stealth camera instructions
Computer Security and the role
INTRODUCTION
The paper examines the role of the word Pass, Anti-virus and data encryption in computer security. It was discussed that passwords are known to be old. Guards would challenge those who enter into an area or approach to provide a password or password. Guards would only allow one person or group to give if they knew the password. In modern times, user names and passwords are often used by people during a log in the process that regulates access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. Data encryption refers to mathematical and algorithmic schemes that transform plain text into cypher text, a form not readable by unauthorized persons. The recipient of a message encrypted using a key that the algorithm mechanism data, transforming the original triggers decrypt plain-text version.
Finally the paper discusses other major computer security, computer virus that is a computer program that can copy itself and infect a computer without permission or knowledge of the owner. The term "virus", but is also often incorrectly used to refer to other forms of malware, adware and spyware programs that have no reproductive capacity. A true virus can only spread from one to the another computer (in some form of executable code), where the host is taken to the target computer, such as a user sent via a network or the Internet, or on a removable medium like a floppy disk, CD, DVD or USB drive.
LEGAL CONSIDERATIONS
A password is a secret word or string used for authentication, to prove the identity or access to a resource (Example: An access code is a kind of password). The secret password must not allowed access.
The use of passwords is known that old. Guards would be those who challenge the approach of a area or to provide a password or password. guards would only allow one person or group to give if they knew the password. In modern times, user names and passwords are often used by people during a logging process controls access to protected computer operating systems, mobile phones, cable TV decoders, cash machines (ATMs), etc. A typical computer user may require passwords for many purposes: logging on the computer accounts, retrieving e-mail servers, access to programs, databases, networks, websites, and even reading the morning newspaper online.
Despite the name, there is no real need for passwords to be words, indeed passwords which are not actual words can be difficult to guess, a desirable feature. Some passwords are formed from multiple words and the accuracy be called a password. The term is sometimes used when access to undisclosed information purely numeric, such as the personal identification number (PIN) used for ATM access. Passwords are generally short enough to easily remembered and typed.
For the purposes of the more compelling of the identity authentication of a computer device to another, have significant drawbacks passwords (they can be stolen, spoofed, password, etc.) on legalization of cryptographic systems protocols difficult to circumvent. The original password concept has been proven unsafe. There are cases where passwords has been compromised without the users knowledge, through coersion, or because they were tricked into revealing it. The core problem with old passwords that very difficult or impossible for an administrator or a computer to distinguish between a legitimate user and unauthorized user access via the same password. Because of this inherent flaw in the original password system, Two Factor Authentication was invented.
A password is "something you know." This information is deemed to be known by a single individual. Two-factor authentication systems to add in another factor, "something what you have, electronic card key, electronic token, dongle, fob or other physical object keeps you a safe place when not in use. A common stand in replacement for the second factor at higher levels of security needed "something you are". A biological fingerprint, retina pattern, individual weight, specific vital signs or a combination of these items are used instead of the electronic device. The biological factor for authentication and authorization is found to be unreliable, but not allowing not be good when permitted use, but because there is a tendency for the legitimate user to deny access because of illness, physical body changes, or other physical limitations.
There are two common methods of authentication when users use electronic components for two-factor authentication, response-only, and challenge-response systems.
Response systems only require a user to your electronic device to present the reading of an electronic system, or for you information displayed on the electronic device without user input to enter. The user needs a user name or pin that is unknown to outsiders, and then enter specific reference data by the device when prompted. In many cases, this mechanism returns the user to a single factor authentication, where the user do not know anything, but merely has the item in question. An example is the standard electronic card key used for a facility or building perimiter. User does any other factor to prove their identity.
Challenge-response systems, the user specific password or a PIN into the device first place before the unit responds with the proper credentials to access data. This variant is always seen as two-factor authentication as the user has both "something what they need to know (the pin), and use "something they have" (electronic device).
Both the response and challenge-response-only systems can be circumvented if the user both the private information they hold the secret shows, such as the user name or PIN, and the attacker is owned by the electronic device. This weakness is the factor bioligcal invented.
Biological factors are used for several decades and have proven to be reliable and safe ways to prevent unauthorized users access to secure systems or environments, regardless of the privacy of their passwords. Systems monitor fingerprints, eye retina patterns, weight, ambient temperature, and other biological signs for the authenticity of the user to determine access. Films are touting ways of defeating these systems by cutting of body parts, using retinal masks, or forcing legitimate users to bypass the authentication mechanisms for the attacker. These are Hollywood's most and rarely works in the real world. In most cases where this level of security is required, local or remote monitoring of entry by using cameras and security staff is common. Dead Lock portals, remote activated magnetically controlled access, and visual idenfitication are the norm.
Many simple methods are designed to defeat weak-factor designed biological systems, so make sure you thoroughly the security measures you are planning to introduce testing before implementation.
