COMPUTER THREATS SECURITY MEASURES
Jan 15, 2015
COMPUTER THREATSSECURITY MEASURES
Computer Security
Computer Security means protecting our computer system and the information they contain against unwanted access, damage, destruction or modification
Type of securityHardware security
PC-lock, keyboard-locks, smart cards, biometric devices
Software security Activation code, serial number
Network security Firewall
Computer Threats (ancaman)1. Malicious Code2. Hacker3. Natural Threats4. Theft
Malicious Code
Malicious code is a computer program that perform unauthorised processes on a computer or network.
Various kind of Malicious code: Virus Trojan Horse Logic Bomb Trapdoor or Backdoor Worm
Malicious Code
Malicious Code Explanation
Virus •A program that can pass on the malicious code to other program by modifying them.• It attaches itself to the program, usually files with .doc, .xls, .exe extensions•It destroy or co-exist with the program•It can overtake the entire computing system and spread to other systems.
Trojan Horse •A program that perform useful and unexpected action•It must be installed by users or intruders before it can affect the system’s assets•Example : login script that requests users’ login ID or password•The information is then used for malicious purpose
Malicious Code
Malicious Code Explanation
Logic Bomb •A malicious code that goes off when a specific condition occurs•Example : Time bomb•It goes off and causes threats at a specified time or date.
Trapdoor/ Backdoor
•A feature in a program that allows someone to access the program with special privilleges
Worm •A program that copies and spreads itself through a network
Primary differences between Worm and Virus
Worm Virus
Operates through the network Spreads through any medium
Spread copies of itself as a stand alone program
Spread copies of itself as a program that attaches to other program
Malicious code
A computer infected by a virus, worm, or Trojan horse often has the following symptoms: Screen displays unusual message or
image Music or unusual sound plays randomly Available memory is less than expected Existing programs and files disappear Files become corrupted
Hacking
Hacking refer to unauthorized access to the computer system by a hacker.
A hacker is a person who accesses a computer or network illegally. (penceroboh)
A hacker has advanced computer and network skills. They may use a modem or cable to hack targeted computers.
Nature Threats
Computer are also threatened by natural or environmental disaster.
Examples : Flood Fire Earthquakes, storms, tornados Excessive heat Inadequate power supply.
Theft
Two type of computer theft1. Computer is used to steal money, goods,
information and resources.2. Stealing a computers especially notebook and PDA.
Three approaches to prevent theft Prevent access by using locks, smart card or
password Prevent portability by restricting the hardware from
being moved Detect and guard all exits and record any hardware.
Security Measures
Security Measure The precautionary measure taken
toward possible danger or damage. Six types of security measure
Data Backup Cryptography Antivirus Anti-spyware Firewall Human Aspect
Anti-virus
A utility program that we use to protect a computer against viruses by identifying and removing computer viruses found in the computer memory, computer storage on incoming e-mail files.
Example of anti-virus Norton Antivirus, AVG, Kaspersky,
Bitdefender, Nod32.
Anti-spyware
A utility program that we use to protect the computers from spyware
Spyware is a program placed on a computer without the user’s knowledge. It secretly collect information about the user.
Spyware usually enter your system through the internet.
Example of anti-spyware Spybot Search and Destroy Ad-aware Spyware Blaster
Firewall
A piece of hardware or software which functions in a networked environment to prevent some communication forbidden by security policy.
We use firewall to prevent hacking. Type of firewall
Screening Routers Proxy Gateway Guard
Data Backup
Data Backup Utility program that makes a copy of
files that have been saved onto a disk. We backup data to :
ensure that our data can still be used if the original is corrupted
Prevent our files from malicious program (virus, trojan horse, worm, logic bomb, ext)
cryptography
Is a process of hiding information by altering the actual information into different representation. For example , APA can be written as I?X. A process of transforming plaintext into ciphertext
then back again.
Encryption is a process of converting plaintext into chipertext. Decryption is the process of converting ciphertext into plaintext.
An encryption key is a formula that the sender of that data uses to encrypt plaintext. A decryption is a formula that the recipient of that data uses to decrypt chipertext.
cryptography
Plaintext ciphertext
ciphertextPlaintext
encrypt
decrypt
Human Aspect
Human aspects refer to the user and also the intruder of a computer system
Human aspect security is the hardest aspects to give protection to.
The most common problem of human aspect security is the lack of achieving a good information security procedure.