This document discusses computer system security and provides information on various topics related to ensuring security. It begins with an introduction to computer security, including internet security, remote sharing, and software installation. It then covers operating system security focusing on access control, supervision, and resource allocation. Statistics on world internet usage and computer penetration rates are presented. The document goes on to discuss external interface security, internal security, surveillance, threat monitoring, access controls, cryptography, viruses, worms, trojans, spyware, specific spyware programs, internet security software options, firewalls, and phishing prevention. Recommended resources on these security topics are listed at the end.
2. Introduction
Computer System Security
– Internet Security
– Remote Sharing
– Software Installation
Operating System Security
– Access Control
– Supervision
– Resource Allocation
3. World Population roughly 6 billion
Computers in this world roughly 2.25
billion
Internet user roughly 2 billion
Millions of computer are tied together via
communication network (mostly
telephone system)
4. WORLD INTERNET USAGE AND POPULATION STATISTICS
World Regions
Population
( 2009 Est.)
Internet Users
Dec. 31, 2000
Internet Users
Latest Data
Penetration
(%
Population)
Growth
2000-2009
Users %
of Table
Africa 991,002,342 4,514,400 86,217,900 8.7 % 1,809.8 % 4.8 %
Asia 3,808,070,503 114,304,000 764,435,900 20.1 % 568.8 % 42.4 %
Europe 803,850,858 105,096,093 425,773,571 53.0 % 305.1 % 23.6 %
Middle East 202,687,005 3,284,800 58,309,546 28.8 % 1,675.1 % 3.2 %
North America 340,831,831 108,096,800 259,561,000 76.2 % 140.1 % 14.4 %
Latin
America/Caribbean
586,662,468 18,068,919 186,922,050 31.9 % 934.5 % 10.4 %
Oceania / Australia 34,700,201 7,620,480 21,110,490 60.8 % 177.0 % 1.2 %
WORLD TOTAL 6,767,805,208 360,985,492 1,802,330,457 26.6 % 399.3 % 100.0 %
6. Surveillance
(mean: close observation, especially of a suspected spy or criminal)
– Authentication
Threat Monitoring
– No Direct Access
– Surveillance Programs like supervisor
Amplification
– Example:Taxpayers information
8. Access Controls
– Access based on Classifications
Security Kernels
– Beginning rather than retrofitted
Hardware Security
– Incorporate Operating System Functions
9. Fault-Tolerant Systems
– Hardware rather than Software
• Major Portion of Operating System
• Fault Detection
– Multiple I/O subsystems
10. What is Cryptography?
A cryptographic Privacy System
– Sender
– Encryption Unit
– Ciphertext or cryptogram
– Decryption Unit
– Receiver
* Decryption Key
11. Cryptanalysis
A process of attempting to regenerate
plaintext from ciphertext but without knowing
the decryption key
Public Key Systems
– Different Keys
Digital Signature
12. What areViruses?
How they affect the system?
What are Antiviruses?
– Detect Infections
– Prevent Infections
– Recover Infections
Antiviruses are watchdogs
Sweeper Programs
13. ComputerWorms
– Network based objects
– Virus/Worms
Trojan horse
– Allows a hacker remote access to a target
computer system
14. Spyware
– What is spyware?
– What are adware?
– Adwares and Spyware
– Spyware,Viruses andWorms
15. CoolWebSearch, a group of programs, takes advantage of Internet Explorer vulnerabilities.
The package directs traffic to advertisements on Web sites including coolwebsearch.com. It
displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts
file to direct DNS lookups to these sites.
HuntBar, aka WinTools or Adware.Websearch, was installed by an ActiveX drive-by download
at affiliate Web sites, or by advertisements displayed by other spyware programs—an example
of how spyware can install more spyware. These programs add toolbars to IE, track aggregate
browsing behavior, redirect affiliate references, and display advertisements.
MyWebSearch (of Fun Web Products) has a plugin that displays a search toolbar near the top of
a browser window, and it spies to report user search-habits. MyWebSearch is notable for
installing over 210 computer settings, such as over 210 MS Windows registry
keys/values.[39][40] Beyond the browser plugin, it has settings to affect Outlook, email, HTML,
XML, etc. Although tools exist to remove MyWebSearch, it can be hand-deleted in 1 hour, by
users familiar with using Regedit to find and delete keys/values (named with "MyWebSearch").
After reboot, the browser returns to the prior display appearance.
WeatherStudio has a plugin that displays a window-panel near the bottom of a browser
window. The official website notes that it is easy to remove (uninstall) WeatherStudio from a
computer, using its own uninstall-program, such as under C:Program FilesWeatherStudio.
Once WeatherStudio is removed, a browser returns to the prior display appearance, without
the need to modify the browser settings.
16. Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to
advertising. When users follow a broken link or enter an erroneous URL, they see a page of
advertisements. However, because password-protected Web sites (HTTP Basic authentication)
use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to
access password-protected sites.
Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web
sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a
Web site, so that the advertisements make unearned profit for the 180 Solutions company. It
opens pop-up ads that cover over the Web sites of competing companies (as seen in their
[Zango End User LicenseAgreement]).
Zlob trojan, or just Zlob, downloads itself to a computer via an ActiveX codec and reports
information back to Control Server[citation needed]. Some information can be the search-
history, the Websites visited, and even keystrokes.[citation needed] More recently, Zlob has
been known to hijack routers set to defaults.
18. What is Firewall?
Hardware Firewall
– Broadband Routers
Software Firewall
– Norton 360
– Norton Internet Security
– ESET Security Smart
– Kaspersky Internet Security
19. What is phishing?
Five steps to avoid phishing
1. SecureWebsites (https)
2. Authenticity of aWebsite (embedded
links)
3. Thoroughly Investigate before submitting
4. Keep track of your online accounts
5. Have proper computer protection
software
20. Day by day usage of computer systems
Hacking risks
Need of protection software
And after that, keep you eyes open when
using internet or transmitting something
on the network
21. http://howstuffworks.com/
http://pcmag.com/
http://net-security.org/
http://wikipedia.org/
Operating Systems by HM Deitel
Operating Systems Concepts by Abraham
Silberschatz, Peter B. Galvin