Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of internet security
The 1970s was a time frame in information security history largely untouched by digital calamity, but marked more so by the exploration of emerging telecommunications technology. 1980s
The 1980s saw the birth of computer clubs. This decade subsequently ushered in the era of malware, marking the first virus, named "Brain", in 1986 as well as the infamous Morris Worm in 1988.
The Computer Fraud and Abuse Act were instituted in 1986 and for the first time, a computer hacker, Kevin Poulsen, was featured on America's Most Wanted. 1990s
The 1990's brought with it the dawn of the modern information security industry. Notable threats witnessed during this decade included the Michelangelo virus, Melissa, and Concept. Distributed denial of service attacks and the bots that made them possible were also born, such as Trin00, Tribal Flood network and Stacheldraht. 2000s
The first decade of the 21st Century saw malicious Internet activity turn into a major criminal enterprise aimed at monetary gain. like Adware and spyware programs as Conducing Time Sink, Aureate/Radiate and Comet Cursor.
The first heavily targeting online banking then moving onto social networking sites. Zero day attacks, rootkits, rogue antispyware, SPIM, click fraud and other attacks in the current decade. - The number of Internet hosts and users is skyrocketing
- The number of Internet servers is increasing in response to the higher demand for services
- Creating another increasing population of vulnerable machines.
- The Competitive nature of the computer industry.
- The combination of market pressure, low unemployment, and rapid growth creates an environment rich in machines to be exploited, and users to exploit those machines. Why Internet Security? Why should we worry about the security of the Internet? - There are a lot of obvious reasons involving privacy, theft, liability, and loss of productivity.
- The problem is a malicious attempt to invest user privileges on your web server
- you will most likely be to eliminate cleaning device and re-everything from scratch.
- Capture important information system, such as passwords to accounts on other devices.
- Damage to systems that may not be detected - corruption of databases and steal personnel records, and spyware, if your organization archive large amounts of data, and think about the cost involved in the inspection of all that data to modify.
Because of the inherent openness on the Internet and the original design of the protocols, and Internet attacks are quick and easy and not too expensive and can be difficult to detect or track. The commercial operating system vendors often report to be driven by sales to customer demand, and ease of performance, price, and the use of support and maintenance. As a result, operating systems are shipped off ready-to-use in the formation of easy-to-use yet unsafe sites that allow for the use of the system soon after installation. And often these hosts sites are not configured fully from a security perspective prior to contact. This lack of a safe configuration makes them vulnerable to attacks that occur sometimes within minutes of contact. Sought the explosive growth of the Internet need for people well-trained and experienced engineering and network management in a safe manner. Because the need for network security experts far exceeds supply, and called inexperienced people that secure systems, and open windows opportunity for the intruder community. Internet Vulnerabilities Types of security How does internet security work 1. IPSec Protocol This protocol is designed to protect communication in a secure manner using TCP/IP. It is a set of security extensions developed by IETF, and it provides security and authentication at the IP layer by using cryptography. To protect the content, the data is transformed using encryption techniques.
The basic components of the IPSec security architecture are described in terms of the following functionalists:
- Security protocols for AH and ESP
- Security association for policy management and traffic processing
- Manual and automatic key management for the internet key exchange (IKE)
- Algorithms for authentication and encryptio 2. Electronic Mail Security (Email) - Multipurpose Internet Mail Extensions (MIME)
MIME transforms non-ASCII data at the sender's site to Network Virtual Terminal (NVT) ASCII data and delivers it to client's Simple Mail Transfer Protocol (SMTP) to be sent through the internet. The server SMTP at the receiver's side receives the NVT ASCII data and delivers it to MIME to be transformed back to the original non-ASCII data.
- Pretty Good Privacy (PGP)
PGP provides confidentiality by encrypting messages to be transmitted or data files to be stored using an encryption algorithm such 3DES or CAST-128. Email messages can be protected by using cryptography in various ways, such as the following:
- Signing an email message to ensure its integrity and confirm the identity of its sender.
- Encrypting the body of an email message to ensure its confidentiality.
- Encrypting the communications between mail servers to protect the confidentiality of both the message body and message header. - Secure/Multipurpose Internet Mail Extensions (S/MIME)
S/MIME provides a consistent means to securely send and receive MIME data. S/MIME is not only limited to email but can be used with any transport mechanism that carries MIME data, such Hypertext Transfer Protocol (HTTP).
- Firewall controls access between networks. It generally consists of gateways and filters which vary from one firewall to another.
- Firewalls impose restrictions on incoming and outgoing packets to and from private networks. All the traffic, whether incoming or outgoing, must pass through the firewall; only authorized traffic is allowed to pass through it.
- Firewalls can create choke points based on IP source and TCP port number. They can also serve as the platform for IPSec. Using tunnel mode capability, firewall can be used to implement VPNs. Firewalls Types of firewalls
3. Application-level gateways
An application-level gateway is a proxy server operating at the TCP/IP application level. A packet is forwarded only if a connection is established using a known protocol. Application-level gateways are notable for analyzing entire messages rather than individual packets of data when the data are being sent or received. 1. Packet filters
The main job is to filter traffic from a remote IP host, so a router is needed to connect the internal network to the Internet. The router is known as a screening router, which screens packets leaving and entering the network.
2. Circuit-level gateways
The circuit-level gateway is a proxy server that statically defines what traffic will be allowed. Circuit proxy’s always forward packets containing a given port number, provided the port number is permitted by the rules set. This gateway operates at the network level of an OSI model. The main advantage of a proxy server is its ability to provide Network Address Translation (NAT), which can hide the user's IP address from the Internet, effectively protecting all internal information from the Internet.
Computer user can be tricked or forced into downloading software onto a computer that is of malicious intent. Such programs are known as malware and come in many forms, such as viruses, Trojan horses, spyware, and worms. Malware Viruses
Viruses are programs that can replicate their structures or effects by infecting other files or structures on a computer. The common use of a virus is to take over a computer to steal data. Spyware Trojan horse
A Trojan horse is a general term for malicious software that pretends to be harmless so that a user willingly allows it to be downloaded onto the computer.
The term spyware refers to programs that surreptitiously monitor activity on a computer system and report that information to others without the user's consent. Worms Worms are programs that can replicate themselves throughout a computer network, performing malicious tasks throughout. Botnet
Botnet is a network of "zombie" computers that have been taken over by a "bot" that performs large-scale malicious acts for the creator of the botnet. Antivirus vs. Internet Security 1.Antivirus is a class of software that detects and cleans out virus infected files while Internet Security is a suite of applications that aims to protect users against threats from the internet
2.Internet Security suites usually include an antivirus application among other programs
3.Internet security suites commonly includes a firewall, anti malware, anti spyware, and email protection programs
4.Internet Security suites often cost more than stand-alone antivirus applications The future of internet security It is a well established fact that the traditional security measures such as password and identification cards cannot satisfy every security requirement. Various physiological and behavioral biometrics for the authentication of individuals have broader applications such as the control of access to personal computers, private files and information repositories, building access control, and many others. Although biometrics is still relatively expensive and immature, integrated multiple biometrics features such as fingerprints, palm prints, facial features and voice patterns to authenticate a person's identity and verify his or her eligibility to access the Internet are in the development stage. The biometrics devices will continue to improve, becoming even more accurate and reliable as Internet technology evolves. Internet Vulnerabilities Internet Security