Presentation Transcript

1. Computer Security

   ------------------------------------- Computer Department Lecture 1 2012-2011
2. What Is The Computer: A programmable machine. The two principal characteristics of a computer are: It responds to a specific set of instructions in a well-defined manner. It can execute a prerecorded list of instructions (a program). Modern Computers: Modern computers are electronic and digital. The actual machinery -- wires, transistors, and circuits -- is called hardware; the instructions and data are called software. All general-purpose computers require the following hardware components: memory : Enables a computer to store, at least temporarily, data and programs. mass storage device : Allows a computer to permanently retain large amounts of data. Common mass storage devices include disk drives and tape drives. input device : Usually a keyboard and mouse, the input device is the conduit through which data and instructions enter a computer. output device : A display screen, printer, or other device that lets you see what the computer has accomplished. central processing unit (CPU): The heart of the computer, this is the component that actually executes instructions.
3. In addition to these components, many others make it possible for the basic components to work together efficiently. For example, every computer requires a bus that transmits data from one part of the computer to another. Computer Classification: Computers can be generally classified by size and power as follows, though there is considerable overlap: personal computer : A small, single-user computer based on a microprocessor. In addition to the microprocessor, a personal computer has a keyboard for entering data, a monitor for displaying information, and a storage device for saving data. workstation : A powerful, single-user computer. A workstation is like a personal computer, but it has a more powerful microprocessor and a higher-quality monitor. minicomputer : A multi-user computer capable of supporting from 10 to hundreds of users simultaneously. mainframe : A powerful multi-user computer capable of supporting many hundreds or thousands of users simultaneously. supercomputer : An extremely fast computer that can perform hundreds of millions of instructions per second.
4. COMPUTER GENERATIONS 1. VACUUM TUBES: 1946-1958 2. TRANSISTORS: 1959-1963 3. INTEGRATED CIRCUITS: 1964-1979 4. VERY LARGE-SCALE INTEGRATED (VLSI) CIRCUITS:1980- PRESENT
5. PRIMARY STORAGE CPU OUTPUT DEVICES SECONDARY STORAGE INPUT DEVICES BUSES DATA BUS ADDRESS BUS CONTROL BUS
6. TYPES OF MEMORY RAM : Random Access Memory Dynamic: Changes thru processing Static: Remains constant (power on) ROM : Read Only Memory (preprogrammed) PROM: Program can be changed once EPROM: Erasable thru ultraviolet light EEPROM: Electrically erasable *
7. Computer Components: Hardware: Physical components like Screen, cables, Keyboard and system Unit ect... Software: A set of insteructions that tells computer what to do and how to do it! Such as word processing, computer games and programs. Users: Are the people who use the soft ware on computer to do some tasks. Computers performs three main operations: Receive inputs Process Produce out put
8. Computer Security is a branch of computer technology known as information security as applied to computers and networks .
9. The Security: is the system of safeguards for protecting information technology against disasters, system Failure, or Unauthorized access that can result in damage or loss. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Security is thus based on the following independent issues: * Privacy - the ability to keep things private/confidential * Trust - do we trust data from an individual or a host? Could they be used against us? * Authenticity - are security credentials in order? Are we talking to whom we think we are talking to, privately or not. * Integrity - has the system been compromised/altered already? Environments can be hostile because of * Physical threats - weather, natural disaster, bombs, power failures, etc. * Human threats - stealing, trickery, bribery, spying, sabotage, accidents. * Software threats - viruses, Trojan horses, logic bombs, denial of service.
10. We have to make the compute secure because of the following reasons: * Losing the abilty to use the system. * Losing important data or files * Losing face/reputation * Losing money * Spreading private information about people. To protect your system you need to: 1- Use password. 2- Use authentication techniques and Process. 3- Use several standard encryption and decryption codes. 4- Change the password frequently. 5- Save storage media in save Place. 6- Use some Unti-Virus Programs. Human Erorrs which result Problems: Forgetfulness. Misundrestanding/miscommunication. Misidentification. .
