Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
11 views

Computer and Software

Uploaded by

Umar Khan
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
11 views

Computer and Software

Uploaded by

Umar Khan
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Individual Assignment

Name : MUHAMMAD UMAR KHAN

Student Number : TP082026

Module Name : CYBERSECURITY

Lecturer : DR. SEYEDMOSTAFA SAFAVI

Issue Date: 25/06/2024 Date: 28/06/2024


Abstract:
In today's Connected world, computers and software security is needed for protecting
sensitive information and also for preventing cyber threats. In this abstract we discus the all
type of security that we needed and provides an overview of the fundamental concepts and
also the techniques in computer and software security and we discuss algorithms for the data
encryption and risk management strategies, and also we look at the connection that how
much is the online connections are secured, and the devastating impact of ransomware attacks
and also how to protect the system from DDOS attacks. Furthermore, we examine the effects
of RSA on network security and vulnerabilities of the IoT devices to the attacks of DDOS.
Our Goal is to emphasize the importance of the multi layered approach of security,
incorporating encryption, authentication, and the access control to ensure the confidentiality,
integrity, and availability of the digital assets. To understanding this type of concepts,
individuals and organizations can be better navigate to the digital landscape and also can
protect themselves against the ever-evolving cyber threats.

Here are definitions for Computer Security and Software Security:


Computer Security:
Protecting computer systems, software, hardware, and the data from unauthorized access, use,
disclosure and disruption, modification, or the destruction. Ensuring that the confidentiality,
integrity, and availability of the computer systems and data. Detecting and preventing
unauthorize access, viruses, spyware, Trojan horses, malware, adware, and the other security
threats. In simple words you need to protect your computer laptop or mobile etc devices from
the Data theft or damage, Data breaches protect the data from theft or damage, Adware like
the unwanted ads, ransomware Phishing from fraudulent emails or websites, Unwanted
programs ‘’spyware, adware’’, and Data theft or damage. For the data security and system
surety we need to use Firewalls for blocking unauthorized access and use encryption to
secure login credentials , put strong passwords for protecting data with codes, fixing and
Updates and patches, install the anti virous detecting and removing malware.

Software Security:
Protecting programs, software applications, and data from the unauthorized access,
disclosure, use, modification, disruption, or the destruction. Ensuring that the software is
designed and written to be stable, secure, and resistant to flaws, attacks and vulnerabilities.
Detecting and Preventing software-related security threats, like as buffer overflows, cross-site
scripting (XSS), SQL injection, and CSRF cross-site request forgery. In the above Computer
Security focuses on protecting the computer system overall, while Software Security must be
focuses on ensuring that the security of the software applications that run on that system or
not. The applications and programs that you are using from, Tampering or alteration, Flaws
(bugs) that can be exploited, Vulnerabilities (weaknesses) that can be attacked and Ensure
that the software is designed and written to be safe and secure to use, computer security fucus
on device protection and the software security is focus on programs protection which is
running on that device.
You can secure the software by writing safe and secure code, fixing security flaws and bugs,
Give the access control to them who do you need or limiting who can use the software, Use
the encryption to protecting data within the software, and ensuring that the software works
correctly or not.

Symmetric Key Algorithms:


i. Advanced Encryption Standard AES
ii. Blowfish
iii. Data Encryption Standard DES
iv. Triple Data Encryption Algorithm 3DES

Asymmetric Key Algorithms:


i. Rivest-Shamir-Adleman RSA
ii. Elliptic Curve Cryptography ECC

Hybrid Algorithms:
i. Pretty Good Privacy PGP
ii. Transport Layer Security TLS

Other Algorithms:
i. Rivest Cipher 4 RC4
ii. Rivest Cipher 6 RC6
iii. A symmetric key block cipher

Abstract/Introduction
The computer and software security is like locking your car or a house . that you want to keep
the bad guys out and also to protect your valuable things inside your house. Now a days in
the digital world, security means to protecting your computer your phone, and your online
information from hackers and the cyber-attacks.
Literature Review
Keeping the data secret with encryption like with a secret code, and Using RSA encryption
for secure the online connections, and Preventing DDoS attacks on IoT devices which is like
smart home devices, and Finding weaknesses in the systems , Protecting against the attacks
like ransomware or malware that demands payments.

Abstract/Introduction
Computer and software security is like locking your house or car. You want to keep the bad
guys out and protect your valuable things inside. In the digital world, security means
protecting your computer, phone, and online information from hackers and cyber attacks.

