Skip to main content

Computer Security

Computer Security is the protection of computer (hardware,software and data) from malicious attacks or accidental damage.

  • It is also known as cyber security or IT security(rarely).

Threats to Computer System

Anything that has potential to harm computer system.

  • Physical threat: Anything that has potential to cause physical damage:

    • Fire
    • High voltage
    • Theft
    • overheating
    • water or moisture etc.

  • Non-physical threats: Anything with potential to damage data, information or software of a computer system.

    • Malicious codes
    • Unauthorized access.

Non-Physical / Logical Threats

Malicious codes:

Malicious codes are code or web script designed to create and exploit system vulnerabilities.

  • It includes computer viruses, worms, trojan horses, malicious web scripts etc.

  • Malware or malicious software is developed to harm the computer system in any way.

  • Computer virus : Computer virus is man-made destructive program capable of hiding and replicating.

  • Destructive task includes: (These are also the symptoms of computer virus infection)

    • Degradation of overall performance
    • Running of unwanted programs
    • Deletion or corruption of files
    • Unnecessary messages
    • High memory usage

  • Computer virus can spread due to:

    • Sharing of portable storage device(like pendrive)
    • Downloading files from unreliable sites
    • Opening infected email attachment
    • Using pirated software

  • You can stay protected from computer virus by:

    • Install and update antivirus software
    • Install firewall
    • Scan computer system periodically
    • Keep Operating system updated
    • Stop using pirated software
    • Dont open suspicious email attachments
    • Don't download from untrusted websites

  • Computer worms : Computer worms are malware that uses network to send copies to other PCS, often without user intervention.

  • Trojan horses : Trojan horses are destructive program that pretend to be a useful program for a user. Unlike virus and worm, it doesn't replicate.

  • Spyware : Type of malware that secretly collects and shares information about a computer or network without the user's consent.

  • Adware : Type of malware that displays unwanted advertisements on your computer.

  • Other non-physical(i.e. logical threats):

    • Hacking : Identifying and exploiting weakness to gain unauthorized access.

      • White hat hackers intend to fix identified weakness
      • Black hat hackers intend to exploit identified weakness for their benefit.

    • Phishing: Tricks individuals into providing sensitive information by pretending to be a trustworthy entity.

    • Pharming: Redirects website traffic to fake sites to steal personal information.

    • Keylogger: Records keystrokes to steal passwords and confidential information.

    • Botnets: Networks of infected computers used for DDoS attacks or sending spam.

    • Rootkit: Tools that enable unauthorized control of a computer system without detection.

Information security

Refers to protection of data and information from unauthorized accesss or alteration while it is being stored or transmitted from one machine to another.

  • Concerns of information security:
    • Confidentiality: Only authorized users should be able to access the data and information.
    • Integrity: Data should be accurate and unaltered.
    • Availability: Data should always be available to authorized users.
    • Non-repudiation: Sender can't deny his involvement in data transmission.

Information security mechanisms:

  • Identification and Authentication: Making sure the user is who he/she is claiming to be.

    • Password: A secret word or phrase that a user must enter to gain access to a system or service. It should be strong, combining letters, numbers, and special characters to enhance security.

    • Biometric system: Uses unique physical characteristics such as fingerprints, facial recognition, or iris scans to verify the identity of a user.

  • Firewall: A network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted network and an untrusted network.

  • Cryptography: The practice of securing information by transforming it into an unreadable format, only accessible to those possessing a secret key.

    • Encryption: The process of converting plain text into ciphertext using an algorithm and a key, making it unreadable to unauthorized users.

    • Decryption: The process of converting ciphertext back into plain text using an algorithm and a key, making it readable to authorized users.

  • Antivirus: Software designed to detect, prevent, and remove malware from a computer system. It scans files and programs for known threats and monitors the system for suspicious activity.

  • Backup System: A process of copying and storing data to ensure it can be restored in case of data loss or corruption. Regular backups are essential for data recovery.

  • Updating System Software: Regularly installing updates and patches for the operating system and applications to fix security vulnerabilities, improve performance, and add new features.

Hardware Security

Refers to the protection of hardware(physical component of computer) from damage.

Hardware Security Mechanisms:

  • Regular Maintenance: Routine checks and servicing to ensure hardware components are functioning correctly and to prevent potential failures.

  • Insurance: Financial protection against loss or damage to hardware due to unforeseen events like theft, fire, or natural disasters.

  • Security from theft or harm: Measures such as physical locks, security cameras, and restricted access areas to prevent unauthorized access or damage to hardware.

  • Protection from fire: Installation of fire alarms, fire extinguishers, and fire suppression systems to protect hardware from fire damage.

  • Air conditioning: Maintaining optimal temperature and humidity levels to prevent overheating and moisture damage to hardware components.

  • Power protection devices: Devices that protect hardware from power-related issues.

    • Spike guard: Protects hardware from voltage spikes and surges.
    • UPS (Uninterruptible Power Supply): Provides backup power during outages and protects against power fluctuations.
    • Voltguard: Regulates voltage to ensure a stable power supply to hardware.
    • Surge protector: Shields hardware from sudden voltage spikes.
    • Power conditioner: Improves power quality by filtering out noise and regulating voltage.