Security involves protecting systems, networks, programs and data from unauthorized access and modification. This is achieved through techniques like cryptography, authentication, firewalls, antivirus software and implementing security policies and defenses. Some common security threats include viruses, worms, hacking, denial of service attacks and password vulnerabilities. Different levels of computer security classification (A, B, C, D) provide increasing levels of protection and access control based on sensitivity of the data and systems.

1. Security

2. Content
• The Security Problem
• Types of Security Violations
• Program Threads
• Cryptography as a Security Tool
• System and Network Threats
• User Authentication
• Implementing Security Defenses
• Firewalling to Protect System and Networks
• Computer-Security Classifications

3. The Security Problems
What is Security
Security Violations
Level of Security

4. What is security?
Security is the process of ensuring that operating system can
operate without external disruption or intrusion.
• Data
• Memory
• CPU
• Software, etc
• Hacking
• Virus
• Malware
• Worm, etc
What? From what?
System
Resources
Threats

5. Security violations
Breach of confidentiality
Breach of integrity
Breach of availability
Theft of service
Denial of service (DOS)

6. Security Levels
Physical
Human
Network
Operating
System

7. Program Threats
Trojan Horse
Trap Door
Logic Bomb
Stack and Buffer Overflow
Viruses

8. Trojan Horse

9. Trap Door

10. Logic Bomb

11. Stack and Buffer Overflow

12. Viruses
File: write a code to execute itself at the start of the infected program
Boot: (memory virus) infects the boot section of floppy/hard disks during the start-up and continue to infect other bootable programs used
by the system.
Macro: is written in high-level language and is only capable of execution inside a program such as ms words, excel, etc.
Source Code: it changes source code to include itself in it.
Polymorphic: changes its virus signature (pattern that can give itself off as virus) every time it is install.
Encrypted: encrypt itself to avoid detection and decrypt itself once it wants to execute.
Stealth: avoid detection by many means such as trying to give out clean codes (code without virus) when being read by scanner.
Tunneling: protect itself by interrupting antivirus scanner before it is found.
Multipartite: infected many parts of system such as boot sector, memory and files.
Armored: it uses special tricks to make it difficult to detection, disinfection, and understand of its codes.

13. What is Cryptography ?
The word ‘cryptography’ was combining two Greek words, ‘Kryptos’ meaning
hidden and ‘graphein’ meaning writing.
It is the techniques of electronic security messages by converting into
unreadable form, only a computer that have a matching key can read it.

14. Why cryptography?
• Hiding the meaning of messages
• Security between communications
• Protect database,files and entire disks
• Defenses against computer attacks
• Protect the worm and the other viruses
• Authentication the sender and receiver messages

15. Encryption
● Encryption enable the sender to ensure that only the computer
possessing a matching key can read the data
● The encryption function E :K (M C)
● The decryption function D :K (C M )
K is a set as keys
M is a set as messages
C is a set as ciphertexts

16. Encryption
There are two types of encryption algorithms : symmetric and asymmetric.
Symmetric is all algorithms that are use the same key to both encrypt and
decrypt.
Asymmetric is the algorithms that are use different key to encrypt and
decrypt.

17. Symmetric encryption
The general process of symmetric encryption :

18. Symmetric encryption
Block cipher is the a block of plaintext bits and generates a block of
ciphertext bits, generally of same size or fix-length group of bits. The
choice of block size not affect to encryption scheme. The strength of
cipher depends up on the key length.

19. Symmetric encryption
All those algorithm use symmetric method:

20. Asymmetric encryption
The operation as like symmetric but encrypted communication create two
keys that one called public key (anyone can get it to encrypted messages)
and other one is private keys ( only the key creator that can decrypted
messages).

21. Authentication
Authentication have 2 function: S (generate authentication from message) and V
(verity authentication on message).
S: K ( M A) and V: K ((M A ) {true, false})
Message-authentication algorithm code (MAC): is a symmetric key to provide
message authentication.

22. Authentication
Digital signature is a cryptographic value that is calculated from the data and a secret key
known only by the signer.

23. System and Network Threats
• Worms
• Port Scanning: is not an attack but rather a mean for a cracker to detect a
system’s vulnerabilities to attack.
• Denial of Service

24. What is the System and Network Threats?
Threat = in computer security refers to anything that has the potential to cause serious
harm to a computer system.
System and Network threads involve the abuse of services and network connection.
Usually, it create an environment in which operating system resources and user file are
misuse.
The more Open an operating system, the more
• Services it has enabled
• Function it allow
• Bug is available to exploit

25. What is worm ?
A worm is independent self-replicating code that one initiated, spread across networks
consuming memory resources without user intervention.
Cornell graduate student “Robert Tappan Morris”
Unleashed the first worm that quickly spread in Unix
system. And result that was estimated :
● 10% of the 60 000 system in U.S were affected.
● Damages $100 million, according U.S General
Accounting Office.
He then was sentenced to 3 years probation, 400 hours of
community service and fined $10 000. Morris’s legal costs
probably exceeded $100 000. And he became a
Professor at MIT.

