Chapter 12 Information Security

1
Chapter 12 Information Security

• By
• Kulachatr Chatrakul Na Ayudhya
• For Naresuan University Payao Campus

2
Objectives

• ??????????????????????????????????????????????????
  ????????????
• ??????????????????????????????????????????
  ?????????????????????????????
• Reference and Guide Book
• ????? ?????????????? ????????????????????????
  ????????????????????
• Whitman , Mattord Principle of Information
  Security , Boston Thomson , 2003
• (ISBN 0-619-06318-1)
• ??????,?????? ??????,????? ????????????????????
  ?????? , ???????
• ????????? ???????????? ?????????? ,
  2545. (ISBN 974-883-120-5)

3
Information Security

• The protection of information and the systems
  and hardware that use ,store ,and transit that
  information. But to protect the information and
  its related systems from danger, such tools as
  policy, awareness ,training and education, and
  technology are necessary.
• ??????????????????????????????????????????????
  ??????????????? ??????????????????????????????????
  ?????????????????????? ?????????? ????????
  ??????? ??????????????????????????????????????
  (Whitman , Mattord p. 9-10)

4
??????????????????????????????????????????????

• Centralization of Information
• (????????????????????????????????)
• Increase of networks (From many Server to many
  Clients)
• (???????????????????????????????????????)
• Related benefit from many of threat
• (?????????????????????????????????????????)

5
???????????????????????????????????????????

• External Environment
• Natural Disaster , Fraud , Theft or Robbery
• Internal Environment
• Hardware failure (???????????????????????
  ?????????????)
• Software failure (?????????? ???????????????)
• Penetration of database (??????????????)
• Terminal sites or clients (?????? Password
  ??????????????????????)
• Personal (????????????????????????)

6
External Environment

• Natural Disaster
• Terrorist and war
• Fraud
• Crime ,Theft or Robbery
• Hacker

7
Internal Environment Personal

• Computer user or Administration team
• Database Manager
• Operator
• System Administrator
• System Programmer
• Application Programmer

8
????????????????????????????????????????

• ?????????????????????????
• ????????????????????????????????????? (Theft)
• ????????????? (Sabotage)
• ????????????????????????????
• Accident ???? ???????? ???????????? ??????
• Natural Disaster ????????????????????
• Terrorist or War ???????????????????????????
• Human Error ????????? ?????? ????????????????????
  ?????????????????????????? ??????????????

9
Major types of IS Security problem

• Human Carelessness
• ?????????????????
• ????????????
• ??????????????????????
• ???????????????????????
• Computer Crime
• ????????????
• ?????????? (????)
• ??????????????
• ??????????????
• ?????????????

• Natural Disaster or Accidental and Political
  Effect
• ?????????????????
• ?????????? ??????? ????
• ?????? ???????
• Hardware/Software Failures
• ???????????????????
• ??????????????????????????
• ????????????
• ???????????????????

10
Computer Crime

• ???????????????????? ??????? ?????????????????????
  IT ??????????????????????????????????????????????
  ????????
• ???????????????????? ?? 4 ?????? ??????
• ???????????????????????????? (Sabotage)
• ????????????? (Theft of Services)
• ???????????????? (Property Crime)
• ?????????????????????? (Financial Crime)

11
Sabotage

• ??????????????????????
• (Physical Destroying)
• ????????????????????? ???? ????????????? (Virus)
  ???????? ????????????????????????????? ????
  ??????????????? (Worm)
• Trojan horse Technique
• Logic Bomb
• Trapdoors Routines
• Hacking
• Computer Virus/Worm

12
Worm

• ??????????????? ??????????????????
  ??????????????????????????????????????????????????
  ??????????????????????????????????????????????????
  ??????????????? Execute File ?????????????????????
  ??????????????????????????????????????????
  ?????????????????? ??????????????????????????????
  
• Worm ?????????????????????
• W32.Sasser.worm
• W32.Spybot.worm
• W32.Blaster.worm
• W32.Netsky.B_at_mm
• W32/Mydoom_at_mm

13
Teenager arrested in 'Blaster' Internet attack

• An 18-year-old high school student suspected of
  creating a version of the virulent "Blaster"
  Internet attack was described by a neighbor
  Friday as "a computer genius," but not a
  criminal.

14
Sven Jaschan Load of the Worm

• ??????? ??????????
• Helmut Trentmann ????????????????? ?????
• Lord of the worm ??????????? 18 ??
  ???????????????????????????? Netsky ???
  Sasser??????????

Sven Jaschan
15
???????????????????? Virus / Worm

• ??????????????????????????????????????????????????
  ??????
• ?????? Download ?????? www.thaicert.nectec.or.th
  ,
• http//it.dusit.ac.th/symantec-removabletools.php
  
• http//it.science.cmu.ac.th/Antivirus/
• ??????????????????????????????????????????????????
  ??? ???? ???????????????
• ?????????? Firewall
• ?????????????????????????? (Virus Scan)
• ?????????????????? Email ????????????????
• ?????????????????????????? (??????????????????????
  ??????????????????????)
• ????????????????????????? Hard Disc

16
Thief of Services

• ????????????????????????????????????????????????
• ????????????????????????????????????
• ??????????????????????????????????????? (Hacking)
• ??????????????????
• ??????????????????? (Copying)
• ????????????? (Shoulder surfing or Window)
• ??????????????????????????????
• ??????????????? (Wiring Trapping)
• ??????????????????????????????????????
• ???????????????????????????????
  ????????????????????????????????????
  ?????????????????????????????????????????

17
Property Crime

• ????????????????????????? Hardware ???
  accessories ????? ???????????????????????
• ??????????????
• Physical Security
• ???????????????????????????????????????????????
  ??????????????????????????????
  ???????????????????????????????????????
• ???????????????????????????????
  ???????????????????????????
• Security Policy
• ?????????????????? ??????????????????????????????
  ??????? ????????????????????????????????
  ???????????????????????????????

18
Financial Crime

• ???????????????????????????????????????????????
• ??????????????????????????????????????????????????
  ?????
• ?????????????? ?/? ??????
• ???????????????????????????
• ????????????????????????????????????????? ?/?
  ?????
• ??????????????????????????????????????????????????
  ??
• ??????????????????????????????????
• ???????????????????????????????????????????
• ??????????????????????????????????????-ATM
• ?????????????????????????

19
??????????????????????????????

• ?????????????????????????????
• ??????????????????????????????? IT
  ???/????????????????
• ?????????????????????????????? IT
  ??????????????????????
• ??????????????????????????????????????????????????
  ??
• ??????????????????????????????????????????????????
  ?????
• ???????????????????????????????????????????
• ????? Password ????????????????????????
  ?????????????????????????????
• ????????????????????????? ????????????????????????
  ????
• ???????????????????????????????????????????
  ?????????????????????

20
??????????????????????????????

• ??????????????????????????????????????????????????
  ????????????????????
• ??????????????????????????????????????????????????
  ??? ??????????????????????????????????????????????
  ???????????????
• ??????????????????????????????????????????????????
  ??????????????????????????????????????????????????
  ???????????????????????? ?????????????????????????
  ????????????????????
• ?????????????????????????????????????????
  ??????????????????????????????????????????????????
  ????????????????

21
End of Chapter

• Aj-Kulachatr Chatrakul Na Ayudhya
• Thank You