CS2005 - Lecture 12 - Security
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt Play1/17
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
18 Terms
Masquerading attack
Pretending to be another entity
What are the four main types of security violations?
Breach of confidentiality (unauthorised data access)
Breach of integrity (unauthorised data modification)
Breach of availability (unauthorised data destruction)
Theft of service (unauthorised resource use)
Replay attack
Maliciously resending valid data
Man-in-the-middle
Intercepting and altering communications
At which 4 levels must security be implemented?
Physical (data centres, hardware)
Human (prevent social engineering)
Operating System (protection mechanisms)
Network (secure communications)
Trojan Horse
Disguised malware e.g. fake login
Logic Bomb
Triggers under specific conditions
Buffer Overflow
Overwrites memory to exploit
Virus
Self-replicating code infects files
Symmetric Encryption
Uses one shared skey to encrypt/decrypt
Asymmetric Encryption
Uses public key (encrypt) and private key (decrypt)
RSA encryption
Generate primes p and q; compute N=p*q Public key: (ke, N) Private key: (kd, N)
Worms
Self-replicating malware e.g. Morris worm
DoS attacks
Overloads systems to deny service e.g. traffic floods
Plaintext
Original message
Ciphertext
Encrypted message
Cipher
Algorithm for encryption/decryption
Cryptography
Prevents eavesdropping/spoofing by ensuring:
- Confidentiality (only authorised parties read data)
- Authentication (verify sender/receiver)