New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Computer Security

by: Nick Rowe

Computer Security CS 42600

Nick Rowe
GPA 3.68

Cristina Nita-Rotaru

Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Cristina Nita-Rotaru
Class Notes
25 ?




Popular in Course

Popular in ComputerScienence

This 31 page Class Notes was uploaded by Nick Rowe on Saturday September 19, 2015. The Class Notes belongs to CS 42600 at Purdue University taught by Cristina Nita-Rotaru in Fall. Since its upload, it has received 72 views. For similar materials see /class/208079/cs-42600-purdue-university in ComputerScienence at Purdue University.

Similar to CS 42600 at Purdue

Popular in ComputerScienence


Reviews for Computer Security


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/19/15
C8426 Computer Security Lecture 1 Class overview Cristina NitaRotaru Lecture 1 Spring 2009 1 CHEN75 Nias oialu INTERNATIONAL iigmiil mgw Europe ii Business Cullure Sports Opinion Anaum aler mu Maul qgmqarm macaw mumsw Web becomes a battleground in Russia Georgia con ict n John Marko mum mmmm e M Ni ii SAN FRANCISCO Weeks before p E i AM eecrgia a security researcner in 5H watching arr anack nysicai bombs sianedfaiimg eri human Massachuseus was againsi the country in cyberspace Icse Nazana of Arbor Nemems in Lexington named mere was a sirearii of daka dimmed at Geergian gnvemmem siies containing me message wintiove irw usia mner Imemel experts in me United Siaxes said me anacke againsx Georgia s Inieriiex infraskmcmre began as eany as Juiy 20 wiin couvdmaked barrage 07 miiiions of requesis 7 known as dismme demai m senice or a 005 anacks smai evenoaaen cenain seergian servers iiin i i i Lecture 7 Spring 2009 ninnrc e71l39cu urki ums Magazine mEnMEsMAmNE TSTVLE KEY P FREE BODY MAKEOVER Take our survey to quahfv As seen On CNN NBC amp Fox News a cuMMENrS am Jane Flatten gestured blearyreyed into the secure mom lled wiLh mm m 7 EM ti nh n ng ma mes n was 3 a m on Nov 7 a d she had been working WWW CHEN75 NISVROISIU Lecture 7 SDIHg 2009 cusnna NitarRotaru Home NewsBdBlogs Wdeos an white Papers Stolen rugs Gquot M Google employees39 personal d cnamew a rumMW Annun F mma S d 26TalkBank 751 917 ad ZDNetAustraha muted p cm m ZDNatNaws M 3 2mm 4 s an rm Gongle has eanmmed that aersana data of us emplayees mred prior to was have been stolen m a eent burglary Records Kept at Co t Express Outsourcan Serwees an externa company sdddxe and dtner edm ameseseta hanme neman re ees Unctmns391ere5toen m a urg ary an M unmsdosed nemaer dr moyees detaus and tndse dr dependents seen as names addresses and Secla Secu tv numbers were dn en edmpdters xt rs enderstddd tnat cmt am not emp oy encryptmn to protect tne nformatmn k s stm areaen endear how many more dr Cmt Express chants were a ected by tne 555 my Nztwnrks pubhsher dr News mm was arse arreated bv the burg aw mtn about 6500 emmdrees deta sno en A thnugh tnere 5 nd ewdenee or mrsdse drtne data to date the nformatmn obtamed Comm be dsed by Mammy waves to create Fake accounts and mermth IE5 DNV ddme ta ndnt new tnat Gnome was one or tne cumuames affected Lecture 7 Spung 2009 Gov username Real Wurld Trends and Real Wurld smmmns Aemam Feamrmg Eric Byresand Alan Paller Password Sponsored by El share my Info wum sponsnr syrnantec r m m m pmzzz FAQ Fm Trauma 5mm you need no reglslerwlm me smvs Dmtal m be able wsngn m Webcasl Overview Featunn an Ewes Alan Faner Bryan amannx Geral o keep mm 7 l5 we need to seure SCADAsyslems 3 mm me m m r easy The r Mm mum to pumyueamn and managemennar new Industry regmamns like NERC UP mzwa cnsnna Nita oraru Lecture 7 Spung 2009 Why do so many security incidents happen Cn39stina NitaRotaru Lecture 1 Spring 2009 Causes of Software Security Incidents Buggy software and wrong configurations Unsafe program languages Complex programs Security considered rather an addon Awareness and education Few courses in computer security Programming text books do not emphasize security Usability Security sometimes makes things harder to use Economic factors Consumers do not care about security Security is difficult expensive and takes time Few security audits Human nature Cn39stina NitaRotaru Lecture 1 Spring 2009 Software and Hardware Factor Malware Spyware Distributed denial of service Computer breakins Email spams Identity theft Botnets Electronic voting machines Cn39stina NitaRotaru Lecture 1 Spring 2009 Human Factor Who are the attackers bored teenagers criminals organized crime organizations rogue states industrial espionage angry employees Why do they attack systems enjoyment curiosity fame profit Cn39stina NitaRotaru Lecture 1 Spring 2009 CERT Vulnerabilities Reported 9000 8000 7000 6000 5000 4000 3000 2000 1000 0 1995 1997 1999 2001 2003 2005 2007 httpwwwcertorgstats 10 Cn39stina NitaRotaru Lecture 1 Spring 2009 Information Security NETWORK SECURITY MPUTER s x i quot INFO 39 A e w SECURITY Cn39stina NitaRotaru Lecture 1 Spring 2009 11 Why Study Information Security JOB SECURITY Eggs AS A