This document discusses computer system security and threats. It begins by comparing physical security of valuables to computer security, noting the goals of authorizing access. It then discusses securing computer hardware, data, and threats like denial of service, interception, and modification attacks. The document covers authentication methods like passwords, biometrics, and challenge-response. It also discusses software threats like Trojan horses, login spoofing, logic bombs, backdoors, buffer overflows, and viruses. It explains how viruses work and spread, and antivirus techniques like scanning. The overall document provides an overview of computer security concepts and threats.
The chapter discusses footprinting and social engineering techniques. It describes various web tools that can be used to gather information about a target organization through passive footprinting. DNS zone transfers are explained as a way to map out a company's network topology. Different social engineering methods are covered, including shoulder surfing, dumpster diving, piggybacking, and phishing. The goal is to educate readers on these threats while helping security professionals understand how attackers gather information and compromise targets.
This document discusses basic security concepts. It defines security as protecting computing assets like hardware, software, data and people. There are three types of protection: prevention, detection, and reaction. Prevention methods like locks and firewalls stop damage from occurring. Detection methods like alarms and monitoring find problems. Reaction allows recovering from damage through measures like replacing stolen items or recovering fraudulent charges. The document also discusses security threats, vulnerabilities, and different methods of defense like access controls, encryption, policies and procedures.
CS101- Introduction to Computing- Lecture 39Bilal Ahmed
Cyber crime takes many forms such as denial of service attacks, software piracy, viruses, and industrial espionage. DoS attacks involve overloading servers with traffic to render them unusable. Viruses are self-replicating software that infect files and systems. Common defenses include email filtering, intrusion detection, encryption, and antivirus software. Engaging in cyber crimes can result in legal prosecution with jail time and fines.
This document provides an introduction to basic security concepts, including definitions of security, principles of penetration, and classifications of protection. It discusses goals of security including integrity, confidentiality, and availability. Common security threats are also outlined such as interruption, interception, modification, and fabrication. The document then covers methods of defense for computer security including access controls, encryption, policies, physical controls, and system design approaches. Identification and authentication methods are described for system access control. Data access control and access rights models are also summarized.
This document discusses various threats to information security, including denial of service attacks, buffer overflows, malware, password cracking, spoofing, sniffing, shoulder surfing, data remnants, social engineering, and theft. It provides details on how each threat works and potential ways to carry out attacks using different threats. The document is part of a CISSP certification training on understanding security threats and their impacts on confidentiality, integrity, and availability.
CNIT 123: Ch 4: Footprinting and Social EngineeringSam Bowne
This document discusses footprinting and social engineering techniques used in ethical hacking. It describes using web tools like Burp Suite and proxies to gather open source intelligence about a target organization from their website and online presence. DNS zone transfers and tools like dig and host are explained to map out a target's network infrastructure. Different social engineering tactics like pretexting, impersonation and tailgating are also outlined. The document provides examples of how hackers use these techniques and recommendations for organizations to prevent such attacks.
This document provides information about computer security, including definitions, types of security threats, and security measures. It discusses hardware, software, data, and network security. Security threats include viruses, Trojan horses, worms, hackers, and natural disasters. Security measures to address these threats include data backups, cryptography, antivirus software, anti-spyware software, firewalls, and ensuring proper human security procedures are followed. The relationship between security threats and measures is that threats can come in various forms, while security measures are implemented to prevent unauthorized access or damage from these threats.
The chapter discusses footprinting and social engineering techniques. It describes various web tools that can be used to gather information about a target organization through passive footprinting. DNS zone transfers are explained as a way to map out a company's network topology. Different social engineering methods are covered, including shoulder surfing, dumpster diving, piggybacking, and phishing. The goal is to educate readers on these threats while helping security professionals understand how attackers gather information and compromise targets.
This document discusses basic security concepts. It defines security as protecting computing assets like hardware, software, data and people. There are three types of protection: prevention, detection, and reaction. Prevention methods like locks and firewalls stop damage from occurring. Detection methods like alarms and monitoring find problems. Reaction allows recovering from damage through measures like replacing stolen items or recovering fraudulent charges. The document also discusses security threats, vulnerabilities, and different methods of defense like access controls, encryption, policies and procedures.
CS101- Introduction to Computing- Lecture 39Bilal Ahmed
Cyber crime takes many forms such as denial of service attacks, software piracy, viruses, and industrial espionage. DoS attacks involve overloading servers with traffic to render them unusable. Viruses are self-replicating software that infect files and systems. Common defenses include email filtering, intrusion detection, encryption, and antivirus software. Engaging in cyber crimes can result in legal prosecution with jail time and fines.
This document provides an introduction to basic security concepts, including definitions of security, principles of penetration, and classifications of protection. It discusses goals of security including integrity, confidentiality, and availability. Common security threats are also outlined such as interruption, interception, modification, and fabrication. The document then covers methods of defense for computer security including access controls, encryption, policies, physical controls, and system design approaches. Identification and authentication methods are described for system access control. Data access control and access rights models are also summarized.
This document discusses various threats to information security, including denial of service attacks, buffer overflows, malware, password cracking, spoofing, sniffing, shoulder surfing, data remnants, social engineering, and theft. It provides details on how each threat works and potential ways to carry out attacks using different threats. The document is part of a CISSP certification training on understanding security threats and their impacts on confidentiality, integrity, and availability.
CNIT 123: Ch 4: Footprinting and Social EngineeringSam Bowne
This document discusses footprinting and social engineering techniques used in ethical hacking. It describes using web tools like Burp Suite and proxies to gather open source intelligence about a target organization from their website and online presence. DNS zone transfers and tools like dig and host are explained to map out a target's network infrastructure. Different social engineering tactics like pretexting, impersonation and tailgating are also outlined. The document provides examples of how hackers use these techniques and recommendations for organizations to prevent such attacks.
This document provides information about computer security, including definitions, types of security threats, and security measures. It discusses hardware, software, data, and network security. Security threats include viruses, Trojan horses, worms, hackers, and natural disasters. Security measures to address these threats include data backups, cryptography, antivirus software, anti-spyware software, firewalls, and ensuring proper human security procedures are followed. The relationship between security threats and measures is that threats can come in various forms, while security measures are implemented to prevent unauthorized access or damage from these threats.
This document discusses network and internet security. It covers unauthorized access and use, such as hacking. It also discusses ways to protect against unauthorized access, including access control systems, firewalls, encryption, and virtual private networks. Biometric authentication and controlling wireless network access are also covered as security measures.
This chapter covers:
- Security concerns stemming from the use of computer networks
- Safeguards and precautions that can be taken to reduce the risk of problems related to these security concerns
- Personal safety issues related to the Internet
- Ways to protect against personal safety issues
- Legislation related to network and Internet security
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
This document provides an overview of common network and computer attacks, including different types of malicious software (malware) like viruses, worms, and trojan horses. It describes how these threats can destroy or corrupt data and shut down networks. Specific examples of viruses, worms, and trojan programs are examined. The document also covers denial-of-service attacks, session hijacking, and physical security threats from insiders like the use of keyloggers. Recommendations are provided for educating users, using firewalls, antivirus software, and implementing physical security measures to protect against these network and computer attacks.
