Security Aspects

Chapter Notes: Security Aspects

This chapter discusses various aspects of computer security, providing a comprehensive understanding of threats, types of malware, and preventive measures.

12.1 Threats and Prevention

• Network Security: In a fully connected world, threats emerge from misuse or unauthorized access to devices. The goal of network security is to protect devices and data from these threats.
• Vulnerabilities: Every device connected to a network has potential vulnerabilities that hackers can exploit. Understanding these vulnerabilities is key to prevention.

12.2 Malware

• Definition: Malware, or malicious software, is intended to damage hardware, steal data, or create disruption. Different types include:
  • Virus: A piece of code replicates by inserting itself into other programs. Notable examples include ILOVEYOU and MyDoom.
  • Worms: Unlike viruses, worms are standalone programs that self-replicate and spread over networks. Examples include Code Red and Nimda.
  • Ransomware: Encrypts user data and demands ransom. The WannaCry attack in 2017 exemplifies this threat.
  • Trojans: Malicious software disguised as legitimate applications, spreading via user interaction. Unlike viruses, Trojans do not self-replicate.
  • Spyware: Gathers information without user consent and transmits it to external parties.
  • Adware: Displays unwanted advertisements for revenue generation.
  • Keyloggers: Record user keystrokes, potentially capturing sensitive information like passwords.

12.2.8 Modes of Malware Distribution

• Common methods for malware to reach devices include downloading from the internet, spam emails, removable storage devices, and network propagation.

12.3 Antivirus Software

• Purpose: Though initially focused on viruses, modern antivirus solutions combat a wide array of malware. Regular updates are essential.
• Detection Methods:
  • Signature-based detection: Relies on a database of known virus signatures.
  • Sandbox detection: Tests files in a controlled environment to observe behavior.
  • Heuristic methods: Identify potential threats based on behavior patterns.

12.4 Spam

• Email spam creates clutter by sending unsolicited messages, often promoting scams or malicious links.

12.5 HTTP vs HTTPS

• HTTP: Transmits data in an unsecured manner. HTTPS ensures data transmission is encrypted, safeguarding sensitive information.

12.6 Firewall

• Purpose: Acts as a barrier, monitoring incoming and outgoing traffic to prevent unauthorized access. Implemented as software, hardware, or both.
• Types:
  • Network Firewall monitors traffic between networks.
  • Host-based Firewall protects individual computers.

12.7 Cookies

• Definition: Small files stored on a user's computer by websites to enhance user experience. They track browsing patterns.
• Threats: Can be used by malware, and some types like supercookies can be recreated after deletion.

12.8 Hackers and Crackers

• Hackers: Can be classified as:
  • White Hats (Ethical Hackers): Help secure systems by identifying vulnerabilities.
  • Black Hats (Crackers): Exploit systems for malicious purposes.
  • Grey Hats: Hack for fun without malicious intent.

12.9 Network Security Threats

• Denial of Service (DoS): Overloads resources to make them unavailable to legitimate users. A variant called DDoS uses compromised systems to launch attacks.
• Intrusion: Unauthorized activity within a network raises serious security concerns.
• Snooping and Eavesdropping: Involves unauthorized interception of communications or monitoring of data.

Key Prevention Measures Against Malware

1. Use and regularly update antivirus software.
2. Configure security settings in web browsers.
3. Utilize firewalls for network protection.
4. Avoid downloading from untrusted sources.
5. Back up critical data regularly.
6. Be cautious with public Wi-Fi networks.
7. Do not click on suspicious links or attachments.
8. Regularly remove unused applications.
9. Educate yourself about phishing and scams.

This chapter underscores the importance of understanding and mitigating security threats in our digitally interconnected world.

1. Malware: Software designed to harm or exploit devices. Understand its various forms such as viruses, worms, and ransomware. 2. Antivirus: Essential for detecting and removing malware. Keep software updated. 3. Firewall: Acts as a barrier to unauthorized access and monitors network traffic. 4. HTTP vs HTTPS: Use HTTPS for secure transactions; it encrypts data during transmission. 5. Cookies: Small data files that improve user experience but may pose privacy risks. 6. Hackers and Crackers: Understand the different types, including ethical hackers (White Hats) and malicious hackers (Black Hats). 7. Denial of Service (DoS): A significant network threat that disrupts service availability. 8. Prevention Measures: Regularly update antivirus, configure firewalls, and avoid suspicious downloads.