11. Confusion/strees Ignorance. Carelessness Slow of Response. Inability to deal with complexity Inability to cooporate with others. There are Obvious Problems with password authentication. Password can be guessed. Password can be leaked. Biometrics: There are alternatives for providing a password.For instance, biometrics is the name given to the field of identifying human physiology order to use it for authentication Signature recognition. FingerPrint reader. Retina Scan. Lris Scan. VoicePrint Identification , and Typing pattern analysis. . . .
12. Security Goals: Prevention: Prevent attackers From violate security policy. Detection: Detect attackers violation of security policy. Recovery: Stop attack, access and repair the damages, continue to function correctly Even if attack succeeds. The three basic components of the computer security: 1- Confidentiality(السرية) Confidentiality is the concealment of information or resources. The need for keeping information secret arises from the use of computers in sensitive fields such as government and industry. For example, military and civilian institutions in the government often restrict access to information to those who need that information. The first formal work in computer security was motivated by the military's attempt to implement controls to enforce a "need to know" principle. This principle also applies to industrial firms, which keep their proprietary designs secure lest their competitors try to steal the designs. As a further example, all types of institutions keep personnel records secret.
13. 2- Integrity(سلامة) Integrity refers to the trustworthiness of data or resources, and it is usually phrased in terms of preventing improper or unauthorized change. Integrity includes data integrity (the content of the information) and origin integrity (the source of the data, often called authentication). The source of the information may bear on its accuracy and credibility and on the trust that people place in the information.This dichotomy illustrates the principle that the aspect of integrity known as credibility is central to the proper functioning of a system. 3- Availability Availability refers to the ability to use the information or resource desired. Availability is an important aspect of reliability as well as of system design because an unavailable system is at least as bad as no system at all. The aspect of availability that is relevant to security is that someone may deliberately arrange to deny access to data or to a service by making it unavailable. System designs usually assume a statistical model to analyze expected patterns of use, and mechanisms ensure availability when that statistical model holds. Someone may be able to manipulate use (or parameters that control use, such as network traffic) so that the assumptions of the statistical model are no longer valid. This means that the mechanisms for keeping the resource or data available are working in an environment for which they were not designed. As a result, they will often fail.
14. Understanding security and safer computing:If you connect to the Internet, allow other people to use your computer, or share files with others, you should take steps to protect your computer from harm. Why? Because there are computer criminals (sometimes called hackers) who attack other people's computers. These people can attack directly, by breaking into your computer through the Internet and stealing your personal information, or indirectly, by creating malicious software to harm your computer. Fortunately, you can help protect yourself by taking a few simple precautions. This article describes the threats and what you can do to defend against them. Protect your computer These are ways to help protect your computer against potential security threats: Firewall. A firewall can help protect your computer by preventing hackers or malicious software from gaining access to it. Virus protection. Antivirus software can help protect your computer against viruses, worms, and other security threats.
15. Spyware and other malware protection. Antispyware software can help protect your computer from spyware and other potentially unwanted software. Windows Update. Windows can routinely check for updates for your computer and install them automatically. Manage security settings with Action Center Use a firewall A firewall is software or hardware that checks information coming from the Internet or a network and then either turns it away or allows it to pass through to your computer, depending on your firewall settings. In this way, a firewall can help prevent hackers and malicious software from gaining access to your computer.
16. Windows Firewall is built into Windows and is turned on automatically. How a firewall works? If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. If you choose to unblock the connection, Windows Firewall creates an exception so that the firewall won't bother you when that program needs to receive information in the future.
17. Use virus protection Viruses, worms, and Trojan horses are programs created by hackers that use the Internet to infect vulnerable computers. Viruses and worms can replicate themselves from computer to computer, while Trojan horses enter a computer by hiding inside an apparently legitimate program, such as a screen saver. Destructive viruses, worms, and Trojan horses can erase information from your hard disk or completely disable your computer. Others don't cause direct damage, but worsen your computer's performance and stability. Antivirus programs scan e‑mail and other files on your computer for viruses, worms, and Trojan horses. If one is found, the antivirus program either quarantines (isolates) it or deletes it entirely before it damages your computer and files. Use spyware protection Spyware is software that can display advertisements, collect information about you, or change settings on your computer, generally without appropriately obtaining your consent. For example, spyware can install unwanted toolbars, links, or favorites in your web browser, change your default home page, or display pop-up ads frequently. Some spyware displays no symptoms that you can detect, but it secretly collects sensitive information, such as the websites you visit or the text you type. Most spyware is installed through free software that you download, but in some cases simply visiting a website results in a spyware infection.
