetweenCyberSecurity,
Network Security,andInformation
Security
Sr.# CyberSecurity NetworkSecurity InformationSecurity
01.
Cybersecurityisthemethod
ofprotectingsystems,
networks,andprogramsfrom
digitalattacks.
NetworkSecurityisthe
methodofprotectingthe
usabilityandintegrityof
yournetworkanddata.
Informationsecurityisthe
measurestakentoprotect
therecordsfrom
unauthorizedentryand
use.
02.
CyberSecurityisasubpartof
InformationSecurity.
NetworkSecurityisa
subpartofCyberSecurity.
CyberSecurity&
NetworkSecuritycomes
underInformation
Security.
03.
Itprotectsanythinginthe
cyberarea.
Itprotectsanythinginthe
networkarea.
Informationsecurityisfor
informationirrespectiveof
thespace.
14
Sr.# CyberSecurity NetworkSecurity InformationSecurity
04.
Itdealswithprotectionfrom
cyberattacks.
Itdealswithprotection
fromDOS(Denialof
Service)attacks.
Itdealswiththesecurity
ofdatafromanykindof
threat.
05.
Cybersecurityattacks
againstcybercrimeand
cyberfraud.
NetworkSecurityattacks
againsttrojans.
InformationSecurity
attacksagainst
unauthorizedaccess,
disclosuremodification,
anddisruption.
06.
Cybersecurityensures the
securityoftheentiredigital
data.
Networksecurityonly
ensuresthesecurityof
transitdata.
Informationsecurity
ensurestheprotectionof
transitanddigitaldata.
Sr.# CyberSecurity NetworkSecurity InformationSecurity
04.
Itdealswithprotectionfrom
cyberattacks.
Itdealswithprotection
fromDOS(Denialof
Service)attacks.
Itdealswiththesecurity
ofdatafromanykindof
threat.
05.
Cybersecurityattacks
againstcybercrimeand
cyberfraud.
NetworkSecurityattacks
againsttrojans.
InformationSecurity
attacksagainst
unauthorizedaccess,
disclosuremodification,
anddisruption.
06.
Cybersecurityensures the
securityoftheentiredigital
data.
Networksecurityonly
ensuresthesecurityof
transitdata.
Informationsecurity
ensurestheprotectionof
transitanddigitaldata.
15
Sr.# CyberSecurity NetworkSecurity InformationSecurity
07.
Itdealswiththesecurityof
thedataresting.
Itsecuresdatatraveling
acrossthenetworkby
terminals.
Itgivesintegrity,
confidentiality,and
availability.
08.
CommonCyberSecurity
Risks:
Socialengineering
Bruteforce
Baiting
Ransomware
CommonNetwork
SecurityRisks:
Viruses,worms,
andtrojans
DenialofService
(DOS)attack
Zero-dayattacks
Common
InformationSecurity
Risks:
Access
Destruction
Availability
Sr.# CyberSecurity NetworkSecurity InformationSecurity
07.
Itdealswiththesecurityof
thedataresting.
Itsecuresdatatraveling
acrossthenetworkby
terminals.
Itgivesintegrity,
confidentiality,and
availability.
08.