This document discusses several areas of computer ethics including information accuracy, green computing, codes of conduct, information privacy, and intellectual property. It defines computer ethics as the moral guidelines that govern computer and information system use. Each area of computer ethics is then defined in more detail. Information accuracy concerns ensuring information online is correct. Green computing aims to reduce environmental waste from computer use. Codes of conduct establish guidelines for determining ethical computer actions. Information privacy relates to individuals' right to restrict data collection and use about them. Intellectual property involves unique creative works and associated ownership rights.
This slide will cover details of evidence collection in cyber forensic which will be more useful for CSE & IT department students studying in engineering colleges.
Here are the key points to consider when choosing an appropriate threat model:
- The criticality and sensitivity of assets/data being protected
- Attackers' likely incentives and capabilities given the assets/system in question
- Costs of security measures vs potential losses/damages from attacks
- Operational and technical constraints of the system/environment
There is no single "right" threat model - the goal is to choose a realistic and useful one for security analysis and improvement, not an unachievably strong one. An appropriate balance of protection and practicality needs to be determined based on systematic risk analysis.
This document provides a question bank for the course CS6004 Cyber Forensics. It includes questions in 5 units covering topics such as IPsec, SSL, digital signatures, firewalls, computer crimes, digital evidence collection, file systems, data hiding, and network/email forensics. The questions range from basic definitions and differentiations to longer explanations and analyses. The document aims to assess students' understanding of key concepts and techniques in cyber forensics.
02 Types of Computer Forensics Technology - NotesKranthi
The document discusses various types of computer forensics technology used by law enforcement, military, and businesses. It describes the Computer Forensics Experiment 2000 (CFX-2000) which tested an integrated forensic analysis framework to determine motives and identity of cyber criminals. It also discusses specific computer forensics software tools like SafeBack for creating evidence backups and Text Search Plus for quickly searching storage media for keywords. The document provides details on different types of computer forensics technology used for remote monitoring, creating trackable documents, and theft recovery.
The document discusses the process of conducting a computer investigation from start to finish. It begins with preparing an investigation plan that assesses the case details and requirements. Evidence is then gathered following chain of custody procedures. Bit-stream copies are created of the original data using specialized tools to analyze the evidence without altering it. Finally, investigations are concluded by completing a case report and critiquing the process to improve future investigations.
This document discusses the history of computer security breaches and issues. It mentions several high-profile hacking incidents from the 1980s to 1990s where hackers were able to gain unauthorized access to military and banking computers. The document also notes that today nearly half of companies report financial losses due to security incidents, with estimated losses totaling over $66 million. Computer security threats include financial losses, data theft, and system malfunctions.
The document provides guidance on properly collecting and preserving computer-related evidence. It discusses identifying different types of potential evidence, such as computers, disks, printers, and documents. It emphasizes the importance of proper preservation techniques to avoid damaging evidence, including avoiding magnetic fields, excessive heat, and sunlight. Guidelines are provided on collecting evidence while maintaining a proper chain of custody, such as photographing, labeling, and packaging items separately for transport. The overall goal is to familiarize law enforcement with best practices for safely securing digital evidence.
The document introduces various topics related to computer networks including:
- An overview of how network logging and tracing has evolved from centralized mainframe systems to today's decentralized environment where logs can be found in many different places.
- A discussion of some of the challenges involved in network log file tracking, including time synchronization and understanding different system log formats.
- Explanations of firewalls, virtual private networks (VPNs), and the security software ZoneAlarm, including their purposes and basic functions.
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_S18.shtml
This document discusses various topics related to computer security, safety, ethics and privacy. It begins by defining computer security risks and describing types of cybercrime perpetrators. It then covers types of internet and network attacks, ways to safeguard against them, and how to prevent unauthorized computer access. The document also discusses techniques for protecting against hardware theft, software piracy, and information theft. It explains system failure prevention, backup options, wireless security issues, and health concerns related to computer use. The overall goal is to help organizations support IT security, safety, ethics and privacy.
This document describes a file security system that uses encryption to secure files. It discusses the objectives of securing files from unauthorized users and maintaining confidentiality. The system uses encryption and decryption techniques, including symmetric-key and asymmetric-key encryption. It implements these techniques across three modules: input, process, and output. The system encrypts files using the AES encryption algorithm before outputting the encrypted file.
The document discusses various security challenges and controls related to information technology and e-commerce. It covers privacy, authenticity, integrity, and reliability as key security requirements. It then describes different types of controls including input controls, processing controls, output controls, storage controls, facility controls like encryption and firewalls, procedural controls, and auditing. Key points around spoofing, outsourcing, information protection goals of confidentiality, integrity and availability are also summarized.
This chapter discusses computer security and privacy. It covers risks related to hardware loss, damage, and system failures. It also discusses software piracy, digital counterfeiting, and ways to prevent them. The chapter then addresses privacy concerns regarding databases, electronic profiling, spam, surveillance, and legislation around these issues. It provides recommendations for safeguarding hardware, data backups, and protecting personal information online and offline.
A more in-depth analysis of cyber forensics; but explained eloquently for the beginner, by Chaitanya Dhareshwar - Cyber Crime Investigator, Technocrat and Entrepreneur.
Learn what cyber forensics is all about and how you can begin using the basic tools of forensics in your day to day life. Not only does it make the world a safer place, your data remains significantly more secure.
Every step you take towards cyber security in this lawless internet allows you to achieve greater knowledge unhindered.
This document discusses network and internet security. It covers unauthorized access and use, such as hacking. It also discusses ways to protect against unauthorized access, including access control systems, firewalls, encryption, and virtual private networks. Biometric authentication and controlling wireless network access are also covered as security measures.
This chapter covers:
- Security concerns stemming from the use of computer networks
- Safeguards and precautions that can be taken to reduce the risk of problems related to these security concerns
- Personal safety issues related to the Internet
- Ways to protect against personal safety issues
- Legislation related to network and Internet security
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
This document provides an overview of common network and computer attacks, including different types of malicious software (malware) like viruses, worms, and trojan horses. It describes how these threats can destroy or corrupt data and shut down networks. Specific examples of viruses, worms, and trojan programs are examined. The document also covers denial-of-service attacks, session hijacking, and physical security threats from insiders like the use of keyloggers. Recommendations are provided for educating users, using firewalls, antivirus software, and implementing physical security measures to protect against these network and computer attacks.
This document discusses several areas of computer ethics including information accuracy, green computing, codes of conduct, information privacy, and intellectual property. It defines computer ethics as the moral guidelines that govern computer and information system use. Each area of computer ethics is then defined in more detail. Information accuracy concerns ensuring information online is correct. Green computing aims to reduce environmental waste from computer use. Codes of conduct establish guidelines for determining ethical computer actions. Information privacy relates to individuals' right to restrict data collection and use about them. Intellectual property involves unique creative works and associated ownership rights.
This slide will cover details of evidence collection in cyber forensic which will be more useful for CSE & IT department students studying in engineering colleges.