Findings and Outcomes:


The Security is crucial for everyone like the organizations, individuals and governments,
Regular updates and the patches are necessary, and also the awareness and education is the
key, and authentication and encryption are essential, and you need to the Multiple layers of
security.

Methodology and Techniques


We use the encryption algorithms like AES, RSA and SHA. And Firewalls and the intrusion
detection systems and the regular updates and patches in the system, we need to access
control and authentication protocols and the Incident response and the disaster recovery
planning we must know about, Vulnerability assessment and the penetration testing.

Conclusion/Future Works
In short the computer and software security is vital and the future efforts should focus on the
developing stronger security measures, and also increasing awareness, and to improving
incident response strategies.

Recommendation
You need to regularly update your system and software and use encryptions and
authentication and also have a look on the weaknesses and do the penetration testing and you
need to developing incident response and the disaster recovery plans and education about the
cyber security and best practices.
Concept of risk management security:
Risk Management Security is the systematic approach to assessing, identifying, and
mitigating potential security threats to the organization assets, infrastructure, and data. It
involves Risk identification, potential security and weaknesses. The severity and potential
impact is based on the risk prioritization, Risk mitigation means to take action to reduce or
remove the risks and put controls in place to minimize the threats

Effective risk management involves:


You (Organization must be proactively manage security risks and reduce the likelihood of the
security breaches) need to identify the weaknesses and assessing the potential impact then
you need to control it and you need to be monitoring and reviewing and start updating and
continuously improving. A thorough process that encompasses risk identification,
assessment, prioritizing, mitigation, monitoring, review, communication, analysis, treatment,
and governance is necessary for effective risk management. Prioritizing the most important
risks and threats comes first, followed by identifying prospective threats and hazards and
assessing their effect and likelihood. After that, risk is reduced by implementing mitigation
methods, and risk levels are regularly checked and evaluated. Stakeholders are informed
about risks, and data is evaluated to spot patterns and enhance mitigation initiatives. Options
for appropriate risk treatment are chosen and put into action, and risk governance guarantees
supervision and responsibility. Organizations may prevent future harm to their operations,
finances, and reputation by taking a proactive approach to risk management.

A ransomware attack on any environment involves:


The hacker needs the Initial Access and he looking for the weakness or trick. He go for thr
Malware Deployment by which he released Ransomware, scrambling files. After that the data
well be encrypted and you can not access it then they demand to pay them or you lost your
data. Attacker steal sensitive data, threatening to company to release it if demands are not
met. Operations are disrupted and causing financial or reputational damage. Attackers set a
deadline for the payment, increasing pressure on the company. Company must restore from
backups or pay ransom, hoping for the decryption. Companies investigate the attack,
assessing damage and to improving the defences.

Effects of RSA on network security:


Rivest-Shamir-Adleman RSA encryption have several effects on network security to secure
the data transmission and authentication, integrity, access control, integrity and digital
signatures. RSA enables the protecting data secure communication in transit and at rest and
ensures the integrity of messages and authenticity. RSA has also the following implications
on network security:
Secure key exchange guarantees that only authorized parties may access the information.
Enhanced data confidentiality: Enables participants in communication to safely exchange
cryptographic keys
Electronic signatures: confirms the legitimacy and consistency of digital messages and
documents
SSL/TLS security: safeguards private data while doing transactions online
Defense against online threats: reduces the possibility of data manipulation, man-in-the-
middle attacks, and eavesdropping
Because it offers strong data secrecy, safe key exchange, digital signature verification,
SSL/TLS encryption, and defense against cyberattacks, RSA is crucial for protecting
sensitive data.

DDoS attacks on IoT devices:


A Distributed Denial of Service DDoS attack on IoT devices involves the overwhelming
them with traffic and making them unresponsive. This can lead to the Services disruption,
financial loss, reputational damage, data breaches and security vulnerabilities. Distributed
Denial of Service attacks on IoT devices can have severe consequences, integrity,
compromising the availability and confidentiality of data. IoT devices are susceptible to
malware intrusion, frequently as a result of security flaws or shoddy passwords.
Botnet creation: A network of hacked devices called a botnet is formed by recruiting infected
devices. Command and control: An attacker may remotely command the botnet by sending
orders to the devices. Traffic generation: Targeting a particular IP address or network, the
hacked devices produce a lot of traffic. Overwhelm and disrupt: An overload of traffic
overwhelms the targeted network or device, making it unavailable or noticeably slower.
DDoS attack types against IoT devices include: Traffic flooding: Packing the gadget with so
much traffic that it becomes unusable. Application layer attacks: These aim to take out
particular services or apps that are operating on the system.

You might also like