INTERNET SECURITY

LECTURE

Mr. Arif Fadhilah, M P.d

Group 2

Devy Febrsyanti

Fajar Sidiq

Fauzan Rizaldi

Holy Novia M

Irwan Indiarto

STUDY PROGRAM OF INFORMATICS ENGINEERING

FAKULTY OF ENGINEERING

MUHAMMADIYAH UNIVERSITY OF TANGERANG

2016/2017
 PROFILE

DEVY FEBRYANTI
• 16.55.201.049
• A1 Informatics Engineering

FAJAR SIDIQ
• 16.55.201.074
• A1 Informatics Engineering

FAUZAN RIZALDI
• 16.55.201.066
• A1 Informatics Engineering

HOLY NOVIA M
• 16.55.201.012
• A1 Informatics Engineering

IRWAN INDIARTO
• 16.55.201.064
• A1/A2 Informatics Engineering

ii
 PREFACE

First of all, We wants to express ours thanks to Allah SWT, because oh his bless
and grace, the endtitled “Internet Security” can Be finished on time

The Paper is reqruitment to fulfill the assignment from Mr. Arif fadhilah the
English Lecture of Muhammadiyah University of Tangerang. We also thanks to him for all
the guidance to complete it.

In completing this paper, we faced many problems but with the help of many
people, all problems could be passed. May Allah SWT give the blessing for them. It
provides the intrinsic elements in the happy prince short story with detail explanation.
Although this paper has many deficiencies in the arrangement And explanation, and we
hope that it can be used as a reference for the reader to understand the intrinsic elements of
a short story.

iii
 TABLE OF CONTENT

PROFILE GROUP 2 ........................................................................................................... ii

PREFACE ........................................................................................................................... iii

TABLE OF CONTENT ..................................................................................................... iv

CHAPTER 1

1.1 Background ...................................................................................................................... 1

1.2 Scope ............................................................................................................................... 1

CHAPTER 2

2.1 History Of Internet Security ............................................................................................ 2

2.2 Internet Security .............................................................................................................. 3

2.3 Kinds of Security on the internet ..................................................................................... 4

2.4 Types Of Internet Security .............................................................................................. 7

CHAPTER 3

3.1 Hacker & Cracker ............................................................................................................ 8

3.2 Spyware,Virus,Spam,etc ................................................................................................. 9

CHAPTER 4

Conclusion .......................................................................................................................... 11

iv
 CHAPTER 1
PREMILINARY

1.1 Background

Security issues are one of the important aspects of an information system. Often
security issues are on the last list of things considered important. When disrupting
system performance, security is often reduced or even eliminated. Information in this
era has become a very important commodity. Some even say that we have are in an
"information-based society". Ability to access and providing information quickly and
accurately becomes very essential for a organizations, whether in the form of
commercial organizations (companies), universities, government agencies, and
individuals. It is possible with rapid development in computer and telecommunication
technology.

1.2 Scope

In this paper, the issues that will be discussed various matters relating to the internet.
Problems and handling of security in cyberspace as well as efforts to reduce crime in
cyberspace.
 CHAPTER 2

2.1 History Of Internet Security

The Internet was a computer network established by the US Department of Defense in

1969, through an ARPA agency project that developed a network called the ARPANET
(Advanced Research Project Agency Network), where they demonstrated how the UNIX-
based computer hardware and software.

The initial purpose of the construction project was for military purposes. At that time the
US Department of Defense created a scattered computer network system by connecting
computers in vital areas to solve problems in the event of a nuclear attack and to avoid the
occurrence of centralized information, which in the event of war can be easily destroyed.

ARPANET initially linked only 4 sites: the Stanford Research Institute, the University of
California, Santa Barbara, the University of Utah, where they formed an integrated
network in 1969, and in general the ARPANET was introduced in October 1972. Soon the
project Growing rapidly across the region, and all universities in the country want to join,
thus making ARPANET difficult to organize.

Therefore the ARPANET is split into two, namely "MILNET" for military purposes and
the new "ARPANET" smaller for non-military purposes such as, universities. Combined
both networks eventually known as DARPA Internet, which then simplified into the
Internet

History records young hackers like Kevin Mitnick (1981-stealing Pac Bell's manual-when
he was 17 years old), and Robert T. Morris (1988-injecting Morris worms with buffer
overflow techniques into the network). In 1985 there was a sniffer attack against Sun
workstation, then 1986 known cuckoo's egg virus, followed by Morris worm in 1988. In
1991 Phil Zimmerman wrote his own Pretty Good Privacy as a protection for security
attacks against e-mail. 1993 Mosaic suffered a point-click attack. 1994 came Linux. 1995
Kevin Mitnick attacked SDSL / SATAN / SSL. 1998 recorded the smurf attack, and the
year 2000 recorded the phenomenon of carding, which not only in developed countries but
even in educational cities in Indonesia.

