Chapter 1

Computer Security
Sem. III - 2022

DEPARTMENT OF COMPUTER SCIENCE
ADMAS UNIVERSITY
Computer Security
“The
most secure
computers are those
not connected
to the Internet and
shielded
from any interference”
Computer Security
Computer security is about

provisions and policies adopted to
protect information and property
from theft, corruption, or natural
disaster while allowing the
information and property to remain
accessible and productive to its
intended users.
Computer Security
Network security on the other hand deals with
provisions and policies adopted to prevent and
monitor unauthorized access, misuse, modification, or
denial of the computer network and network-
accessible resources.
Not Sufficient!!
Internet
Computer Security
Security Goals
Confidentiality
Integrity
Availaibility
Security goals
Security goals
confidentiality, integrity, and availability.
•Confidentiality ensures that computer-related assets are accessed only
by authorized parties. That is, only those who should have access to
something will actually get that access. By "access," we mean not only
reading but also viewing, printing, or simply knowing that a particular
asset exists. Confidentiality is sometimes called secrecy or privacy.
•Integrity means that assets can be modified only by authorized parties
or only in authorized ways. In this context, modification includes writing,
changing, changing status, deleting, and creating.
•Availability means that assets are accessible to authorized parties at
appropriate times. In other words, if some person or system has
legitimate access to a particular set of objects, that access should not be
prevented. For this reason, availability is sometimes known by its
opposite, denial of service.
Security goals
If we say that we have preserved the integrity of an item, we may
mean that the item is
•precise
•accurate
•unmodified
•modified only in acceptable ways
•modified only by authorized people
•modified only by authorized processes
•consistent
•internally consistent
•meaningful and usable
Security goals
An object or service is thought to be available if
•It is present in a usable form.
•It has capacity enough to meet the service's needs.
•It is making clear progress, and, if in wait mode, it has a bounded
waiting time.
•The service is completed in an acceptable period of time.
•There is a timely response to our request.
•Resources are allocated fairly so that some requesters are not
favored over others.
•The service or system involved follows a philosophy of fault
tolerance, whereby hardware or software faults lead to graceful
cessation of service or to work-around rather than to crashes and
abrupt loss of information.
•The service or system can be used easily and in the way it was
intended to be used.
Computer Security and Privacy/ Overview
Definitions
Security: The prevention and protection of computer
assets from unauthorized access, use, alteration,
degradation, destruction, and other threats.
Privacy: The right of the individual to be protected

against intrusion into his personal life or affairs, or those
of his family, by direct physical means or by publication
of information.
Security/Privacy Threat: Any person, act, or object

that poses a danger to computer security/privacy.
Computer Security and Privacy/ History
Until 1960s computer security was limited to

physical protection of computers
In the 60s and 70s
 Evolutions
 Computers became interactive
 Multiuser/Multiprogramming was invented
 More and more data started to be stored in computer
databases
 Organizations and individuals started to worry about
 What the other persons using computers are doing to their
data
 What is happening to their private data stored in large
databases
In the 80s and 90s

 Evolutions
 Personal computers were popularized
 LANs and Internet invaded the world
 Applications such as E-commerce, E-government and
E-health started to develop
 Viruses become majors threats
 Organizations and individuals started to worry about
 Who has access to their computers and data
 Whether they can trust a mail, a website, etc.
 Whether their privacy is protected in the connected world
Famous security problems …

 NASA shutdown
In 1990, an Australian computer science student was
charged for shutting down NASA’s computer system
for 24 hours
 Airline computers
In 1998, a major travel agency discovered that
someone penetrated its ticketing system and has
printed airline tickets illegally
 Bank theft
In 1984, a bank manager was able to steal $25 million
through un-audited computer transactions

 In Ethiopia
 Employees of a company managed to change their salaries by
fraudulently modifying the company’s database
 In 1990s Internet password theft
Hundreds of dial-up passwords were stolen and sold to other users

Many of the owners lost tens of thousands of Birr each
A major company suspended the use of a remote login software by
technicians who were looking at the computer of the General
Manager
 In Africa: Cote d’Ivoire
 Anemployee who has been fired by his company deleted all the
data in his company’s computer

TOP 5 CYBERCRIMES
TAX-REFUND FRAUD: Cybercriminals first obtain a valid
named Social Security number, preferably from someone who will not be filing atax
r CORPORATE ACCOUNT TAKEOVER

 Illicitly acquire login credentials and Transfer the
victim’s bank funds to an account controlled by the
cybercriminal
IDENTITY THEFT
 Opening a line of credit
 Purchasing goods or ser vices
 Renting or buying a house or apar tment
 Receiving medical care
THEFT OF SENSITIVE DATA

