Intrusion in computing
0 likes447 views
The document discusses computer intrusion and data security. It defines intrusion as someone unwanted gaining access where they are not invited. In computing, intrusions can exploit system weaknesses to collect or access data without authorization. Data security aims to protect digital privacy and prevent unauthorized access. Various types of attacks that threaten data security are discussed such as interruption, interception, modification, and fabrication. The document also outlines security mechanisms like prevention, avoidance, and detection that can be used to enforce data security properties including confidentiality, integrity, availability, authentication, and non-repudiation.
Intrusion in computing
- 1. INTRUSION By Eduardo Cambinda 2007
- 2. Introduction • Intrusion is someone who goes into a place or situation where he is not expected to be, in simple words is someone unwanted: someone is in not invited to partying but apear in party
- 3. Intrusion in Computing • In this century computer is used everywhere in our life, for writing, chatting, partying, selfing, working etc. and attacks are more sophisticated everywhere to collect data or just to intrude in corporate Networks, to exploit weaknesses into the Network system like websites, e-mail, and with app that can run any system anytime anywhere.
- 4. Data Security • Data Security is Related to protect digital privacy to prevent unauthorised access to computers, database, websites, data corruption etc. Thera are many securities policies established on needed level, some organisation like ISO that ensuring that information is accessed only to those authorised to have access.
- 5. Data Security • This graphic represent a communication process from source to destination without any attacks, I will share the four types of Attacks in this presentation: Interruption; Interception; Modification and fabrication. All attacks depend how quickly you can run, if you can run in 120mbps than you are basically fit, if u can run as an intrusion more than that so you are luck. Source Destination
- 6. DATA SECURITY Interruption • Interruption is a state where the access be unavailable or get destroyed, like you wanna travel you have your tickets booked but you reach the airport there is no plane to travel basically that, cutting the signal. source DESTINATION
- 8. DATA SECURITY MODIFICATION • In Modification information is intercepted and modified by an unauthorised party while in transit from the source to the destination
- 10. Data Security Fabrication • Fabrication is process of inventing something , it occur when an attackers inserts into the systems without the sender’s involvement there are two categories of fabrication Replaying and Masquerading • Replaying is intercept the message insert new style and authenticate it • Masquerading when an attacker clam to be legitimate source or owner adding new records to information
- 11. Data Security • In data security there are some aspects we should take care of proprieties: • Confidentiality • Integrity • Availability • Authentication • Non-repudiation
- 12. Data security • Confidentiality is keeping data private or secret, that only accessible to the authorised Dudes, like the source, destination, timing of the communication and data. • Integrity is the quality of data, it can't be altered or destroyed by an unauthorised Dude, it is a security principle that protects information from being modified. • Availability is the way the data is able to used or obtained. • Authentication is the security measured or a process to prove that something is true. • Non-Repudiation is the assurance that a contract you sign cant be denied by any of the parts involved
- 13. SECURITY MECHANISM • We discussed about security Proprieties core of quality for any data system, various securities tools and mechanism can be used to force the securities proprieties are: • Attack Prevention • Attack Avoidance • Attack Detection
- 14. SECURITY MECHANISM Attack Prevention • Attack Prevention, a cyber attack is an attack made from one computer to another targeting information stored in it, is a part of cyber crime, Attack prevention can be defined as a series of securities mechanisms implemented to prevent or defend against various kid of attack before they occurs to affect the target systems, access control includes authentication, authorisation and audit • Attack Avoidance is the way in which information is modified in the way that make unusable of the attack, cryptography is one of the technology used in attack avoidance SKC, PKC. HC • Attack Detection is the assume that the attacker is able to bypass the installed security system to find the target desire. That something went wrong and identify the problem • Intrusion Detection is the way you located a dude having a fun in your system creating malicious some tools to detect and report malicious in your network system
- 15. ATTACK • An Attack The way computer security tools is challenged creating a negative impact in information system. Attack treat Target VULNERABILITY
- 16. ATTACK MODELS • There are many models but some Dudes they divide it in two: • Traditional Attack model: one-to-one attack model, one-to-many attack model. • Distributed Attack Model: many-to-one attack model, many-to-many attack model
- 17. ATTACK MODEL • Traditional Attack model is originates from a single point, it is a single architecture there is a single layer between target and attacker. • One-To-One Attack model is like a single relationship from attacker to target from a single machine • One-to-Many it is relation is from one to many Attack Target
- 18. Attack Models • It originate from a single machine to more than one target • Distributed Attack models this is based on many to one and many to many relationship, its originated from intermediate that are compromised by attacker • Many-to-one the attacker and target have many to one relationship, many dude contacted to attack one target • Many-to-Many the attacker and target have many to many relationship, the attacker use many host for his duties, the attacker compromise the system installing backdoor and tools for his fun
- 19. IDS AND IPS • IDS stand for interaction detection System are software and hardware based system that detect intrusion to network-based intrusion detection(NIDS), host-based intrusion detection System(HIDS), Hybrid Intrusion detection system(HIDS) on a number of telltale sign • IPS intrusion prevention system, all corporate are protected by firewall those firewall allow some traffic like web traffic to an internal web server
- 20. TYPES OF COMPUTER INTRUSION • INTRUDERS • BLACK HAT HACKER • HACKER SPIES SUPPORTED BY GOVERNMENT • CYBERTERRORISTS • CORPORATED SPIES • PROFISSIONALS CRIMINALS • VANDALS • ETC….
- 21. QUICK BYTE • bit defender process….. • analyser Linux based bits • tcp run • bits defects intruders