1 / 52

Information Security in Today’s World

Information Security in Today’s World. Abdalla Al- Ameen Assistant Prof. Computer Science and information Dept. College of Arts and Science in WadiAddawasir Salman Bin Abdulaziz University K.S.A Web site : http://faculty.sau.edu.sa/a.alameen Email: a.alameen@sau.edu.sa.

tomai
Télécharger la présentation

Information Security in Today’s World

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Information Security in Today’s World Abdalla Al-AmeenAssistant Prof.Computer Science and information Dept. College of Arts and Science in WadiAddawasir Salman Bin Abdulaziz University K.S.A Web site :http://faculty.sau.edu.sa/a.alameen Email: a.alameen@sau.edu.sa

  2. “The minute you dial in to your Internet service provider or connect to a DSL or cable modem, you are casting your computer adrift in a sea of millions of other computers – all of which are sharing the world's largest computer network, the Internet. Most of those computers are cooperative and well behaved, but some are downright nasty. Only you can make sure your computer is ready for the experience.” Daniel Appleman, Always Use Protection, A Teen's Guide to Safe Computing, (2004 – Apress) Protecting Your PC, Privacy and Self 2

  3. Objectives:this seminar aims to cover the following topics • Computer Security definition • Information Security Topic areas • Core Security Concepts • Why Study Computer Security? • The Importance of Information Security • Security Services • Challenges • Latest Trends • Overview of Existing Security Systems • Protecting one Computer • Protecting a Wireless Local Area Network (WLAN) • What Can We Do?

  4. Introduction Information security is defined as methods and technologies for deterrence (scaring away hackers), protection, detection, response, recovery and extended functionalities OR Process by which digital information assets are protected 4

  5. A broader category than computer security, information security, etc. Concerned with the Security of information in system Quality/Reliability of information in system Information Assurance 5

  6. Policies and procedures, authentication, attacks, remote access, E-mail, Web, wireless, devices, media/medium, secure architectures, IDSes/IPSes, operating systems, secure code, Cryptography, physical security, digital media analysis… What Information Security Topic areas? 6

  7. Vulnerability, Exploit, Threat Vulnerability – a weakness in some aspect of a system Exploit – a known method for taking advantage of a vulnerability Threat – the likelihood of some agent using an exploit to compromise security Note: not all users/groups are equal threats to various systems “Hackers” more of a threat to popular web sites, businesses Disgruntled employees more of a threat to isolated businesses Core Security Concepts 7

  8. Generic Security System Protection Detection Response Recovery Deterrence (Scare away) Generic Security Principles Information while in transmission Information while in storage Hacker Hardware 8

  9. Increasingly important issue for: Computer system and network administrators Application programmers Security issues follow technology Desktop systems, wireless networks, handheld devices Security issues affect software, laws, profits and businesses Why Study Computer Security? 9

  10. Prevents data theft Avoids legal consequences of not securing information Maintains productivity Foils cyberterrorism Thwarts identity theft The Importance of Information Security 10

  11. Security Services : Confidentiality Confidentiality To keep a message secret to those that are not authorized to read it Authentication Access Control Integrity Non-repudiation Availability 11

  12. Security Services: Authentication Confidentiality Authentication To verify the identity of the user / computer Access Control Integrity Non-repudiation Availability 12

  13. Security Services: Access Control Confidentiality Authentication Access Control To be able to tell who can do what with which resource Integrity Non-repudiation Availability 13

  14. Security Services: Integrity Confidentiality Authentication Access Control To make sure that a message has not been changed while on Transfer, storage, etc Integrity Non-repudiation Availability 14

  15. Security Services: Non-repudiation Confidentiality Authentication Access Control To make sure that a user/server can’t deny later having participated in a transaction Integrity Non-repudiation Availability 15

  16. Security Services: Availability Confidentiality Authentication Access Control Integrity To make sure that the services are always available to users. Non-repudiation Availability 16

  17. A number of trends illustrate why security is becoming increasingly difficult: Speed of attacks Sophistication of attacks Faster detection of weaknesses Distributed attacks Difficulties of patching Challenges 17

  18. Crime of the 21st century Involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and destroy their credit rating National, state, and local legislation continues to be enacted to deal with this growing problem. Latest Trends - Identity Theft 18

  19. Phishing is a method used by identity thieves to take financial information from a computer user The word “phishing” was made up by hackers as a cute word to use for the concept of fishing for information One of the most profitable forms of spamming Often used in conjunction with spoofed Web sites Latest Trends - Identity Theft - continued 19

  20. Designed to operate without the computer user’s permission May change or destroy data May operate hardware without authorization Can hijack your Web browser Might steal information or otherwise cheat a computer user or organization Latest Trends - Malicious Software (Malware) 20

  21. Malware: Includes computer viruses, worms, trojan horses, bots, spyware, adware, etc Software is considered malware based on the intent of the creator rather than any particular features 21

  22. Spyware Keyloggers Rootkits Mobile malware Combined attack mechanisms Malware Trends 22

  23. Advertisement-focused applications that, much like computer worms, install themselves on systems with little or no user interaction While such an application may be legal, it is usually installed without the user’s knowledge or informed consent A user in an organization could download and install a useful (often “free”) application from the Internet and in doing so, install a spyware component Malware Trends - Spyware 23

  24. Spyware can collect many different types of information about a user: Records the types of websites a user visits Records what is typed by the user to intercept passwords or credit card numbers Used to launch “pop up” advertisements Many legitimate companies incorporate forms of spyware into their software for purposes of advertisement(Adware) Spyware: 24

