SlideShare a Scribd company logo

Security

Inayat Ali
Inayat Ali

Security in Networks, Viruses. Attacks.

Education
1 of 17
Download to read offline
1
Chapter 11 SECURITY Presented By: Inayat ali fa15-r01-002 Sonia sabir fa15-r01-010 2
CONTENTS Threats Categorization Passive Attacks Active Attacks in message passing Active attacks Viruses, Worms, Trojan Horses, DoS  Spy wares Proxy IDS 3
Threats Categorization Four main areas: • leakage: information leaving system. • tampering: unauthorized information altering. • resource stealing: illegal use of resources. • vandalism: disturbing correct system operation. • denial of service: disrupting legitimate system use. Used to specify what the system is secure against. 4
Threats Leakage denotes the disclosure of information to unauthorised subjects. • Baazi hacking into a CAD System of Rolls Royce in order to obtain the latest design RR's jet engines. • Although fatal in this case, leakage is probably the category that causes the least damage of the above. Tampering denotes the unauthorized modification of data. • We would have a case of tampering, if you hacked into the School's database in order to alter the marks of your Distributed System course works 5
Threats Resource stealing identifies the illegal use of resources and not paying, e.g CPU time, Bandwidth, Air time of mobiles • A case of resource stealing has occurred when hackers hacked into computers of telephone companies and managed to have their phone calls charged to other customer's accounts. Vandalism denotes the disturbance of correct system operation. • The security of CS Dept. in Milan was broken and super user privileges were acquired and then the system's hard disks were formatted. This caused serious damage to the departmental operations for a session. 6
Methods of Passive Attack Eavesdropping: Obtaining message copies without authority. Masquerading (Spoofing): Using identity of another principle without authority. Message tampering: Intercepting and altering messages. Replaying: Storing messages and sending them later. Flooding: sending too many messages 7
Active Attacks associated with message passing Integrity Check Authenticity Attack Denial Attack Delay Attack Reply Attack 8
1-9 Active Attacks Virus • infection by receiving object (e.g., e-mail attachment), actively executing • self-replicating: propagate itself to other hosts, users  Worm:  infection by passively receiving object that gets itself executed  Eg. Internet worm attack by R.T Morris  Rsh UNIX, Finger, sendmail  self- replicating: propagates to other hosts, users
Worms vs. viruses Viruses require other programs to run Worms are self-running (separate process) The 1988 Internet Worm Consisted of two programs Bootstrap to upload worm The worm itself Exploited bugs in sendmail and finger Next replicated itself on new machines 10
 A logic bomb is a piece of Code intentionally inserted into a software System that will set off a malicious function when specified conditions are met.  Condition: Time, Date, Program parameters etc  Installed by insider. E.g Delete some critical code upon termination  Eg. Roger Duronio, UBS PaineWebber system administrator  Sentenced for 8 years logic bomb 11
 Programs that must be installed or executed by a user to be effective.  Helpful or entertaining Programs, OS patches, games  Unintended Actions, Open ports for later intruderAccess  Replacing certain files with malicious one  Time Bombs Trojans that activate on certain dates Trojan horses 12
1-13 Denial of service attacks Attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic 1. select target 2. break into hosts around the network (collectively, known as botnet) 3. send packets toward target from compromised hosts target
Spyware:  Infection by downloading web page with spyware  Records keystrokes, web sites visited, upload info to collection site  Adware, Tracking cookies key logger  Solution: Anti Spy ware like PC Tool, Spyware Doctor Proxy Server  Intermediary between Client and Server  Filter Requests  Provide security to Network 14
Intrusion detection system  Device or software  Monitor Network Traffic or system activities  Two types Network IDS:  Monitor traffic to and from all the devices  Matches traffic to the library of known attacks  Generate alerts if found an attack 15
Host IDS:  Run on individual Host or devices  Inbound and outbound packets from the device only  Alert admin if suspicious activity is found  Snap shot of existing system and match it with the previous 16
THANK YOU 17

Recommended

Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
Amjad Bhutto
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
Malware
MalwareMalware
Malware
Harshdeep Singh
 
Trojan horse
Trojan horseTrojan horse
Trojan horse
Gaurang Rathod
 
Malicious Software
Malicious SoftwareMalicious Software
Malicious Software
Hamza Muhammad
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
Aamlan Saswat Mishra
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch
Pruthvi Monarch
 
