Introduction To Information and Computer Security

Introduction to Information Security (IT200)
INTRODUCTION TO
INFORMATION AND
COMPUTER
SECURITY
CHAPTER 1
UNIVERSITY MALAYSIA
OF COMPUTER SCIENCE & ENGINEERING
• Define information security

• Relate the history of computer
Learning security and how it evolved into
information security
Objectives • Define key terms and critical
concepts of information security as
presented in this chapter
UNIVERSITY MALAYSIA
Chapter Outline
• Information Security History
• Definition
− Security
− Information Security
• The CIA Concepts
• Critical Characteristics of Information
• Type of security threats
• Type of Attacker
UNIVERSITY MALAYSIA
4
Introduction
• Information security: a “well-informed sense of
assurance that the information risks and controls
are in balance.” — Jim Anderson, Inovant (2002)
• Necessary to review the origins of this field and its

impact on our understanding of information
security today
Principles of Information Security, 3rd Edition
5
The History of
Information Security
• Computer security began immediately after
the first mainframes were developed
− Groups developing code-breaking

computations during World War II created
the first modern computers
− Multiple levels of security were
implemented
• The need for physical security
• Physical controls to limit access to sensitive

military locations to authorized personnel
• Rudimentary in defending against physical

theft, espionage, and sabotage
6
Figure 1-1 – The Enigma
➢ The Enigma machine is a piece of

spook hardware invented by a German
➢ Used by Britain’s codebreakers as a
way of deciphering German signals
traffic during WW2
UNIVERSITY MALAYSIA
7
The 1960s
• Advanced Research Project Agency (ARPA)
began to examine feasibility of redundant
networked communications
• Larry Roberts developed ARPANET from its

inception
UNIVERSITY MALAYSIA
8
Figure 1-2 - ARPANET
UNIVERSITY MALAYSIA
9
The 1970s and 80s

• ARPANET grew in popularity as did its potential for
misuse
• Fundamental problems with ARPANET security
were identified
− Individual remote sites did not have

sufficient controls and safeguards to protect
data from unauthorized remote users;
− No safety procedures for dial-up connections
to ARPANET
− Non-existent user identification and
authorization to system
− Phone numbers were widely distributed
and openly publicized on the walls of rest
rooms and phone booths, giving hackers easy
access to APRANET
UNIVERSITY MALAYSIA
10
The 1970s and 80s (continued)
• Information security began with Rand Report R-

609 (paper that started the study of computer
security)
• Scope of computer security grew from physical
security to include:
- Safety of data
- Limiting unauthorized access to data
- Involvement of personnel from multiple levels of an
organization
UNIVERSITY MALAYSIA
11
MULTICS
• Early focus of computer security research
was a system called Multiplexed Information
and Computing Service (MULTICS)
• First operating system created with security as
its primary goal
• Mainframe, time-sharing OS developed in mid-
1960s by General Electric (GE), Bell Labs, and
Massachusetts Institute of Technology (MIT)
• Several MULTICS key players created UNIX
− Primary purpose of UNIX was text
processing
UNIVERSITY MALAYSIA
12

The 1990s
• Networks of computers became
more common; so too did the
need to interconnect networks
• Internet became first

manifestation of a global network
of networks
• In early Internet deployments,

security was treated as a low
priority
UNIVERSITY MALAYSIA
13
• The Internet brings millions of computer

networks into communication with each
other—many of them unsecured
• Ability to secure a computer’s data

The influenced by the security of every
computer to which it is connected
Present
• 50B number of connected objects
expected by 2020
• ~ 7 connected devices / person
UNIVERSITY MALAYSIA
14

What is Security?
• “The quality or state of being secure—to be free
from danger”
• The protection of information and its critical elements,
including systems and hardware that use, store, and
transmit that information
• A successful organization should have multiple layers
of security in place:
- Physical security (physical item, objects)

- Personal security (individual or group who are
authorized to access the organization & its
operations)
- Operations security (details of a particular
operations, project, activities)
- Communications security (organization’s
media, technology & content)
- Network security (networking components,
connection)
- Information security (data & information)
UNIVERSITY MALAYSIA
15
What is Information Security?