Here are the key points to consider when choosing an appropriate threat model:
- The criticality and sensitivity of assets/data being protected
- Attackers' likely incentives and capabilities given the assets/system in question
- Costs of security measures vs potential losses/damages from attacks
- Operational and technical constraints of the system/environment
There is no single "right" threat model - the goal is to choose a realistic and useful one for security analysis and improvement, not an unachievably strong one. An appropriate balance of protection and practicality needs to be determined based on systematic risk analysis.
This document provides a question bank for the course CS6004 Cyber Forensics. It includes questions in 5 units covering topics such as IPsec, SSL, digital signatures, firewalls, computer crimes, digital evidence collection, file systems, data hiding, and network/email forensics. The questions range from basic definitions and differentiations to longer explanations and analyses. The document aims to assess students' understanding of key concepts and techniques in cyber forensics.
02 Types of Computer Forensics Technology - NotesKranthi
The document discusses various types of computer forensics technology used by law enforcement, military, and businesses. It describes the Computer Forensics Experiment 2000 (CFX-2000) which tested an integrated forensic analysis framework to determine motives and identity of cyber criminals. It also discusses specific computer forensics software tools like SafeBack for creating evidence backups and Text Search Plus for quickly searching storage media for keywords. The document provides details on different types of computer forensics technology used for remote monitoring, creating trackable documents, and theft recovery.
The document discusses the process of conducting a computer investigation from start to finish. It begins with preparing an investigation plan that assesses the case details and requirements. Evidence is then gathered following chain of custody procedures. Bit-stream copies are created of the original data using specialized tools to analyze the evidence without altering it. Finally, investigations are concluded by completing a case report and critiquing the process to improve future investigations.
This document discusses the history of computer security breaches and issues. It mentions several high-profile hacking incidents from the 1980s to 1990s where hackers were able to gain unauthorized access to military and banking computers. The document also notes that today nearly half of companies report financial losses due to security incidents, with estimated losses totaling over $66 million. Computer security threats include financial losses, data theft, and system malfunctions.
The document provides guidance on properly collecting and preserving computer-related evidence. It discusses identifying different types of potential evidence, such as computers, disks, printers, and documents. It emphasizes the importance of proper preservation techniques to avoid damaging evidence, including avoiding magnetic fields, excessive heat, and sunlight. Guidelines are provided on collecting evidence while maintaining a proper chain of custody, such as photographing, labeling, and packaging items separately for transport. The overall goal is to familiarize law enforcement with best practices for safely securing digital evidence.
The document introduces various topics related to computer networks including:
- An overview of how network logging and tracing has evolved from centralized mainframe systems to today's decentralized environment where logs can be found in many different places.
- A discussion of some of the challenges involved in network log file tracking, including time synchronization and understanding different system log formats.
- Explanations of firewalls, virtual private networks (VPNs), and the security software ZoneAlarm, including their purposes and basic functions.
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_S18.shtml
This document discusses various topics related to computer security, safety, ethics and privacy. It begins by defining computer security risks and describing types of cybercrime perpetrators. It then covers types of internet and network attacks, ways to safeguard against them, and how to prevent unauthorized computer access. The document also discusses techniques for protecting against hardware theft, software piracy, and information theft. It explains system failure prevention, backup options, wireless security issues, and health concerns related to computer use. The overall goal is to help organizations support IT security, safety, ethics and privacy.
This document describes a file security system that uses encryption to secure files. It discusses the objectives of securing files from unauthorized users and maintaining confidentiality. The system uses encryption and decryption techniques, including symmetric-key and asymmetric-key encryption. It implements these techniques across three modules: input, process, and output. The system encrypts files using the AES encryption algorithm before outputting the encrypted file.
The document discusses various security challenges and controls related to information technology and e-commerce. It covers privacy, authenticity, integrity, and reliability as key security requirements. It then describes different types of controls including input controls, processing controls, output controls, storage controls, facility controls like encryption and firewalls, procedural controls, and auditing. Key points around spoofing, outsourcing, information protection goals of confidentiality, integrity and availability are also summarized.
This chapter discusses computer security and privacy. It covers risks related to hardware loss, damage, and system failures. It also discusses software piracy, digital counterfeiting, and ways to prevent them. The chapter then addresses privacy concerns regarding databases, electronic profiling, spam, surveillance, and legislation around these issues. It provides recommendations for safeguarding hardware, data backups, and protecting personal information online and offline.
A more in-depth analysis of cyber forensics; but explained eloquently for the beginner, by Chaitanya Dhareshwar - Cyber Crime Investigator, Technocrat and Entrepreneur.
Learn what cyber forensics is all about and how you can begin using the basic tools of forensics in your day to day life. Not only does it make the world a safer place, your data remains significantly more secure.
Every step you take towards cyber security in this lawless internet allows you to achieve greater knowledge unhindered.
Suzanne Sottile's portfolio contains examples of her work. It likely includes projects from her career as well as any relevant education or skills. The portfolio aims to showcase Suzanne's talents and qualifications for potential opportunities.
The UK Government's First World War centenary commemoration programmeonthewight
The UK government is commemorating the centenary of World War 1 to honor the sacrifice of those involved, recognize the war's impact on modern Britain and the world, and engage the public, especially youth, through remembrance events and cultural programs. Key events will focus on significant dates between 2014-2018. The government will lead national commemorations, support organizations' commemorative activities through funding, and create educational and cultural programs to ensure the centenary has wide reach and leaves a lasting legacy. Success will be measured by the war's impact on education, culture, communities in Britain and internationally.
The Influence of perceptual Attack times in
Networked Music performance
Pilot Study conducted at CCRMA, Stanford University (2011)
44th AES conference (2011 - San Diego)
Prof. David Coggon: Environmental health hazardsonthewight
The document discusses several chemical and physical hazards in the environment including pesticide use, Minamata disease, the Bhopal disaster, and mobile phone use. It defines hazard and risk, and explains how risks are quantified and assessed using epidemiological studies despite uncertainties. The precautionary principle is described as it relates to environmental regulation.
ইভটিজিং প্রতিরোধে দক্ষতাভিত্তিক শিক্ষা- মো: আবুল বাশার, সহকারী অধ্যাপক, ভূগোল, সরকারি টিচার্স ট্রেনিং কলেজ, সিলেট; দৈনিক জনকণ্ঠ, ২৫ ডিসেম্বর ২০১০ _ Md. Abul Bashar, Assistant Professor, Geography, Govt. Teachers' Training College, Sylhet.
The document provides information for students taking the BIOL 4206 course about resources and services available through the university library, including over 2 million volumes held and various databases, study rooms, and branch libraries. It outlines 5 class objectives relating to understanding how to navigate the library website, identify peer-reviewed articles, and distinguish between different types of research literature. Finally, it provides details on services offered like remote access, printing, and interlibrary loan.
The document appears to be a collection of quotes about various topics like nature, principles, creativity, and life experiences. It includes quotes from famous figures like George RR Martin, Abraham Lincoln, Martin Luther King Jr., Thomas Jefferson, Henry David Thoreau, Jimi Hendrix, John Stuart Mill, Jill Davis, Gilbert K. Chesterton, Andre Gide, and Mark Twain. The quotes are about subjects like the beauty of nature, standing up for principles, originality, courage, fishing for love, and sailing. The document ends by providing a link to a website for more information about Bermuda.
