tailieunhanh - Lecture Network security: Chapter 5 - Dr. Munam Ali Shah

The topic discussed in this chapter are analysis of the N/W security. After studying this chapter you will be able to distinguish between different types of security attacks, to identify and classify which security attacks leads to which security breach category. | Network Security Lecture 5 Presented by: Dr. Munam Ali Shah Summary of the previous lecture In Previous lecture, we talked about security through obscurity We have seen the Security architecture We also learnt about active and passive attacks And importantly, we discussed the difference between Security and Protection. How access matrix is used to classify objects, Domains and access-rights Part 2(a) Analysis of the N/W Security Outlines Different types of security attacks in a computing environment Viruses, Worms, Trojan Horses DoS attacks and its types Objectives To be able to distinguish between different types of security attacks To identify and classify which security attacks leads to which security breach category Different Types of Attacks and Threats Virus Worms Trojan Horse Botnet Trap doors Logic Bomb Spyware Viruses A Virus infects executable programs by appending its own code so that it is run every time the program runs. Viruses may be destructive (by . | Network Security Lecture 5 Presented by: Dr. Munam Ali Shah Summary of the previous lecture In Previous lecture, we talked about security through obscurity We have seen the Security architecture We also learnt about active and passive attacks And importantly, we discussed the difference between Security and Protection. How access matrix is used to classify objects, Domains and access-rights Part 2(a) Analysis of the N/W Security Outlines Different types of security attacks in a computing environment Viruses, Worms, Trojan Horses DoS attacks and its types Objectives To be able to distinguish between different types of security attacks To identify and classify which security attacks leads to which security breach category Different Types of Attacks and Threats Virus Worms Trojan Horse Botnet Trap doors Logic Bomb Spyware Viruses A Virus infects executable programs by appending its own code so that it is run every time the program runs. Viruses may be destructive (by destroying/altering data) may be designed to “spread” only Although they do not carry a dangerous “payload”, they consume resources and may cause malfunctions in programs if they are badly written and should therefore be considered dangerous! Viruses have been a major threat in the past decades but have nowadays been replaced by self-replicating worms, spyware and adware as the no. 1 threat! 7 Virus Types Boot Sector Virus Spreads by passing of floppy disks Substitutes its code for DOS boot sector or Master Boot Record Used to be very common in 1980ies and 1990ies 8 An Example of Boot Sector Virus Polymorphic Virus Virus that has the ability to “change” its own code to avoid detection by signature scanners Macro Virus Is based on a macro programming language of a popular application (. MS Word/Excel, etc.) Stealth Virus Virus that has the ability to hide its presence from the user. The virus may maintain a copy of the original, uninfected data and monitor system activity 10 Example of Macro Virus