18. To help protect your computer from spyware, use an antispyware program. This version of Windows has a built-in antispyware program called Windows Defender, which is turned on by default. Windows Defender alerts you when spyware tries to install itself on your computer. It also can scan your computer for existing spyware and then remove it. Because new spyware appears every day, Windows Defender must be regularly updated to detect and guard against the latest spyware threats. Windows Defender is updated as needed whenever you update Windows. For the highest level of protection, set Windows to install updates automatically. Update Windows automatically Microsoft regularly offers important updates to Windows that can help protect your computer against new viruses and other security threats. To ensure that you receive these updates as quickly as possible, turn on automatic updating. That way, you don't have to worry that critical fixes for Windows might be missing from your computer.
19. Updates are downloaded behind the scenes when you're connected to the Internet. The updates are installed at 3:00 A.M. unless you specify a different time. If you turn off your computer before then, you can install updates before shutting down. Otherwise, Windows will install them the next time you start your computer. To turn on automatic updating Open Windows Update by clicking the Start button . In the search box, type Update, and then, in the list of results, click Windows Update. Click Change settings. Make sure Install updates automatically (recommended) is selected. Windows will install important updates for your computer as they become available. Important updates provide significant benefits, such as improved security and reliability. Under Recommended updates, make sure the Give me recommended updates the same way I receive important updates check box is selected, and then click OK
20. 1- How to turn on automatic updating?? 2-How to protect ur computer? 3- Viruses, worms, and Trojan horses are programs created by ______. 4-Explain How Firewall works?
21. What is Computer Virus: Computer Virus is a malicious software program written intentionally to enter a computer without the user's permission or knowledge. It has the ability to replicate itself, thus continues to spread. Some viruses do little but replicate, while others can cause severe harm or adversely affect program and performance of the system. A virus should never be assumed harmless and left on a system. Virus Types:There are different types of computer viruses which can be classified according to their origin, techniques, types of files they infect, where they hide, the kind of damage they cause, the type of operating system or platform they attack.
22. Resident Virus:This type of virus is a permanent as it dwells in the RAM. From there it can overcome and interrupt all the operations executed by the system. It can corrupt files and programs that are opened, closed, copied, renamed etc. Examples: Randex, CMJ, Meve, and MrKlunky. Direct Action VirusesThe main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in as well as directories that are specified in the AUTOEXEC.BAT file path. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.Examples: Vienna virus.
23. Overwrite Viruses:Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected. The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content. Examples: Way, Trj.Reboot, Trivial.88.D. Boot Sector Virus:This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information of the disk itself is stored along with a program that makes it possible to boot (start) the computer from the disk. The best way of avoiding boot sector viruses is to ensure that floppy disks are write-protected and never starting your computer with an unknown floppy disk in the disk drive. Examples: Polyboot.B, AntiEXE.
24. Macro Virus:Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.Examples: Relax, Melissa.A, Bablas, O97M/Y2K. Directory Virus:Directory viruses change the path that indicate the location of a file. When you execute a program file with an extension .EXE or .COM that has been infected by a virus, you are unknowingly running the virus program, while the original file and program is previously moved by the virus. Once infected it becomes impossible to locate the original files. Examples: Dir-2 virus.
25. Polymorphic Virus:Polymorphic viruses encrypt or encodethemselves in a different way (using different algorithms and encryption keys) every time they infect a system. This makes it impossible for anti-viruses to find them using string or signaturesearches (because they are different in each encryption). The virus then goes on creating a largenumber of copies. Examples: Elkern, Marburg, SatanBug and Tuareg. File Infector VirusThis type of virus infects programs or executable files (files with .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified depending on the actions that they carry out.Examples: Cleevix and Cascade.