Edición digital del periódico Reporte Energía de publicación quincenal. Para más información acceda a reporteenergia.com o escríbanos a info@reporteenergia.com
This document provides an overview of library resources and services for a class on biochemistry. It outlines six class objectives related to using library databases and resources. It then provides a quick tour of the library's services, including its large collection size, databases, study rooms, and branch libraries. Next, it details various services like remote access, printing, and interlibrary loans. It explains how to locate books, journals, and articles using the catalog and databases. It also defines peer-reviewed articles and different types of research sources like primary, secondary and tertiary. Finally, it covers how to formulate database searches using Boolean logic and conduct citation searches.
What can we tell about actors and academics from the way they use museum artefacts? This talk describes a project - Digital CoPs and Robbers - that included individuals from these two communities of practice and examined how they interact with artefacts in physical and digital form. It suggests that the ways in which actors and academics use the artefact reveals different ways of seeing it.
Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015onthewight
Dr Jennifer Gupta is the Outreach Officer for the Institute of Cosmology and Gravitation at the University of Portsmouth. Her interest is in astrophysics and she spoke about the developments in Radio Astronomy, Quasars and Black Holes.
This document contains contact information for Tran Ngoc Duyen, a sale executive at Ben Thanh Land Investment Corp located at 172-174 Ky Con St, Nguyen Thai Binh Ward, District 1, Ho Chi Minh City. The document lists Duyen's mobile number and email address as the points of contact.
This document outlines the key objectives and concepts covered in the Connecting with Computer Science course. The objectives include learning about computer hacking, system intruders, malicious code, social engineering, types of attacks, security measures, passwords, encryption, firewalls, and computer crime laws. The document also discusses ethics and privacy in computing.
Computer and network security aims to preserve the confidentiality, integrity and availability of information systems. It involves protecting computer hardware, software, data and networks from unauthorized access and modification. Common security threats include passive attacks like eavesdropping and traffic analysis, as well as active attacks that can modify communications like message forgery. Effective security controls include encryption, access controls, authentication and availability measures.
This document summarizes a lecture on computer security threats and vulnerabilities. It defines harm, threats, and vulnerabilities, and outlines six basic types of harm: modification, destruction, disclosure, interception, interruption, and fabrication. It also discusses common vulnerabilities like password flaws, software bugs, and social engineering. Finally, it notes that defenses against threats aim to satisfy security requirements through encryption, software controls, and physical/hardware controls.
This document provides an overview of key network security concepts. It discusses why network security is needed to protect data, systems, and availability. The objectives of network security are to provide data confidentiality, integrity, and availability. Data is classified based on its value, age, useful life, and personal associations. Security controls include administrative, technical, and physical measures. The document also examines how hackers think, common network attack methodologies, and best practices for mitigation. Backups and disaster recovery options like hot, warm, and cold sites are also addressed. Developing a comprehensive network security policy with governing, technical, and end-user components is recommended.
Security is a major concern for organizations and individuals as information has become more valuable. The need for security has existed since information first became important. While firewalls and antivirus software provide some protection, they do not make an organization fully secure. Security involves processes for prevention, detection, reaction, and forensics. It is difficult to implement security perfectly due to costs, user resistance, evolving threats, and time/budget constraints for security teams. Hackers use various techniques like information gathering, password cracking, viruses, denial of service attacks, sniffing, and system exploits to compromise targets. Organizations implement defenses like firewalls, intrusion detection, honeypots, anti-sniffing measures, antivirus software, security awareness
Security Introduction
Potential attacks
Positive attacks
Active attacks
Cryptography
Terminologies
Symmetric and asymmetric
authentication
types of authentication
approaches to authentication
user login
access control
protection domains
design signature
design principle
This document summarizes various methods for protecting data security. It discusses procedures like using passwords, biometric identification, encryption, and access hierarchies to restrict data access. It also covers consequences of not protecting data like loss of trade secrets, privacy violations, loss of reputation, income loss, and potential legal prosecution. The document recommends regular backups stored offsite, using virus scanners and firewalls, and properly disposing of or destroying old storage devices.
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptxNune SrinivasRao
Cryptography and network security are important topics. Cryptography involves encrypting messages to make them unintelligible during transmission and then decrypting them upon arrival. The objectives of information security are confidentiality, integrity, availability, and nonrepudiation. As technology has advanced, the need for computer and network security has increased. Modern attacks can be automated to target many systems quickly. Collecting and sharing personal data also raises privacy concerns. To address these issues, organizations use various security approaches like trusted systems and security models.
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVEric Vanderburg
There are several categories of attackers, including hackers, crackers, script kiddies, spies, employees, and cyberterrorists. Common attacks include password guessing, which attempts to learn a user's password through various means, and denial of service attacks, which flood a server or device with requests to make it unavailable. Malicious software, or malware, consists of computer programs intentionally created to harm systems and includes viruses, worms, logic bombs, Trojan horses, and back doors.
This document summarizes key concepts around system and network security from Chapter 15. It discusses security threats like intruders attempting to breach security through attacks. It also covers cryptography tools used for security like encryption, digital signatures, and hashing. Defenses are implemented at multiple levels including physical, human, operating system, and network layers. Specific threats like viruses, worms, and denial of service attacks are examined. Authentication methods like passwords are also summarized. The document concludes with an overview of how Windows XP implements security using user accounts and access tokens.
It provides information about Operating system Security Environment, Authentication Method,Authorization Password Policy, Vulnerabilities, Antivirus and etc
This presentation was delivered at SkyDogCon 6 in October 2016. The A/V is available here: https://www.youtube.com/watch?list=PLLEf-wPc7Tyae19iTuzKOXmPj-IQBIWuU&v=mKxGulV2Z74
It is an updated version of the original deck presented at BSides Augusta 2016 - Added original content including information on use cases and added definition/clarity.
Abstract:
"We can all agree that threat ("Evil") detection is an essential component of a functioning security monitoring program. Let's start thinking about how to take our tradecraft to the next level and hunt for insecure conditions ("Ways for Evil to do Evil things") that might allow threat actors to succeed in their mission.
This talk will run through some of the observations gathered during hunting expeditions inside the networks of multiple Fortune-ranked organizations and challenge you to expand your security operations thinking beyond signature-based detection.
- What is Hunting?
- How have we done it?
- What have we found, and what should be done about those findings?
- How might you achieve similar outcomes in your own environment?"
Speakers:
- Jacqueline Stokes (@find_evil) is an infosec enthusiast who picked up hacking as a preteen and cut her teeth over multiple years in Iraq. Her ongoing mission is to assess and advise clients on the most actionable and forward-thinking methods to improve detection, response, and containment of advanced threats. Jackie likes long walks on the beach, 90's nostalgia, and is the president and founding member of the Kevin Mandia Fan Club.
