Unit 23 Security in Computing ContentsLearning ObjectivesAfter you ha ve read this unit, you should be familiar with:1. Method of invad ing a computer and types of network attacks 2. Several commonly u sed method of defense Words&ExpressionsText The term computer security is used frequently, but the content of a comput er is vulnerable to few risks unless the computer is connected to other computers on a network. As the use of computer networks, e specially the Internet, has become pervasive, the concept of comp uter security has expanded to denote issues pertaining to the net worked use of computers and their resources. The majo r technical areas of computer security are usually represented by the initials CIA: confidentiality, integrity, and authentication or availability. Confidentiality means that information cannot b e access by unauthorized parties. Confidentiality is also known a s secrecy or privacy; breaches of confidentiality range from the embarrassing to the disastrous. Integrity means that information is protected against unauthorized changes that are not detectable to authorized users; many incidents of hacking compromise the in tegrity of databases and other resources. Authentication means th at users are who they claim to be. Availability means that resour ces are accessible by authorized parties; "denial of service" att acks, which are sometimes the topic of national news, are attacks against availability. Text Other important concerns of computer security professionals are access control and no repudi ation. Maintaining access control means not only that users can a ccess only those resources and services to which they are entitle d, but also that they are not denied resources that they legitima tely can expect to access. No repudiation implies that a person w ho sends a message cannot deny that he sent it and, conversely, t hat a person who has received a message cannot deny that he recei ved it. In addition to these technical aspects, the conceptual re ach of computer security is broad and multifaceted. Computer secu rity touches draws from disciplines as ethics and risk analysis, and is concerned with topics such as computer crime; the preventi on, detection, and remediation of attacks; and identity and anony mity in cyberspace. While confidentiality, integrity, and authenticity are the most important concerns of a computer se curity manager, privacy is perhaps the most important aspect of c omputer security for everyday Internet users. Although users may feel that they have nothing to hide when they are registering wit h an Internet site or service, privacy on the Internet is about p rotecting one''s personal information, even if the information doe s not seem sensitive. Because of the ease with which information in electronic format can be shared among companies, and because s mall pieces of related information from different sources can be easily linked together to form a composite of, for example, a per son''s information seeking habits, it is now very important that i ndividuals are able to maintain control over what information is collected about them, how it is used, who may use it, and what pu rpose it is used for. Types of Network Attacks Based on the Attack''s Perpetrator In addition to classifying netwo rk attacks based on their goals, it is useful to analyze them bas ed on who is orchestrating them. In this respect, network attacks are generally divided into four categories: Attacks L aunched by Trusted (Inside) Users This is one of the m ost dangerous forms of network attack, because not only does the user have access to a lot of network resources, but most network policies are not very strict in defining rules and codes of behav ior for users on the internal network. Everyone on the internal n etwork is generally trusted. This can allow an inside user to lau nch any of the attacks just described, with devastating consequen ces. In fact, according to quite a few studies, the most common d amage to networks is done by internal rather than external threat s. An insider attacker can be further categorized as fo llows: Unintentional inside attacker Delibera te inside attacker Much damage to networks is done by inside individuals who have no real intent of causing any harm to the network, but who inadvertently manage to cause significant d amage by their acts. Such acts can be as simple as letting an out side hacker learn passwords or bringing down a critical network r esource due to misuse based on lack of knowledge or training. A v ery common example of this type of individual is one who opens a malicious e-mail attachment, exposing a whole organization to a v irus attack. The second type of attacker, the delibera te inside attacker, is more dangerous, because they have intentio ns that are in opposition to the rules and regulations laid down by the network security policy. This individual''s intent is to la unch a network attack. Special status as an insider gives the att acker a critical edge. Attacks Launched by Untrusted (External) Individuals This is a fairly common type of attack in which the user is not trusted on the attacked network. This type of attacker generally has a difficult time, because mo st network security policies have stringent