CommonCyberSecurity
Risks:
Socialengineering
Bruteforce
Baiting
Ransomware
CommonNetwork
SecurityRisks:
Viruses,worms,
andtrojans
DenialofService
(DOS)attack
Zero-dayattacks
Common
InformationSecurity
Risks:
Access
Destruction
Availability
https://nr3c.gov.pk/about_us.ht
ml
16
ml
16
17
18
MultanAddress
•CYBERCRIMEWING
–INCHARGECYBERCRIME
FIAOFFICEH.06,STREET-3
SHALIMARTOWN BOSANTOWN
MULTAN
–PHONE+9261-9330999
MultanAddress
•CYBERCRIMEWING
–INCHARGECYBERCRIME
FIAOFFICEH.06,STREET-3
SHALIMARTOWN BOSANTOWN
MULTAN
–PHONE+9261-9330999
19
TopCybersecurity
companiesinPakistanList2022Updated
•DeltaTech,Pakistan’sCyberSecurity
ConsultingFirm
•Tier3CyberSecurityServices–Pakistan
•CatalyicSecurity|CyberSecuritySolutions|
Cyber SecurityCompany|
catalyicsecurity.com
•TrilliumInformationSecuritySystems(TISS)
•PakCERT[PakistanComputerEmergency
Response Team]
•DunicotPvt.Ltd.,CyberSecurityServices
Company
•Tranchulas
•CyberSecurityconsultancyCompany
•InstituteofCyberSecurity
•PakistanInformationSecurityAssociation
(PISA)
TopCybersecurity
companiesinPakistanList2022Updated
•DeltaTech,Pakistan’sCyberSecurity
ConsultingFirm
•Tier3CyberSecurityServices–Pakistan
•CatalyicSecurity|CyberSecuritySolutions|
Cyber SecurityCompany|
catalyicsecurity.com
•TrilliumInformationSecuritySystems(TISS)
•PakCERT[PakistanComputerEmergency
Response Team]
•DunicotPvt.Ltd.,CyberSecurityServices
Company
•Tranchulas
•CyberSecurityconsultancyCompany
•InstituteofCyberSecurity
•PakistanInformationSecurityAssociation
(PISA)
20
21
InformationSecurity
Policy
•AnInformationSecurityPolicy(ISP)isaset
of rulesthatguideindividualswhenusingIT
assets.
•Companiescancreateinformation
security policies
–toensurethatemployeesandotherusers
follow securityprotocolsandprocedures.
•Securitypoliciesareintendedtoensurethat
–onlyauthorizeduserscanaccesssensitive
systemsand information.
InformationSecurity
Policy
•AnInformationSecurityPolicy(ISP)isaset
of rulesthatguideindividualswhenusingIT
assets.
•Companiescancreateinformation
security policies
–toensurethatemployeesandotherusers
follow securityprotocolsandprocedures.
•Securitypoliciesareintendedtoensurethat
–onlyauthorizeduserscanaccesssensitive
systemsand information.
22
•Tomakeyourpolicytrulyeffective,
–updateitfrequentlybasedoncompany
changes,
–newthreats,conclusionsdrawn
from previousbreaches,
–andchangestosecuritysystemsandtools.
•Makeyourinformationsecurity
strategy practicalandreasonable.
•Tomeettheneedsandurgencyof
different departmentswithinthe
organization,
–itisnecessarytodeployasystemof
exceptions, withanapprovalprocess,
–enablingdepartmentsorindividualsto
deviate fromtherulesinspecific
•Tomakeyourpolicytrulyeffective,
–updateitfrequentlybasedoncompany
changes,
–newthreats,conclusionsdrawn
from previousbreaches,
–andchangestosecuritysystemsandtools.
•Makeyourinformationsecurity
strategy practicalandreasonable.
•Tomeettheneedsandurgencyof
different departmentswithinthe
organization,
–itisnecessarytodeployasystemof
exceptions, withanapprovalprocess,
–enablingdepartmentsorindividualsto
deviate fromtherulesinspecific
23
TopInformationSecurity
Threats
1.UnsecureorPoorlySecuredSystems
•Thespeedandtechnologicaldevelopment
–Oftenleadstocompromisesinsecurity
measures.
•Inothercases,systemsaredeveloped
without securityinmind,
–Remaininoperationatanorganizationas
legacy systems.
•Organizationsmustidentifythesepoorly
secured systems,
–andmitigatethethreatbysecuringorpatching
them orisolatingthem.
TopInformationSecurity
Threats
1.UnsecureorPoorlySecuredSystems
•Thespeedandtechnologicaldevelopment
–Oftenleadstocompromisesinsecurity
measures.
•Inothercases,systemsaredeveloped
without securityinmind,
–Remaininoperationatanorganizationas
legacy systems.
•Organizationsmustidentifythesepoorly
secured systems,
–andmitigatethethreatbysecuringorpatching
them orisolatingthem.