This document discusses various types of network security attacks and methods to prevent them. It covers physical access attacks, social engineering attacks, penetration attacks like scanning and malware. It also discusses attacks on the OSI and TCP/IP models like at the session, transport and network layers. Prevention methods covered include firewalls, proxies, IPSec, security policies and hardening hosts. Specific switch and router vulnerabilities are examined like ARP poisoning, SNMP, spanning tree attacks. Countermeasures for switches include BPDU guard, root guard.
This chapter discusses network and internet security. It covers unauthorized access and computer sabotage. Examples of unauthorized access include hacking, war driving, and piggybacking on unsecured wireless networks. Computer sabotage includes malware, denial of service attacks, and data/program alteration. The chapter also discusses online theft, fraud, and scams. It provides recommendations for protecting against these security issues, such as using firewalls, encryption, VPNs, and security software. It stresses the importance of being cautious about sharing personal information online.
Threat Modeling: Applied on a Publish-Subscribe Architectural StyleDharmalingam Ganesan
1. Introduction to threat modeling.
2. Applying threat modeling to identify security vulnerabilities and security threats on a simplified real-world system.
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...Gurbir Singh
A high level view, without using maths of the development in cryptography since World War 2. Professor Piper covers the changing attitudes of governments, the significance of Public key cryptography in modern society and the potential impact on information security professionals.
This was a presentation for the Institute of Information Security Professionals NW branch meeting in Manchester on 11th June 2013.
The copyright is held by the author - Prof. Fred Piper
This document provides an overview of network security. It discusses key topics like vulnerabilities, threats, attacks, and vulnerability analysis. Various types of attacks are explained such as reconnaissance attacks, access attacks, denial of service attacks, and worms/viruses. The document also covers network security models and how to analyze vulnerabilities through network security policies. It aims to educate about securing networks from threats.
Encryption: Who, What, When, Where, and Why It's Not a PanaceaResilient Systems
This document provides an overview of encryption and incident response management. It begins with an agenda for a presentation on encryption, practical considerations, and legal limitations. It then discusses cryptography concepts like encryption, decryption, and hashing. It covers the goals of cryptography including privacy, authentication, integrity and non-repudiation. Next, it discusses symmetric, asymmetric and hashing algorithms as well as encryption versus hashing. The document then covers practical considerations like key length, encryption in transit versus storage. It also discusses legal requirements for encryption in various jurisdictions and restrictions on encryption. Finally, it discusses secure implementation, key management, and incident response management.
This document discusses network security. It covers security attacks like interruption, interception, modification and fabrication. It also discusses security services like confidentiality, integrity and availability. The document outlines common security mechanisms like encryption, software/hardware controls and firewalls. It provides examples of security attacks like denial of service, TCP hijacking and how mechanisms like firewalls, intrusion detection systems and IPSec can provide defenses.
This document discusses problems involving modulation techniques and signal detection. Problem 1 asks to sketch modulated waves for 8-ary ASK, 4-ary PSK, and 4-ary FSK modulation of a binary sequence. Problem 2 provides a formula for probability of error for 4-ary PAM and asks to calculate average power. Problem 3 does similarly for 4-ary QAM. Problem 4 describes a binary system with an integrate-and-dump detector and asks to analyze the detector and find minimum error probability.
This document contains 4 problems related to digital and analog communications techniques:
1) It describes Delta Modulation and how it works to encode analog signals, including issues with slope overload. It also introduces Adaptive Delta Modulation as an improvement.
2) It compares Differential Pulse Code Modulation to standard Pulse Code Modulation.
3) It provides exercises on encoding a binary sequence using BPSK, DPSK, and 4-ary ASK modulation. It also covers removing phase ambiguity in DPSK.
4) It presents a problem on time division multiplexing analog and digital sources at different data rates.
The document discusses problems related to analogue and digital communications. It contains 5 problems:
1) Drawing the spectrum of a message signal sampled at different rates and specifying the cutoff frequency to fully recover the original signal from its sampled version.
2) Sketching the resulting pulse code modulation (PCM) wave for one cycle of an input signal that is quantized using a 4-bit binary system.
3) Determining the number of quantizing levels, quantizer step size, average quantizing noise power, and output signal-to-noise ratio for a sinusoidal modulating wave quantized using an n-bit code word.
4) Finding the Nyquist sampling rate for two signals.
This document provides a tutorial on analogue and digital communications. It contains 5 questions about Fourier transforms and frequency domain analysis of signals. Question 1 asks about the Fourier transform and spectra of a continuous time signal. Question 2 finds the Fourier transform and spectra of another signal. Question 3 analyzes a signal composed of two sinusoidal components. Questions 4 and 5 determine the Fourier transforms of rectangular and truncated sinusoidal signals.
This document contains two questions about FM signals and phase-locked loops (PLL). Question 1 asks about the instantaneous frequency, modulation index, effective bandwidth using Carson's rule and universal rule, and Fourier transform of an FM signal. Question 2 provides a block diagram of a PLL and asks the student to show equations for the voltage controlled oscillator output, input to the VCO, and how the PLL locks into the input signal's phase. It also asks how the input to the VCO would be related to the message signal for an FM input.
1) The document discusses different modulation techniques including AM, DSB-SC, SSB, and VSB.
2) It provides examples of carrier and message signals for AM and DSB-SC modulation. Equations for the modulated signals and corresponding spectra are given.
3) Questions are asked about modulation index, bandwidth requirements, power efficiency for AM, and the block diagram and output for coherent detection of DSB-SC.
1) The document describes digital signal detection techniques at the receiver of a digital communication system.
2) It discusses the maximum a posteriori probability (MAP) and maximum likelihood (ML) detection criteria. The ML criterion reduces to choosing the signal that minimizes the Euclidean distance between the received signal vector and possible transmitted signals.
3) Detection errors occur when the received signal, distorted by noise, falls inside the decision region of another signal. The probability of error depends on the noise distribution around the actual transmitted signal.
1. This document discusses M-ary modulation techniques, which allow more than two amplitude, phase, or frequency levels to transmit more bits per symbol. This increases transmission rate or reduces bandwidth compared to binary modulation.
2. M-ary modulation techniques discussed include M-ASK, M-PSK, M-FSK, and M-QAM. M-ASK maps k bits to one of M amplitude levels. M-PSK maps k bits to one of M phase shifts of the carrier. M-QAM combines M-ASK with quadrature carriers to modulate both amplitude and phase.
3. Higher order modulation like M-QAM can significantly increase transmission rate but requires more transmission power and complex
The document provides an overview of digital passband modulation techniques. It discusses binary modulation schemes including amplitude-shift keying (ASK), frequency-shift keying (FSK), and phase-shift keying (BPSK). It also covers differential phase-shift keying (DPSK), which removes phase ambiguity in BPSK using differential encoding and decoding. Key aspects like signal representation, spectrum, and detection methods are described for each technique.
This document discusses an integrate-and-dump detector used in digital communications. It describes the operation of the integrate-and-dump detector, showing how it integrates the received signal plus noise over each symbol interval. The output of the integrator is used to detect whether a 1 or 0 was transmitted. An expression is derived for the probability of detection error in terms of the signal amplitude, noise power spectral density, and symbol interval. An example is also provided to calculate the error probability for a given binary signaling scheme and system parameters.
