top of page

Computer Security :

This definition introduces and elaborates upon three fundamental objectives that lie at the core of computer security, shaping the framework for safeguarding digital assets and systems.

1. Confidentiality: The concept of confidentiality encompasses two interrelated facets, both of paramount importance in the realm of computer security.

  • Data Confidentiality: This pillar of security ensures that sensitive and private information remains shielded from prying eyes and unauthorized access. It serves as a digital vault, safeguarding data against unauthorized disclosure, assuring individuals and organizations that their confidential information remains secure.

  • Privacy: Privacy, a close cousin to data confidentiality, extends beyond mere data protection. It empowers individuals to exert control over what information pertaining to them is collected, stored, and shared. This control extends to the actors involved in data processing—dictating who may access this information and to whom it may be disclosed. In an age where personal data is a valuable commodity, privacy ensures that individuals retain authority over their digital identities.

2. Integrity: The concept of integrity operates on two parallel tracks, anchoring the security of data and systems alike.

  • Data Integrity: This facet of integrity is the guardian of data's reliability. It ensures that data remains unchanged except through specified and authorized channels. Unauthorized alterations or tampering are detected and thwarted, preserving the trustworthiness of information.

  • System Integrity: In the broader context, system integrity assures that a computer system fulfills its intended functions without compromise. It serves as a sentinel against both deliberate and inadvertent unauthorized manipulations that could jeopardize a system's proper operation. System integrity guarantees that systems are dependable, resistant to tampering, and consistently available for use.

3. Availability: The availability objective underpins the concept of operational readiness and service continuity.

  • Operational Promptness: It is vital that computer systems remain responsive, performing their functions promptly. This aspect of availability ensures that authorized users can access the resources they need when they need them, facilitating uninterrupted workflow and productivity.

  • Service Resilience: Availability safeguards against service denial, whether intentional or accidental. Authorized users can rely on the consistent availability of services without disruptions caused by malicious actions or system failures.

In summary, these three cardinal principles of computer security—confidentiality, integrity, and availability—constitute the bedrock upon which secure digital ecosystems are built, providing a comprehensive framework to protect against unauthorized access, data tampering, and service interruptions. They form an inseparable triad, collectively ensuring the safety and reliability of our digital world. 

Security attacks :

   Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted.Two types of passive attacks are the release of message contents and traffic analysis.

pp.png

The release of message contents is easily understood A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions . A second type of passive attack ,traffic analysis, is subtler . Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent still might be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. Passive attacks are very difficult to detect, because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion, and neither the sender nor the receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.

  Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.

atttaa.png
atatatat.png

    A masquerade takes place when one entity pretends to be a different entity . A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect . Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect . For example, a message meaning “Allow John Smith to read confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts.” The denial of service prevents or inhibits the normal use or management of communications facilities . This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). Another form of service denial is the disruption of an entire network—either by disabling the network or by overloading it with messages so as to degrade performance. Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely because of the wide variety of potential physical, software, and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them. If the detection has a deterrent effect, it also may contribute to prevention.

Computer viruses :

    Viruses and related malicious code come in diverse categories, each with unique characteristics:

 1. Macro Viruses: These common viruses infect applications like Microsoft Word or Excel, attaching to an application's initialization sequence. When the application is opened, they execute instructions before replicating and spreading to other parts of the system.

 2. File Infectors: File infector viruses attach themselves to executable code files (e.g., .com or .exe). When the infected code is loaded, the virus installs itself. Some variants associate with files by creating a virus file with the same name but with a .exe extension, causing it to execute upon opening.

 3. System or Boot-Record Infectors: These viruses attach to the master boot record on hard disks or the boot sector on diskettes. When the system starts, it loads the virus into memory, enabling it to propagate to other disks and computers.

 4. Polymorphic Viruses: These viruses hide from detection through cycles of encryption and decryption. They employ various encryption schemes and decryption routines, making identification challenging. The virus mutates with new decryption routines, infects code, and repeats the process.

 5. Multipartite Viruses: Combining traits of boot sector and file infector viruses, these are versatile threats.

 6. Stealth Viruses: Stealth viruses take over system functions to evade detection. They compromise virus-scanning software, causing it to report an infected area as clean. These viruses conceal any size increases or changes to file modification dates.

 7. Trojan Horses: Unlike viruses, Trojan horses do not self-replicate. They hide within seemingly useful programs, often with malicious functions. Some Trojan horses establish backdoors exploited by attackers.

 8. Logic Bombs: These are appended to applications and triggered by specific events or conditions, such as time or logical criteria.

 9. Worms: Worms are self-contained programs that spread across networks and computers, not requiring host files. They commonly propagate via email attachments, overwhelming networks and causing potential denial-of-service attacks.

 10. Droppers: Droppers are programs used to install viruses on computers. They might not contain malicious code themselves and can connect to the internet to download virus software updates for a compromised system.

Understanding these categories is crucial for developing effective strategies to combat and prevent the proliferation of malicious software in the digital realm.

bottom of page