COMPUTER SCIENTIST IS YOUR RESPONSABILITY TO UNDERSTAND THE PROBLEMS 0 SOME OF YOU WILL BE INVOLVED IN FIXING THE PROBLEMS Cn39stina NitaRotaru Lecture 1 Spring 2009 12 What is This Course About Learn to think about security Threats defenses policies Software human and environment factors Think as an attacker Learn to identify threats Think as a security designer Learn how to prevent attacks andor limit their consequences Understand and apply security principles Learn tools that can defend against specific attacks no silverbullet solution Cn39stina NitaRotaru Lecture 1 Spring 2009 Course Outline Review of cryptography Programming security Operating systems security Database security Network security Legal and ethical issues Cn39stina NitaRotaru Lecture 1 Spring 2009 Course Information Meetings MWF 12301320pm Jan12 Apr 30 LWSN 1106 Professor contact info Office LWSN 2142J Email crisncspurdueedu Office hours by appointment TA Jing Dong Email dongjcspurdueedu Class webpage httpwwwceriaspu rd ueed ucrisncoursescs426Sp ng2009 Cn39stina NitaRotaru Lecture 1 Spring 2009 15 Written Assignments 2 written theoretical assignments Every student gets 3 extra days that he can Cn39stina NitaRotaru use for these assignments Email me and the TA with name and number of extra days used for an assignment After using your 3 extra days no late homework will be accepted Lecture 1 Spring 2009 16 Programming Projects 3 Programming projects Every student gets 5 extra days for the programming projects Programming projects are individual Programming projects are assigned by me Cn39stina NitaRotaru Lecture 1 Spring 2009 17 Midterm and Final Exams Midterm is one hour Final is 2 hours We will have review for the midterm and final We will discuss the midterm in class Cn39stina NitaRotaru Lecture 1 Spring 2009 18 Class Attendance and Notes STRONGLY RECCOMENDED Ifyou need to miss class let me know Slides will be made available online before lecture but YOU ARE STRONGLY RECCOMENDED TO TAKE NOTES Cn39stina NitaRotaru Lecture 1 Spring 2009 19 Grading Policy Cn39stina NitaRotaru Written assignments Programming projects Midterm Final Class participation Lecture 1 Spring 2009 15 30 15 30 10 20 Reg rading YOU HAVE 1 WEEKto ASKfor REGRADING of a homework or project Cn39stina NitaRotaru Lecture 1 Spring 2009 21 Reference Material Textbook 39 Security in Computing C P eeger and S L P eeger Additional reading will be assigned in class Cristina NitaRotaru Lecture 1 Spring 2009 22 Security Goals Confidentiality secrecy privacy only those who are authorized to know can know Integ rity only modified by authorized parties and in authorized ways Availability those authorized to access can get access Cn39stina NitaRotaru Lecture 1 Spring 2009 23 Terminologies Vulnerabilities weaknesses Threats potential scenario of attack Attacks Controls security measures Cn39stina NitaRotaru Lecture 1 Spring 2009 24 Methods of Defense Prevention Deterrence Deflection Detection Recovering Cn39stina NitaRotaru Lecture 1 Spring 2009 25 Controls Encryption Software controls Hardware controls Policies and procedures Cn39stina NitaRotaru Physical controls Lecture 1 Spring 2009 26 Security Principles Principle of weakest link A system is as secure as its weakest link Principle of adequate protection Maximize utility while limiting risk to an acceptable level within reasonable cost Principle of effectiveness Controls must be efficient easy to use appropriate and psychological acceptable Kerkoff s principle System design should be known security relies on secrecy of secret key Cn39stina NitaRotaru Lecture 1 Spring 2009 27 Layers of Computer Systems Computer systems have multiple layers Hardware Operating systems System software eg databases Applications Computer systems are connected through networks Computer systems are used by humans Cn39stina NitaRotaru Lecture 1 Spring 2009 28 Ethical Use of Security Information We discuss vulnerabilities and attacks Most vulnerabilities have been fixed Some attacks may still cause harm Do not try these at home Purpose of this class Learn to prevent malicious attacks Use knowledge for good purposes Cn39stina NitaRotaru Lecture 1 Spring 2009 29 Readings for This Lecture Security in Computing Chapter 1 Introduction Cn39stina NitaRotaru Lecture 1 Spring 2009 30 Next 2 weeks Review of Cryptography First project will be assigned at the end of week 2 Cn39stina NitaRotaru Lecture 1 Spring 2009 31


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Allison Fischer University of Alabama

"I signed up to be an Elite Notetaker with 2 of my sorority sisters this semester. We just posted our notes weekly and were each making over $600 per month. I LOVE StudySoup!"

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Parker Thompson 500 Startups

"It's a great way for students to improve their educational experience and it seemed like a product that everybody wants, so all the people participating are winning."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.