 Sensitive data such as unencrypted credit card
information stored by a business, personally
identifiable information, trade secret s, source code,
customer information and employee records all
attract the attention of cybercriminals
THEFT OF INTELLECTUAL PROPERTY

 Intellectual property, including commercial,
copyrighted materials — music, movies and books —
also is at risk of being stolen
Early Efforts
1960s: Marked as the beginning of true
computer security
1970s: Tiger teams
 Government and industry sponsored crackers who attempted
to break down defenses of computer systems in order to
uncover vulnerabilities so that patches can be developed
1970s: Research and modeling

 Identifyingsecurity requirements
 Formulating security policy models
 Defining recommended guidelines and controls
 Development of secure systems
Computer Security and Privacy/ Legal Issues
In the US, legislation was enacted with regards to
computer security and privacy starting from late
1960s.
European Council adopted a convention on Cyber-

crime in 2001.
The World Summit for Information Society

considered computer security and privacy as a
subject of discussion in 2003 and 2005.
The Ethiopian Penal Code of 2005 has articles on

data and computer related crimes.
Computer Security and Privacy
Vulnerabilities, Threats, Attacks, and Controls
A threat to a computing system is a set of circumstances

that has the potential to cause loss or harm
A vulnerability is a weakness in the security system, for
example, in procedures, design, or implementation, that
might be exploited to cause loss or harm
A human who exploits a vulnerability commits an attack
on the system
A threat is blocked by control of a vulnerability
System Security Threats:
Computer Security and Privacy/Attacks
Categories of Attacks
Interruption: An attack on availability
Interception: An attack on confidentiality
Modification: An attack on integrity
Fabrication: An attack on authenticity

Computer Security and Privacy/Attacks
Categories of Attacks/Threats
Source
Destination
Normal flow of information
Attack
Interruption Interception
Modification Fabrication
Computer Security and Privacy/Vulnerabilities
Types of Vulnerabilities
Physical vulnerabilities (Ex. Buildings)
Natural vulnerabilities (Ex. Earthquake)
Hardware and Software vulnerabilities (Ex. Failures)
Media vulnerabilities (Ex. Disks can be stolen)
Communication vulnerabilities (Ex. Wires can be tapped)
Human vulnerabilities (Ex. Insiders)

Computer Security and Privacy/ Countermeasures
Computer security controls

Authentication (Password, Cards, Biometrics)
(What we know, have, are!)
Encryption
Auditing
Administrative procedures
Standards
Certifications
Physical Security
Laws
Computer Security and Privacy/ The Human Factor
The human factor is an important component of

computer security
Some organizations view technical solutions as
“their solutions” for computer security. However:
 Technology is fallible (imperfect)
 Ex.UNIX holes that opened the door for Morris worm
 The technology may not be appropriate
 Ex. It is difficult to define all the security requirements and find a
solution that satisfies those requirements
 Technical solutions are usually (very) expensive
 Ex. Antivirus purchased by organization to protect its services
 Given all these, someone, a human, has to implement the solution
Computer Security and Privacy/ The Human Factor
Competence of the security staff

 Ex. Crackers may know more than the security team
Understanding and support of management

 Ex. Management does not want to spend money on
security
Staff ’s discipline to follow procedures
 Ex. Staff members choose simple passwords
Staff members may not be trustworthy

 Ex. Bank theft
Computer Security and Privacy/ Physical Security
“The most robustly secured

computer that is left sitting
unattended in an unlocked room
is not at all secure !!”
Physical security is the use of physical controls to

protect premises, site, facility, building or other
physical asset of an organization
Physical security protects your physical computer

facility (your building, your computer room, your
computer, your disks and other media)
In the early days of computing physical security

was simple because computers were big,
standalone, expensive machines
It is almost impossible to move them (not
portable)
They were very few and it is affordable to
spend on physical security for them
Management was willing to spend money
Everybody understands and accepts that there
is restriction
Today
 Computers are more and more portable (PC, laptop,
PDA, Smartphone)
 There are too many of them to have good physical
security for each of them
 They are not “too expensive” to justify spending more
money on physical security until a major crisis occurs
 Users don’t accept restrictions easily
 Accessories (ex. Network components) are not
considered as important for security until there is a
problem
 Access to a single computer may endanger many more
computers connected through a network
=>
Physical security is much more
difficult to achieve today than some
decades ago
Threats and vulnerabilities

Natural Disasters
 Fire and smoke
 Firecan occur anywhere
 Solution – Minimize risk
Good policies: NO SMOKING, etc..