measures defined agai nst external attackers. Attacks Launched by Inexperienc ed ("Script-Kiddy") Hackers Many hacking tools are avai lable on the Internet. You can get scripts that launch attacks wi th the click of a button, even if you have no real knowledge of t he attack itself or the coding involved to generate it. Examples of such tools are nmap and ncat for reconnaissance. Similar tools such as Naptha (for DoS attacks) are available for launching var ious attacks after a vulnerability has been found. A script kiddy (what such hackers are often called) generally is not an expert in networking or operating systems. However, the use of scripts c an allow the attacker to cause substantial damage to an unsuspect ing network. Attacks Launched by Experienced ("Profe ssional") Hackers "Professional" hackers are generally very well-versed in writing various types of code. They have sub stantial expertise in the TCP/IP protocol suite and a deep knowle dge of the workings of various operating systems. These people ge nerally develop the tools that the script kiddies later use. Thes e types of hackers generally conduct attacks after doing research on the type of victim. They are often looking for high-visibilit y, high-profile, often well-protected victims whom they can hack to prove their hacking expertise. Professional hackers are also m otivated by profit, so they often conduct corporate espionage. Th is is probably the most dangerous type of attacker a network can attract. Having looked at the types of attackers, it i s easy to understand that the most potent enemy a network can hav e is an insider with bad intentions who is also a professional ha cker. Although it can be impossible to protect against all types of attacks such an individual can carry out, proper intrusion det ection can expose such an individual and lead to their ouster bef ore more damage is done. Virus is a program or a piece of code that is loaded onto your computer without your knowledge and runs against your wishes. A virus program is able to replicat e itself. Even such a simple virus is dangerous because it will q uickly use all available memory and bring the system to a halt. A n even more dangerous type of virus is one capable of transmittin g itself across networks and bypassing security systems. A virus program contains some instructions which can lead to negative effects ranging from harmless to devastating. For exampl e: ·File and data are deleted; ·The computer ta kes longer to load program and applications; ·Items and images on the computer screen are distorted, and unusual images a nd texts appear; ·Disk space and filenames change for no reason; ·System tools such as scandisk return incorrect values. A Trojan Horse is one of special computer vi rus; a Trojan is referred to the ambush in the computer, which is controlled by the external users to steal the information or the domination procedure. A Trojan can not be as self-reproduction m assive as the computer virus, it also can not infect other proced ures crazy. In other words, contrary to a virus, a Trojan does no t replicate itself. The viral procedure takes the massive dissemi nation as a pleasure, but a Trojan takes invasion of specific com puter and occupation as a goal. Most of Trojan attack with malici ous attempt, for example, stealing the QQ account number, the gam e account number or even bank account number, attacking other equ ipment using this aircraft as the tool and so on. It can also tak e the system’s resources, and slow down the computer’s working ef ficiency. Simultaneously the Trojan Horse is also the trick which the hacker steals the computer resource habitually using. Once the computer is infected, the best way to rescue it is to buy a good anti-virus software package such as Norton , Kaspe rsky or McAfee and keep installing the latest updates. These pack ages may not always protect your computer against the latest viru s, but offer the best solution possible. You should always try th e following: ·Ensure your operating system(OS) is up-t o-date. This is essential if you are running a Microsoft Windows OS. ·You should have anti-virus software installed on y our system and ensure you download updates frequently to ensure y our software has the latest fixes for new viruses, worms and Troj an Horses. ·Install a personal firewall and keep it up -to-date. ·Don’t open or preview mails from unknown sou rces. Be very wary of any email attachments you receive. If you d o not know who it is from, delete the message. ·Don’t d ownload files from sources you don’t trust.Exercises1.Answer the following question according to the text.(1) Why is the attacks l aunched by Inside Users the most dangerous forms of network atta ck ?(2) What is virus?(3) What is Trojan Horse?(4) What is the di fference between the virus and the Trojan Horse?(5) What should y ou always try to ensure the security of your computer? 