The easier a password for the owner to remember that generally means it will be easy for a hacker to guess. Passwords that are hard to remember will the security of a system because (a) the user needs to write down or electronically store the password, (b) users often have password reset and (c) users are more likely to reuse the same password. The stringent requirements for password strength, such as "a mix of uppercase and lowercase letters and numbers" or "change monthly, the greater the degree to which users will undermine the systemIn Jeff Yan et al. examines the impact of the opinions of the users on a good choice of password. They found that passwords based on the thinking of a phrase and take the first letter of each word, are as memorable as naively selected passwords, and just as hard as randomly generated passwords to crack. Combining two independent words is a good method. After a personally designed "algorithm" to generate obscure passwords is a good method.
However, asking users to remember a password consisting of a mix of upper and lower letters "is like asking them to remember a series of bits: hard to remember, and just a little harder to crack (for example, only 128 times harder to crack for 7-letter passwords, less if the user simply plays in the first letter). Users to request use "both letters and numbers" will often lead to an easy to guess replacements as 'E' -> '3 'and' I '-> '1', which substitutes well known crackers. Even typing the password a higher row keyboard is a common trick known crackers.
Factors in the security of a password system
The security of a password protected system depends on several factors. The total system should of course be designed for a good security, with protection against computer viruses, man-in-the-middle attacks and the like. Physical security issues are a concern, from deter shoulder surfing to more sophisticated physical threats, such as video cameras and keyboard sniffers. And, of course, Passwords should be chosen so that they are hard for an attacker to guess and difficult for an attacker to discover using only (or all) of the available automatic assault arrangements. See password strength, computer security and computer insecurity.
Effective access control rules may force criminals to extreme measures acquisition of a password or biometric token. Less extreme measures include extortion, rubber hose cryptanalysis, side channel attack,
Data Encryption
Data encryption refers to the mathematical calculations and algorithmic schemes that transform plain text into cypher text, a form not readable by unauthorized persons. The recipient of a message is encrypted using a key mechanism leading to the algorithm for decrypting the data, to transform the original plaintext version.
Before the Internet, data encryption is rarely used by the public as it is more of a military security tool. With the prevalence of online shopping, and other banking services, even basic home users are now aware of data encryption.
Today's web browsers automatically encrypt text when connecting to a secure server. This prevents intruders from listening in on private communications. Even if they are capable of the message, encryption can catch them just look plain text or as many as unreadable gibberish. On arrival, the data deciphered, allowing the intended recipient to view the message in its original form.
Types Data Encryption
There are many different types of data encryption, but not all reliable. At first, 64-bit encryption thought to be strong, but was proven wrong with the introduction of the 128-bit solutions. AES (Advanced Encryption Standard) is the new standard and allows a maximum of 256-bits. In general, the stronger the computer, the greater the chance of breaking a data encryption scheme.
Data encryption systems generally fall into two categories: symmetrical and asymmetrical. AES, DES and Blowfish use symmetric key algorithms. Each system uses a key that is shared between the sender and the receiver. This key has the ability to encrypt and decrypt the data. Asymmetric encryption such as RSA and Diffie-Hellman, a pair of keys is created and granted: a private key and a public key. Public key can be known by everyone and used to encrypt data being sent to the owner. Once the message is encrypted, it can only be decrypted by the owner of the private key. Asymmetric encryption is said that something more secure than symmetric encryption and private key can not be shared.
Strong encryption as SSL (Secure Sockets Layer) and TLS (Transport Layer Security) private information, but can not always guarantee safety. Websites use this type of data encryption can be verified by checking the digital signature on their certificate, which must be validated by an accredited CA (Certificate Authority).
Encryption with a variable key length
A more advanced method is the use of simple encryption to encipher of the virus. In this case, the virus consists of a small decrypting module and an encrypted copy of the virus code. If the virus is encrypted with a different key for each infected file, the only part of the virus that remains constant is the decode module, which would (for example) are added to the end. In this case a virus scanner can not directly the to detect virus using signatures, but it can still detect the decrypting module, which still makes indirect detection of the virus possible. Since this would symmetric keys are stored on the infected host, it is in fact quite possible to decrypt the final virus, but that's probably not necessary, since self-modifying code is so rare that it can be reason for virus scanners at least flag the file as suspicious.
An old, but compact, encryption is XORing each byte in a virus with a constant, so the exclusive-or operation had only to be repeated for decryption. It is suspected
COMPUTER VIRUS
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the owner. The term "virus", but is often incorrectly used to refer to other forms of malware, adware and spyware programs that do not have the reproductive capacity. A true virus can only spread from one computer to another (in some form of executable code), where the host is taken to the target computer, such as a user sent via a network or the Internet, or on a removable medium like a floppy disk, CD, DVD or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file or a file system accessible by another computer. (Fred Cohen) The term "computer virus" is sometimes used as a catch-all phrase for all types of malware. Malware includes computer viruses, worms, Trojan horses, most rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software), including true viruses. Viruses are sometimes confused with worms and Trojan horses, which are technically different. A worm can exploit vulnerabilities to spread itself to other computers without having to be transferred as part of a host, and a Trojan horse is a program that looks innocent, but has a hidden agenda. Worms
Methods to avoid detection
To avoid detection by users, some viruses work different types of deception. Some old viruses, especially in the MS-DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus. This approach is not fool anti-virus software, however, particularly those which maintain date and cyclic redundancy check on the file changes.