Fire extinguisher, good procedure and training
Fireproof cases (and other techniques) for backup tapes
Fireproof doors
 Climate
 Heat
 Direct
sun
 Humidity
Threats and vulnerabilities …
Natural Disasters …
 Hurricane, storm, cyclone
 Earthquakes
 Water
 Flooding can occur even when a water tab is not properly closed
 Electric supply
 Voltage fluctuation
Solution: Voltage regulator
 Lightning
Solution
 Avoid having servers in areas often hit by Natural Disasters!
Threats and vulnerabilities …

People
 Intruders
 Thieves
 People who have been given access unintentionally by the
insiders
 Employees, contractors, etc. who have access to the facilities
 External thieves
 Portable computing devices can be stolen outside the
organization’s premises
Loss of a computing device
 Mainly laptop
Safe area
Safe area often is a locked place where

only authorized personnel can have
access
Organizations usually have safe area for
keeping computers and related devices
Safe area … Challenges
Is the area inaccessible through other openings
(window, roof-ceilings, ventilation hole, etc.)?
Design ofthe building with security in mind
Know the architecture of your building
During opening hours, is it always possible to

detect when unauthorized person tries to get to the
safe area?
Surveillance/guards, video-surveillance, automatic-
doors with security code locks, alarms, etc.
Put signs so that everybody sees the safe area
Safe area…Locks
Are the locks reliable?
 The effectiveness of locks depends on the design, manufacture,
installation and maintenance of the keys!
 Among the attacks on locks are:
 Illicit
keys
Duplicate keys
Avoid access to the key by unauthorized persons even for a few seconds
Change locks/keys frequently
Key management procedure
Lost keys
Notify responsible person when a key is lost
There should be no label on keys
 Forceful attacks:
Punching, Drilling, Hammering, etc.
Safe area… Surveillance
Surveillance with guards

The most common in Ethiopia
Not always the most reliable since it adds a
lot of human factor
Not always practical for users (employees
don’t like to be questioned by guards
wherever they go)
Safe area… Surveillance
Surveillance with video
 Uses Closed Circuit Television (CCTV)
 Started in the 1960s
 Become more and more popular with the worldwide increase of
theft and terrorism
 Advantages
A single person can monitor more than one location
 The intruder doesn’t see the security personnel
 It is cheaper after the initial investment
 It can be recorded and be used for investigation
 Since it can be recorded the security personnel is more careful
 Today’s digital video-surveillance can use advanced techniques such
as face recognition to detect terrorists, wanted people, etc.
 Drawback
 Privacy concerns
Internal Human factor - Personnel
Choose employees carefully
Personal integrity should be as important a
factor in the hiring process as technical skills
Create an atmosphere in which the levels of
employee loyalty, morale, and job satisfaction
are high
Remind employees, on a regular basis, of
their continuous responsibilities to protect
the organization’s information
Internal Human factor – Personnel …

Establish procedures for proper destruction and
disposal of obsolete programs, reports, and data
Act defensively when an employee must be
discharged, either for cause or as part of a cost
reduction program
Such an employee should not be allowed access to
the system and should be carefully watched until
he or she leaves the premises
Any passwords used by the former employee
should be immediately disabled
Computer Security and Privacy/ Attacks & Threats
Computer Security Attacks and

Threats
Computer security/ Attacks & Threats
A computer security threat is any person,

act, or object that poses a danger to
computer security
Computer world is full of threats!

… refer to the assignment…
And so is the real world!
Thieves, pick-pockets, burglars,
murderers, drunk drivers, …
What is the right attitude?
 To do what you do in real life
What do you do in real life?

 You learn about the threats
 What are the threats
 How can these threats affect you
 What is the risk for you to be attacked by these threats
 How you can protect yourself from these risks
 How much does the protection cost
 What you can do to limit the damage in case you are attacked
 How you can recover in case you are attacked
 Then, you protect yourself in order to limit the risk but to
continue to live your life
You need to do exactly the same thing with computers!

Types of Threats/Attacks …
Hacking Attack:
Any attempt to gain unauthorized access to
your system
Denial of Service (DoS) Attack

Blocking access from legitimate users
Physical Attack:
Stealing, breaking or damaging of computing
devices
Types of Threats/Attacks
Malware Attack:
A generic term for software that has malicious
purpose
Examples
Viruses
Trojan horses
Spy-wares
New ones: Spam/scam, identity theft, e-payment
frauds, etc.
Computer security/Threats
Malware Attack:
Viruses
 “A small program that replicates and hides itself inside
other programs usually without your knowledge.”
Symantec
 Similar to biological virus: Replicates and Spreads
Worms
 An independent program that reproduces by copying
itself from one computer to another
 It can do as much harm as a virus
 It often creates denial of service
Malware Attack…
Trojan horses
 Secretly downloading a virus or some other type of mal-
ware on to your computers.
Spy-wares
 “A software that literally spies on what you do on your
computer.”
 Example: Simple Cookies and Key Loggers
Most software based attacks are commonly
called Viruses: How do viruses work?
Infection mechanisms
First, the virus should search for and detect
objects to infect
Installation into the infectable object
 Writing on the boot sector
 Add some code to executable programs
 Add some code to initialization/auto-executable
programs
 Write a macro in a word file
…
How do viruses work? …
Trigger mechanism
 Date
 Number of infections
 First use
Effects: It can be anything

