2. Main Points
Introduction
Computer Security Attributes
Statistics
Types of Attacks
Technology for Internet Security
Conclusion
References
3. Introduction
The public Internet is a worldwide collection of
connected computer networks that are accessible by
individual variety of ways using a particular set of
communication protocols which is known as TCP/IP.
Today millions of end systems use the Internet
regardless of national or geographic boundaries or
time.
4. Computer Security Attributes
Understanding the security attributes is critical in
order to conduct risk analysis and find the suitable
control for each attribute.
There are four main computer security attributes :
Confidentiality : Unauthorized persons should
not gain access to others data.
Integrity : involves accuracy of data.
5. Computer Security Attributes…
Privacy : the ability and/or right to protect your
personal secrets.
Availability : computer assets should be available for
and accessible to authorized persons when they need
them and should not be interrupted
.
6. Numbers of Users of the Internet
% WORLD
DATE NUMBER OF USERS
POPULATION
June, 2010 1,966 millions 28.7 %
Sept, 2010 1,971 millions 28.8 %
Mar, 2011 2,095 millions 30.2 %
Jun, 2011 2,110 millions 30.4 %
Sept, 2011 2,180 millions 31.5 %
Dec, 2011 2,267 millions 32.7 %
Mar, 2012 2,336 millions 33.3 %
June, 2012 2,405 millions 34.3 %
10. 1-Viruses
Viruses are self-replicating programs that infect and
propagate through files.
Viruses often have additional properties, beyond being
an infector or macro virus, A virus may also be
multi-partite, stealth, encrypted or polymorphic.
A virus using encryption will know how to decrypt
itself to run, As the bulk of the virus is encrypted, it is
harder to detect and analyze.
11. 2-System and Boot Record Infectors
System and Boot record infectors were the most
common type of virus until the mid 1990s.
These types of viruses infect system areas of a
computer such as the Master Boot Record (MBR) on
hard disks.
By installing itself into boot records, the virus can run
itself every time the computer is booted up.
with the introduction of more modern operating
systems, and virus checks being enabled in the Basic
Input Output System (BIOS), The risk of these viruses
disappear.
12. 3-Eavesdropping
Eavesdropping involves interception or gaining access
to communications by unauthorized party.
There are two types of Eavesdropping
Passive : when an unauthorized person listens
secretly to the networked messages.
Active : intruder not only listens to but also injects
something into the communication to distort or create
bogus .
13. 4-Hacking
Hackers can be people who are career criminal. They
are competent and highly skilled at using computers.
Once they analyze and discover a leak point in the
target system, they will find ways to access and attack
the system.
They can also break through Web servers to access or
steal information.
14. 5- Worms
A worm is a self-replicating program that propagates
over a network in some way.
Unlike viruses, worms do not require an infected file to
propagate.
Worms classified into two types :
mass-mailing worms : Email worms.
network-aware worms : SQL Slammer.
15. 6- Trojans
Name story
Today’s Trojans work in a very
similar way. They will appear to be benign programs to
the user, but will actually have some malicious
purpose.
16. 7-IP Spoofing Attacks
The basic protocol for sending data over the Internet
network and many other computer networks is the Internet
Protocol
The header of each IP packet contains, among other things,
the numerical source and destination address of the
packet.
By forging the header so it contains a different address, an
attacker can make it appear that the packet was sent by a
different machine. The machine that receives spoofed
packets will send a response back to the forged source
address.
17. 8-Denial of Service
Is an attempt to make a machine or network
resource unavailable to its intended users.
It generally consists of the efforts of one or more
people to temporarily or indefinitely interrupt or
suspend services of a host connected to
the Internet.
18. 9-Email Bombing and Spamming
Email bombing is the intentional sending of large
volumes of messages to a target address.
The overloading of the target email address can render
it unusable and can even cause the mail server to
crash.
Email Spamming : is the practice of sending unwanted
email messages, frequently with commercial content,
in large quantities to an indiscriminate set of
recipients.
19. 10-Phishing
phishing is the act of attempting to acquire
information such as usernames, passwords, and credit
card details .
Phishing emails may contain links to websites that are
infected with malware.
Phishing is typically carried out by e-mail
spoofing or instant messaging, and it often directs
users to enter details at a fake website whose look and
feel are almost identical to the legitimate one.
20. Technology for Internet Security
With the rapid growth of interest in the Internet,
network security has become a major concern to
companies throughout the world.
Internet security tools typically provide
authentication, encryption, identify attacks, and
block and filter packets
22. 2- Firewall
A firewall can either be software-based or hardware-
based and is used to help keep a network secure.
Its primary objective is to control the incoming and
outgoing network traffic by analyzing the data packets
and determining whether it should be allowed through
or not, based on a predetermined rule set.
23. 3- Intrusion Detection Systems
An intrusion detection system (IDS) is a device
or software application that monitors network or
system activities for malicious activities or policy
violations and produces reports to a management
station.
Everything from a simple port scan to a full attack
against your Web server can be detected by the IDS
system.
24. 4- Anti-Malware Software and scanners
Viruses, worms and Trojan horses are all examples
of malicious software, or Malware for short.
anti-Malware tools are used to detect them and
cure an infected system.
The most common type of anti-Malware software
is virus scanners. These tools often consist of two
different but related parts
• Scanner
• Disinfector.
25. 5-Internet Protocol Security (IPSec)
Internet Protocol Security (IPsec) is a protocol
suite for securing Internet Protocol communications
by authenticating and encrypting each IP packet of a
communication session.
IPsec is an end-to-end security scheme operating in
the Internet Layer of the Internet Protocol Suite. It
can be used in protecting data flows between a pair of
hosts (host-to-host), between a pair of security
gateways (network-to-network), or between a security
gateway and a host (network-to-host).
26. Secure Socket Layer (SSL)
The Secure Socket Layer (SSL) is a suite of protocols
that actually uses many different standards of key
exchange, authentication and encryption.
The server typically provides regular web service http
on port 80, and SSL-encrypted web traffic https over
port 443.
SSL is a standard way to achieve a good level of
security between a web browser and a website.
27. Conclusion
Internet threats will continue to be a major issue in
the global world as long as information is
accessible and transferred across the Internet.
Security is critical and
must be ensured so that Internet users can have
confidence engaging in activities on the Internet.
75000 victim in 10 min5, 2003.the program did not use the SQL language; it exploited a buffer overflow bug in Microsoft's flagship SQL Server and Desktop Engine database products
الاغريق والجيش اليوناني
The basic protocol for sending data over the Internet network and many other computer networks is the Internet Protocol ("IP"). The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send a response back to the forged source address, which means that this technique is mainly used when the attacker does not care about the response or the attacker has some way of guessing the response.In certain cases, it might be possible for the attacker to see or redirect the response to his own machine. The most usual case is when the attacker is spoofing an address on the same LAN orWAN.