Physical and Network

Security
Dr.G.Kavitha,
Associate professor/IT
Introduction
• Security is about protection of assets.
• Prevention - take measures that prevent your assets from being
damaged
• Detection - take measures so that you can detect when, how, and by
whom an asset has been damaged
• Reaction - take measures so that you can recover your assets

• Data security is to protect against,

3
Security Objectives
Confidentiality (Secrecy):
Prevent/Detect/Deter improper disclosure of information

Availability:
Integrity: Prevent/Detect/Deter
Prevent/Detect/Deter improper improper denial of access to
modification of information services provided by the
system
5
Definition
• The fundamental building blocks to ensuring that your data is secure
are physical security and network security.
• Physical security is the protection of personnel, hardware, software,
networks and data from physical actions and events that could cause
serious loss or damage to an enterprise, agency or institution.
• This includes protection from fire, flood, natural disasters, burglary,
theft, vandalism and terrorism.
• Network security is protection of the access to files and directories in
a computer network against hacking, misuse and unauthorized
changes to the system.
• An example of network security is an anti virus system.
Threats
• A computer system threat is anything that leads to loss or
corruption of data or physical damage to the hardware and/or
infrastructure.
• The threats could be intentional, accidental or caused by natural
disasters.
• Security threats could be,
• physical such as someone stealing a computer that contains vital
data.
• non-physical such as a virus attack.
Physical Threats
Physical threats cause damage to computer systems hardware and
infrastructure.
Physical threats classified into 3 categories
• Internal: The threats include fire, unstable power supply, humidity in
the rooms housing the hardware, etc.
• External: These threats include Lightning, floods, earthquakes, etc.
• Human: These threats include theft, vandalism of the infrastructure
and/or hardware, disruption, accidental or intentional errors.
Physical systems - attacks
• Attacks on computer systems
• break-in to destroy information
• break-in to steal information
• blocking to operate properly
• malicious software
• wide spectrum of problems
• Source of attacks
• Insiders
• Outsiders
Logical threats
Non-physical threats target the software and data on the computer systems.
The non-physical threats are also known as logical threats. The following list is the
common types of non-physical threats;
• Virus
• Trojans
• Worms
• Spyware
• Denial of Service Attacks
• Distributed Denial of Service Attacks
• Unauthorized access to computer systems resources such as data
• Phishing
• Other Computer Security Risks
 Virus, Worms, and Trojan Horses
• Trojan horse: instructions hidden inside an otherwise useful program
that do bad things
• Virus: a set of instructions that, when executed, inserts copies of itself
into other programs.
• Worm: a program that replicates itself by installing copies of itself on
other machines across a network.
• Trapdoor: an undocumented entry point, which can be exploited as a
security flaw
• Zombie: malicious instructions installed on a system that can be
remotely triggered to carry out some attack with les traceability
because the attack comes from another victim.

11
Information security threats
• Shoulder surfing is using direct observation techniques, such as
looking over someone's shoulder, to get information.
• Shoulder surfing is an effective way to get information in crowded
places because it's relatively easy to stand next to someone and
watch as they fill out a form, enter a PIN number at an ATM machine.
• Spying –(espionage) is the act or practice of obtaining secrets and
information without the permission and knowledge of the holder of
the information from individuals, rivals or competitors.
• Website vandalism is when the content of your website is changed
without your approval. It destroy data rather than steal and misuse it.
Contd..
Phishing is a term used to describe a malicious individual or group of
individuals who scam users. They do so by sending e-mails or creating
web pages that are designed to collect an individual's online bank, credit
card, or other login information.
• They send out e-mails that appear to come from legitimate websites such
as eBay, PayPal, or other banking institutions.
• Spamming- use of electronic messaging systems like e-mails and other
digital delivery systems and broadcast media to send unwanted bulk
messages indiscriminately.
• Most spam are commercial advertising, but some contain viruses, adware,
or scams.
Networks- Attacks
Common Types of Attack
• Ping sweeps and port scans - reconnaissance
• Sniffing – capture packet as they travel through the network
• Man-in-the-middle attack – intercept messages that are intended for
a valid device
• Spoofing - set up a fake device and trick others to send messages to it
• Hijacking – take control of a session
• Denial of Service (DoS) and Distributed DoS (DDoS)
Network Security - Attacks
• Network Security
• Active attacks
• Passive attacks
• Passive attacks
• interception of the messages
• What can the attacker do?
• use information internally
• hard to understand
• release the content
• can be understood
• traffic analysis
• hard to avoid
• Hard to detect, try to prevent
15
 Attacks
• Active attacks
• Attacker actively manipulates
the communication
• Masquerade
• pretend as someone else
• possibly to get more privileges
• Replay
• passively capture data
and send later
• Denial-of-service
• prevention the normal use of
servers, end users, or network itself

16
 Attacks
• Active attacks (cont’d)
• deny
• repudiate sending/receiving a message later
• modification
• change the content of a message

17
Network Security System- Firewall
• Firewalls prevent unauthorized internet users from accessing private
networks connected to the internet.
• A firewall is a network security device that monitors incoming and
outgoing network traffic and decides whether to allow or block specific
traffic based on a defined set of security rules.
• It is the first line of defense in network security for over 25 years. They
establish a barrier between secured and controlled internal networks that
can be trusted and untrusted outside networks, such as the Internet.
• A firewall can be hardware, software, or both.
Contd..
Types or Generation of Firewall
• First Generation- Packet Filtering Firewall : Packet filtering firewall is used
to control network access by monitoring outgoing and incoming packet and
allowing them to pass or stop based on source and destination IP address,
protocols and ports.
• It allow or deny the packets based on unique packet headers.
• Second Generation- Stateful Inspection Firewall : Stateful firewalls
(performs Stateful Packet Inspection) are able to determine the connection
state of packet.
• It allows or blocks traffic based on state, port, and protocol. It monitors all
activity from the opening of a connection until it is closed.
Contd..
• Third Generation- Application Layer Firewall : Application layer firewall
can inspect and filter the packets on any OSI layer, up to application layer.
• It has ability to block specific content, also recognize when certain
application and protocols (like HTTP, FTP) are being misused.
• Next Generation Firewalls (NGFW) : Next Generation Firewalls are being
deployed these days to stop modern security breaches like advance
malware attacks and application layer attacks.
• NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH
inspection and many fuctionalities to protect the network from these
modern threats.
 The global average cost of
cyber crime/attacks 2017 Cost
of Cyber
Crime
Study by
Accenture
*
Steeper
increasing
trend in
the recent
years

* https://www.accenture.com/t20170926T072837Z__w__/us-en/_acnmedia/PDF-61/Accenture-2017-CostCyberCrimeStudy.pdf
22
 Types of cyber attacks experienced
2017 Cost
of Cyber
Crime
Study by
Accenture
*
- Percentage
of the
respondents
experienced
-
Ransomware
doubled

* https://www.accenture.com/t20170926T072837Z__w__/us-en/_acnmedia/PDF-61/Accenture-2017-CostCyberCrimeStudy.pdf
23
Questions???