A message
 Deleting files
 Formatting disk
 Overloading processor/memory
 Etc.
Who Writes Virus
Adolescents
Ethically normal and of average/above
average intelligence.
Tended to understand the difference
between what is right and wrong
Typically do not accept any responsibility
for problems caused
Who Writes Virus …
The College Student
Ethically normal
Despite expressing that what is illegal is
“wrong”
Are not typically concerned about the results of
their actions related to their virus writing
The Adult (smallest category)

Ethically abnormal
Anti-Virus
There are
Generic solutions
Ex. Integrity checking
Virus specific solution

Ex. Looking for known viruses
Three categories
Scanners
Activity monitors
Change detection software
Anti-Virus …
Functions of anti-viruses
Identification of known viruses
Detection of suspected viruses
Blocking of possible viruses
Disinfection of infected objects
Deletion and overwriting of infected
objects
Hackers/Intrusion Attack:
Hacking: is any attempt to intrude or gain

unauthorized access to your system either via
some operating system flaw or other means. The
purpose may or may not be for malicious
purposes.
Cracking: is hacking conducted for malicious purposes.

Denial of Service (DoS) Attack:
DoS Attack: is blocking access of legitimate
users to a service.
Distributed DoS Attack: is accomplished by

tricking routers into attacking a target or using
Zumbie hosts to simultaneously attack a given
target with large number of packets.
Simple illustration of DoS attack
C:\>Ping <address of X> -l 65000 –w 0 -t
Web Server X
Ping
Ping
Ping
Legitimate User Ping

Computer Security/Threats
Assignment: Spoofing Attack
Brut Force Attack
• From the list select the one
Malware Attack
which starts with your
Virus/Worm Attack
name’s first letter or nearest.
SMURF Attack
SYN Attack
• Read about these security Trojan Horse
attack related keywords and
Logic Bomb
write a one page (maximum)
Ping of Death
summary of your findings
Packet Sniffing
including any recorded
history of significant Eavesdropping
damages created by these Cracking
attacks. Session Hijacking
• Provide your report by War Dialing
handwritten paper for next DoS/DDoS
class(copied reports will not Blackout/ Brownout
marked ). Serge/Spike
Traffic Analysis
Wire Tapping

Chapter 1

Uploaded by

Copyright:

Available Formats

Chapter 1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter 1

Uploaded by

Copyright:

Available Formats

Computer Security

Sem. III - 2022

Computer security is about

Privacy: The right of the individual to be protected

Security/Privacy Threat: Any person, act, or object

Until 1960s computer security was limited to

In the 80s and 90s

Famous security problems …

Famous security problems …

Hundreds of dial-up passwords were stolen and sold to other users

Famous security problems …

r CORPORATE ACCOUNT TAKEOVER

THEFT OF SENSITIVE DATA

THEFT OF INTELLECTUAL PROPERTY

1970s: Research and modeling

European Council adopted a convention on Cyber-

The World Summit for Information Society

The Ethiopian Penal Code of 2005 has articles on

Vulnerabilities, Threats, Attacks, and Controls

A threat to a computing system is a set of circumstances

Interruption: An attack on availability

Interception: An attack on confidentiality

Modification: An attack on integrity

Fabrication: An attack on authenticity

Physical vulnerabilities (Ex. Buildings)

Natural vulnerabilities (Ex. Earthquake)

Hardware and Software vulnerabilities (Ex. Failures)

Media vulnerabilities (Ex. Disks can be stolen)

Communication vulnerabilities (Ex. Wires can be tapped)

Human vulnerabilities (Ex. Insiders)

Computer security controls

The human factor is an important component of

Competence of the security staff

Understanding and support of management

Staff members may not be trustworthy

“The most robustly secured

Physical security is the use of physical controls to

Physical security protects your physical computer

In the early days of computing physical security

Threats and vulnerabilities

Good policies: NO SMOKING, etc..

Threats and vulnerabilities …

Safe area often is a locked place where

During opening hours, is it always possible to

Safe area… Surveillance

Surveillance with guards

Internal Human factor – Personnel …

Computer Security Attacks and

A computer security threat is any person,

Computer world is full of threats!

What do you do in real life?

You need to do exactly the same thing with computers!

Denial of Service (DoS) Attack

Effects: It can be anything

The Adult (smallest category)

Virus specific solution

Hacking: is any attempt to intrude or gain

Cracking: is hacking conducted for malicious purposes.