Transcript Internet Security - e

Internet Security
facilities for secure communication
MALWARE
• Malware refers to any program or computer
code deliberately designed to harm any
portion of a computer system
• The three most common forms of malware are
viruses are viruses, worms and trojan horses
• Morris worm was created in 1988 and infected
6,000 computers using the UNIX operation
system.
MALWARE COUNTERMEASURES
• Antivirus
– Signature scanning: a virus signature is a string of
binary code unique to a particular virus. Virus
signatures are also known as fingerprints or
patterns. Because new viruses appear all the time,
a virus program’s signature file must be updated
frequently to maintain the program’s ability to
defend against threats. Many antivirus programs
will automatically inform users when a new virus
signature update is available for download.
• Disadvantages of signature scanning
– Polymorphic viruses change with each replication.
The constantly changing signature of a
polymorphic virus makes it more difficult to detect
using signature files alone.
– Signature scanning also is ineffective against new
viruses for which signature updates do not yet
exist
– It detects malware only after it has infected a
computer system
• Heuristic scanning looks for general malware
characteristics rather than specific characteristics
such as a signature.
• Heuristic problem solving relies on previous
experience or knowledge.
• An antivirus program that uses heuristic scanning
examines file size, architecture, or code behavior.
• Heuristic scanning can produce false positives and
negatives.
• For e.g.. It might report a legitimate software
program as malware on the basis that it
shares some characteristics with known
malware programs.
• Just as with signature scanning, heuristic
scanning software requires periodic updates
to ensure that the catalog of suspicious
characteristics is up to date.
• Behavior Blocking looks for typical malware
behaviors, such as attempts to change computer
settings, the opening and or alteration of files,
attempts to open computer ports etc.
• Ports are computer doorways used for various
activities, and an open or unguarded port can be the
entryway for malware.
• It is becoming popular since hackers face greater
difficulty changing the behavior of malware than
changing a virus signature
FIREWALLS
• It is a hardware or software barrier located
between the internet and a computer or
computer network. Many routers available
nowadays contain built-in firewalls
• A firewall is a system of hardware and
software that connects the intranet to
external networks, such as the internet. It
blocks unauthorized traffic from entering the
intranet and cal also prevent unauthorized
employees from access the intranet
• Two components of firewalls are a proxy server and
caching.
• Proxy server is a server, or remote computer, that may
exist outside of the organization’s network, ad all
communications to the organization are routed
through it. The proxy server decides which messages or
files are safe to pass through to the organization’s
network. It can also provide document caching
• Caching is to store copies of web pages for
quick access; the purpose is to speed up the
web for their users. The only difficulty with
this practice is that the original web page may
have been updated, but this is not reflected
on the copy in the cache in the proxy
computer.
Firewalls
• Routers available nowadays contain built-in
firewalls.
• A firewall filters data arriving through the
internet to protect the system from any
threats.
• Firewalls can be configured to reject incoming
packets based on the IP address or domain
name they originate from.
• This prevents the entry of data from sites
known to harbor threats.
Firewall
• A user can configure a firewall to allow or disallow
the use of different protocols e.g. restricting FTP to
prevent unauthorized file transfers from taking
place.
• Firewalls can also filter incoming packets for text
they might contain.
• Start with the highest level of security when you
configure a firewall. If it creates problems denying
access to legitimate data, adjust the configuration
until an appropriate balance between security and
convenience is achieved
• Firewalls can help prevent malware but
antivirus are also needed.
Service Patches and updates
• It’s important to install security patches.
Password protection
• Passwords help protect your computers
CYBER CRIME
• It refers to crimes committed using the
internet.
• Some cyber crimes are phishing/spoofing, 419
scams, DOS attacks, brute force attacks
Phishing
• It is when an online scammer sends a user an
e-mail that appears to be from a legitimate
and well-known company to try to trick the
user into sending confidential information.
• The practice of disguising an e-mail or a web
site so that it appears to belong to a wellknown company such as yahoo, Google or
others is called spoofing.
Phishing
• The e-mail typically lists a URL that will direct
victims to a spoofed web site that gives every
appearance of being the legitimate web site of
a familiar company.
• Many users recognize phishing attempts by
noticing obvious spelling or grammatical
errors.
• Current phishing attacks are estimated to have
a 3% success rate.
419 Scams
• The 419 scam, or advance fee fraud, is a very
popular cyber crime committed using e-mail.
• This scam gets its name from a section of the
Nigerian penal code, because the vast
majority of this type of crime originates in that
country.
• E.g. have to pay money to attend a seminar or
has money and needs help etc.
DOS attacks
• Sending a lot of traffic to deny the network
from functioning.
• DDOS (distributed denial of service), a Trojan
horse is used to download a small program
onto an unsuspecting internet user’s
computer. The program transforms the
computer into a zombie that is used to send
messages to the target of coordinated DDOS
attack.
Brute force attacks
Cyber crime countermeasures
• Internet explore security settings
• Encryption and authentication
– Symmetric and asymmetric encryption
– Digital certificates
– Digital signatures
– Secure sockets layer (SSL) protocol
• Biometric authentication
Threats to privacy
•
•
•
•
Spam
Adware/spyware
Cookies
Inappropriate content
Privacy countermeasures
•
•
•
•
Spam blocking methods
Spyware/adware avoidance
Cooking blocking
Parental control software