computer security and malware by shahzad younas
TRANSCRIPT
Topic : Computer Security Group Name: Anmol Group
Group Leader Shahzad Younas
Group MembersAnsar SohailAli ShahzadFiaz Tabish
ObjectivesComputer Security Computer Security CIA Trail CIA Trail Malware Malware
Email Related Issue
Email Related Issue Cyber VillainsCyber Villains ProtectionProtection
AuthenticationAuthentication ReferencesReferences
Computer Security
Computer security is the field
which tries to keep computer
safe and secure.
What does it mean to be secure?
• Include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy.
CIA Trial It is combination of principles.
Security Objectives:ConfidentialityAvailabilityIntegrity
Confidentiality
• The information must just be accessible to the authorized people
• Confidentiality is keeping information secret or private.
• Confidentiality might be important for military, business or personal reasons.
Integrity
• Integrity is the unauthorized writing or modification of information.
• Guarantee that the data is what we expect.
• Messages can’t be modified without detection.
Availability
• System and networks must be up and running.
• Availability is the prevention of unauthorized withholding of information.
Malware• Malware (short for malicious software)is any
software specifically designed to damage a computer
system without owner knowledge.
Examples:Trojan Horses
Viruses
Worm
Trojan Horse• A Trojan Horse is program that is
packaged with a useful application, usually free, such as a screen or game saver, but carries a destructive virus, that creates problems for your computer without your knowledge.
Trojan Horse
Some example of Trojan Horse
– TrojanDownloader:Win32/Zlob.gen!dll– Trojan.Popuper.origin– Downloader.Zlob.LI
Virus• A computer virus is small software program
that can spread from one computer system to another and cause interferences with computer operations.
Worm
• A worm is a type of malicious software (malware) that copies itself repeatedly into a computers memory.
Email Related Issues
• Spam
• Phishing
• Pharm
• Web jack
Spam• Spam is flooding the Internet with many copies of the
same message, in an attempt to force the message on people who would not otherwise choose to receive it.
• It is also known as Bulk-email or Junk email
Spam
Phishing:
Example: • You type, by mistake, “gmale.com” instead of
“gmail.com”• gmale.com designs the site to look like
gmail.com so the user types in their info as usual
• BAD! Now an evil person has your info!
A fake login page to be a trusted login page.
Pharm• Software that's planted on a computer; redirects to impostor web
page even though you type in the right URL. You can protect yourself against it by going to websites that contain https not http.
Hacker
• Hacker is a term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems.
Cracker• A cracker also a someone who access a computer or
network illegally but has the intent of destroying data, stealing information or other malicious action.
• Both hacker and cracker have advanced computer and network skills.
Cyber terrorism• Cyber terrorism can be also defined as the intentional
use of computer, networks, and public internet to cause destruction and harm for personal objectives. Objectives may be political or ideological since this can be seen as a form of terrorism.
Hacker Activists• "Hacker Activists" are people with a politically or socially
motivated purpose who break into a computer system. "Hacker Activists" are people with a politically or socially motivated purpose who break into a computer system.
Protection
AntivirusFirewallEnctyption
Antivirus
• Scans primary and secondary storage Devices.• Detect & Destroy them.• Keep update antivirus software.
It works in 2 ways:
1. It scans files to look for known viruses to compare to a virus dictionary.
2. It analyzes suspicious behavior of computer programs
Antivirus Software
• http://free.grisoft.com (AVG Antivirus Free)
• http://www.symantec.com/nav/nav_9xnt/ (Norton Antivirus)
• http://www.sophos.com/products/sav/ (Sophos Antivirus)
• http://www.pandasoftware.com/home/default.asp (Titanium Antivirus)
• http://www.trendmicro.com/en/home/us/personal.htm (Trend Micro PC-cillin)
• http://www.mcafee.com (McAfee VirusScan)
Online Antivirus Checkups•http://housecall.trendmicro.com/•http://www.pandasoftware.com/products/activescan.htm
Some links where we can find free antivirus software.
Firewall• Windows Firewall (or any other firewall) can help alert
you to suspicious activity if a virus or worm attempts to connect to your computer. It can also block viruses, worms, and hackers from attempting to download potentially harmful programs to your computer.
Some Firewall Software• http://www.zonealarm.com (ZoneAlarm)• http://www.mcafee.com (McAfee Personal Firewall)• http://www.symantec.com/sabu/nis/npf/ (Norton Personal Firewall)
Encryption• Turning readable data into a form of unreadable data in
order to prevent access that is not authorized Often used in the military.
Authentication
Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
Examples:
• Password
• Biometrics
• Palm/Finger Print
Password• A password or watchword is a form of authentication used to guard
or control a "resource"
Tips for Creating Secure Passwords• http://www.microsoft.com/athome/security/privacy/password.mspx• http://www.us-cert.gov/cas/tips/ST04-002.html• http://www.symantec.com/homecomputing/library/pass_w.html
Use complex password:
Hint: iMnew145
Biometrics
• Biometrics is the science of measuring of human physical or behavioral characteristics.
Palm/Finger Print• Palm/Finger print scanning is a unique way to protect
your privacy. You run your finger across a window or sensor to identify yourself.
Iris/Face
• Iris/ face scans are very reliable identifiers. Each individual person has different eyes and face shape, making this type of scan very effective.
Voice• A systems that extract features from speech patterns in
order to recognize someone's voice which is then digitalized and stored
References
• (http://www.pcworld.com/article/id,144017-c,internetlegalissues/article.htm)
• (http://en.wikipedia.org/wiki/Firewall_(networking))• http://www.questbiometrics.com• http://www.nationalbiometric.org/• http://www.news.com/2100-1001-205144.html
