INTERNET

SECURITY
Computer Security
1) Computer security basically is the protection of computer systems and information from harm,
theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of
your computer system.
2) Computer security ensures that a business’s data and computer systems are safe from
breaches and unauthorized access.
3) Computer security protects individuals and organizations against cyber threats and the loss of
important data.
Computer security types
Information security is securing information from unauthorized access, modification & deletion
Application Security is securing an application by building security features to prevent from
Cyber Threats such as SQL injection, DoS attacks, data breaches and etc.
Computer Security means securing a standalone machine by keeping it updated and patched
Network Security is by securing both the software and hardware technologies
Cybersecurity is defined as protecting computer systems, which communicate over the
computer networks.
Security Threat and Security
attack
A threat is malicious act, that has the potential to damage the system or asset while an attack is
an intentional act that causes damage to a system or asset.
Security Threats
 Malware: Malicious software like viruses, worms, Trojans, and ransomware.
 Phishing: Attempts to trick individuals into revealing sensitive information such as passwords
or credit card numbers.
 A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal
functioning of a targeted server, service, or network by overwhelming it with a flood of internet
traffic. DDoS attack uses multiple sources, often compromised computers or devices (botnets),
to launch coordinated attacks simultaneously.
 Physical Threats: Theft, vandalism, or destruction of hardware, data, or facilities.
Security attack
•Brute Force Attacks: Attempting to guess passwords or encryption keys
through exhaustive trial and error.
•Man-in-the-Middle (MitM) Attacks: Intercepting communication between
two parties to eavesdrop or modify the data.
•SQL Injection: Exploiting vulnerabilities in web applications to execute
arbitrary SQL commands on a database.
•Cross-Site Scripting (XSS): Injecting malicious scripts into web pages
viewed by other users.
•Data Breaches: Unauthorized access to sensitive data, often resulting in
its theft, disclosure, or modification.
•A Zero-Day Attack refers to a cyber attack that exploits a previously unknown
vulnerability or weakness in software or hardware. In other words, the attack
occurs on the same day the vulnerability is discovered or made public.
Malicious software
Malicious Software refers to any malicious program that causes harm to a computer system or
network. Malicious Malware Software attacks a computer or network in the form of viruses,
worms, trojans, spyware, adware or rootkits.
Computer Virus
A computer virus is a malicious software which self-replicates and attaches itself to other
files/programs. It is capable of executing secretly when the host program/file is activated. The
different types of Computer virus are Memory-Resident Virus, Program File Virus, Boot Sector
Virus, Stealth Virus, Macro Virus, and Email Virus.
Continue..
Worms
A worm is a malicious software which similar to that of a computer virus is a self-replicating
program, however, in the case of worms, it automatically executes itself. Worms spread over a
network and are capable of launching a cumbersome and destructive attack within a short
period.
Trojan Horses
Unlike a computer virus or a worm – the trojan horse is a non-replicating program that appears
legitimate. After gaining the trust, it secretly performs malicious and illicit activities when
executed. Hackers make use of trojan horses to steal a user’s password information, destroy
data or programs on the hard disk. It is hard to detect!
Security services
Confidentiality:
Definition: Confidentiality ensures that sensitive information is only accessible to authorized
individuals, systems, or processes.
Objective: The goal is to prevent unauthorized disclosure of data to unauthorized entities.
Examples: Encryption, access controls, data classification, and data masking are common
techniques used to enforce confidentiality.
Integrity:
Definition: Integrity ensures that data remains accurate, consistent, and unaltered during
storage, transmission, and processing.
Objective: The goal is to prevent unauthorized modification, deletion, or corruption of data by
ensuring that it remains trustworthy and reliable.
Examples: Hash functions, digital signatures, checksums, and file integrity monitoring are used
to detect and prevent unauthorized changes to data.
Continue..
Authentication:
Definition: Authentication verifies the identity of users, systems, or entities attempting to access
resources or services.
Objective: The goal is to ensure that users are who they claim to be and that only authorized
entities can access sensitive resources or perform specific actions.
Examples: Passwords, biometrics, digital certificates, multi-factor authentication (MFA), and
security tokens are used to authenticate users and devices.
Non-Repudiation:
Definition: Non-repudiation ensures that individuals or entities cannot deny their actions or
transactions after they have occurred.
Objective: The goal is to provide evidence that a particular action, such as sending a message or
conducting a transaction, was performed by a specific entity and cannot be repudiated.
Examples: Digital signatures, audit logs, transaction logs are used to provide evidence of
authenticity and accountability.
Security mechanism concepts
One of the most specific security mechanisms in use is cryptographic techniques. Encryption or
encryption-like transformations of information are the most common means of providing
security. Some of the mechanisms are:
1) Encipherment:
2) Digital Signature:
3) Access Control:
 Encipherment
Encipherment, also known as encryption
 Is the process of converting plaintext data into ciphertext using cryptographic algorithms and keys.
Examples: Common encryption algorithms include Advanced Encryption Standard (AES),
Rivest Cipher (RC), and Data Encryption Standard (DES).
The primary goal of encipherment is to protect the confidentiality of sensitive information
by preventing unauthorized access or interception.
Digital signature
A digital signature is a cryptographic technique used to validate the authenticity,
integrity, and non-repudiation of digital messages, documents, or transactions.
How do you create a digital signature?
To create a digital signature, signing software -- such as an email
program -- is used to provide a one-way hash of the electronic data to
be signed.
A hash is a fixed-length string of letters and numbers generated by an
algorithm. The digital signature creator's private key is used to encrypt
the hash. The encrypted hash -- along with other information, such as
the hashing algorithm -- is the digital signature.
Continue..
The reason for encrypting the hash instead of the entire message or document is
because a hash function can convert an arbitrary input into a fixed-length value,
which is usually much shorter. This saves time, as hashing is much faster than
signing.

