 |
| Overview of computer security concepts including information security, network security and hardware protection |
1. Computer Security
Computer Security refers to the application of hardware, firmware, and software security features
to a computer system in order to protect against unauthorized disclosure,
manipulation, or deletion of information.
It means:
·
Prevent theft
or damage to hardware
·
Prevent theft
or damage to information
·
Prevent disruption
of services
2. Information Security
Information Security is the protection
of information against unauthorized disclosure, transfer, modification, or
destruction, whether accidental or intentional.
3. Network Security
Network Security refers to the protection of networks and their services from unauthorized
modification, destruction, or disclosure.
It ensures that:
·
Networks perform their critical functions correctly
·
There are no
harmful side effects
·
Data transmission remains secure and reliable
Threats to Security
1. Virus
A computer virus
is a piece of software that can infect other programs by modifying them.
·
The virus injects its code into other programs.
·
The infected program spreads the virus further.
·
A virus creates copies of itself and infects other software.
Characteristics of Virus
·
Usually embedded inside a program.
·
Spreads when the infected program interacts with
other files.
Parts of a Computer Virus
1. Infection Mechanism
·
Method used by a virus to spread.
·
Also called Infection Vector.
2. Trigger
·
Event or condition that activates the virus
payload.
3. Payload
·
The action performed by the virus.
·
May be harmless
(display message) or destructive
(delete files).
Phases of a Computer Virus
1. Dormant Phase
·
Virus remains inactive.
·
Activation may depend on events such as:
o Date
o File
presence
o Disk
capacity
(Some viruses do not have this
stage.)
2. Propagation Phase
·
Virus copies
itself into other programs or system areas.
·
Each infected program spreads the virus further.
3. Triggering Phase
·
Virus becomes active based on certain conditions.
Examples:
·
Number of virus copies created
·
Specific date or time
4. Execution Phase
·
Virus performs its intended function.
Possible actions:
·
Displaying messages
·
Deleting files
·
Destroying programs
·
Damaging system data
Most viruses are designed for specific operating systems or hardware platforms.
2. Worm
A worm is a
program that can replicate itself and
spread across network connections.
Characteristics
·
Spreads automatically through networks.
·
Does not require user interaction.
·
Each infected machine becomes a launching point for new attacks.
Example: Email worms spreading through attachments.
3. Intruders
An Intruder is a
person who attempts to gain unauthorized access to a system to:
·
Damage the system
·
Disturb data
·
Violate security policies
Intruders attack:
·
Availability
·
Integrity
·
Confidentiality
Types of Intruders
1. Masquerader
·
An unauthorized person who uses someone else's account to access a
system.
2. Misfeasor
·
A legitimate user who misuses their privileges or accesses unauthorized data.
3. Clandestine User
·
A person who gains administrative control of a system.
·
Evades security and suppresses audit records.
4. Insider Threats
An Insider Threat
originates from people within an organization such as:
·
Employees
·
Former employees
·
Contractors
·
Business partners
Insider attacks may
involve:
·
Fraud
·
Theft of confidential data
·
System sabotage
Insiders are often more
dangerous than external attackers because they already have system
access and knowledge.
5. Terrorists and Information
Warfare
Many countries have developed capabilities for Information Warfare.
Information Warfare
The offensive and defensive
use of information and information systems to:
·
Deny
·
Exploit
·
Corrupt
·
Destroy
an adversary's information systems while protecting their own.
Cyber Terrorism
A cyber-terrorist
uses computers and the internet to create fear and disruption.
Examples:
·
Spreading viruses
·
Attacking critical infrastructure
·
Online threats
Terrorist organizations usually have:
·
Long-term strategies
·
Strong financial support
·
Organized attack groups
6. Criminal Organizations
Criminal organizations are groups that conduct illegal activities for financial gain.
Characteristics
·
Highly organized structure
·
Large-scale cyber attacks
·
Extortion and fraud
Examples:
·
Organized hacking groups
·
Online fraud gangs
·
Cybercrime networks
Security Basics
The three main objectives
of computer security are:
1.
Confidentiality
2.
Integrity
3.
Availability
This model is commonly known as the CIA Triad.
1. Confidentiality
Ensures that information is not disclosed to unauthorized users.
Includes:
·
Data
Confidentiality: Protecting sensitive information
·
Privacy:
Control over personal data collection and usage
2. Integrity
Ensures that information is accurate and not altered improperly.
Includes:
·
Data
Integrity: Data changes only by authorized users
·
System
Integrity: System functions correctly without manipulation
3. Availability
Ensures that authorized
users can access systems and data whenever needed.
Additional Security Concepts
Authenticity
Authenticity ensures that:
·
Users are who
they claim to be
·
Data comes from a trusted source
Accountability
Accountability ensures that every action can be traced to a specific user.
It supports:
·
Non-repudiation
·
Intrusion detection
·
Legal investigation
·
Security monitoring
Phishing Attack
A Phishing Attack
uses social engineering techniques
to steal confidential information.
Common Targets
·
Bank account details
·
Login credentials
·
Credit card information
How Phishing Works
1.
Hacker creates a fake
website similar to a legitimate site.
2.
Victim receives an email that appears authentic.
3.
Email asks user to verify account details.
4.
Victim clicks link and enters login information.
5.
Hacker captures username
and password.
Types of Phishing Attacks
1. Social Phishing
Phishing attacks conducted through social media platforms such as:
·
Facebook
·
Twitter
2. Spear Phishing
A targeted phishing attack
aimed at:
·
Specific individuals
·
Organizations
·
Companies
Purpose:
·
Industrial espionage
·
Data theft
SQL Injection
SQL Injection is a web
security vulnerability where attackers insert malicious SQL commands
into input fields.
Purpose of SQL Injection
·
Bypass login authentication
·
Access confidential data
·
Modify website content
·
Shut down servers
How SQL Injection Works
1.
Hacker searches for vulnerable websites.
2.
Tools like Google
Dork are used to find vulnerabilities.
3.
Hacker injects SQL commands into input fields (login forms).
4.
Database executes malicious commands.
SQL Injection Prevention
Methods to prevent SQL injection:
·
Validate and restrict user input
·
Avoid dynamic
SQL queries
·
Use stored
procedures
·
Perform regular security scans
·
Implement prepared
statements
Also read: What is Security Attacks? What is Active and Passive Attack?
What is Sniffing and Sniffers ?
2 Comments
good work in computer network and sicurity
ReplyDeletethanks
Delete