• The protection of information and
its critical elements, including
systems and hardware that use,
store, and transmit that
information
• Necessary tools: policy,
awareness, training, education,
technology
• C.I.A. triangle
− Is a standard based on
confidentiality, integrity,
and availability, now viewed
as inadequate.
− Expanded into list of critical
characteristics of information
UNIVERSITY MALAYSIA
16
Critical Characteristics of Information
• The value of information comes from the

characteristics it possesses:
- Availability : enable authorized used to access info without
interference & in the required format
- Accuracy : free from mistake or error.
- Authenticity : originality
- Confidentiality : related with privacy
- Integrity : Being whole, complete, and uncorrupted
- Utility : having value for some purpose
- Possession : having ownership or control
UNIVERSITY MALAYSIA
Information Security
• Information is an asset which, like other important business
assets, has value to an organization and consequently needs to
be suitably protected
• Definition:
− Preservation of confidentiality, integrity and availability of
information; in addition, other properties such as authenticity,
accountability, non-repudiation and reliability can also be
involved (ISO27001:2005)
• InfoSec also is The process of protecting the confidentiality,
availability and integrity (CIA) of data from accidental or
intentional misuse
• InfoSec is the Combination of technical and non-technical
approaches to reduce risks to information systems
UNIVERSITY MALAYSIA
Security concepts –
information
✓ Confidentiality
✓ Integrity
✓ Availability
Security Concept –
People
✓ Authorization
✓ Authentication
✓ Accountability / Non-
repudiation
UNIVERSITY MALAYSIA
Operational Model of Computer
Security
• The operational model of computer security includes two
additions to the original security equation:
• Protection = Prevention + (Detection + Response)
• Every security technique and technology falls into at least
one of the three elements of the equation.
PROTECTION =
PREVENTION + ( DETECTION + RESPONSE )
Sample technologies in the operational model of computer security
UNIVERSITY MALAYSIA
20
Components of an Information System
Information system (IS) is entire set of:

✓Software,
✓Hardware,
✓Data,
✓People,
✓Procedures, and
✓Networks
that enable businesses to use information as a
resource in the organization
UNIVERSITY MALAYSIA
21
Securing Components
• Computer can be subject of an attack and/or the

object of an attack
- When the subject of an attack, computer is used as an

active tool to conduct attack
- When the object of an attack, computer is the entity being

attacked
UNIVERSITY MALAYSIA
22
Figure 1-5 – Subject and

Object of Attack
UNIVERSITY MALAYSIA
23
• Impossible to obtain
perfect security—it is a
process, not an absolute
• Security should be
considered balance
between protection and
availability
• To achieve balance, level

of security must allow
reasonable access, yet
protect against threats
Balancing Information
Security and Access
UNIVERSITY MALAYSIA
Information Security Threats