2
The relatively new phenomenon is:

1. March 1999, Melissa virus (attacking Word 97/2000, loss of $ 300 million, 150,000
systems in 4 days).

2. October 2000, Microsoft 2 times conceded.

3. October 2000, the Israeli site conceded.

4. August 2000, the site of the Korean Ministry of Information hacked by hackers.

5. February 2000, denial of service attacks eBay, Yahoo, Amazon.

6. May 2000, I LOVE YOU (attacking Outlook, losses $ 10 billion, 500,000 systems
within 24 hours)

7. 22,000 attacks on the Pentagon system in 2000

8. February 2001, virus Anna Kournikova

9. The end of July 2001, Code Red virus

These events give an idea of how data security is crucial. Meanwhile, the position of
information security officer is still considered marginal. The problem of data security is
not merely technology but more important is policy. From the survey results note that
computer system security problems caused by bugs and errors in the system (65%),
unauthorized use by insiders (19%), natural disasters (13%), and outsiders (3%)

2.2 Internet Security

The Internet is a very open computer network in the world, the consequences that must be
taken care of is no security guarantees for network related to the Internet. This means that
if the network operator is not careful in setting up the system, then most likely the network
associated to the Internet will be easily entered by people who are not invited from outside.
It is the duty of the network operators concerned, to minimize the risk as much as possible.
Selection of strategies and skills of network administrators, will greatly differentiate
whether a network easily penetrated or not.

Efforts to prevent someone from taking actions we do not want on the computers,
software, and devices built into them to keep them in the ideal state we want '

3
What is protected :

Þ your data

Þ your resources

Þ Your reputation

To what :

Þ breakthroughs

Þ Denial Of Service

Þ Information Theft

Internet Security Objectives :

Þ Confidentiality

Þ Data Integrity

Þ Availability of data when we need it

Internet Security for users :

Þ Secure data

Þ Maintain data confidentiality

Users do :

Þ Downloading files

Þ receive and receive email

Tips on keeping the data intact :

Þ Do not trust any software downloaded

Þ Do not directly execute email attachments

Þ Always use antivirus software

4
2.3 Kinds of Security on the Internet

1. Application Layer Security

At this level each application is responsible for providing security. Implementation at this
level only concerns the client and server. Security at this level is simpler only via internet
communication involves only two parties: the sender and the recipient (eg in the email
application) the sender and receiver may agree to use the same protocol and use different
types of security services available.

2. Transport Layer Security

At this level the security applied is more complicated. One of the security methods in this
layer is Transport Layer Security (TLS). TSL is one of the protocols developed by
Netscape for security on the Internet

For transactions on the Internet, security includes:

- Customers need to be sure that the intended server belongs to the actual vendor, not the
fraudster

- Customers need to be sure that the contents of the messages they send are not modified
during the transaction. Message integrity must be maintained

- Customers need to be sure that no unauthorized person can receive the sensitive
information it sends, such as credit card numbers

In addition to the above three things, TLS can also provide features for vendors
(recipients) to authenticate customers.

3. Security at the IP Layer

In IP layer, the implementation of security feature (security) is very complex because

many tools are involved. Security at this level uses IP Security (IPSec). IPSec is a set of
protocols designed by the IETF (Internet Engineering Task Force) to provide security to
data packets sent via the Internet.IPSec does not define certain encryption or authentication
methods, but rather provides framework and security mechanisms. While users are
choosing the encryption / Authentication

5
 4. Firewall

An organization can protect it from the outside world with a firewall. A firewall is a router
that is installed between an organization's internal network, and the Internet. Firewalls are
designed to pass certain data packets and filter (block) others.

There are 2 kinds of Firewall as follows:

A. Packet-filter Firewall

It passes or blocks data packets based on information on the heder in the network-layer or
transport layer, the sender and recipient's IP address, sender and recipient address port, and
the type of protocol used (eg TCP or UDP). A firewall packet is a router that uses a table
to determine which packets should be removed.

B. Proxy firewall

Packet-filter firewalls limit data packets based on information in the header, but can not
choose based on what exactly the content of a particular message. For example an
organization implements the policy that only partners who can transmit data, while data
from outside partners will be rejected. This can not be done by packet-filter firewall
because it is unable to distinguish all the data packets coming on TCP port 80 (the default
port used for Internet)

The solution is to install a proxy on the computer (also known as a gateway) that beada
between client computers and corporate servers. When someone sends a message, the
proxy will send a message to the server to receive the message. The server will skip
packets at the application level and find out if they are acceptable. Otherwise the message
will be discarded and an error message will be sent.

5. Access Control

Access control is a preventive effort to provide security to a data network. An organization

needs access control rules to protect its resources from unauthenticated users. There are
three methods that can be used for access control that is password, token and biometrics.

