When is a system secure?
A system can be considered secure if all resources are used and accessed as intended under all circumstances
What is an intruder?
An intruder is a hacker that is attempting to breach security
What is a threat?
A threat is a potential security violation
What is an attack?
An attack is an attempt to breach security
What are the different categories of security violations?
- Breach of confidentiality - Unauthorised reading of data
- Breach of integrity - unauthorised modification of data
- Breach of availability - unauthorised destruction of data
- Theft of service - unauthorised use of resources
- Denial of service - prevention of legitimate use
What are some more different categories of security violations?
- Masquerading (breach authentication) - Pretending to be an authorized user to escalate privileges
- Replay attack - As is or with message modification
- Man-in-the-middle attack - Intruder sits in data flow, masquerading as sender to receiver and vice versa
- Session hijacking - Intercept an already-established session to bypass authentication
- Privilege escalation - Common attack type with access beyond what a user or resource is supposed to have
What are the four different levels of security?
- Physical – Data centres, servers, connected terminals
- Network – Intercepted communications, interruption, DOS
- Application – Benign or malicious apps can cause security problems
- Operating System – Protection mechanisms, debugging
What is malware?
Malware is software that is designed to exploit, disable, or damage a computer
What is a trojan horse?
A trojan horse is a code segment that misuses its environment. Exploits mechanisms for allowing programs written by users to be executed by other users
What is ransomware?
Ransomware is software that locks up data via encryption, demanding payment to unlock it
What is a trap door?
A trap door is a specific user identifier or password that circumvents normal security procedures. This could be included in a compiler
What is a code-injection attack?
A code injection attack occurs when system code is not malicious but has bugs allowing executable code to be added or modified. This is usually the result of poor or insecure programming paradigms
What is a virus?
A virus is a code fragment embedded in legitimate program. They are self-replicating and designed to infect other computers. They are very specific to CPU architecture, operating system, applications and are usually borne via email or as a macro
What are some types of virus?
- Standard virus - infects system by appending itself to a file
- Boot virus - infects the boot sector of a systema and executes every time the system is booted
What is a denial of service attack?
A denial of service attack is where the targeted computer is overloaded preventing it from doing any useful work
What is a distributed denial-of-service attack?
A distributed denial of service attack is launched from multiple sites at once towards a common target typically by zombies. They overload the target and prevent it from doing any useful work
What is encryption?
Encryption constrains the set of possible receivers of a message. Encryption algorithm consists of:
- Set K of keys
- Set M of messages
- Set C of ciphertexts (encrypted messages)
A function E : K → (M→C). That is, for each k K, Ek is a function for generatingciphertexts from messagesBoth E and Ek for any k should be efficiently computable functions A function D : K → (C → M). That is, for each k K, Dk is a function for generatingmessages from ciphertextsBoth D and Dk for any k should be efficiently computable functions
What is symmetric encryption?
Symmetric encryption is where the same key is used to encrypt and decrypt; therefore k must be kept secret. Data-encryption standard (DES)was most commonly used symmetric block-encryption algorithm (created by US Govt);encrypts a block of data at a time
What is asymmetric encryption?
Asymmetric encryption is where public key encryption is used. Public key encryption is bade on each user having two keys:
- Public key - published key used to encrypt data
- Private key - key known only to individual user used to decrypt data
What is authentication?
Authentication is a method used to constrain the set of potential senders of a message. Authentication is complementary to encryption and can also prove messages are unmodified.
What is message authentication code?
A message authentication code (MAC) is a cryptographic checksum generated from a message using a secret key and is used to securely authenticate short values.
What is a digital certificate?
A digital certificate is a certificate that proves who or what owns a public key
What are certificate authority?
Certificate authority are a trusted party their public keys include with web browser distributions
How can passwords be kept safe?
Passwords can be kept safe by:
- Frequent change of passwords
- History to avoid repeats
- Use of “non-guessable” passwords
- Log all invalid access attempts (but not the passwords themselves)
- Unauthorized transfer