This document discusses quantization in analog-to-digital conversion. It describes how an analog signal is sampled, quantized by representing samples with discrete levels, and encoded into a digital signal. Quantization introduces noise that can be reduced by using more quantization levels or a smaller step size between levels. Non-uniform quantization allocates more levels to signal amplitudes that occur more frequently to improve efficiency compared to uniform quantization.
This document discusses multiplexing techniques used in communications systems. It describes frequency division multiplexing (FDM), time division multiplexing (TDM), and digital multiplexing used for digital telephone systems. FDM combines signals by assigning each a unique portion of the frequency spectrum. TDM combines signals by assigning each a unique time slot within a repeating time frame. Digital telephone systems use TDM to combine 24 digitized voice channels into a 193-bit frame transmitted every 125 microseconds.
This document discusses pulse code modulation (PCM) for analog to digital conversion. PCM involves sampling an analog signal, quantizing the sample values, and encoding the quantized levels into binary codes. The sampling rate must be at least twice the bandwidth of the analog signal. More bits per code provide higher quality but require more bandwidth. PCM is used in telephone systems with 8-bit coding at 8 kHz sampling, and in compact discs with 16-bit coding at 44.1 kHz sampling.
This document discusses delta modulation and adaptive delta modulation techniques for analogue to digital conversion.
Delta modulation encodes the difference between the input signal and a reference signal into a single bit per sample, creating a staircase-like approximation of the original signal. Adaptive delta modulation varies the step size according to the input signal level to prevent slope overload. Differential pulse code modulation encodes the difference between the current and predicted sample values, sending this difference value instead of absolute sample amplitudes.
This document discusses quantization in analog-to-digital conversion. It describes how an analog signal is sampled, quantized by representing samples with discrete levels, and encoded into a digital signal. Quantization introduces noise that can be reduced by using more quantization levels or a smaller step size between levels. Non-uniform quantization allocates more levels to signal amplitudes that occur more frequently to more efficiently represent the signal.
This document discusses quantization in analog-to-digital conversion. It describes how an analog signal is sampled, quantized by representing samples with discrete levels, and encoded into a digital signal. Quantization introduces noise that can be reduced by using more quantization levels or a smaller step size between levels. Non-uniform quantization allocates more levels to signal amplitudes that occur more frequently to more efficiently represent the signal.
This document discusses pulse modulation techniques in communications. It begins by reviewing continuous-wave modulation techniques studied previously, such as amplitude modulation and angle modulation. It then previews that pulse modulation will be studied next, including analog pulse modulation where a pulse feature varies continuously with the message, and digital pulse modulation using a sequence of coded pulses. The document provides explanations and equations regarding sampling of continuous-time signals, the sampling theorem, and recovery of the original analog signal from its samples. It also introduces pulse amplitude modulation (PAM) using natural and flat-top sampling, as well as pulse duration modulation (PDM) and pulse position modulation (PPM).
This document describes the operation of a phase-locked loop (PLL) circuit for demodulating frequency modulated (FM) signals. It contains 6 pages describing:
1) The basic block diagram of a PLL including a voltage controlled oscillator, multiplier, loop filter, and voltage controlled oscillator.
2) The mathematical equations showing how the PLL locks the phase and frequency of the voltage controlled oscillator to that of the incoming FM signal.
3) When the PLL is in phase lock and near phase lock based on the phase error between the signals.
4) How the PLL can be used to demodulate an FM signal and recover the original message signal by matching the phase and frequency of the voltage controlled
This document discusses the transmission of frequency modulated (FM) waves. It explains that the bandwidth of an FM wave is theoretically infinite but is effectively limited in practice. Carson's rule provides an estimate of the bandwidth but is not always accurate. The document also describes Armstrong's method for generating FM waves using narrowband phase modulation and frequency multiplication, and demodulating FM waves using envelope detection after taking the derivative of the received signal.
This document discusses angle modulation techniques for communications. It begins by defining phase modulation (PM) and frequency modulation (FM), where the carrier angle or frequency varies with the modulating signal. Key differences between PM and FM are outlined. Properties of angle modulation like constant transmitted power and irregular zero crossings are described. Narrowband FM is analyzed using sinusoidal modulation. Generation of narrowband FM using an integrator is also shown.
Strategies for Effective Upskilling is a presentation by Chinwendu Peace in a Your Skill Boost Masterclass organisation by the Excellence Foundation for South Sudan on 08th and 09th June 2024 from 1 PM to 3 PM on each day.
How to Build a Module in Odoo 17 Using the Scaffold MethodCeline George
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...NelTorrente
In this research, it concludes that while the readiness of teachers in Caloocan City to implement the MATATAG Curriculum is generally positive, targeted efforts in professional development, resource distribution, support networks, and comprehensive preparation can address the existing gaps and ensure successful curriculum implementation.
This presentation was provided by Steph Pollock of The American Psychological Association’s Journals Program, and Damita Snow, of The American Society of Civil Engineers (ASCE), for the initial session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session One: 'Setting Expectations: a DEIA Primer,' was held June 6, 2024.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
2. Security in the “Real” World
• We are all familiar with securing valuables
– Guards
– Locked doors, cabinets, safes
– ID badges
• Goal: Only authorised people have access
to the valuables
• How does this relate to computer
systems?
COMP3231 2
3. Computer System “Valuables”
• Hardware
– Threats include theft, accidental or deliberate
damage.
– Hardware security is similar to physical
security of valuables
• Use similar techniques to secure the physical
hardware.
COMP3231 3
4. Computer System “Valuables”
• Data
– Three general goals of data security
– Confidentiality
• Data is only readable by authorised people
– Able to specify who can read what on system, and be
enforced
– Preserve secrecy or privacy
– Integrity
• Data is only modifiable by authorised people
– Availability
• Data is available to authorized parties
COMP3231 4
5. Threats
• Denial of Service
– An asset of the system is destroyed, or
becomes unavailable or unusable
– Attack on Availability
– Example:
• Destruction of hardware
• Cutting a communication line
• Disabling a file server
• Overloading a server or network
COMP3231 5
6. Threats
• Interception
– An unauthorised party gains access to an
asset
– Attack on Confidentiality
– Examples:
• Wiretapping to capture data on a network
• Illicit copying of files and programs
COMP3231 6
7. Threats
• Modification
– An unauthorized party not only gained
access, but tampers with data
– Attack on Integrity
– Examples:
• Changing values in a file
• Altering a program so that it performs differently
• Modifying the content of messages being
transmitted on a network
COMP3231 7
8. Data Security
• Can be partially solved using physical security
• Usually too expensive or inconvenient to do so
– Example:
• Each user has private computer, in a locked guarded room.
• No sharing of information is permitted
• No outside connectivity permitted
– No email, shared file server, shared printer, shared tape drive
– No printouts or storage media can enter or exit the room.
• Users can still memorise information a bit at a time and leak
secrets
• However, physical security is still an important
part of any computer security system.