24
2.SocialMedia
Attacks•Manypeoplehavesocialmediaaccounts,
–wheretheyoftenunintentionallysharealot
of informationaboutthemselves.
•Attackerscanlaunchattacksdirectlyvia
social media,
–Eg.Byspreadingmalwareviasocial
media messages,orindirectly,byusing
information obtainedfromthesesitesto
analyzeuserand organizational
vulnerabilities,andusethemto
designanattack.
2.SocialMedia
Attacks•Manypeoplehavesocialmediaaccounts,
–wheretheyoftenunintentionallysharealot
of informationaboutthemselves.
•Attackerscanlaunchattacksdirectlyvia
social media,
–Eg.Byspreadingmalwareviasocial
media messages,orindirectly,byusing
information obtainedfromthesesitesto
analyzeuserand organizational
vulnerabilities,andusethemto
designanattack.
25
3.Social
Engineering•Itinvolvesattackerssendingemailsandmessages
–thattrickusersintoperformingactionsthatmay
compromisetheirsecurityordivulgeprivate
information.
–Attackersmanipulateusersusingpsychological
triggerslike curiosity,urgencyorfear.
•Becausethesourceofasocialengineering
message appearstobetrusted,
–peoplearemorelikelytocomply,forexampleby
clickinga linkthatinstallsmalwareontheir
device,orbyproviding personalinformation,
credentials,orfinancialdetails.
•Organizationscanmitigateitbymakingusers
–awareofitsdangersand
–trainingthemtoidentifyandavoidsuspected
social engineeringmessages.
–Inaddition,technologicalsystemscanbeusedto
block socialengineeringatitssource.
3.Social
Engineering•Itinvolvesattackerssendingemailsandmessages
–thattrickusersintoperformingactionsthatmay
compromisetheirsecurityordivulgeprivate
information.
–Attackersmanipulateusersusingpsychological
triggerslike curiosity,urgencyorfear.
•Becausethesourceofasocialengineering
message appearstobetrusted,
–peoplearemorelikelytocomply,forexampleby
clickinga linkthatinstallsmalwareontheir
device,orbyproviding personalinformation,
credentials,orfinancialdetails.
•Organizationscanmitigateitbymakingusers
–awareofitsdangersand
–trainingthemtoidentifyandavoidsuspected
social engineeringmessages.
–Inaddition,technologicalsystemscanbeusedto
block socialengineeringatitssource.
26
27
4.Malwareon
Endpoints•Organizationalusersworkwithalarge
varietyof endpointdevices,
–Includingdesktopcomputers,laptops,tablets,and
mobile phones,
–Manyofwhichareprivatelyownedandnotunderthe
organization’scontrol,
–AllofwhichconnectregularlytotheInternet.
•Aprimarythreatonalltheseendpointsis
malware, whichcanbetransmittedbyavariety
ofmeans,
–canresultincompromiseoftheendpointitself,
–canalsoleadtoprivilegeescalationtoother
organizational systems.
•Traditionalantivirussoftwareisinsufficientto
blockall modernformsofmalware,and
–moreadvancedapproachesaredevelopingto
securing
endpoints,suchasendpointdetectionandresponse
(EDR).
4.Malwareon
Endpoints•Organizationalusersworkwithalarge
varietyof endpointdevices,
–Includingdesktopcomputers,laptops,tablets,and
mobile phones,
–Manyofwhichareprivatelyownedandnotunderthe
organization’scontrol,
–AllofwhichconnectregularlytotheInternet.
•Aprimarythreatonalltheseendpointsis
malware, whichcanbetransmittedbyavariety
ofmeans,
–canresultincompromiseoftheendpointitself,
–canalsoleadtoprivilegeescalationtoother
organizational systems.
•Traditionalantivirussoftwareisinsufficientto
blockall modernformsofmalware,and
–moreadvancedapproachesaredevelopingto
securing
endpoints,suchasendpointdetectionandresponse
(EDR).