26. Companion VirusesCompanion viruses can be considered as a type of fileinfector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they 'accompany' the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident virus) or act immediately by making copies of themselves (direct action virus).Some examples include: Stator, Asimov.1539 and Terrax.1069. FAT Virus:The file allocation table or FAT is the part of a disk used to store all the information about the location of files, available space, unusable space etc. FAT virus attacks the FAT section and may damage crucial information. It can be especially dangerous as it prevents access to certain sections of the disk where important files are stored. Damage caused can result in informationlosses from individual files or even entire directories.Examples:
27. Multipartite VirusThese viruses spread in multiple ways possible. It may vary in its action depending upon the operating system installed and the presence of certain files. Examples: Invader, Flip and Tequila. Web Scripting VirusMany web pages include complex code in order to create an interesting and interactive content. This code is often exploited to bring about certain undesirable actions. WormsA worm is a program very similar to a virus; it has the ability to self-replicate and can lead to negative effects on your system. But they can be detected and eliminated by anti-viruses. Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.
28. Trojans or Trojan Horses:Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like worms. In fact, it is program which disguises itself as a usefulprogram or application. Logic BombsThey are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs. They are only executed when a certain predefined condition is met. Their objective is to destroydata on the computer once certain conditions have been met. Logic bombs go undetecteduntillaunched and the results can be destructive.
29. 1-The main purpose of Vienna virus is to replicate and take action when it is executed. When_______. 2- The only way to clean a file infected by an overwrite virus is to______. 3- Examples for Multipartite virus ____,____ and _____. 4-Polyboot.B is the example for Overwrite Virus (T or F)?
30. Q1\How to protect your system? Q2\Write down the examples of Resident Virus. Q3\Fill the followings... 1-_______ viruses infect files that are created using certain applications or programs that contain macros. 2-Polyboot.B virus affects the ________ of a floppy or hard disk. 3-Viruses, worms, and Trojan horses are programs created by ______. 4-The three basic components of the computer security are _______, ________, and ________.
31. Q1\There are different types of computer viruses which can be classified according to their ??? Q2\How To turn on automatic updating? Q3\Fill the followings 1-Examples of the macro Virus are ______ and ________. 2-________is the concealment of information or resources. 3-There are alternatives for providing a password.For instance, biometrics such as _______, _________ and ______.
32. The Entrance to the security of Computers and Information: Introduction: Computer security and information centers is one of the most important issues that haunt many of the officials, because they take many aspects starting from the non-smoking or drinking tea and refreshments near the keyboard, through preventing the thief from stealing software and down to prevent the laying of viruses and expiration encrypts the data and establish rules and regulations challenge of these crimes. Considerations and the Foundations of security for computer systems: When we think of the system execution that depends on the computer for the purpose of data processing ororganizing,  so they would forma specialized committee to study the  execution of the proposal by the best ways and at less cost to move from manual system to a computational system. And it’s so important that they should take the following Considerations  of security for computer systems:
33. Determine what is confidential information and the degree of security in order to restrict the circulation. Determine the level of immunity of computers and peripheral devices in terms of the possibility of Penetration by hackers. Making computer security one of important Foundations, Recording is based upon buying any part of the computer. Making data security a basic part of proposed operating system requirements. Depending on an Efficient operating system that provide suitable and acceptable degree of security. Safety and security of computers and information. One of the most important problems facing any information system used by computer is in the design and execution of a suitable software and type of applications that use this system,  in addition of closing methods for anyprocess. The Penetration security of the software, which includes measures to prove identity and authorization processes, supervision and control.
34. The most important features of this stage are: Ease of movements of authorizedpersons using the system because of few number of them. Due to the use authorized by the style of punch cards, it is easy to control their work directly and their presence in the computer room. Disks  and magnetic tapes are maintained that used to store the information in the end of work in a safe place after the preparation of more than one copy. As a result of an increaseof Information and feeling that this institutions needs some new ways to store and process information, methods have been developed which ensures the continuity of the flow of information to all centers and outside the enterprise accurately.