COMP3231 8
9. Intruders
• Strategies to provide security typically consider the expected
intruders (also called adversaries) to be protected against.
• Common categories
1. Casual prying by nontechnical users
• Stumble across others users files on file server
2. Snooping by insiders
• Local programmer explicitly attempting to break security
3. Determined attempts to make money
• Bank programmers installing software to steal money
4. Commercial or military espionage
• Well funded attempts to obtain corporate or government secrets
• Depending on the value of the data, and the perceived adversary,
– more resources may be provided to secure the system
– less convenient methods of access may be tolerated by users
COMP3231 9
10. Data Loss
• Protecting against data loss is an important
part of any security policy
• Examples:
1. Acts of God
- fires, floods, wars
2. Hardware or software errors
- CPU malfunction, bad disk, program bugs
3. Human errors
- data entry, wrong tape mounted
- General approach is off-site backups
COMP3231 10
11. User Authentication
• Thus far, we have described various concepts with
reference to authorised users
• Assume we can decide whether a given user is
authorised to perform an operation, but how can we
determine if the user is who he says he is?
⇒ How can we authenticate the users?
COMP3231 11
12. Approaches to User Authentication
• Three general approaches to identifying a user
– Based on some unique property they possess
1. Something the user knows
2. Something the user has
3. Something the user is
– Each approach has its own complexities and
security properties
COMP3231 12
13. Authentication Using Passwords
• Most common form of authentication is
entering a login name and password
– The password entered is not displayed for
obvious reasons
– Windows 2K/XP/Vista/7 is broken in this
regard
• Prints ‘*’ for each character typed
– Reveals the length of password
• Also remembers the last login name
– UNIX approach is much better
• In security, the less revealed the better
COMP3231 13
14. Example: Less is More
• Careless login program can give away
important information
a) Successful login
b) Valid login ID revealed
c) No useful information revealed
COMP3231 14
15. Problems with Password
Security
• One study from 1979
– Given a list of first name, last names, street
names, moderate dictionary, license plate
number, some random strings, the previous
spelt backwards, etc..
– A comparison with a password file obtained
86% of all passwords
• A more recent study (1990) produced
similar results
COMP3231 15
17. The Importance Password
Security
• Good password security is vital if
computer is publicly accessible .
– Connected to a network or the Internet
• It’s common for intruders probe internet
connect machines for weakness, including
poor (default) passwords.
COMP3231 17
18. Approaches to improving password
security
• Passwords are are stored encrypted
– Avoids sysadmins, and potentially unwanted
computer “maintainers” from obtaining passwords
• Example: from backup tapes
• Example: RockYou attack yielded unencrypted passwords.
• Login procedure takes user-supplied string,
– encrypts it
– compares result to stored encrypted password
COMP3231 18
19. An Attack on Encrypted
Passwords
• Take the dictionary of words, names, etc,
and encrypt all of then using the same
encryption algorithm
• Simply match pre-encrypted list with
password file to get matches
– Assumes you have access to encrypted
passwords
• One did by default in old versions of Linux/Unix
COMP3231 19
20. Improving Password Security
with a Salt
• Idea:
– Encrypt the password together with a n-bit random number (the
salt) and store both the number and encrypted result
– Example
result = encrypt(‘Dog1234’), 1234
• Cracker must encrypt each dictionary word 2n different
ways
– Make pre-computed list 2n times larger
• UNIX “crypt” takes this approach with n = 12
• Additional security via making encrypted passwords
unreadable (shadow passwords)
COMP3231 20
21. Improving Password Security
• Storing passwords more securely does not
help if user ‘homer’ has the password
‘homer’
• User must be educated (or forced) to
choose good passwords
– Approaches:
• Warn users who choose poor passwords
• Pick passwords for users
– easy to remember nonsense words
• Force them to change the password regularly
COMP3231 21
22. Issues with ‘Good’ Passwords
• By forcing frequent password changes,
users tend to choose simpler passwords
• By choosing too ‘good’ a password for
users, users put them on post-it notes on
the monitor
• Still many attacks involving intercepting
password between user and service, and
re-using it.
– phishing
COMP3231 22
23. Aside: One-Way Functions
• Function such that given formula for f(x)
– easy to evaluate y = f(x)
• But given y
– computationally infeasible to find x
COMP3231 23
24. One-time Passwords
• Password changing in the extreme
• Advantage:
– Snooping login provides no useful information
• Only a stale previous password
• Approach - S/KEY, author: Leslie Lamport
– Choose a secret phrase and the number of one time
passwords required.
– Each password is generated via re-applying a one-
way function
– Passwords are then used in reverse order
• Easy to compute the previous password, but not the next.
COMP3231 24
25. One-time Password: Example
• P0=f(f(f(f(s)))) • On home PC
• P1=f(f(f(s))) – Compute one-time
• P2=f(f(s)) password to supply via 3
• P3=f(s) iterations of 1 way function
– Subsequent via 2, 1, 0
• Server initially stores P0
• Server receives O-T password • Note
(P) and computes f(P) – Server never stores secret
• If f(P) matches P0, login (s)
successful, server stores P (= – Home PC store number of
P1) passwords used, but does
not need to store secret
either.
COMP3231 25
26. Challenge-Response
• Server and client both know secret key (k)
• Server sends a challenge random number (c) to
client
• Client combines the secret key (k) with random
number (c) and applies a publicly-known
function r = f(c,k)
• Client sends the response to server
• On server, if supplied r equals f(c,k) we have
successful login
COMP3231 26
27. Challenge-Response
• Advantage:
– Secret Key is never transmitted on potentially
insecure networks
– Eavesdropping is fruitless
• Assuming function (f) is such that k cannot be easily deduced
from a large number of observed challenge-responses
• Con:
– Need a ‘computer’ present to login (compute
response)
• PDA, phone, etc.
COMP3231 27
29. Authentication Using a Physical
Object
• Magnetic cards
– magnetic stripe cards
– chip cards: stored value cards, smart cards
COMP3231 29
30. Authentication Using
Biometrics
• A device for measuring
finger length.
• Alternatives:
– Retina scans
– Voice analysis
– Analysing signature
dynamics
COMP3231 30
31. Issue: User Acceptance
• Low user acceptance results in:
– Users themselves compromising the system
• Example: using post-it notes
– Refusal to login
• E.g. login using a blood sample
• Challenge:
– To find a secure, unobtrusive, simple scheme
COMP3231 31
32. Authentication Summary
• Authentication is an important component of
security
• Password-based schemes only modestly robust
to attack. Many attacks possible
– Insecure user behaviour
– Password storage
– Attacks on cryptographic algorithms (for storage or
transfer)
– Snooping Networks
• Physical and Biometric authentication improves
security
– Attacks still possible, but more resources required.
COMP3231 32
33. Software Threats
• Given an reasonable authentication mechanism,
many other software threats exist.
• Software Exploits
– Trojan Horses
– Login Spoofing
– Logic Bombs
– Backdoors (Trapdoors)
– Buffer Overflows
• Self replicating
– Viruses
COMP3231 33
34. Trojan Horses
• Seemingly innocent program executed by an
unsuspecting user
– Either directly or indirectly
• Program can then do anything the user can
– Modify or delete files, send them elsewhere on the
net.