28
5.Lackof
Encryption•Encryptionprocessesencodedatasothatit
can onlybedecodedbyuserswithsecret
keys.
–Itisveryeffectiveinpreventingdataloss
–incaseofequipmentlossortheft
–incaseoforganizationalsystemsare
compromisedby attackers.
•Unfortunately,thismeasureisoften
overlooked duetoitscomplexityandlackof
legalobligations associatedwithproper
implementation.
•Organizationsareincreasingly
adopting encryption,
–bypurchasingstoragedevicesor
–usingcloudservicesthatsupportencryption,or
–usingdedicatedsecuritytools.
5.Lackof
Encryption•Encryptionprocessesencodedatasothatit
can onlybedecodedbyuserswithsecret
keys.
–Itisveryeffectiveinpreventingdataloss
–incaseofequipmentlossortheft
–incaseoforganizationalsystemsare
compromisedby attackers.
•Unfortunately,thismeasureisoften
overlooked duetoitscomplexityandlackof
legalobligations associatedwithproper
implementation.
•Organizationsareincreasingly
adopting encryption,
–bypurchasingstoragedevicesor
–usingcloudservicesthatsupportencryption,or
–usingdedicatedsecuritytools.
29
6.Security
Misconfiguration•Modernorganizationsuseahuge
numberof technologicalplatformsand
tools,
–inparticularwebapplications,databases,and
–SoftwareasaService(SaaS)applications,or
–InfrastructureasaService(IaaS)
•fromproviderslikeAmazonWebServices.
•Enterprisegradeplatformsandcloud
services havesecurityfeatures,
–Butthesemustbeconfiguredbythe
organization.
–Securitymisconfigurationdueto
negligenceor humanerrorcanresult
6.Security
Misconfiguration•Modernorganizationsuseahuge
numberof technologicalplatformsand
tools,
–inparticularwebapplications,databases,and
–SoftwareasaService(SaaS)applications,or
–InfrastructureasaService(IaaS)
•fromproviderslikeAmazonWebServices.
•Enterprisegradeplatformsandcloud
services havesecurityfeatures,
–Butthesemustbeconfiguredbythe
organization.
–Securitymisconfigurationdueto
negligenceor humanerrorcanresult
30
•Anotherproblemis“configurationdrift”,
–wherecorrectsecurityconfigurationcanquickly
becomeoutofdateandmakeasystem
vulnerable,to ITorsecuritystaff.
•Organizationscanmitigate
security misconfigurationusing
–technologicalplatformsthatcontinuously
monitor systems,
–identifyconfigurationgaps,and
–alertorevenautomaticallyremediate
configuration issuesthatmakesystems
vulnerable.
•Anotherproblemis“configurationdrift”,
–wherecorrectsecurityconfigurationcanquickly
becomeoutofdateandmakeasystem
vulnerable,to ITorsecuritystaff.
•Organizationscanmitigate
security misconfigurationusing
–technologicalplatformsthatcontinuously
monitor systems,
–identifyconfigurationgaps,and
–alertorevenautomaticallyremediate
configuration issuesthatmakesystems
vulnerable.
