security

NETWORK SECURITY

• Importance of Network Security

  • As reliance on computers and the internet grows, securing these systems becomes increasingly vital.

  • Security focuses on preventing unauthorized access, usage, or damage to computer and network resources including hardware, software, and personal data.

• Security Threats

  • The term security threat refers to any event that compromises the security of systems or networks, leading to data loss or damage.

  • Security breaches can involve hacking, which is the act of exploiting vulnerabilities, often categorized as attacks or intrusions.

TYPES OF SECURITY THREATS

1. Malware

   • Definition: Malicious software designed to harm or exploit systems.

   • Includes viruses, trojan horses, spyware, and adware.

2. Viruses

   • A type of malware that replicates itself and spreads to infect other software or computers.

   • Can corrupt, steal, or delete data and consume system resources.

3. Trojan Horse

   • Malware disguised as legitimate software, which allows hackers to access the system through a hidden backdoor.

4. Spyware

   • Software that secretly collects user information without consent, including personal data and internet habits.

5. Adware

   • Software that presents unwanted advertisements and can track browsing behavior.

6. DDoS (Distributed Denial of Service)

   • Overwhelms a service with traffic from multiple sources to disrupt normal operations, rendering it unavailable.

7. Sniffing

   • The act of capturing and analyzing data packets traveling over a network, potentially exposing sensitive data such as passwords.

8. Spamming

   • Involves sending unsolicited messages, often via email, that can include harmful links.

9. Phishing

   • Attempts to acquire sensitive information by masquerading as a trustworthy entity in electronic communications.

10. Bandwidth Piracy

    • Unauthorized access to another user's network, consuming shared bandwidth without permission.

SECURITY STRATEGIES

• Overview of Strategies

  • Strategies include antivirus software, encryption, access control, and authentication to maintain data confidentiality, integrity, and availability.

ANTIVIRUS SOFTWARE

• Purpose: Detect and prevent malware attacks.

• Examples: McAfee, Norton, Kaspersky.

  • Can scan for and remove or quarantine infected files.

ENCRYPTION

• Protects personal or system information by converting it into a unrecognizable format (scrambling data).

• Requires a decryption key to revert to the original format.

  • Methods include public key encryption.

ACCESS CONTROL

• Determines who can access systems/networks and enforces restrictions.

• Implementations include:

  • Password protection (username and password combinations).

  • Hardware or software firewalls to filter traffic.

  • Intrusion detection systems to monitor for suspicious activity.

AUTHENTICATION

• Higher-level security verifying user identity before granting access.

• Methods include:

  1. Token-based Authentication

     • Involves generating a one-time password to authenticate alongside a username and password.

  2. Biometric Identification

     • Uses physical traits for verification, categorized into physiological (e.g. fingerprints) and behavioral (e.g. typing patterns).

  3. Digital Certificates

     • Electronic documents confirming a user's identity, issued by a certificate authority (CA).