Virus & Computer security threats
Virus & Computer security threatsVirus & Computer security threats
Virus & Computer security threats
Azri Abdin
 

Recommended

Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
Amjad Bhutto
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
Malware
MalwareMalware
Malware
Harshdeep Singh
 
Trojan horse
Trojan horseTrojan horse
Trojan horse
Gaurang Rathod
 
Malicious Software
Malicious SoftwareMalicious Software
Malicious Software
Hamza Muhammad
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
Aamlan Saswat Mishra
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch
Pruthvi Monarch
 
Virus & Computer security threats
Virus & Computer security threatsVirus & Computer security threats
Virus & Computer security threats
Azri Abdin
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
missstevenson01
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
Reddhi Basu
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwares
Mirza Adnan Baig
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber security
Bansari Shah
 
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horseintroduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horse
Spandan Patnaik
 
Virus detection system
Virus detection systemVirus detection system
Virus detection system
Akshay Surve
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
ahmad abdelhafeez
 
Ethical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spywareEthical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spyware
missstevenson01
 
Trojan horse and salami attack
Trojan horse and salami attackTrojan horse and salami attack
Trojan horse and salami attack
guestc8c7c02bb
 
Malware and security
Malware and securityMalware and security
Malware and security
Gurbakash Phonsa
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3
Education
 
Malware
MalwareMalware
Malware
Tuhin_Das
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
Arpit Mittal
 
Ethical hacking anti virus
Ethical hacking anti virusEthical hacking anti virus
Ethical hacking anti virus
missstevenson01
 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmesh
Dharmesh Kumar Sharma
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
Shrey Vyas
 
Malicious software
Malicious softwareMalicious software
Malicious software
CAS
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virus
HTS Hosting
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentation
ikmal91
 
Firewall , Viruses and Antiviruses
Firewall , Viruses and AntivirusesFirewall , Viruses and Antiviruses
Firewall , Viruses and Antiviruses
Vikas Chandwani
 
why security is needed
why security is neededwhy security is needed
why security is needed
sourov_das
 
System_security.pptx
System_security.pptxSystem_security.pptx
System_security.pptx
SusmitaSaha812194
 

More Related Content

What's hot

Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
Reddhi Basu
 
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horseintroduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horse
Spandan Patnaik
 
Trojan horse and salami attack
Trojan horse and salami attackTrojan horse and salami attack
Trojan horse and salami attack
guestc8c7c02bb
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentation
ikmal91
 

What's hot (20)

Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwares
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber security
 
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horseintroduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horse
 
Virus detection system
Virus detection systemVirus detection system
Virus detection system
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
 
Ethical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spywareEthical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spyware
 
Trojan horse and salami attack
Trojan horse and salami attackTrojan horse and salami attack
Trojan horse and salami attack
 
Malware and security
Malware and securityMalware and security
Malware and security
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3
 
Malware
MalwareMalware
Malware
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
Ethical hacking anti virus
Ethical hacking anti virusEthical hacking anti virus
Ethical hacking anti virus
 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmesh
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virus
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentation
 
Firewall , Viruses and Antiviruses
Firewall , Viruses and AntivirusesFirewall , Viruses and Antiviruses
Firewall , Viruses and Antiviruses
 

Similar to Security

why security is needed
why security is neededwhy security is needed
why security is needed
sourov_das
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkg
Umang Gupta
 

Similar to Security (20)

why security is needed
why security is neededwhy security is needed
why security is needed
 
System_security.pptx
System_security.pptxSystem_security.pptx
System_security.pptx
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
 
Mitppt
MitpptMitppt
Mitppt
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
 
Attack on computer
Attack on computerAttack on computer
Attack on computer
 
Information about malwares and Attacks.pptx
Information about malwares and Attacks.pptxInformation about malwares and Attacks.pptx
Information about malwares and Attacks.pptx
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
System tThreats
System tThreatsSystem tThreats
System tThreats
 
Security threats
Security threatsSecurity threats
Security threats
 
Information security
Information securityInformation security
Information security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Information Assurance And Security - Chapter 2 - Lesson 3
Information Assurance And Security - Chapter 2 - Lesson 3Information Assurance And Security - Chapter 2 - Lesson 3
Information Assurance And Security - Chapter 2 - Lesson 3
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz)
 
