Computer Security, Cybersecurity or IT Security is the protection of computer systems from the theft of or damage to their hardware, software, or data, as well as from the disruption or misdirection of the services they provide
Security Vulnerabilities
- Malicious Code:
- trojan horse - hidden instruction on a program
- virus - hidden instructions added on a program afterward
- worm - a program that replaces itself by installing its copies
- trapdoor - undocumented entry point to a system
- logic bomb - instructions triggered by an event
- zombie - malicious instructions remotely triggered over network
- Message Vulnerabilities:
- fabricate messages - creating fake messages
- intercept messages - redirecting or obstructing message flow
- modify a message - modifying a message in transit
- eavesdropping/record messages (passive) - listening to messages in transit
- replay recorded messages - replaying recorded messages
- Authentication (AuthN) Vulnerabilities:
Link to original- TODO
- Availability Vulnerabilities (DoS attacks):
- amplification attack - a method of the malicious user sending small queries that result in large responses to the target (e.g. DNS amplification attack)
- Web Application Vulnerabilities:
- Injections - SQL injections
- Cross-Site Scripting (XSS) - enables attackers to inject client-side scripts into web pages viewed by other users
- Laced XSS - code hidden in URL and is executed when a victim clicks on it
- Stored XSS - code stored into a database and is retrieved and executed on other users of web application
- Cross-Site Request Forging (CSRF) - is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated
Security Types
security - general term over other terms below. when asking, we need to state “secure in terms of what”. (e.g. secure in terms of confidentiality)
- confidentiality - ensures encoded messages cannot be decoded by unauthorized parties (encryption enforces confidentiality)
- PFS-Foliage - a stronger form of confidentiality where compromise of secret-keys (long-term) does not compromise session-keys (short-term) which encodes messages
- perfect forward secrecy (PFS or forward secrecy) - is the impossibility for an eavesdropper to decrypt a conversation even if the eavesdropper records the entire conversation and later steals the party’s long-term keys
- escrow foliage - having prior knowledge of long-term keys, a passive eavesdropper cannot decrypt the conversation
- PFS-Foliage - a stronger form of confidentiality where compromise of secret-keys (long-term) does not compromise session-keys (short-term) which encodes messages
- privacy - similar to confidentiality, but with only 1 authorized party having access (not 2 or more authorized parties)
- integrity/consistency - ensures message was not tampered (HMAC & Digital Signatures enforces integrity)
- anonymity - the condition of being anonymous (origin of message/data is unknown)
- endpoint identifier hiding - ability to hide the identities of the 2 communicating parties from eavesdroppers
- authentication - authentication between 2 parties is the process of 1 party or both parties (sometimes parties outside communication between 2 parties) verifying the identity of another party
- live partner reassurance - a stronger form of authentication that protects against replay of recorded messages (e.g. authentication messages, etc)
- authorization - the process of verifying what someone/something is allowed to do
- non-repudiation - is the assurance that we cannot deny “that the party sent the message” (opposite to plausible deniability)
- non-repudiation is a stronger form of authentication where any party (not just parties within the communication group) can verify that the message originated from a stated identity
- plausible deniability - is the possibility that we can deny “that the party sent the message” (opposite to non-repudiation)
- availability - a quality of being able to be used or obtained
- denial of service protection - methods that prevent Denial of Service (DoS) attacks (methods include: using cookies (not web cookies) or puzzles)
- signing/signature - provides both: integrity & authentication (esp. stronger form of authentication: non-repudiation)