31
CYBERCRIME
PREVENTIONTIPS
HTTPS://NR3C.GOV.PK/CTIPS.HTML
•SECUREYOURSMARTPHONES
–Alwayssecureyoursmartphonewithastrong
password
–Ensurethatyourdevicelocksitselfautomatically
–Installsecuritysoftware
–Onlydownloadappsfromapprovedsources
–Checkyourappspermissions
–Dontmissoperatingsystemupdates
–Bewaryofanylinksyoureceiveviaemailortext
message
–TurnoffautomaticWi-Ficonnection
–Whenbrowsingorshoppingonyourphone(or
computer), alwayslook
for"https"intheurlinsteadof "http"
CYBERCRIME
PREVENTIONTIPS
HTTPS://NR3C.GOV.PK/CTIPS.HTML
•SECUREYOURSMARTPHONES
–Alwayssecureyoursmartphonewithastrong
password
–Ensurethatyourdevicelocksitselfautomatically
–Installsecuritysoftware
–Onlydownloadappsfromapprovedsources
–Checkyourappspermissions
–Dontmissoperatingsystemupdates
–Bewaryofanylinksyoureceiveviaemailortext
message
–TurnoffautomaticWi-Ficonnection
–Whenbrowsingorshoppingonyourphone(or
computer), alwayslook
for"https"intheurlinsteadof "http"
32
•SECUREYOURONLINEBANKING
–NeverusesamePINCODEformultiplebank
accounts
–NeveruseunprotectedPCsatcybercafesfor
internet banking
–Neverkeepyourpincodeandcardstogether
–NeverleavethePCunattended whenusinginternet
bankinginapublicplace
–RegisterforMobileSMS,EmailTransactionAlerts
–Neverreplytoemailsaskingforyourpasswordorpin
code
–VisitbankswebsitebytypingtheURLintheaddress
bar
–Logoffandcloseyourbrowserwhenyouaredone
using internetbanking
–WhenusingATMalwaysconcealkeypadbefore
entering pincode
–BeforeusingATM,makesurethatthereisnoextra
device
installedinthesurroundings
•SECUREYOURONLINEBANKING
–NeverusesamePINCODEformultiplebank
accounts
–NeveruseunprotectedPCsatcybercafesfor
internet banking
–Neverkeepyourpincodeandcardstogether
–NeverleavethePCunattended whenusinginternet
bankinginapublicplace
–RegisterforMobileSMS,EmailTransactionAlerts
–Neverreplytoemailsaskingforyourpasswordorpin
code
–VisitbankswebsitebytypingtheURLintheaddress
bar
–Logoffandcloseyourbrowserwhenyouaredone
using internetbanking
–WhenusingATMalwaysconcealkeypadbefore
entering pincode
–BeforeusingATM,makesurethatthereisnoextra
device
installedinthesurroundings
33
•SECUREYOURFACEBOOK
–Useextrasecurityfeaturestoaccess
account (securitycode,Loginalert
etc)
–Useloginnotificationalert
–Allowspecificindividualstoviewyour
contents (Videos,PhotosandFriends
etc.)
–Controlwhocancontactyou
–Blockyourprofilefromsearchengines
•SECUREYOURFACEBOOK
–Useextrasecurityfeaturestoaccess
account (securitycode,Loginalert
etc)
–Useloginnotificationalert
–Allowspecificindividualstoviewyour
contents (Videos,PhotosandFriends
etc.)
–Controlwhocancontactyou
–Blockyourprofilefromsearchengines
34
•SECUREYOURWI-FI
–ChangeDefaultAdministratorPasswords
and UsernamesoftheWi-Fi Router
–UsecomplexpasswordandchangePassword
after regularintervals
–PositiontheRouterorAccessPointSafely
–TurnofftheNetwork/Wi-Firoutersifitisnot
in use
•SECUREYOURWI-FI
–ChangeDefaultAdministratorPasswords
and UsernamesoftheWi-Fi Router
–UsecomplexpasswordandchangePassword
after regularintervals
–PositiontheRouterorAccessPointSafely
–TurnofftheNetwork/Wi-Firoutersifitisnot
in use
35
•SECUREYOURBROWSING
–Whatyouputonlinewillalwaysremain
there
–Nevertrustanyfreeonlinecontent
–Dontprovidepersonalinformationonlineto
get somethingfree
–Don’tclickonlinksinsidee-mailsor
messages
•SECUREYOURBROWSING
–Whatyouputonlinewillalwaysremain
there
–Nevertrustanyfreeonlinecontent
–Dontprovidepersonalinformationonlineto
get somethingfree
–Don’tclickonlinksinsidee-mailsor
messages
36
Information
Security•Itcanbedefinedas“measures
adoptedtopreventtheunauthorized
use,misuse,modificationordenialof
useofknowledge,facts,dataor
capabilities”.