2. Transl ate the following terms or phrases from English into Chinese and vice versa:key3. Fill in the blanks with the information given i n the text: (1) Confidentiality is also known as secrecy or privacy; breaches of confidentiality from the embarrassin g to the disastrous. (2) Although users may feel that the y have nothing to hide when they are with an Internet site o r service, privacy on the Internet is about one''s personal i nformation, even if the information does not seem sensitive. (3) Much damage to networks is done by inside individuals who have no real of causing any harm to the network, but who i nadvertently manage to cause significant damage by their acts. (4) Professional hackers are also by profit, so they often conduct corporate espionage. (5) Even such a simp le virus is dangerous it will quickly use all available mem ory and bring the system to a halt. key4. Choose the best one fr om the items given below to complete the following passage. Computer security is a branch of computer technology kno wn (1) information security as applied to computers and netwo rks. The objective of computer security includes protection of in formation and property (2) theft, corruption, or natural di saster, while (3) the information and property to remain acc essible and productive to its intended users. The terms computer system security, means the collective processes and mechanisms (4) which sensitive and valuable information and services are ( 5) from publication, tampering or collapse by unauthorized act ivities or untrustworthy individuals and unplanned events respect ively.(1) A. as B. of C. about D. to (2) A. about B. without C. from D. on(3) A. letting B. allowing C. agreeing D. permitting(4) A. from B. to C. on D. by(5) A. defended B. protected C. protecting D. defendingkey 5.Mark the following statements with T(true) or F(false) ac cording to the text. (1) Confidentiality means that info rmation is protected against unauthorized changes that are not de tectable to authorized users; many incidents of hacking compromis e the integrity of databases and other resources. (2) Co mputer security touches doesn’t draw from disciplines as ethics. (3) The attacks Launched by Trusted (Inside) Users is on e of the most dangerous forms of network attack. (4) Scr ipt kiddies generally develop the tools that the experienced hack ers later use. (5) A Trojan can replicate itself like a virus. key 6.Select the one answer to each question. ( 1) Which of the following is not a feature of computer security? A. facility B. confidentiality C. integrity D. availability (2) What is perhaps the most impor tant aspect of computer security for everyday Internet users A. authenticity B. integrity C. privacy D. confid entiality (3) Which of the following phenomena are not ca used by a virus? A. File and data are deleted B. Items and images on the computer screen are distorted, and unu sual images and texts appear C. System tools such as sca ndisk return incorrect values D. all the above (4) Which of the following description about the Trojan Horse is correct? A. a Trojan is controlled by the internal users. B. a Trojan does not replicate itself. C. a Trojan can be as self-reproduction massive as the computer virus, it als o can infect other procedures crazy. D. a Trojan can not oc cupy the system’s resources. (5)Which of the following an ti-virus software is not mentioned in the text? A. Kaspers ky B. McAfee C. Rising D. Norton (6) Which of the following belongs to unintentional inside a ttacks? A. letting an outside hacker learn passwords or b ringing down a critical network resource due to misuse based on l ack of knowledge or training. B. having intentions that a re in opposition to the rules and regulations laid down by the ne twork security policy. C. getting scripts that launch at tacks with the click of a button, even if you have no real knowle dge of the attack itself or the coding involved to generate it. D. writing various types of code to conduct attacks key 7.Translate the following sentences into Chinese. (1) As the use of computer networks, especially the Internet, ha s become pervasive, the concept of computer security has expanded to denote issues pertaining to the networked use of computers an d their resources. (2) Computer security touches draws from disciplines as ethics and risk analysis, and is concerned w ith topics such as computer crime; the prevention, detection, and remediation of attacks; and identity and anonymity in cyberspace . (3) Because of the ease with which information in el ectronic format can be shared among companies, and because small pieces of related information from different sources can be easily linked together to form a composite of, for example, a person''s information seeking habits, it is now very important that individuals are able to maintain control over what information is collected about them, how it is used, who may use it, and what purpose it is used for. (4) The viral procedure takes the massive dissemination as a pleasure, but a Trojan takes invasion of specific computer and occupation as a goal. key1.略2. 3.(1)range (2)registering, protecting (3) intent (4)motivated (5)because 4. (1)A (2) C (3) B (4) D (5) B 5. (1)F (2) F (3) T (4) F (5) F 6. (1)A (2) C (3) D (4) B (5) C (6) A 7. (1) 随着计算机网络的使用,特别是互联网,已变得很普及,计算机安全的概念已扩大有关计算机网络的使用和资源的问题。 (2) 计算机安全也涉及伦理学和风险分析学,并与计算机犯罪、攻击的预防、检测和补救、以及网络空间的身份和匿名等议题有关。 (3) 由于电子形式的信息可在各公司之间的轻易地共享,而且由于不同来源的相关微小信息件可以很容易地连接在一起,形成一个综合,例如,一个人的信息搜索习惯,现在非常重要的是,个人能够始终支配他们收集到的信息,如何使用,谁可以使用它,使用的目的是什么。 (4) 病毒程序以大量传播为乐趣,而木马程序将入侵特定的计算机和占领作为目标。 |
|