The value of a hash is unique to the hashed data. Any change in the data -- even
a modification to a single character -- results in a different value. This attribute
enables others to use the signer's public key to decrypt the hash to validate the
integrity of the data.
Continue..
If the decrypted hash matches a second computed hash of the same data, it
proves that the data hasn't changed since it was signed. But, if the two hashes
don't match, the data has either been tampered with in some way and is
compromised or the signature was created with a private key that doesn't
correspond to the public key presented by the signer. This signals an issue with
authentication.
Access control
Access control is a fundamental component of data security that
dictates who's allowed to access and use company information and
resources.
Through authentication and authorization, access control policies
make sure users are who they say they are and that they have
appropriate access to company data.
Cryptography
Cryptography is the practice of developing and using coded algorithms to
protect and obscure transmitted information so that it may only be read by
those with the permission and ability to decrypt it.
Continue..
Digital signatures: Cryptography enables the creation and verification of digital
signatures, providing a way to authenticate the origin and integrity of digital
documents or transactions.
Secure payment transactions: Cryptography secures financial transactions by
encrypting sensitive payment information, protecting it from unauthorized
access or fraud.
Blockchain technology: Cryptography underpins blockchain technology, ensuring
the immutability and integrity of distributed ledger systems, crucial for
applications like cryptocurrencies and smart contracts.
Password hashing: Cryptography is used to securely hash and store passwords,
protecting user credentials from being compromised in the event of a data
breach.
firewall
A firewall is a network security device that monitors incoming and outgoing
network traffic and decides whether to allow or block specific traffic based on a
defined set of security rules.
User Authentication and
Authorization
Authentication is any procedure by which it can test that someone is who they
claim they are. This generally contains a username and a password, but can
involve some other method of demonstrating identity, including a smart card,
retina scan, voice recognition, or fingerprints. Authentication is similar to
displaying the drivers license at the ticket counter at the airport.

Authorization is discovering out if the person, once recognized, is allowed to

have the resource. This is generally decided by discovering out if that person is a
part of a specific group, if that person has paid admission, or has a specific level
of security clearance. Authorization is same to checking the guest record at an
exclusive party, or checking for the ticket when it can go to the opera.
Intrusion Detection System
An intrusion detection system (IDS) is a network security tool that monitors
network traffic and devices for known malicious activity, suspicious activity or
security policy violations.
IDS Detection Types
Network intrusion detection systems (NIDS): A system that analyzes incoming
network traffic.
Host-based intrusion detection systems (HIDS): A system that monitors
important operating system files.
Security awareness and policy
Security awareness involves educating individuals about potential cybersecurity
threats, best practices for protecting personal and organizational data, and
fostering a culture of vigilance and responsibility towards maintaining security in
digital environments.
A security policy is a set of rules, guidelines, and procedures established by an
organization to ensure the confidentiality, integrity, and availability of its
information assets, outlining the framework for managing security risks and
defining responsibilities for personnel.
Formulate security policy.
Define objectives
Identify assets
Risk assessment
Legal and regulatory compliance
Roles and responsibilities
Access control
Data protection
Continue..
Security awareness training
Incident response plan
Physical security measures
Compliance monitoring
Policy review and updates
Enforcement and consequences
Documentation and version control
Communication and training