Computer Worms
Computer WormsComputer Worms
Computer Worms
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
 
Orientation 28 sep education purpose only.pptx
Orientation 28 sep education purpose only.pptxOrientation 28 sep education purpose only.pptx
Orientation 28 sep education purpose only.pptx
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkg
 

Recently uploaded

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 

Recently uploaded (20)

Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Dyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxDyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptx
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 

Security

  • 1. 1
  • 2. Chapter 11 SECURITY Presented By: Inayat ali fa15-r01-002 Sonia sabir fa15-r01-010 2
  • 3. CONTENTS Threats Categorization Passive Attacks Active Attacks in message passing Active attacks Viruses, Worms, Trojan Horses, DoS  Spy wares Proxy IDS 3
  • 4. Threats Categorization Four main areas: • leakage: information leaving system. • tampering: unauthorized information altering. • resource stealing: illegal use of resources. • vandalism: disturbing correct system operation. • denial of service: disrupting legitimate system use. Used to specify what the system is secure against. 4
  • 5. Threats Leakage denotes the disclosure of information to unauthorised subjects. • Baazi hacking into a CAD System of Rolls Royce in order to obtain the latest design RR's jet engines. • Although fatal in this case, leakage is probably the category that causes the least damage of the above. Tampering denotes the unauthorized modification of data. • We would have a case of tampering, if you hacked into the School's database in order to alter the marks of your Distributed System course works 5
  • 6. Threats Resource stealing identifies the illegal use of resources and not paying, e.g CPU time, Bandwidth, Air time of mobiles • A case of resource stealing has occurred when hackers hacked into computers of telephone companies and managed to have their phone calls charged to other customer's accounts. Vandalism denotes the disturbance of correct system operation. • The security of CS Dept. in Milan was broken and super user privileges were acquired and then the system's hard disks were formatted. This caused serious damage to the departmental operations for a session. 6
  • 7. Methods of Passive Attack Eavesdropping: Obtaining message copies without authority. Masquerading (Spoofing): Using identity of another principle without authority. Message tampering: Intercepting and altering messages. Replaying: Storing messages and sending them later. Flooding: sending too many messages 7
  • 8. Active Attacks associated with message passing Integrity Check Authenticity Attack Denial Attack Delay Attack Reply Attack 8
  • 9. 1-9 Active Attacks Virus • infection by receiving object (e.g., e-mail attachment), actively executing • self-replicating: propagate itself to other hosts, users  Worm:  infection by passively receiving object that gets itself executed  Eg. Internet worm attack by R.T Morris  Rsh UNIX, Finger, sendmail  self- replicating: propagates to other hosts, users
  • 10. Worms vs. viruses Viruses require other programs to run Worms are self-running (separate process) The 1988 Internet Worm Consisted of two programs Bootstrap to upload worm The worm itself Exploited bugs in sendmail and finger Next replicated itself on new machines 10
  • 11.  A logic bomb is a piece of Code intentionally inserted into a software System that will set off a malicious function when specified conditions are met.  Condition: Time, Date, Program parameters etc  Installed by insider. E.g Delete some critical code upon termination  Eg. Roger Duronio, UBS PaineWebber system administrator  Sentenced for 8 years logic bomb 11
  • 12.  Programs that must be installed or executed by a user to be effective.  Helpful or entertaining Programs, OS patches, games  Unintended Actions, Open ports for later intruderAccess  Replacing certain files with malicious one  Time Bombs Trojans that activate on certain dates Trojan horses 12
  • 13. 1-13 Denial of service attacks Attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic 1. select target 2. break into hosts around the network (collectively, known as botnet) 3. send packets toward target from compromised hosts target
  • 14. Spyware:  Infection by downloading web page with spyware  Records keystrokes, web sites visited, upload info to collection site  Adware, Tracking cookies key logger  Solution: Anti Spy ware like PC Tool, Spyware Doctor Proxy Server  Intermediary between Client and Server  Filter Requests  Provide security to Network 14
  • 15. Intrusion detection system  Device or software  Monitor Network Traffic or system activities  Two types Network IDS:  Monitor traffic to and from all the devices  Matches traffic to the library of known attacks  Generate alerts if found an attack 15
  • 16. Host IDS:  Run on individual Host or devices  Inbound and outbound packets from the device only  Alert admin if suspicious activity is found  Snap shot of existing system and match it with the previous 16