COMPUTER SECURITY

ISSUES

Presented By,
LAKSHMI ANAND
MBA-A
ROLL NO:31
• Computer security -- refers to techniques for ens
uring that data stored in a computer cannot be r
ead or compromised by any individuals without a
uthorization.
• Most computer security measures involve data e
ncryption and passwords.
– Data encryption is the translation of data into a form t
hat is unintelligible without a deciphering mechanism.
– A password is a secret word or phrase that gives a u
ser access to a particular program or system.
Computer Security Risks
is any event or action that could cause a loss or dama
ge to computer hardware, software, data, informatio
n, or processing capability.
 Types of Computer Security Risks

• Internet and network attack

• Unauthorized access and use
• Hardware theft
• Software theft
• Information theft
• System failure
 1. Malware 5. Spoofing

Internet and
network attacks

2. Botnets 4. Denial of service attacks

3. Back Doors
 MALWARE

Malware(malicious software), is any software

used to disrupt computer operation, gather
sensitive information, or gain access to private
computer systems.
It can appear in the form of executable code,
scripts, active content, and other software.
symptoms

• Operating system runs much slower than usual

• Available memory is less than expected

• Files become corrupted

• Screen displays unusual message or image

• Music or unusual sound plays randomly

• Existing programs and files disappear

• Programs or files do not work properly

• Unknown programs or files mysteriously appear

• System properties change

• Operating system does not start up

• Operating system shuts down unexpectedly

Types of Malware
• VIRUS
Potentially damaging computer program that affects, or infect
s, a computer negatively by altering the way the computer wor
ks without the user’s knowledge or permission.
• WORM
Standalone malware computer program that replicates itself in
order to spread to other computers.
• TROJAN HORSE
Trojan horse is a program that hides within or looks like a legi
timate program. It does not replicate itself to other computers.
• ROOTKIT
Is a program that hides in a computer and allows someon
e from a remote location to take full control of the comput
er.
• SPYWARE
It is a program placed on a computer without the users k
nowledge that secretly collects information about the use
r.
• ADWARE
It is a program that displays an online advertisement in a
banner or pop-up window on web pages, e-mail messag
es or other internet services
 BOTNETS

A botnet (zombie army) is a number of Internet c

omputers that, although their owners are unawar
e of it, have been set up to forward transmission
s (including spam or viruses) to other computers
on the Internet.
 SPOOFING
• A technique used to gain unauthorized access to
computers, whereby the intruder sends message
s to a computer with an IP address indicating tha
t the message is coming from a trusted host.
• To engage in IP spoofing, a hacker must find an
IP address of a trusted host and then modify the 
packet headers so that it appears that the packe
ts are coming from that host.
• Newer routers and firewall arrangements can off
er protection against IP spoofing.
 DENIAL-OF-SERVICE

•  DoS attack, is an assault whose purpose is to d

isrupt computer access to an Internet service su
ch as the Web or e-mail.
• DoS attacks have been able to stop operations t
emporarily at numerous Web sites, including po
werhouses such as Yahoo!, eBay, Amazon.com,
and CNN.com.
 BACKDOOR VIRUS

• A backdoor virus is a program that enters a com

puter system without being detected and runs in
the background to open ports, allowing third part
ies to control the computer.
• Backdoor viruses can compromise files and capt
ure confidential information stored on the infecte
d machine.
• Root Kit is a Backdoor.
 UNAUTHORIZED ACCESS & USE
• Unauthorized access is the use of a computer or netwo
rk without permission.
– A cracker, or hacker,  is someone who tries to access a compute
r or network illegally.
• Unauthorized use is the use of a computer or its data fo
r unapproved or possibly illegal activities.
– Examples of unauthorized use of computers include An employe
e using a company computer to send personal e-mail.
– Someone gaining access to a bank computer and  performing an
unauthorized transfer.
• One way to prevent unauthorized access and unauthoriz
ed use of computers is to utilize access controls.
 HARDWARE THEFT
• Hardware theft is the unauthorized taking of com
puter hardware.
• Computer equipment is expensive, and enterpris
e hardware is especially costly. Many of the mos
t expensive devices are small, and improper sec
urity can make businesses tempting targets for t
hieves.
 SOFTWARE THEFT

• It is the unauthorized copying or distribution of c

opyright protected software.
• Intentionally erases programs.
• Software theft should be reported to the Federati
on Against Software Theft (FAST). 
 INFORMATION THEFT

 Occurs when someone steals personal or confid

ential information.
 If stolen, the loss of information can cause as m
uch damage as (if not more than) hardware or s
oftware theft.
• Credit Card Number Theft, Database Theft
 SYSTEM FAILURE
A system failure is the prolonged malfunction of a
computer
A variety of factors can lead to system failure, inclu
ding:
 Aging hardware
 Natural disasters
 Electrical power problems
• Noise, undervoltages, and overvoltages
 Errors in computer programs
 SECURITY SOFTWARE

• A general phrase used to describe any software tha

t provides security for a computer or network.
• There are many types of security software including
 :
antivirus software, encryption software, firewall s
oftware and spyware removal software.
• The two most common types of security software u
sed for personal computer security are 
– antivirus software (virus protection software)
– antispyware software (spyware removal software).