•ThreeaspectsofISare:
–SecurityAttack
–SecurityMechanism
–SecurityService
Information
Security•Itcanbedefinedas“measures
adoptedtopreventtheunauthorized
use,misuse,modificationordenialof
useofknowledge,facts,dataor
capabilities”.
•ThreeaspectsofISare:
–SecurityAttack
–SecurityMechanism
–SecurityService
37
•SecurityAttack:
–Anyactionthatcomprisesthesecurityofinformation
•SecurityMechanism:
–Amechanismthatisdesignedtodetect,prevent,or
recoverfromasecurity.
•SecurityService:
–Itisaprocessingorcommunicationservicethat
enhances the securityofthe data
processingsystemsandinformationtransfer.The
servicesareintendedtocountersecurityattacks
bymakinguseofoneormoresecurity
mechanismstoprovidetheservice.
•SecurityAttack:
–Anyactionthatcomprisesthesecurityofinformation
•SecurityMechanism:
–Amechanismthatisdesignedtodetect,prevent,or
recoverfromasecurity.
•SecurityService:
–Itisaprocessingorcommunicationservicethat
enhances the securityofthe data
processingsystemsandinformationtransfer.The
servicesareintendedtocountersecurityattacks
bymakinguseofoneormoresecurity
mechanismstoprovidetheservice.
Whatarethe3Principles
ofIS?
•ThebasictenetsofISarecalledtheCIA
Triad
38
ofIS?
•ThebasictenetsofISarecalledtheCIA
Triad
38
Confidentiali
ty•Confidentialitymeasuresare
designedto preventunauthorized
disclosureof information.
•Thepurposeoftheconfidentiality
principleis tokeeppersonalinformation
private
–andtoensurethatitisvisibleandaccessible
only tothoseindividuals whoownitorneed
itto performtheirorganizationalfunctions.
39
ty•Confidentialitymeasuresare
designedto preventunauthorized
disclosureof information.
•Thepurposeoftheconfidentiality
principleis tokeeppersonalinformation
private
–andtoensurethatitisvisibleandaccessible
only tothoseindividuals whoownitorneed
itto performtheirorganizationalfunctions.
39
Integrit
y
•Consistencyincludesprotectionagainst
unauthorized changes(additions,deletions,
alterations,etc.)to data.
•Theprincipleofintegrityensuresthatdatais
accurateandreliableandisnotmodified
incorrectly, whetheraccidentallyormaliciously.
40
y
•Consistencyincludesprotectionagainst
unauthorized changes(additions,deletions,
alterations,etc.)to data.
•Theprincipleofintegrityensuresthatdatais
accurateandreliableandisnotmodified
incorrectly, whetheraccidentallyormaliciously.
40
Availabili
ty
•Availabilityistheprotectionofasystem’sability
to makesoftwaresystemsanddatafully
availablewhen auserneedsit(orataspecified
time).
•Thepurposeofavailabilityistomakethe
technology infrastructure,theapplicationsand
thedataavailable whentheyareneededforan
organizationalprocess orforanorganization’s
customers
.
41
ty
•Availabilityistheprotectionofasystem’sability
to makesoftwaresystemsanddatafully
availablewhen auserneedsit(orataspecified
time).
•Thepurposeofavailabilityistomakethe
technology infrastructure,theapplicationsand
thedataavailable whentheyareneededforan
organizationalprocess orforanorganization’s
customers
.
41
PassiveVs.Active
Attacks
•Informationsecurityisintendedto
protect organizationsagainstmalicious
attacks.
•Therearetwoprimarytypesofattacks:–Passiveand
Active.
Releaseof
message
contents
Traffic
analysis
Passive
Activ
e
Masquerad
e
Repl
y
Modificationof
message
contents
Denialof
Service
4
s
3
Attacks
•Informationsecurityisintendedto
protect organizationsagainstmalicious
attacks.
•Therearetwoprimarytypesofattacks:–Passiveand
Active.
Releaseof
message
contents
Traffic
analysis
Passive
Activ
e
Masquerad
e
Repl
y
Modificationof
message
contents
Denialof
Service
4
s
3
43
Passive
Attack•Inapassiveattack,anattackermonitorsa
systemandillegallycopiesinformation
withoutalteringit.
