2. CS101 Introduction to Computer Science
Introduction
• Since prevention is always more than cure,
• but if infection occurred in some way we will also
see some security mechanisms to help prevent th
e situation.
• All security mechanisms don’t solve all types of
computer security dangers.
3. CS101 Introduction to Computer Science
What is computer security?
• Computer security refers to the set of techniques develo
ped to help protect single and network linked computer
s from accidental or intentional harm.
• A computer system can be damaged due to accidental o
r intentional hardware and software mismanagement.
• Computer security also involves issues pertaining to hu
man error, loss of training and criminal activities like
creating computer viruses and an attempt to access conf
idential information by unauthorized individuals.
4. CS101 Introduction to Computer Science
Security Goals
• Data Confidentiality
It is concerned with having secret data remain secret
• Data Integrity
Unauthorized users should not be able to modify any data without t
he owners permission
Includes removing data and adding false data
• System Availability
Means nobody can disturb the system to make it unusa
ble
5. CS101 Introduction to Computer Science
General computer threats
• Computer hazards range from the destruction of
the computer hardware and hence loss of data d
ue to natural disaster to the modification and th
eft of confidential information on the computer.
• Currently computer security has become a very s
erious issue in the Information and communicatio
n technology realm.
• All your files of years of work can be lost forever
in a fraction of seconds after infection by a malic
ious computer virus.
6. CS101 Introduction to Computer Science
General computer threats
• There are numerous cases where very big organizations and busin
esses have lost their thousands of customers’ data.
• The types of computer security danger are also escalating. Since
computers have become global in this era,
• the threat concerns every field. In today’s world where busy air traf
fic and nuclear weapons are controlled by computers a failure on c
omputer system means an utter disaster.
7. CS101 Introduction to Computer Science
• Generally, hazards to the computers can be catego
rized into three major categories.
Physical hazards
Malicious programs
Intruder
8. CS101 Introduction to Computer Science
Physical Threat
• Damages to the computer’s hardware can be caused due
to the number of reasons; among which fire and flood be
ing the most prominent ones.
• There are lots of cases where accidents and natural disa
sters have destroyed years of accumulated data. Besides
to such kinds of catastrophic events, computer’s hardwar
e can also be damaged due to excessive heat, dust and
moisture.
9. CS101 Introduction to Computer Science
Malicious programs
• There are lots of malicious programs written to disrupt
the computer system. Among which the most important
ones are the following:
Computer Virus
Worm
Trojan Horse
10. CS101 Introduction to Computer Science
Computer virus
• Computer viruses operate, replicate and cause damage only when t
hey are run.
• That means, if an infected computer file is exist in on the computer’s
hard disc, or is simply attached to an infected computer network or d
ownloading an infected program, it will not necessarily become infec
ted.
• Computer viruses activate when the instructions or executable code
that run programs are opened.
• When an infected file or program is opened, the virus’ code will also
be opened on RAM.
• Then the processor follows the virus’ instruction that orders it to repl
icate, infect other files and cause any damage.
• Once a virus is active, it may replicate by various means and tries to
infect the computer’s files or the operating system
11. CS101 Introduction to Computer Science
Types of virus
I. Parasitic or file viruses infect executable files or programs that a
re identified by the extension .exe.
II. Bootstrap-sector viruses exist in on the first portion of the hard
disk or floppy disk, known as the boot sector.
• These viruses replace either the programs that store information
about the disk's contents or the programs that start the computer.
Typically, these viruses spread by means of the physical exchang
e of floppy disks.
I. Multi-partite viruses combine the abilities of the parasitic and the
bootstrap-sector viruses, and so are able to infect either files or
boot sectors.
• These types of viruses can spread if a computer user boots from an
infected diskette or accesses infected files.
12. CS101 Introduction to Computer Science
Worm
• Worm is a malicious program similar to a virus but is a s
elf-contained program that transports itself from one c
omputer to another through networks.
