Computer security

COMPUTER THREATSSECURITY MEASURES

Computer Security

Computer Security means protecting our computer system and the information they contain against unwanted access, damage, destruction or modification

Type of securityHardware security

PC-lock, keyboard-locks, smart cards, biometric devices

Software security Activation code, serial number

Network security Firewall

Computer Threats (ancaman)1. Malicious Code2. Hacker3. Natural Threats4. Theft

Malicious Code

Malicious code is a computer program that perform unauthorised processes on a computer or network.

Various kind of Malicious code: Virus Trojan Horse Logic Bomb Trapdoor or Backdoor Worm

Malicious Code

Malicious Code Explanation

Virus •A program that can pass on the malicious code to other program by modifying them.• It attaches itself to the program, usually files with .doc, .xls, .exe extensions•It destroy or co-exist with the program•It can overtake the entire computing system and spread to other systems.

Trojan Horse •A program that perform useful and unexpected action•It must be installed by users or intruders before it can affect the system’s assets•Example : login script that requests users’ login ID or password•The information is then used for malicious purpose

Malicious Code

Malicious Code Explanation

Logic Bomb •A malicious code that goes off when a specific condition occurs•Example : Time bomb•It goes off and causes threats at a specified time or date.

Trapdoor/ Backdoor

•A feature in a program that allows someone to access the program with special privilleges

Worm •A program that copies and spreads itself through a network

Primary differences between Worm and Virus

Worm Virus

Operates through the network Spreads through any medium

Spread copies of itself as a stand alone program

Spread copies of itself as a program that attaches to other program

Malicious code

A computer infected by a virus, worm, or Trojan horse often has the following symptoms: Screen displays unusual message or

image Music or unusual sound plays randomly Available memory is less than expected Existing programs and files disappear Files become corrupted

Hacking

Hacking refer to unauthorized access to the computer system by a hacker.

A hacker is a person who accesses a computer or network illegally. (penceroboh)

A hacker has advanced computer and network skills. They may use a modem or cable to hack targeted computers.

Nature Threats

Computer are also threatened by natural or environmental disaster.

Examples : Flood Fire Earthquakes, storms, tornados Excessive heat Inadequate power supply.

Theft

Two type of computer theft1. Computer is used to steal money, goods,

information and resources.2. Stealing a computers especially notebook and PDA.

Three approaches to prevent theft Prevent access by using locks, smart card or

password Prevent portability by restricting the hardware from

being moved Detect and guard all exits and record any hardware.

Security Measures

Security Measure The precautionary measure taken

toward possible danger or damage. Six types of security measure

Data Backup Cryptography Antivirus Anti-spyware Firewall Human Aspect

Anti-virus

A utility program that we use to protect a computer against viruses by identifying and removing computer viruses found in the computer memory, computer storage on incoming e-mail files.

Example of anti-virus Norton Antivirus, AVG, Kaspersky,

Bitdefender, Nod32.

Anti-spyware

A utility program that we use to protect the computers from spyware

Spyware is a program placed on a computer without the user’s knowledge. It secretly collect information about the user.

Spyware usually enter your system through the internet.

Example of anti-spyware Spybot Search and Destroy Ad-aware Spyware Blaster

Firewall

A piece of hardware or software which functions in a networked environment to prevent some communication forbidden by security policy.

We use firewall to prevent hacking. Type of firewall

Screening Routers Proxy Gateway Guard

Data Backup

Data Backup Utility program that makes a copy of

files that have been saved onto a disk. We backup data to :

ensure that our data can still be used if the original is corrupted

Prevent our files from malicious program (virus, trojan horse, worm, logic bomb, ext)

cryptography

Is a process of hiding information by altering the actual information into different representation. For example , APA can be written as I?X. A process of transforming plaintext into ciphertext

then back again.

Encryption is a process of converting plaintext into chipertext. Decryption is the process of converting ciphertext into plaintext.

An encryption key is a formula that the sender of that data uses to encrypt plaintext. A decryption is a formula that the recipient of that data uses to decrypt chipertext.

cryptography

Plaintext ciphertext

ciphertextPlaintext

encrypt

decrypt

Human Aspect

Human aspects refer to the user and also the intruder of a computer system

Human aspect security is the hardest aspects to give protection to.

The most common problem of human aspect security is the lack of achieving a good information security procedure.