•Theythenusethisinformationto
disruptnetworksorcompromisetarget
systems.
•Theattackersdonotmakeanychangeto
thecommunicationorthetargetsystems.
–Thismakesitmoredifficulttodetect.
•However,encryptioncanhelpprevent
passiveattacksbecauseitobfuscatesthe
data,makingitmoredifficultforattackersto
makeuseofit.
Passive
Attack•Inapassiveattack,anattackermonitorsa
systemandillegallycopiesinformation
withoutalteringit.
•Theythenusethisinformationto
disruptnetworksorcompromisetarget
systems.
•Theattackersdonotmakeanychangeto
thecommunicationorthetargetsystems.
–Thismakesitmoredifficulttodetect.
•However,encryptioncanhelpprevent
passiveattacksbecauseitobfuscatesthe
data,makingitmoredifficultforattackersto
makeuseofit.
APassiveattackattemptstolearnormake
useof informationfromthesystem,butdoes
notaffect systemresources.
44
useof informationfromthesystem,butdoes
notaffect systemresources.
44
45
Typesofpassive
attacks•Releaseofmessagecontent
–Itmaybedesirabletopreventtheopponent
from learningthecontentsofthe
transmission.
•Trafficanalysis
–Amoreclevertechniquewherethe
•Opponentcoulddeterminethelocationand
identityof communicatinghosts
•Couldobservethefrequency&lengthof
encrypted messagesbeingexchangedthere
•byguessingthenatureofcommunicationtaking
place.
Typesofpassive
attacks•Releaseofmessagecontent
–Itmaybedesirabletopreventtheopponent
from learningthecontentsofthe
transmission.
•Trafficanalysis
–Amoreclevertechniquewherethe
•Opponentcoulddeterminethelocationand
identityof communicatinghosts
•Couldobservethefrequency&lengthof
encrypted messagesbeingexchangedthere
•byguessingthenatureofcommunicationtaking
place.
Active
Attack•Activeattacksinvolvesomemodification
of thedatastreamorcreationofafalse
stream. Anactiveattackattemptstoalter
system resourcesoraffecttheir
operation.
46
Attack•Activeattacksinvolvesomemodification
of thedatastreamorcreationofafalse
stream. Anactiveattackattemptstoalter
system resourcesoraffecttheir
operation.
46
FourtypesofActive
attacks•Masquerade:Here,anentitypretendstobe
some otherentity.Itusuallyincludes
oneoftheotherforms
of activeattack
–Example:Ifthelegitimateuserleavesthe
terminalorsessionopenandloggedin,a
coworkermayactasamasqueradeattacker.
–Vulnerableauthenticationisoneofthe
otherfactorthatcantriggeramasquerade
attack,asithelpstheattackertogainaccess
mucheasily.
47
attacks•Masquerade:Here,anentitypretendstobe
some otherentity.Itusuallyincludes
oneoftheotherforms
of activeattack
–Example:Ifthelegitimateuserleavesthe
terminalorsessionopenandloggedin,a
coworkermayactasamasqueradeattacker.
–Vulnerableauthenticationisoneofthe
otherfactorthatcantriggeramasquerade
attack,asithelpstheattackertogainaccess
mucheasily.
47
Replay:Itinvolvesthepassivecaptureofadataunit
anditssubsequentretransmissiontoproducean
unauthorizedeffect.i.e.transmissionismaliciouslyor
fraudulentlyrepeatedordelayed
48
man-in-the-middle
attack
anditssubsequentretransmissiontoproducean
unauthorizedeffect.i.e.transmissionismaliciouslyor
fraudulentlyrepeatedordelayed
48
man-in-the-middle
attack
•Modificationofmessages:Itmeansthatsome
portionofa legitimatemessageisaltered,orthat
messagesaredelayedtoproduceanunauthorizedeffect.