• Unlike a virus, worms don’t need to attach themselves to
an existing program.
• While viruses corrupt or modify files on a computer, wo
rms copy themselves exceedingly and cause the computer
to be extremely slow.
• Worms also cause harm to the network by consuming its
bandwidth.
13. CS101 Introduction to Computer Science
Trojan horse
• Trojan horse is a program that pretends to be something
interesting and harmless, such as a game , PDF , Softwa
re… but when it runs it may have harmful effects.
• Unlike virus or worms, Trojan horse programs don’t repli
cate themselves. Instead, they might lie dormant for mo
nths before they are activated and do something devious t
o the computer
14. CS101 Introduction to Computer Science
Security mechanisms
• There are various ways that we can use to help protect our compute
r’s hardware, software and data from numerous possible threats.
• Since prevention is better and easier to deal with than trying to cure
after infection, most of the security mechanisms that would be discus
sed here deals with prevention.
• All security mechanisms don’t solve all the security threats.
• the followings are security mechanisms
Back up
Antivirus software
Fire wall
Use of password and authentication methods
Encryption
15. CS101 Introduction to Computer Science
Backup
• the most important security mechanism of all since computer syst
ems can fail in number of ways and the only way that we can restor
e the loss is from what we have stored as back up.
• Storing backup copies of software and data and having backup co
mputer and communication capabilities are important basic safegu
ards because the data can then be restored if it was altered or destroy
ed by a computer crime or accident.
• Computer data should be backed up frequently and should be store
d nearby. in secure locations in case of damage at the main site.
• Transporting sensitive data to storage locations should also be done s
ecurely
16. CS101 Introduction to Computer Science
Antivirus software
• is computer programs that attempt to identify, neutralize or elimin
ate malicious software.
• Antivirus is so named because the earliest examples were designed e
xclusively to combat computer viruses
• most modern antivirus software is now designed to combat a wide ra
nge of threats including worms, Trojan horses, other malwares and
password theft attempts like Phishing.
• The installation of well-designed and recent antiviral software can he
lp prevent a viral infection and thereby help stop its spread. Since n
ew viruses and other threats are appearing each day the antiviral soft
ware need also be updated regularly. The update mostly contains the
characteristics of the new viruses and threats.
17. CS101 Introduction to Computer Science
Fire wall
•is a device or a software that blocks unauthorized access to the single
or network linked computers based on a set of rules and other criteria.
•The firewall acts much like a guard when it looks at network traffic d
estined for or received from another computer.
•The firewall determines if that traffic should continue on to its destin
ation or be stopped.
•A firewall acts as the local area networks gateway to the Internet or it
can be a dedicated computer placed between the local area network a
nd the Internet, so that the network is never in direct contact with the In
ternet.
•The firewall also keeps track of every file entering or leaving the local
area network in order to detect the sources of viruses and other problem
s that might enter the network.
18. CS101 Introduction to Computer Science
Use of password and authentication methods
• Another technique to help prevent abuse and misuse of computer data i
s to limit the use of computers and data files to approved persons.
• Security software can verify the identity of computer users and limit
their privileges to use, view, and alter files.
• The software also securely records their actions to establish accountab
ility.
• It is also possible to give different levels of access to the same type of
data where some users can only be able to see the document while other
s have the right to modify.
• passwords must be difficult to guess and should not be found in dictio
naries.
• Effective passwords contain a variety of characters and symbols that
are not part of the alphabet
19. CS101 Introduction to Computer Science
Encryption
• Another technique to protect confidential information is encryption.
• Computer users can scramble information to prevent unauthorized us
ers from accessing it.
• Authorized users can unscramble the information when needed by usi
ng a secret code called a key.
• Without the key the scrambled information would be impossible or v
ery difficult to unscramble.
• Internet communication has lots of loop holes and we can’t be sure if
what we have sent for someone is accessed by another, whom we didn’t
address the message for