6. Password

The technique that uum used for authorization is the use of passwords. Each of us requires
a password to access the system. Effective passwords have the following criteria:

a) Has a length of at least 6 characters

b) Specified by the administrator because the user can choose a password that is easy
to guess
c) Password should be changed periodically

6
 7. Token

Tokens are small devices (eg cards, keys etc) containing electronic circuits for security
control

8. Biometric

That is, some user characteristics are used to gain access to a system. Can be a sound,
fingerprint, retinal pattern or facial structure.

2.4 Types of Internet Security

I. Physical security

Physical security is no less important than cyber security because crime in physical form
can be fatal to a system. Physical security is more emphasis on hardware. Examples of
physical security is to use a lock or padlock on the hardware used or tight guarding of
server hardware.

II. Network security

Network security is preventing unauthorized users from using owned networks. An

example of network security is to use a firewall or proxy that is used to filter users who
will use the network.

III. Authorization access

Access authorization is the use of passwords or passwords if we want to access something.

Orientation has been widely applied to various systems both in Personal Computer (PC)
and in handphone. The use of security access authorization is very simple but can
effectively ward off unauthorized users trying to access a system.

IV. Virus Protection

Virus is a security threat that we can not underestimate.Virus has many characteristics and
is able to destroy important data even the existing system.Because of protection against
this virus is very important. One easy way to ward off viruses is to use antivirus software
and be careful if we move data from storage media.

V. Handling of the congregation

Disaster management is planning the steps to be taken in the event of a disaster that results
in the destruction of a system and the loss of important data.

7
 CHAPTER 3

To learn about internet security system then it is important also we will know
hackers and crackers

3.1 Hacker

• Consists of a person or group of people who continuously strive to penetrate the security
system of the operating system of a computer.

• Experienced hackers can quickly identify the security holes in a computer network
system.

• The hacker's habit is to keep searching for new knowledge or new targets and they will
inform each other.

• Basically the real hackers intend to destroy data within the network.

Craker

• A person or group of people who intentionally intend to undermine and destroy integrity
throughout a network of computer systems is called a cracker and his actions

• In general, the cracker after successfully entered into the computer network will directly
perform destruction and destruction of important data to cause chaos for the users in using
the computer.

• These crew activities are easily recognizable and can be quickly identified from the
impact of their activities.

8
Some terms that we will know are related to internet security

3.2 SPYWARE

Spyware goes into the category of malicious software, which aims to take over some
control of the PC and monitor activities that occur on the PC without asking permission in
advance or just a notification to the PC user. After obtaining data from the monitoring
results, then spyware will report the activities that occur on the PC to third parties. In this
case it is the creator of the spyware.

Some other examples of spyware that usually attack Internet users are CoolWebSearch,
Internet Optimizer also known as DyFuca, 180 Solutions, and HuntBar also known as
WinTools or Adware.Websearch which is widely distributed spyware is distributed by
Traffic Syndicate.

PIRACY

After browsing the internet for hours, you just realize something is wrong with your
browser. Maybe it could be like this. If you close the browser and have tried to open the
browser to browse again it will appear a website that you do not know at all, you already
feel the website address you want to open properly and not infrequently the website
becomes the default home page address in your browser. If this happens, no doubt your PC
is exposed to piracy.

SPAM

Spam1 is as "unsolicited email", which is email We do not expect this Spam can email that
much to many person. The refill from this email is a promotion. This spam problem is
based on send an email to one person and 1000 people are not much different. Barrier for
mass mailing is very low. This is different by doing conventional marketing to send a
postcard or letter will be much different for one person and 1000 person.

9
WORM

You certainly still remember advertising in the television media a few years ago, "Your
child worms?". Related to worms, this paper discusses worms or foreign terms worm.
Internet worms (Worms) are autonomous intrusion agents capable of self-replication and
spread by exploiting security flaws in commonly used services. Worm is a new
phenomenon, first discovered in 1988. Worms have become a deadly threat on the
Internet, although most cases that occur specifically are on a Windows-based system.
Several types of worms using the latest electronic mail (e-mail) as a medium of
dissemination.

VIRUS

The term computer virus is no stranger to today's computer users. Release, about 12 years
ago, this term has been known by the computer user community. New in 1988, appeared
articles in the mass media that heavily preach about new threats to computer users who
came to be known as 'computer virus'. Viruses are on a good computer program, a package
like any other programs. It is very basic on computer viruses and other programs. Viruses
are made by someone with a variety of purposes, especially virus makers who want to
pursue popularity and also just for the sake of pleasure. Goodbye to create a virus with the
aim of destroying it will mess up the computer it's infecting.

10
 CHAPTER 4
CONCLUSION

Along with the development of internet technology, causing the emergence of

many crimes through the internet network. The existence of Cybercrime has become a
threat of stability, so the government is difficult to compensate crime techniques done with
computer technology,especially internet and intranet networks.

Therefore, computer security is required to prevent the destruction of the inside of

the system because it is entered by unwanted users. Intregrated system security should be
an integrated step in its entire subsystem, with the aim of narrowing or even closing the
gap of harmful unauthorized acts.

11