  25. Spyware Example 25

  26. Spyware Example(add-on toolbars) 26

  27. Used to capture user’s keystrokes: Also known as Keystoke Logging Hardware and software-based Useful purposes: Help determine sources of errors on system Measure employee productivity on certain clerical tasks Malware Trends - Keyloggers 27

  28. Keystroke Logging: Can be achieved by both hardware and software means Hardware key loggers are commercially available devices which come in three types: Inline devices that are attached to the keyboard cable Devices installed inside standard keyboards Keyboards that contain the key logger already built-in Writing software applications for keylogging is trivial, and like any computer program can be distributed as malware (virus, trojan, etc.) 28

  29. Is a set of software tools intended to hide running processes, files or system data, thereby helping an intruder to maintain access to a system while avoiding detection Often modify parts of the operating system or install themselves as drivers or kernel modules Are known to exist for a variety of operating systems Are difficult to detect Malware Trends - Rootkits 29

  30. Increase in the number of mobile phone viruses being written But , Insignificant compared to the much larger number of viruses being written which target Windows desktop computers Malware Trends - Mobile Malware 30

  31. SPAM with spoofed Web sites Trojans installing bot software Trojans installing backdoors برنامج آلي Malware Trends - Combined Attack Mechanisms 31

  32. Spamming is the abuse of electronic messaging systems to send unsolicited, undesired bulk messages Spam media includes: e-mail spam (most widely recognized form) instant messaging spam Usenet newsgroup spam Web search engine spam spam in blogs mobile phone messaging spam Spam: 32

  33. Spam Example 33

  34. A criminal activity using social engineering techniques. An attempt to acquire sensitive data, such as passwords and credit card details, by appearing as a trustworthy person or business in an electronic communication. Typically carried out using email or an instant message Phishing: 34

  35. Phishing Example Points to “bad” IP Address! 35

  36. Type of malware that encrypts the victim’s data, demanding ransom for its returning. Cryptovirology predates ransomware Latest Trends - Ransomware 36

  37. Overview of Existing Security Systems : FirewallsUsed even for Deterring (Scaring attackers) • Firewalls  Designed to prevent malicious packets from entering • Software based  Runs as a local program to protect one computer (personal firewall) or as a program on a separate computer (network firewall) to protect the network • Hardware based  separate devices that protect the entire network (network firewalls) 37

  38. Overview of Existing Security Systems : Detection -Intrusion Detection Systems • Intrusion Detection System (IDS)  Examines the activity on a network • Goal is to detect intrusions and take action • Two types of IDS: • Host-based IDS  Installed on a server or other computers (sometimes all) • Monitors traffic to and from that particular computer • Network-based IDS  Located behind the firewall and monitors all network traffic 38

  39. Overview of Existing Security Systems :Network Address Translation (NAT) Network Address Translation (NAT) Systems  Hides the IP address of network devices Located just behind the firewall. NAT device uses an alias IP address in place of the sending machine’s real one “You cannot attack what you can’t see” 39

  40. Overview of Existing Security Systems :Proxy Servers • Proxy Server  Operates similar to NAT, but also examines packets to look for malicious content Replaces the protected computer’s IP address with the proxy server’s address • Protected computers never have a direct connection outside the networkThe proxy server intercepts requests. Acts “on behalf of” the requesting client 40

  41. Adding a Special Network called Demilitarized Zone (DMZ) • Demilitarized Zones (DMZ)  Another network that sits outside the secure network perimeter. Outside users can access the DMZ, but not the secure network • Some DMZs use two firewalls. This prevents outside users from even accessing the internal firewall  Provides an additional layer of security 41

  42. Overview of Existing Security Systems :Virtual PrivateNetworks (VPN) • Virtual Private Networks (VPNs)  A secure network connection over a public network • Allows mobile users to securely access information • Sets up a unique connection called a tunnel 42

  43. Overview of Existing Security Systems :Virtual Private Networks (VPN) 43

  44. Overview of Existing Security Systems :Honeypots • Honeypots  Computer located in a DMZ and loaded with files and software that appear to be authentic, but are actually imitations • Intentionally configured with security holes • Goals: Direct attacker’s attention away from real targets; Examine the techniques used by hackers 44

  45. SSL is used for securing communication between clients and servers. It provides mainly confidentiality, integrity and authentication Overview of Existing Security Systems :Secure Socket Layer (SSL) Establish SSL connection - communication protected Client WWW Server 45

  46. Summary (continued) Protecting one Computer • Operating system hardening is the process of making a PC operating system more secure • Patch management • Antivirus software – to protect your pc from viruses • Antispyware software • Firewalls – to deter (scare), protect • Setting correct permissions for shares • Intrusion detection Systems – to detect intrusions • Cryptographic systems 46

  47. Protecting a Wireless Local Area Network (WLAN) 47

  48. Security in a Wireless LAN • WLANs include a different set of security issues • Steps to secure: • Turn off broadcast information • MAC address filtering • Encryption • Password protect the access point • Physically secure the access point • Use enhanced WLAN security standards whenever possible • Use cryptographic systems 48

  49. Security Assessment Identify areas of risk Identify potential for security holes, breakdown Identify steps to mitigate Security Application Multi-layered Approach (there is no single solution) Policies and Procedures Security Awareness Not just for the geeks! Security Training at all levels (external and/or internal) Continuing education and awareness – not a one-time shot! Make it part of the culture What Can We Do? 49

  50. What Can We Do? Security Awareness Not just for the geeks! Security Training at all levels (external and/or internal) Continuing education and awareness – not a one-time shot! Make it part of the culture 50

More Related