–Ex:“John’saccnois2346”ismodifiedas“John’saccnois7892”
•Denialofservice:Thisattackpreventsorinhibitsthe
normaluse ormanagementofcommunicationfacilities.
–Ex:(a)Disruptionofentirenetworkbydisablingit
–(b)Suppressionofallmessagestoaparticulardestination
bya thirdparty.
49
portionofa legitimatemessageisaltered,orthat
messagesaredelayedtoproduceanunauthorizedeffect.
–Ex:“John’saccnois2346”ismodifiedas“John’saccnois7892”
•Denialofservice:Thisattackpreventsorinhibitsthe
normaluse ormanagementofcommunicationfacilities.
–Ex:(a)Disruptionofentirenetworkbydisablingit
–(b)Suppressionofallmessagestoaparticulardestination
bya thirdparty.
49
Commonvariantsofanactive
attacks
1.Interruption
•theattackerinterruptstheoriginalcommunication
and createsnew,maliciousmessages,
pretendingtobeoneof thecommunicating
parties.
•Anassetofthesystemisdestroyedorbecomes
unavailable orunusable.Itisanattackon
availability.
–Examples
•Destructionofsomehardware
•Jammingwirelesssignals
•Disablingfilemanagementsystems
50
attacks
1.Interruption
•theattackerinterruptstheoriginalcommunication
and createsnew,maliciousmessages,
pretendingtobeoneof thecommunicating
parties.
•Anassetofthesystemisdestroyedorbecomes
unavailable orunusable.Itisanattackon
availability.
–Examples
•Destructionofsomehardware
•Jammingwirelesssignals
•Disablingfilemanagementsystems
50
2.
Interception–Anunauthorizedpartygainsaccesstoanasset.
Attackon confidentiality.
•Examples:
–Wiretappingtocapturedataina
network.
–Illicitlycopyingdataorprograms
–Eavesdropping
51
Interception–Anunauthorizedpartygainsaccesstoanasset.
Attackon confidentiality.
•Examples:
–Wiretappingtocapturedataina
network.
–Illicitlycopyingdataorprograms
–Eavesdropping
51
3.
ModificationWhenanunauthorizedpartygainsaccess
and tampersanasset.Attackison
Integrity.
•Examples:
–Changingdatafile
–Alteringaprogramandthecontentsofa
message
52
ModificationWhenanunauthorizedpartygainsaccess
and tampersanasset.Attackison
Integrity.
•Examples:
–Changingdatafile
–Alteringaprogramandthecontentsofa
message
52
4.
Fabrication•Createsfake,orsynthetic,communications,typicallywith
theaimofachievingdenialofservice(DoS).This
preventsusersfromaccessingsystemsorperforming
normaloperations.
•Anunauthorizedpartyinsertsabogusobjectintothe
system.
AttackonAuthenticity.Alsocalledimpersonation
•Examples:
–Hackersgainingaccesstoapersonalemailand
sending message
–Insertionofrecordsindatafiles
–Insertionofspuriousmessagesinanetwork
53
Fabrication•Createsfake,orsynthetic,communications,typicallywith
theaimofachievingdenialofservice(DoS).This
preventsusersfromaccessingsystemsorperforming
normaloperations.
•Anunauthorizedpartyinsertsabogusobjectintothe
system.
AttackonAuthenticity.Alsocalledimpersonation
•Examples:
–Hackersgainingaccesstoapersonalemailand
sending message
–Insertionofrecordsindatafiles
–Insertionofspuriousmessagesinanetwork
53
54
ReadingAssignment
Question:Whatdoyouknowabout
HERMIT Spyware?
–Readandprepareitsbriefsummary
–NoneedtosubmititsHard/Softcopy.
–Willbediscussedinclass.
–Deadline:BeforeNextlecture.
ReadingAssignment
Question:Whatdoyouknowabout
HERMIT Spyware?
–Readandprepareitsbriefsummary
–NoneedtosubmititsHard/Softcopy.
–Willbediscussedinclass.
–Deadline:BeforeNextlecture.
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 136
- Slides 54
- Age 566 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
33 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
36 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
33 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views