Information security

Mr. Smail Tache

University of Djelfa
2024
Course Agenda

• Chapter 1: Introduction to information security.

• Chapter 2: Cryptography and Cryptanalysis.
• Chapter 3: Firewalls.
• Chapter 4: Switching Security.
• Chapter 5: Virtual Private Network (VPN).
• Chapter 6: Wireless Network Security.

1 / 47
Chapter 1: Introduction to information security

What is security?, History

The objectives of information security

Concepts

Threats and Attacks

OSI Security Architecture

Homework

2 / 47
What is security?, History
History

Enigma machine

3 / 47
History

The BOMBE machine (Alan Turing)

4 / 47
Information Systems

• An information system is a combination of software, hardware, and

telecommunication networks to collect useful data, especially in an organisation.

• Information systems are composed by four components: task, people, structure, and
technology.

5 / 47
What is Security?

Information security, is the practice of protecting information from unauthorized access,

disclosure, disruption, modification, or destruction. It involves the implementation of
measures, policies, procedures, and technologies to ensure the confidentiality, integrity,
and availability of information.

6 / 47
Uses of Information Security

• Protecting Personal Information.

• Safeguarding Financial Information.
• Guarding Health Records.
• Securing Intellectual Property.
• Enabling Secure Communications.
• Detecting Security Breaches.
• Facilitating Online Transactions.
• Authenticating Users.
• Ensuring Data Integrity.

7 / 47
The objectives of information
security
CIA Triad

The CIA Triad is a security model that provides a framework for understanding the three
fundamental components of information security: confidentiality, integrity, and
availability.

8 / 47
Availability

The primary objective of availability is to verify that the complete data is available every
time (or at any moment) whenever an official person needs it.

9 / 47
Availability

10 / 47
Integrity

The main purpose of the integrity principle is to protect data

from being modified in any uncertified way. It provides
stability and guarantees that data is correct, authentic, and
not modified. It involves maintaining the consistency,
accuracy, and trustworthiness of data over its entire life cycle.

11 / 47
Integrity

12 / 47
Confidentiality

The goal of the confidentiality principle is to keep sensitive information private and to
ensure that it is manifest and available only to those who are authorized to use it to
fulfill their important or institutional projects.

13 / 47
Confidentiality

14 / 47
Objectives of information security

• Confidentiality: To ensure that information is only accessible to authorized

individuals, systems, or processes.
• Integrity: To guarantee the accuracy, reliability, and trustworthiness of information
and to prevent unauthorized alterations.
• Availability: To ensure that information and systems are accessible and usable when
needed by authorized users.
• Authentication: To verify the identity of users, systems, or processes attempting to
access information or resources.
• Authorization: To grant or restrict access rights and permissions based on the
authenticated identity and associated privileges.

15 / 47
Objectives of information security

• Non-Repudiation: To prevent individuals from denying their actions or transactions.

• Accountability: To trace and attribute actions or events to specific individuals or
entities.
• Privacy: To protect individuals’ personal information and ensure compliance with
privacy laws and regulations.
• Risk Management: To identify, assess, and mitigate risks to information assets.
• Security Awareness and Training: To educate and raise awareness among individuals
within an organization about security best practices and potential threats.

16 / 47
Types of Information Security

17 / 47
Issues of Information Security

• Cyberattacks.
• Data breaches.
• Insider threats.
• Human error.
• Technical failures.
• Complexity.
• Mobile and IoT devices.
• Data privacy.
• Globalization
• ???

18 / 47
Concepts
Information Security vs Cybersecurity

What is the difference between Information Security and Cybersecurity ?

19 / 47
Information Security vs Cybersecurity

• Information Security: This term is broader and encompasses the protection of all
forms of information, whether it is in digital or physical form.

• Cybersecurity: This is a subset of information security specifically focused on

protecting digital information from unauthorized access, attacks, and damage.

20 / 47
Basic Concepts

• Attack ?
• Threat ?
• Vulnerability ?
• Risk ?
• Intrusion ?
• Asset ?

21 / 47
Hacking

Hacking is the act of identifying and then exploiting weaknesses in a computer system or
network, usually to gain unauthorized access to personal or organizational data.

22 / 47
Hackers

23 / 47
Types of Hackers

• Black Hat Hackers

• White Hat Hackers
• Grey Hat Hackers
• Hacktivists
• Script Kiddies
• State-Sponsored Hackers
• Organized Cybercriminals
• Crackers

24 / 47
Cybersecurity Jobs

Cybersecurity professionals are the rockstars of the computer world today. There are
many different positions in the field and can be found in businesses, voluntary agencies,
government agencies, and for individuals. They can work as:

• Ethical hackers
• Source code auditors
• Security architects
• Computer crime investigators
• Security consultants
• Cryptographers
• Security analysts

25 / 47
Security!

The SEC is not a product; it is an active and ongoing process !

26 / 47
Threats and Attacks
Threat

A threat is a potential negative action or event that can exploit vulnerabilities in a system
to cause harm or damage.

27 / 47
Attack

An attack, on the other hand, is the actual exploitation or intentional act carried out by
an adversary to compromise the security of a system or organization. It is the execution
of a threat.

