Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
• Exam:
• Mid Semester: 50 Marks
• End Semester: 100 Marks
• Internal Marks: 25 Marks - 1 or 2 Assignments, 2 or 3 Quizzes, Summary Presentation
• Ransomware
• Criminal groups continue to target businesses, health care providers, and, most visibly,
local governments with these brash hacks, in which malware is used to encrypt a system's
data and then demand a ransom to decrypt it—swindling victims of billions of dollars a
year in the process.
• US Universities
• In March, the Department of Justice indicted nine Iranian hackers over an alleged spree of
attacks on more than 300 universities in the United States and abroad.
• The DOJ says the hackers stole 31 terabytes of data, estimated to be worth $3 billion in
intellectual property.
• Hackers breached Under Armour's MyFitnessPal app in late February 2018, compromising
usernames, email addresses, and passwords from the app's roughly 150 million users.
• VPN Filter:
• At the end of May, officials warned about a Russian hacking campaign that has impacted
more than 500,000 routers worldwide. The attack spreads a type of malware, known as
VPNFilter, which can be used to coordinate the infected devices to create a massive
botnet.
◦ Confidentiality of files: achieved by restricting the access to a few authorized and trusted
people in the organization
◦ Integrity: Only a few authorized people were allowed to change the contents of the files
◦ Availability: achieved by designating at least one person who would have access to the
files at all times
• Example:
◦ In military, concealment of sensitive information is the major concern,
◦ In industry, hiding some information from competitors is crucial to the operation of the
organization
◦ In banking, customers’ accounts need to be kept secret
• Integrity means that changes need to be done only by authorized entities and through
authorized mechanisms.
• System integrity: Assures that a system performs its intended function in an unimpaired
manner, free from deliberate or inadvertent unauthorized manipulation of the system.
• Traffic analysis refers to obtaining some other type of information by monitoring online
traffic.
• Replaying means the attacker obtains a copy of a message sent by a user and later tries to
replay it.
• Repudiation means that sender of the message might later deny that she has sent the
message; the receiver of the message might later deny that he has received the message.
2. Security mechanism
◦ tools and techniques by which, the security services can be achieved e.g.
3. Security attack
◦ actions that are attempts at violating the security rules.
• Data Integrity : assurance that data received are exactly as sent by an authorized entity
• the practice of concealing messages or information within other non-secret text or data.
• However, we use the term to refer to the science and art of transforming messages to
make them secure and immune to attacks.
Bob Alice
Eavesdropping
Eve
9/10/2019 DR. REEMA PATEL, B.TECH, SOT, PDPU, IS-2019 54
Solution
Private Message
Encryption Decryption
Scrambled Message
Bob Alice
Eavesdropping
• Security depends on the secrecy of the key, not the secrecy of the algorithm
14.000
12.000
10.000
8.000
6.000
4.000
2.000
0.000
E T A O I N S H R D L C U MW F G Y P B V K J X Q Z