KEMBAR78
Lecture 1 - Introduction Security Concept | PDF | Malware | Cryptography
Scribd
Upload
18 views35 pages

Lecture 1 - Introduction Security Concept

The document provides an overview of malware analysis, detailing various types of malware such as Trojans, RATs, and ransomware, and their malicious functionalities. It emphasizes the importance of malware analysis for understanding attacks and protecting information systems, alongside discussing cryptography and security concepts. Additionally, it outlines the challenges and mechanisms involved in ensuring computer and network security.

Uploaded by

Mrs KAVITHA RANI S Asst. Prof / AIML
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
18 views35 pages

Lecture 1 - Introduction Security Concept

The document provides an overview of malware analysis, detailing various types of malware such as Trojans, RATs, and ransomware, and their malicious functionalities. It emphasizes the importance of malware analysis for understanding attacks and protecting information systems, alongside discussing cryptography and security concepts. Additionally, it outlines the challenges and mechanisms involved in ensuring computer and network security.

Uploaded by

Mrs KAVITHA RANI S Asst. Prof / AIML
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 35

LECTURE 1

PREPARED BY:
M. PRITHYA
ASST. PROF , DEPT. OF CSE(AI&ML)
Introduction To Malware
Analysis:
• Malware is an executable binary that is malicious in nature.
• Malware's can be used by attackers to perform variety of malicious
actions like Spying on the target using Keyloggers or RAT'S, they can
also delete your data or encrypt your data for "Ransom".
TYPES OF MALWARE:

• Malware is designed to perform malicious actions and they have


different functionality. Various types of Malware are
• Trojans - Trojans can destroy data and exfiltrate data and can also be
used for spying.
• Rat's - This type of malware allows attacker to remotely access and
execute commands on system.
• Ransomware - Ransomware encrypts all files on the system and
holds the System and its data for ransom.
• Dropper - Droppers functionality is to download/drop additional
malware.
Benefits Of Malware Analysis

• Malware analysis provides several significant benefits. For example,


it enables organizations to perform the following malware analysis
steps:
o Figure out how much damage an intrusion caused
o Identify who may have installed malware inside the system
o Determine the attack's level of sophistication
o Pinpoint the exact vulnerability the malware exploited to access your
system
• The objective of computer security includes protection of information
and property from theft, corruption, or natural disaster, while
allowing the information and property to remain accessible and
productive to its intended users. Malware:Malicious Software
includes computer viruses, worms, trojan horses, most rootkits,
spyware, dishonest adware.
Network Security

• protect the network and the network-accessible resources from


unauthorized access, consistent and continuous monitoring and
measurement of its effectiveness.
Cryptography

• Cryptography (from Greek kryptós, “hidden”, and gráphein, “to


write”) is, traditionally, the study of means of converting information
from its normal, comprehensible form into an incomprehensible
format, rendering it unreadable without secret knowledge — the art
of encryption.
• Cryptography means art of Secret Writing The process of writing or
reading secret messages or codes.
Need for Cryptography
• In today’s world thousands of people interact electronically every
day by different means like e-mails, ATM machines, e-commerce or
cellular phones.
• The rapid increase of information transmitted electronically resulted
to an increased reliance on cryptography.
• The main aim of cryptographic feature designed to detect, prevent,
or recover from a security attack.
Different Types of Security:

 Data security
Computer Security
Network Security…Etc…
Key Security Concepts
Standards Organizations
 National Institute of Standards & Technology
(NIST)
 Internet Society (ISOC)
 International Telecommunication Union
Telecommunication Standardization Sector
(ITU-T)
 International Organization for Standardization
(ISO)
 RSA Labs (de facto)
Chapter 1 – Introduction

 The combination of space, time, and strength


that must be considered as the basic elements
of this theory of defense makes this a fairly
complicated matter. Consequently, it is not
easy to find a fixed point of departure..
— On War, Carl Von Clausewitz
Computer Security
 the protection afforded to an automated
information system in order to attain the
applicable objectives of preserving the
integrity, availability and confidentiality of
information system resources (includes
hardware, software, firmware,
information/data, and telecommunications)
Key Security Concepts
Examples of Security
Requirements
 confidentiality – student grades
 integrity – patient information
 availability – authentication service
 authenticity – admission ticket
 non-repudiation – stock sell order
Computer Security Challenges
1. not simple – easy to get it wrong
2. must consider potential attacks
3. procedures used counter-intuitive
4. involve algorithms and secret info
5. must decide where to deploy mechanisms
6. battle of wits between attacker / admin
7. not perceived to be of benefit until it fails
8. requires regular monitoring
a process, not an event
9. too often an after-thought
10. regarded as impediment to using system
“Unusable security is not secure”
OSI Security Architecture
 ITU-T X.800 “Security Architecture for OSI”
 defines a systematic way of defining and
providing security requirements
 for us it provides a useful, if abstract, overview
of concepts we will study
Aspects of Security
 consider 3 aspects of information security:

security attack

security mechanism (control)

security service
 note terms

threat – a potential for violation of security

vulnerability – a way by which loss can happen

attack – an assault on system security, a deliberate
attempt to evade security services
Passive Attack - Interception
Passive Attack: Traffic Analysis

Observe traffic pattern


Active Attack: Interruption

Block delivery of message


Active Attack: Fabrication

Fabricate message
Active Attack: Replay
Active Attack: Modification

Modify message
Handling Attacks

Passive attacks – focus on Prevention
• Easy to stop
• Hard to detect

Active attacks – focus on Detection and Recovery
• Hard to stop
• Easy to detect
Security Service

enhance security of data processing systems and
information transfers of an organization

intended to counter security attacks

using one or more security mechanisms

often replicates functions normally associated with
physical documents
• which, for example, have signatures, dates; need
protection from disclosure, tampering, or destruction; be
notarized or witnessed; be recorded or licensed
Security Services
 X.800:
“a service provided by a protocol layer of
communicating open systems, which ensures
adequate security of the systems or of data transfers”

 RFC 2828:
“a processing or communication service provided by a
system to give a specific kind of protection to system
resources”
Security Services (X.800)
 Authentication - assurance that communicating
entity is the one claimed

have both peer-entity & data origin authentication
 Access Control - prevention of the unauthorized use
of a resource
 Data Confidentiality –protection of data from
unauthorized disclosure
 Data Integrity - assurance that data received is as
sent by an authorized entity
 Non-Repudiation - protection against denial by one
of the parties in a communication
 Availability – resource accessible/usable
Security Mechanism

 feature designed to detect, prevent, or recover


from a security attack
 no single mechanism that will support all
services required
 however one particular element underlies
many of the security mechanisms in use:

cryptographic techniques
 hence our focus on this topic
Security Mechanisms (X.800)
 specific security mechanisms:

encipherment, digital signatures, access controls,
data integrity, authentication exchange, traffic
padding, routing control, notarization
 pervasive security mechanisms:

trusted functionality, security labels, event
detection, security audit trails, security recovery
Model for Network Security
Model for Network Security
 using this model requires us to:
1. design a suitable algorithm for the security
transformation
2. generate the secret information (keys) used by
the algorithm
3. develop methods to distribute and share the
secret information
4. specify a protocol enabling the principals to use
the transformation and secret information for a
security service
Model for Network Access
Security
References

• Cryptography and network security,3/e Pb- Author: Forouzan


• Cryptography and network security,William Stallings. Sixth edition
• Applied Cryptography: Protocols, Algorithms .

You might also like