• A threat refers to anything that has the potential to
cause harm to a computer systems.
• Threat agents human or non-human, intentional or
not
• Categories of threat agents
i. Nontarget specific
ii. Natural disaster
iii. Human unintentional
iv. Human intentional
UNIVERSITY MALAYSIA
i. Nontarget specific
• Generally in forms of − Key Logger
malicious software − Sniffer
(malware)
− Vulnerability Scanner
− Virus
− Backdoor
− Worm
− Rootkits
− Extortionware
− Bots
− Trojan
− Time/logic bomb
− Spyware
UNIVERSITY MALAYSIA
Virus Worm
• Self-replicating program • Virus-like program that make
reproduced by attaching copies of itself across network
executable copies of itself to connection;
other program;
• Seeking uninfected workstation
• Requires a host program to
infect and it is not executed until in which to reproduce;
the host program is run. • Able to travel independently
• Effects: irritating messages to through different hosts and
destruction of the system; resides more in the computer
memory of a system rather than
on disk; and
• Aim: Continued reproduction to
cause disk or memory
overload throughout the
network.
UNIVERSITY MALAYSIA
Extortionware Bots
• Also known as ransomware. • Internet robots, also known as
spiders, crawlers, and web bots.
• Malicious software that is
specifically designed to take • Self-propagating malware that
control of a computer infects its host and connects back to
system or its data and hold it a central server(s). The server
hostage so the attackers can functions as a “command and
demand payment from their control center” for a botnet,
victims. Malicious bots have the “worm-like
ability to self- propagate,” and can
also: gather passwords, launch Dos
attacks, Log keystrokes & etc
UNIVERSITY MALAYSIA
Trojan Horse Time/Logic Bombs
• Resides in the code of the program • Kinds of Trojan Horses;
until the moment its activation;
• Logic Bomb inserts secretly into a
• Conditions of activation are system and causes a destructive
determined by the computer action when a certain logical event
programmer who designed the or sequence of event happens;
program;
• The trigger can be a specific date, a
• Posted through internet disguised countdown reaching zero or an
as a harmless program, game, or internal state met by other factors in
utility; the machine.
• Also used to exchange secret • e.g. A programmer who is unfairly
information between hackers; and removed from his or her post may
plant a time bomb to be triggered
• Also releases other malicious
after the date of his or her removal.
program such as viruses or worms.
UNIVERSITY MALAYSIA
Spyware Key Logger
• Is a type of malicious • Is a specific of spyware.
software designed to steal • Records the keystrokes of a
personal information by user
running undetected on • It collects all the information
your machine & it has being processed through
found a pervasive home on the operating system &
the Internet. stores it all
• Will record what is done on
the machine over a period
of time & offload what it has
collected when it has an
available connection to the
spyware author’s site
UNIVERSITY MALAYSIA
Sniffer Vulnerability Scanner
• A program and/or device that • Automated tools designed to
monitors data traveling over a assess computer systems,
network. networks or application for
weaknesses.
• Can be used both for legitimate
• Used to discover the weak
network management functions points or poorly constructed
and for stealing information off a parts.
network.
• Can be run either as part of
• Unauthorized sniffers vulnerability management by
➢ Extremely dangerous to a those tasked with protecting the
network's security because they systems or
are
• By hackers looking to gain
➢ Virtually impossible to detect and unauthorized access
can be inserted almost
anywhere.
➢ This makes them a favorite
weapon in the hacker's arsenal.
UNIVERSITY MALAYSIA
ii. Natural Disaster
• Natural disaster can

devastate software &
hardware systems,
especially in data &
system loss.
• Floods, hurricane, &
earthquakes can attack
all your system by
simply destroying it
beyond repair
UNIVERSITY MALAYSIA
iii. Human Unintentional

• Breached security through accident or carelessness
• It might caused by the poor coding that allow backdoor
into the software system
• A more serious scenario of this type of threat agent is if
they accidently activate the malicious software or give
the wrong piece of information to the wrong person
(social engineering technique)
UNIVERSITY MALAYSIA
iv. Human Intentional

• A diverse group of people who have something to gain
by attacking our system.
• Motivation: pride or curiosity, information or money
• They will always be threats & zero-day
attacks,(caused massive damaged, can only be used
once & have yet to be deployed.
• Goal defensive design – to eliminate such scenarios
UNIVERSITY MALAYSIA
Types of Attackers
• Hackers vs Crackers
• White Hat
• Black Hat
• Gary Hat
• Hacktivism
• Cyberterrorist
• Script Kiddies
UNIVERSITY MALAYSIA
Types of Attackers (cont’d)