• Sample exploit
– If a user has “.”, “:/bin” or similar in their PATH, place
a file called ls in your directory (or /tmp).
COMP3231 34
35. Login Spoofing
• Write a program that emulates the login screen
– Login, run the program to collect password of unsuspecting user,
then exit to the real login prompt.
• Windows 2K/XP provides a key combination (CTRL-
ALT-DEL) that can’t be bypassed to produce the real
login program
COMP3231 35
36. Logic Bombs
• Code secretly embedded in an application
or the OS that goes off when certain
conditions are met.
– Example: Payroll programmer embeds code
that checks he is on the payroll, if not, the
payroll software becomes malicious
• Variant: Time Bombs
COMP3231 36
37. Backdoors
• Code inserted by the programmer to bypass some
check.
– Example: The login program
COMP3231 37
38. Buffer Overflows
• Main calls A which has a local buffer
• Overflow the buffer with code + starting address of the
code
• Good for both local and remote attacks
• Caused by programmers not checking buffer bounds
COMP3231 38
39. Viruses
• A program that reproduces itself by attaching its
code to another program.
• Can do anything the normal program could do
– Print harmless message
– Destroy all files on hard disk
– Send all your data to the net
– Trash the EEPROM BIOS to make your computer
inoperable
– Denial of service attack
COMP3231 39
40. How Viruses Work
• Virus written in assembly language
• Inserted into another program
– use tool called a “dropper”
• Virus dormant until program executed
– then infects other programs
– eventually executes its “payload”
COMP3231 40
41. How Viruses Work
• Parasitic Viruses
– Add their code to various locations in the executable
– Redirect the start address in the header
– On execution, it may replicate by modifying another
executable file (and other malicious activities).
COMP3231 41
42. How Viruses Work
• Boot Sector Viruses
– Copies original boot block to different location
– Replaces boot block with itself
– When machine boots, virus is loaded into
RAM
– It installs itself, and then boots OS via original
boot block
• How does it regain control later?
COMP3231 42
43. How Viruses Work
• Virus installs interrupt handlers which rely on OS not
installing all its own handlers prior to next interrupt
occurring
– Older versions of Windows behaved that way
• Virus reinstalls trap handlers at next opportunity
COMP3231 43
44. How Viruses Work
• Memory Resident Viruses
– Install themselves in main memory
– Typically redirect the exception/interrupt handlers to itself
• Still calls the real code to remain undetected
• checks and reinstalls redirections changed
• Replicate during, or manipulate and spy-on on syscalls
COMP3231 44
45. How Viruses Work
• Macro Viruses
– Rely on overly powerful/feature overloaded
macro languages
– MS office uses visual basic – complete
programming language that can read/write
files
– Opening a Word document is like running a
program (it could do anything)
• Most people ignore warnings about macros
COMP3231 45
46. How Viruses Spread
• Virus placed where it’s likely to be
copied
• When copied
– infects programs on hard drive, USB stick
– may try to spread over LAN
• Attach to innocent looking email
– when it runs, use mailing list (address book)
to replicate
COMP3231 46
47. Antivirus Approach
• Scanning
– Search each file and check if virus present
• 10,000 potential viruses and 10,000 files
• Hard to make fast
– Use fuzzy searches to catch small changes in
known viruses
• Slower, false positives
– Trade-off between accuracy and acceptable
performance
COMP3231 47
48. Antivirus and Anti-Antivirus Techniques
(a) A program
(b) Infected program
Change in file length a give away
COMP3231 48
49. Antivirus and Anti-Antivirus Techniques
(c) Compressed infected program
Presence of virus code still a give away
COMP3231 49
51. Antivirus and Anti-Antivirus Techniques
(e) Compressed virus with encrypted compression
code
Can still search for remaining decryptor code
COMP3231 51
52. Antivirus and Anti-Antivirus Techniques
Examples of a polymorphic virus
All of these examples do the same thing
X=A+B+C-4 52
53. Antivirus and Anti-Antivirus
Techniques
• Integrity checkers
– Scan the disk and determine checksums for all
executable files
– Check checksums, if changed we have a virus
– Counter, viruses can hack checksum database
is
• Behavioral checkers
– Look for virus like behaviour
• Example: overwriting executable file
– False alarms (e.g. a compiler)
COMP3231 53
54. Antivirus and Anti-Antivirus
Techniques
• Virus avoidance
– good OS
• Separate user/system mode/protection to minimise damage
– Run/install only reputable software
– use antivirus software
– Do not open attachments to email
– frequent backups
• Recovery from virus attack
– halt computer, reboot from safe disk, run antivirus
– restore from backups
COMP3231 54
55. Running Foreign Code
• We can see that running foreign code can
be dangerous (trojan horse, viruses,
simply malicious, etc.)
• Problem is that all the code we run has all
the privileges we do
• We need a method of running untrusted
code safely
COMP3231 55
56. Principle of Least Privilege
• A guiding principle we would like to apply
• Idea:
– Give the suspicious program only the
privileges required to complete the task you
expect, nothing more
– Example:
• Can only perform file related system calls
• Can only access files within a specified directory
COMP3231 56
57. Example: Active Web Content
• We’d like to browse “active” web content
– Run content in the web browser
– The browser has all the privileges we do
• Some approaches
– Sandboxing
– Interpretation
– Code Signing
COMP3231 57
58. Sandboxing
• Idea:
– Code runs within a sandbox
within a browser (or some other
larger application)
– The applet can access only the
data contained within its
sandbox, and nothing else.
– It can only jump to code within its
sandbox (and cannot modify the
code)
• How can we create a sandbox
within a process?
COMP3231 58
59. Sandbox Implementation
• Firstly, assume we can restrict access to code to
avoid problem of self modifying code
• To restrict code to the code segment
– Scan the code
– Check all jumps and branches jump to addresses
within the sandbox
• Handle both absolute and relative addresses
– For computed (dynamic jumps) we insert extra
instruction into the code to check the destination
addresses are within the code
• Involves fairly complex code rewriting, but it is doable
• To restrict data access to data section, we do
the some thing we did for code
COMP3231 59
60. Sandbox Implementation
• What about system calls
– We use a reference monitor that
• Intercepts all system calls
• Determine whether the call is allowed to succeed
or not
– Based on the type of call, or the arguments supplied.
– Reference monitor restricts the system calls to
a safe subset
COMP3231 60
61. Interpretation
• Instead of running code directly (natively), we run it using
an interpreter
– Interpreter can apply addressing restrictions
– Can consider the interpreter as implementing a sandbox
– Example: JAVA
COMP3231 61
62. Code Signing
• Authenticity of the code is guaranteed
• Issues
– Does not protect you against bad or buggy code
– Example: Shockwave has had various “authentic” security
problems
COMP3231 62
63. Summary
• Even given strong authentication, there
are many software threats to data security
policies.
• The affect of exploiting those threats can
be minimised by adopting the principle of
least privilege.
COMP3231 63