26. What is Denial of Service(DOS) attacks ?
DOS is the attack in which disrupting legitimate use of a system without gaining or
stealing information from users.
Ex: When DOS attack happen, user may not be able to use internet browser. Sometime she did not
know the attack, because she think that is the slowdown of the internet.
DOS attack fall into two categories :
1. Only use so many system resource (No big deal).
Ex: A website click : use available CPU and to pop up window infinitely.
2. Disrupting the network of facility, against major website. (This cause may
temporarily block the network till OS can be updated).

27. Distributed Denial-of-Service(DDOS) attacks
These attacks come from many
computer all at once toward a common
website, typically by zombies(bot-net).
Botnet = (digital army, zombie army) a
network of private computer infected with
malicious software and controlled as a group.
DDOS + Blackmail => in exchange for
money .

28. User Authentication
• Password and Password Vulnerabilities
• Securing Passwords
• One-Time Passwords
• Biometrics

29. What is user authentication?
User Authentication is the act of verifying the identity of someone( a user,
device, or entity) who want to access data resources or application.
Ex: Password is common way to authenticate someone identity. Generally,
passwords are used to protect object in computer system.

30. Password Vulnerabilities
Password: A string of characters used for authenticating a user identity. Password are often used
to protect objects in the computer system.
Some type of passwords compromise, illegal transfer
• There are two common ways to guess a password:
1. For the intruder (human or program): use obvious information.
2. Use brute force: trying all possible combination of valid password.
• Shoulder surfing: look the shoulder of a user.
• Exposure is written down where passwords can be read or lost.
• Result of human nature: share your accounts to someone.

31. One-Time Passwords
Using paired password to avoid the problem of password sniffing and
shoulder surfing. In this scheme, the system and user share a symmetric
password.
Symmetric or private key:
1. Uses a single key : must be kept secret
2. One other may be made public
The two keys are related mathematically.

32. Biometrics
Bio(meaning life) + metric(meaning to measure)
Biometrics is the measurement and analysis of people :
1. Physiological characteristics: The shape or composition of the body.
Example: fingerprint, face, DNA
2. Behavioral characteristics: The behavior of a person.
Example: voice, gestures
Biometric authentication is a type of system that relies on the unique biological
characteristics of individuals to verify identity for secure access to systems.

33. Implementing security defense
● Security Policy
Security policy is set of rule that stating which is permitted and which not. It also
a statement that partitions the states of system into a set of authorized or secured and
the set of unauthorized or non-secured.
Ex: a policy state that that outside accessible application must have code review
before deployed, or that user can not share their passwords.

34. Implementing security defense
● Vulnerability assessment
Vulnerability : the weak point of network or computer
system that easy for attacker to exploit into our system.
Vulnerability assessment: is process of identification
of devices vulnerability. It use method scan to identify
the vulnerability.or it is a process to protect possible
flaw of security.
Ex: nessus, webinspect are vulnerability scanner

35. Implementing security defense
Intrusion detection
Intrusion detection : is device or software application that can monitor a
network or computer system from malicious activity and policy violation.
There are two method of intrusion detection: anomaly based-detection and
signature based-detection.
1. Anomaly based-detection: use technique to characterize the simple behaviour and
detect when strange occurs.
2. signature based-detection: characterize the dangerous behaviour detect when it
occurs.

36. Implementing security defense
Virus protection
Antivirus : is software that can stop the virus to
enter our computer when we are online or
download application from internet.
Antivirus use database call virus dictionary that
contained of unique viruses signature. When we
download app from internet Antivirus search for
signatures in that application if it contained with
signature of virus if will remove that command.
When we update the antivirus software it mean that
we are update the for new virus signature .

37. Firewalling to protect system and network
Firewall: is a hardware or software system that
prevent unauthorized access to or from the
network.it can be implement by hardware or
softwear or bombination of both.all data enterng
or leaving in network must pass through the
firewall.
Ex: router is hardware firewall and
zonealarm is software firewall
Function of firewall: can monitor and control
network traffic in and out network. Allow wanted
data in and block unwanted data

38. Firewalling protect system and network
Three types of firewall :
1. personal firewall: is software to install in individual computer that offer protection
against unwanted and intrusion. It disguised from other by it scale.
2. application proxy firewall: understand application protocol and can control them
( work as an SMTP)
3. system call firewall: monitor all important system call and apply rules for them
(which program can execute which system call)

39. Security classification
U.S department of defense outline four division of computer security
classification A,B,C,D:
Division D: the lowest level classification or minimal protection.
Division C: provides the discretionary protection through auditing.
C1:identifies cooperating users with the same level of protection.
C2: allows user-level access control
Division B: have all properties of C2,but they attach a sensitivity label to each
system.

40. Computer security classification
Division B Divided into 3 classes :
• B1: maintains the security label of each object in the system. And label is used for
making decision .
• B2:extend the sensitive label to each system resource such as storage object.
• B3: allow the creation of access-control lists that denote user not to granted access
to given name object .
Division A: highest level of security classification. Uses formal design and verification
techniques to ensure security.