35. Cryptographic Technique(Writing Encryption Science) This technique is used when storing information in the assistance storage means, And whentransferring and receiving  them through the transmission lines used to link (connect all computers and other network devices). The use of encryption technique in dealing directly with the information led to the following: computer need to be running with all its components without interruption for a long time. This will  led to the inability to store files in the disks and magnetic tapes and put them in a safe place after work. Increase the probability of errors that result from the large number of  communication lines, leading to the possibility of section  leakage of the system output tosome parts, which has not send any request for that section. Diversity and the many recipients of the information stored in computers and from different places and far away from each others led to the difficulty of distinguishing between authorized and unauthorized. Getting the output of the systemillegally, Due to the negligence of some authorized and difficulty of control on the overall their negligence
36. 5- Increase the probability the use of eavesdropping devices and services represented on the network to steal information by non-authorize  as a result of higher technical development, which include all areas. Concepts of computer security: 1-Confidentiality(السرية). 2-Integrity(سلامة). 3-Availability(التوفر). Elements of computer security: Security of individuals and administration. Security of operating systems and software.
37. 1-1 Security of individuals: There is no doubt that the computer centers deals with many groups of people at different levels through the use of a computer system to take advantage of executableapplication systemsand that persons may be employees of the institution or from otherdifferent institutions. 1-2 Security of  administrations of the computer centers: Rests with the Director a number of actions and tasks that are essential to support the security situation of the center, which can be summarized the following points. 1- Making policy formulation and security measures for public information center. 2- Developing the plan for possible threats that performs modifications when needed. 3- Identify staff who have the power to exchange information. 4- Full supervision to follow as much as it came to the business aspect of security. 5- Assign and follow-up a staff member to examine the computer system on a regular basis. 6- Develop a contingency plan and follow-up developments in this area.
38. 7- Determine who is responsible for the security center and do not assign this responsibility to one person for a long time. 8- Check and notice special devices of moisture, temperature and preventsmoking in public places. 9- Make sure the safety of the doors and windows of center building and all otherunits. 10- Ensure that the data stored in disks andmagnetic tapes and kept in safe place. 11- Ensure that the software Library is not at risk or changing. 12- Monitoring and follow-up General rescue procedures. 13- Inspect and review the registration process for users to make sure the software is onlyused byauthorized persons. 14- Establishment of awareness courses and continuously. 2-1 Security of operating systems: Caresabout protection of the supported operating systems in the management system and work to minimize or prevent attempts to manipulate constants or the keys that controls the process control the execution ofsoftware on one hand  …..
39.  And the maintenance monitoring the operating systemon the overall activities within the system on the other hand. Also the issue of operating systems includes the addition of the followings: 1- Ways to protect internal programs for the operating system. 2- Methods of saving passwords. 3- Install an Authority table for authorized by the system and prevent the manipulation of its contents. 4- Administration methods for  operating system programs and communication systems. 2-2 Security of thesoftware: Interested in this subject, mainly working with the computer, May allow some systems to a group of beneficiaries to access a section of the programs and files, while others give the beneficiaries the right to absolute access to all programs and files, another group of beneficiaries determine their powers only reading of a particular file, and some others have the all rights to read and write on a particular file.
40. Security in the Information Center Introduction: Staff in the Information Center computerized plays very important role in maintaining the security of the computer from greedy stealing secrets.Stuff is a good elements in achieving successful management of the center through their role as a vital element in particular levels of leadership at the center. Its possible to collect the staff levels that could threaten the center and they are:- 1- Director of the Center by role of his responsibility for the management of the center. 2- Systemsanalysts and programmers. 3- Users and formatters of the data. 4- One of the beneficiaries of systems in different ways for the purpose of access to the files that he is not allowed to look at those files. 5- Prevent the handling and dissemination of confidential information between public employees per center to prevent leakage of this information to outside the center. 6- Human must have an active role in computer security.
41. No security of information center Non securityof information center should be as much as possible not to make way for some negative gaps can play a role in penetrating the security walls of the center. This is done through the followings: 1- Low monthly income of the career staff lead to the disclosure of secrets and implementation plans for the temptations of financial and external pressures upon them. 2- Making sure of the people who want to enter the center after verifying the validity of personal identity. 3- Close all the roads leading to the center except for one road after office hours. 4- Not to allow non-formally  assigned  after official working hours to enter the center. 5- Inventory of security responsibility to the Director of the center or of his representative.