My name is Taufik Algi Fahri

OS202

View on GitHub

HOME


Top 10 List of Week 02

  1. Cryptography
    Cryptography, or the science of secret writing, is an ancient art. The first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. In data and telecommunications, crypthography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the internet. There are three types of cryptographic algorithms, Secret Key Cryptography (SKC), Public Key Cryptography (PKC), Hash Functions. The three types encryption techniques are optimized for some specific cryptographic application(s).

  2. Access Matrix
    Access matrix is a security model of protection state in computer system that represented as a matrix. Access matrix is used to define the rights of each process executing in the domain with respect to each object. The rows of matrix represent domains and columns represent objects. Each cell of matrix represents set of access rights which are given to the processes of domain means each entry(i, j) defines the set of operations that a process executing in domain Di can invoke on object Oj.

  3. Security
    Security refers to providing a protection system to computer system resources such as CPU, memory, disk, software programs and most importantly data/information stored in the computer system. A computer system must be protected against unauthorized access, malicious access to system memory, viruses, worms, etc. Authentication: refers to identifying each user of the system and asoociating the executing programs with those users. One time passwords: provide additional security along with normal authentication, a unique password is used for only pne time. Implemented in various ways such as random numbers, secret keys, and network password.

  4. Denial of Service
    Denial of service attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash. There are two general methods of DoS attacks, flooding services or crashing services. An additional type of DoS attack is the Distributed Denial of Service (DDoS) attack. DDoS attack occurs when multiple systems orchestrate a synchronize DoS attack to a single target.

  5. Access Contol List
    Access control list is a table that tells a computer OS which asccess rights each user has to a particular system object, such as a file directory or indivial file. Each object has a security attribute that identifies its access control list. The list has an entry for each system user with access privilages. The most common privileges include the ability to read a file or all the files in a directory, to write to the file or files, and to execute the file (if it is an executable file or program).

  6. Metadata
    Metadata is data about data. More specifically, metadata is information used to describe content. The most basic forms of file and folder metadata employed by nearly every operating system are names, paths, modification dates, and permissions.

  7. Session Hijacking
    Session hijacking is an attack where a user session is taken over by an attacker. A session starts when you log into a service, and ends when you log out. The attack relies on the attacker’s knowledge of your session cookie, so it is also called cookie hijacking or cookie side-jacking. To perform session hijacking an attacker needs to know the victim’s session ID (session key). This can be obtained by stealing the session cookie or persuading the user to click a malicious link containing a prepared session ID. If successful, the attacker can then perform any actions that the original user is authorized to do during the active session. Depending on the targeted application, this may mean transferring money from the user’s bank account, posing as the user to buy items in web stores, accessing detailed information for identity theft, stealing clients’ personal data from company systems, encrypting valuable data and demanding ransom to decrypt them.

  8. Gnupg
    GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allow you to encrypt and sign your data and communications. GnuPG also know as GPG is a command line tool with features for easy integration with other applications.

  9. Keystroke Logging
    Keystroke logging is an act of tracking and recording every keystroke entry made on a computer, often without the permission or knowlegde of the user. A keystroke is just any interaction you make with a button on your keyboard. Keylogger tools can either be hardware or software meant to autmate the process of keystroke logging. These tools record the data sent by every keystroke into a text file to be retrieved at a later time.

  10. Trojan Horse
    Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.