1 / 33

Computer Security

Learn about malicious computer programs such as viruses, Trojan horses, and worms, and how to prevent and treat them. Discover security measures like passwords, firewalls, and encryption.

daniels
Download Presentation

Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Concepts covered • Malicious computer programs • Malicious computer use • Security measures Computer Security

  2. Malicious Computer Programs • Computer Viruses • Trojan Horses • WORMS

  3. Computer Viruses • A program that spreads from computer to computer making copies of itself. • It may include a payload (action that modifies or destroys data) • Most (but not all) viruses are written for a particular operating system Picture from Computer Confluence by Beekman

  4. An Infamous Computer Virus • The “I Love You” virus • To read more about this virus • http://www.cnn.com/2000/TECH/computing/05/04/iloveyou.01/

  5. Computer Viruses (Prevention and Treatment) • Many viruses are spread through email • Avoid opening suspicious email attachments • Get a good anti-virus program (works for Trojan horses and WORMS too) • E.g., Symantec’s Norton Anti-virus (www.symantec.com) McAfee’s Virus Scan (http://www.mcafee.com which can be downloaded from http://www.ucalgary.ca/it/virus/) • Update the virus definitions regularly

  6. Trojan Horses • Comes from Greek Mythology • A computer version of the Trojan horse is a program that looks useful (or at least benign) that if used could cause many problems e.g., unleashing a virus • Alternatively it can be a modified form of an existing program that results in unexpected side effects when run

  7. An Infamous Trojan Horse • Happy ‘ 99 Picture care of www.isdnllc.com

  8. WORMS • Can travel from computer to computer without human assistance. • A famous WORM

  9. Malicious Computer Usage • Hacking • Denial of service attacks • Login spoofing • Identity spoofing • Logic bombs • Trap doors

  10. From http://www.funfiles.net/pics/computer/index2.html Hackers and Hacking • The meaning changed over time • Originally it referred to a 'Creative Enthusiast'

  11. Hackers and Hacking (Continued) • Now it refers to a person who tries to break into or damage other computers (also referred to as a 'cracker') From http://www.charlotte.com/siers.htm

  12. Denial Of Service Attacks • A special form of hacking • Typically it involves tying up the resources of a computer to deny legitimate users access Connection busy Hacker tying up the resources of the web server Legitimate web site visitors can't access the site

  13. Either allow person to login or ask person to try again Match login name and password to existing list Your login name and password is given to the bad guy's program Password file Login Spoofing Real login Fake login

  14. Login Spoofing (Continued) • This person can then login as you and damage the computer system or steal information I'm in!

  15. I wanna buy some stuff on the Internet… Friendly web site? Identity Spoofing • When another person gathers enough personal information about you in order to impersonate you • e.g., You buy stuff from a site Hi I'm James Tam. Let's max out my VISA!

  16. Logic Bombs • Imbedded within a regular computer system is the Logic Bomb • If the conditions stated in the bomb aren't met then the bomb 'goes off'.

  17. Trap Doors Provide a secret way of accessing a computer system Computer is secure (password access only)

  18. Security Measures • Physical security • Passwords • Firewalls • Encryption • Audits • Backups

  19. Physical security • Reduce physical access to sensitive information or expensive equipment • Physically secure expensive equipment

  20. Passwords • Reminder: Some operating systems are better at securing information than others! • Single user operating systems provide poor security

  21. Passwords (Continued) • General guide for choosing a good password1 • Don't pick your login name • Don't use your name (or anyone else's name) • Don't use a word out of the dictionary • Don't choose a number that is meaningful to you • Do not choose a password that is even remotely related to Star Trek or Monty Python Other password precautions1 • Never write your password down on a piece of paper • Change your password regularly • Don't tell anyone your password! 1 Paraphrased from Harley Hahn's Student Guide to Unix by Hahn

  22. Passwords (Continued) • Examples of bad passwords • James – a name • Tamj – my login name • Chocolate – a real dictionary word • Example of a good passwords • Xwii2nd3 – a bunch of random characters

  23. Firewalls Firewall software: http://www.zonelabs.com

  24. Encryption • Recall that information is sent across the internet in packets that are routed dynamically The Internet

  25. Hey Bob, how about a beer? Hey Bob, how about a beer? Hey Bob, how about a beer? Encryption (Continued) Hey Bob, how about a beer?

  26. +1~820#k>1fja*4df +1~820#k>1fja*4df Hey Bob, how about a beer? Encryption (Continued) • Send the message in code (encrypted) Hey Bob, how about a beer?

  27. Internet Explorer Netscape General Encryption (Continued) • Indicators that your information is encrypted

  28. Encryption (Continued) • Keys • Used to encode information into an encrypted form or decode information from an encrypted form • Public and Private Keys • Public keys are used by someone sending information to you in order to encode it (almost anyone can access it) • A particular private key is used only by an individual to decode messages that were encoded with that person's public key

  29. Audits • Software that looks for and records suspicious activity. • e.g., ACS login • e.g., VirusScan

  30. Backups • A RAID system • Backup mechanisms Hard drive Tape CD-ROM

  31. Security: Always-on Internet Connections • Be cautious of sharing information

  32. Security: Always-on Internet Connections Picture from Gibson research corporation http://grc.com

  33. Summary • Types of malicious software • Viruses • Trojan Horses • WORMS • Examples of malicious computer usage • Hacking • Denial of service attacks • Login spoofing • Identity spoofing • Logic bombs • Trap doors Security Measures • Anti-virus programs • Physical security • Passwords • Firewalls • Encryption • Audits • Backups The Potential Dangers of always-on internet connections

More Related