Hackers Crackers
✓ Someone who was proficient
✓ An individual with
with computers particularly in
extensive computer
the field of networking.
knowledge whose purpose
✓ Most often, they are expert
is to breach or bypass
programmers
security or gain access to
✓ Hackers can also be internet
software without paying
security experts hired to find
royalties
vulnerabilities in system
✓ Unethical & Illegal actions
UNIVERSITY MALAYSIA
01 02 03
Black hat hackers White hat hackers Gray hat hackers
• The Bad guy • The Good guy • Ambiguous purposes &
• Violate computer • Break security for flexible morality
security for personal non-malicious • Less threating crackers,
but often border on the
gain and the goal is to purposes illegal with their activities
inflict malicious • Goal to expose • Goal is to break into a
damage security flaws, not to system without owner’s
• Also known as steal or corrupt data permission, but not for
crackers their own advantage
UNIVERSITY MALAYSIA

• Hacktivists - attackers who attack for ideological reasons
that are generally not as well-defined as a
cyberterrorist’s motivation
• Protect against commercial or non-commercial entities
or a nation state a group or individual
• Examples of hacktivist attacks:
✓ Breaking into a website and changing the contents on the site
to make a political statement
✓ Disabling a website belonging to a bank because the bank
stopped accepting payments that were deposited into
accounts belonging to the hacktivists
UNIVERSITY MALAYSIA

• Cyberterrorists - an attacker whose motivation
may be ideological or for the sake of principles
or beliefs
➢ Almost impossible to predict when or where the
attack may occur
• Targets may include:
➢ A small group of computers or networks that can
affect the largest number of users
• Example:
➢ Computers that control the electrical power grid of a
state or region
UNIVERSITY MALAYSIA

• Script kiddies – People who take preexisting
hackers tool & use them to attack a target by
following instruction for breaking into system
• They download automated hacking software
(scripts) from websites & using it to perform
malicious acts.
• Over 40 percent of attacks require low or no skills
• Exploit kits - automated attack package that can
be used without an advanced knowledge of
computers
➢ Script kiddies either rent or purchase them
UNIVERSITY MALAYSIA
End of lecture 1
Let’s play puzzle!
UNIVERSITY MALAYSIA
The Clues

Introduction To Information and Computer Security

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Introduction To Information and Computer Security

Hochgeladen von

Copyright:

Verfügbare Formate

Introduction to Information Security (IT200)

• Define information security

• Necessary to review the origins of this field and its

− Groups developing code-breaking

• The need for physical security

• Physical controls to limit access to sensitive

• Rudimentary in defending against physical

Introduction to Information Security (IT200)

Figure 1-1 – The Enigma

➢ The Enigma machine is a piece of

Introduction to Information Security (IT200)

• Larry Roberts developed ARPANET from its

Introduction to Information Security (IT200)

Figure 1-2 - ARPANET

Introduction to Information Security (IT200)

The 1970s and 80s

− Individual remote sites did not have

Introduction to Information Security (IT200)

The 1970s and 80s (continued)

• Information security began with Rand Report R-

Introduction to Information Security (IT200)

Introduction to Information Security (IT200)

• Internet became first

• In early Internet deployments,

Introduction to Information Security (IT200)

• The Internet brings millions of computer

• Ability to secure a computer’s data

• ~ 7 connected devices / person

Introduction to Information Security (IT200)

- Physical security (physical item, objects)

Introduction to Information Security (IT200)

What is Information Security?

Introduction to Information Security (IT200)

Critical Characteristics of Information

• The value of information comes from the

Sample technologies in the operational model of computer security

Introduction to Information Security (IT200)

Components of an Information System

Information system (IS) is entire set of:

Introduction to Information Security (IT200)

• Computer can be subject of an attack and/or the

- When the subject of an attack, computer is used as an

- When the object of an attack, computer is the entity being

Introduction to Information Security (IT200)

Figure 1-5 – Subject and

Introduction to Information Security (IT200)

• To achieve balance, level

Information Security Threats

ii. Natural Disaster

• Natural disaster can

iii. Human Unintentional

iv. Human Intentional

Types of Attackers (cont’d)

Types of Attackers (cont’d)

Types of Attackers (cont’d)

Types of Attackers (cont’d)

Types of Attackers (cont’d)

Let’s play puzzle!

Das könnte Ihnen auch gefallen