Some viruses can file infect without increasing their size or damage to the files. They achieve this by overwriting unused areas of executable files. These are called cavity viruses. For example the CIH virus, or Chernobyl Virus, infects Portable Executables. Because these files have many empty gaps, the virus that is 1 KB in length, not to add the size of the file.
Some viruses try to avoid detection by killing the tasks associated with antivirus software before they can detect.
As computers and operating systems and more complex, old hiding techniques need to be adjusted or replaced. Defending a computer against viruses may ask a file system to migrate detailed and explicit permission for each type of file. (Matsumoto T.)
Avoiding bait files and other unwanted hosts
A virus needs to infect hosts further spreading. In some cases a bad idea to a host program to infect. For example, many anti-virus programs perform a check of the integrity of their code. Infect such programs will therefore increase the likelihood that the virus is detected. For this why some viruses are programmed not to infect programs that are known of anti-virus software. Another type of host that viruses sometimes avoid is bait files. Bait files (or goat files) are files specially created by anti-virus software, or anti-virus professionals themselves, to be infected by a virus. These files can be created for various reasons, all related to the detection of the virus:
Anti-virus professionals can use bait files to take a sample of a virus (ie a copy of a program file infected with the virus). It is more practical to save and a small, infected bait exchange files, then to exchange a large application program that is infected with the virus.
Anti-virus professionals can use bait files to the behavior of a virus study and evaluate detection methods. This is especially useful when the virus is polymorphic. In this case the virus to infect a large number of bait files. The infected files can be used to test whether a virus scanner detects all versions of the virus.
Some anti-virus software employs bait files that are accessed frequently. When these files are modified, the anti-virus software warns the user that a virus is probably active in the system.
Since bait files are used to detect the virus, or to make detection possible, a virus infects not benefit of them. Viruses typically do this by avoiding suspicious programs, such as small program files or programs specific patterns of 'garbage instructions.
A related strategy to baiting difficult is sparse infection. Sometimes sparse infectors do not infect a host file that would be a suitable candidate for infection in other circumstances. Could such a virus decide on a random or a file or not, whether a virus can infect only infect host files on certain days of the week.
Stealth
Some viruses try to trick anti-virus software by intercepting its requests to the OS. A virus can hide it by intercepting the anti-virus software application to read the file and passing the request to the virus, instead of the OS. The virus can lead to non-infected version of the file to the anti-virus software, so it seems that the file is "clean". Modern anti-virus software employs various techniques to combat stealth mechanisms of viruses. The only fully reliable method to avoid stealth is to boot from a medium that is known to clean.
Self-modification
Most antivirus programs try to find patterns within the normal virus programs by scanning them for known virus signatures. A signature is a characteristic byte-pattern that is part of a given virus or a family of viruses. If a virus scanner finds such a pattern in a file, it notifies the user that the file is infected. The user can then delete, or (in some cases) "clean" or "cure" the infected file. Some viruses employ techniques that detection through signatures difficult to do, but probably not impossible. These viruses change their code on each infection. That is, each infected file contains a variant of the virus.
code that is changing, so the code to do the encryption / decryption may be part of the signature in many virus definitions.
Polymorphic code
Polymorphic code is the first technique that made a serious threat to virus scanners. Like regular encrypted viruses, a polymorphic virus infects files with an encrypted copy of itself, which is decoded a decryption module. In the case of polymorphic viruses, however, this decryption module is also modified on each infection. A well written polymorphic virus therefore has no parts that have identical between infections, making it very difficult to detect directly using signatures. Anti-virus software can detect it by decrypting of the viruses using an emulator, or by statistical pattern analysis of the encrypted virus body. To enable polymorphic code, the virus has a polymorphic engine (also or mutating engine or mutation engine) somewhere in an encrypted body. See Polymorphic code for technical details on how such engines operate service Some polymorphic viruses code in a way that mutations of the virus significantly constrains. Could such a virus programmed to mutate only slightly over time, or it can be programmed to refrain from mutating when it infects a file on a computer that already contains copies of the virus. The advantage of using such slow polymorphic code is that makes it difficult for anti-virus professionals to representative samples of the virus to get infected files as bait in a term generally contain the same or similar samples of the virus. This makes it likely that detection by the virus scanner will be unreliable, and that some cases of the virus may be able to avoid detection.
Metamorphic code
To avoid being detected by emulation, some viruses rewrite themselves completely each time they are new executable files to infect. Viruses that use this technique is said that metamorphic. To metamorphosis, a metamorphic engine is needed. A metamorphic virus is usually very large and complex. For example W32/Simile consisted of more than 14,000 lines of assembler code, 90% of that part of the metamorphic engine.
Conclusion
As more users come open nature Internet and understand the dangers of surfing the web, the application of data encryption for joint communication such as e-mail and instant messaging is more likely to be popular. Without this security mechanism, information transmitted via the Internet can easily be captured and viewed by anyone listening. This critical data can be affected in a number of ways, especially when stored in servers that can change hands over the years. When considering how damaging crimes as identity theft on the rise, data encryption is worth pursuing.
 |
No items matching your keywords were found.