28 / 47
Types of Attacks

1. Active attacks: Deliberate and unauthorized actions commited by an attacker to

manipulate, disrupt, or compromise the resources or data of a targeted system.
• Attempt to log into someone else’s account.
• Wire taps.
• Denial of services.
• Masquerading.
• Message modifications.
2. Passive attacks: involve unauthorized monitoring and interception of data without
directly altering the targeted system, aiming to gather information covertly.
• Listen to system passwords.
• Release of message content.
• Traffic analysis.
• Data capturing.

29 / 47
Attacks and Threats

• Malware.
• Insider Threats.
• Phishing.
• Zero-Day Exploits.
• DoS and DDoS Attacks.
• Social Engineering.
• Man-in-the-Middle
• Advanced Persistent Threats (APTs).
(MitM) Attacks.
• Cross-Site Scripting (XSS).
• SQL Injection.

30 / 47
Malware

Malicious software designed to disrupt, damage, or gain unauthorized access to computer

systems.
• Viruses. • Adware.
• Worms. • Rootkits.
• Trojans. • Botnets.
• Ransomware. • Keyloggers.
• Spyware. • Polymorphic Malware.

31 / 47
Virus

• Programs that attach themselves to legitimate executable files or documents and

spread when the infected file is executed.
• Objective: Replicate and spread, potentially causing damage to files or system
functionality.

• 1971: Creeper created in ARPANET.

• 1972: Ray Tomlinson, created the Reaper
Program.
• 1986: Birth of the first virus (Brain).

32 / 47
Worm

• Self-replicating programs that spread across networks or systems without requiring

human intervention.
• Objective: Replicate rapidly and consume network resources, often leading to
network congestion.

• 1988: A hacker launched the Morris

worm.

33 / 47
Trojans (Trojan Horses)

• Malicious software disguised as legitimate programs to trick users into executing

them.
• Objective: Perform unauthorized actions or functions on the compromised system,
often opening a backdoor for attackers.

• 1988: A hacker launched the Morris

worm.

34 / 47
Keylogger

• A keylogger is a form of malware or hardware that keeps track of and records your
keystrokes as you type.

35 / 47
Phishing

Phishing refers to an attempt to steal sensitive information, typically in the form of

usernames, passwords, credit card numbers, bank account information or other
important data in order to utilize or sell the stolen information.

36 / 47
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks

A denial-of-service (DoS) attack floods a server with traffic, making a website or resource
unavailable. A distributed denial-of-service (DDoS) attack is a DoS attack that uses
multiple computers or machines to flood a targeted resource.

37 / 47
Man-in-the-Middle (MitM) Attacks

A man-in-the-middle attack is a type of eavesdropping attack, where attackers interrupt

an existing conversation or data transfer. After inserting themselves in the ”middle” of
the transfer, the attackers pretend to be both legitimate participants.

38 / 47
Social Engineering

Uses psychological manipulation to trick users into making security mistakes or giving
away sensitive information.

39 / 47
Countermeasures
• Firewalls and Intrusion Detection
Systems.
• Antivirus and Anti-malware Software
• Encryption
• Access Control Mechanisms
• Patch Management
• Security Awareness Training
• Network Segmentation
• Security Policies and Procedures
• Incident Response Plan
• Physical Security Measures
• Backup and Recovery
40 / 47
OSI Security Architecture
OSI Architecture

The OSI (Open Systems Interconnection) Security Architecture defines a systematic

approach to providing security at each layer. It defines security services and security
mechanisms that can be used at each of the seven layers of the OSI model to provide
security for data transmitted over a network. It has three concepts:

41 / 47
Security Attacks

A security attack is an attempt by a person or entity to gain unauthorized access to

disrupt or compromise the security of a system, network, or device. These are defined as
the actions that put at risk an organization’s safety.

42 / 47
Security Mechanism

The mechanism that is built to identify any breach of security or attack on the
organization, is called a security mechanism. Some examples:

• Encryption
• Digital signature
• Traffic padding
• Routing control

43 / 47
Security Services

Security services refer to the different services available for maintaining the security and
safety of an organization. They help in preventing any potential risks to security. Security
services are divided into 5 types:

• Authentication
• Access control
• Data Confidentiality
• Data integrity
• Non- repudiation

44 / 47
Benifits of OSI Security Architecture

1. Providing Security.
2. Organising Task.
3. Meets International Standards.

45 / 47
Homework
Task 1

1. Identify the fundamental requirements in computer security and define them.

2. Define what is :
• Authentification.
• Authorization.
• Vulnerability.
• Risk.
3. Mention some of the types of security?

46 / 47
Task 2

• Link between the security services and their appropriate security mechanisms:
Mechanism
Service Encryption Digital Access Data Integrity Authentication Exchange Traffic Padding Routing Notarization Control
Signature Control
Authentication
Origin Authentication of Data
Access Control
Traffic Flow Confidentiality
Data Integrity
Non-repudiation
Availability

47 / 47
smail.tache@univ-constantine2.com

47 / 47