Computer Security is the protection of digital information and IT assets from all kinds of malicious threats and attacks. There are different types of computer security which used to protect the organization IT infrastructure.
It is also known as cyber security which is the protection of computer systems such as hardware, software, network and electronic data.
Types of Computer Security
In this post, we will focus on the different types of computer security such as application security, network security, internet security, data security, information security and end user security.
1. Application security
Application security is the types of cyber security which developing application by adding security features within applications to prevent from cyber threats. The threat can be SQL injection, denial of service (DoS) attacks, data breaches or other cyber-attacks.
There are some application security tools and techniques such as firewalls, antivirus software, encryption, and web application firewall which can help to prevent from cyber-attacks.
A web application firewall is designed to protect web applications by filtering and monitoring HTTP harmful traffic. Here are the most used Web Application Firewalls are:
Categories of Application Threats
Here are the most common categories of application threats related to software or application, which are given bellows:
A. Input validation
Input validation or data validation, is the process of correct testing of any input that is provide by a user. It is difficult to detect a malicious user who is trying to attack the software and applications.
So, it should check and validate all input data which will entered into a system.
Here is a list of some of vulnerabilities that could be solved just by validating input.
Authorization is a security mechanism which used to determine user privileges or access of a system resources such as computer programs, files, services, data and application features.
C. Session management
Session management is a process used by the web container to securing multiple requests to a service from the same user or entity. There are two types of session management: one is cookie-based and another one is URL rewriting.
A web administrator uses session management to track the frequency of visits to an application and movement within the site.
Here is a list of some session related vulnerabilities such as:
D. Parameter tampering
Parameter tampering is a technique which malicious hackers attempt to compromise an application through manipulating parameters in the URL string.
It is a simple attack targeting the application business logic in order to modify application data, such as user credentials and permissions, price and quantity of products.
For example, a shopping site uses hidden fields to refer to its items, as follows:
<input type=”hidden” id=”1001” name=”price” value=”500.00”>
Here, an attacker can modify or alter the “value” information of a specific item, thus lowering its cost.
The parameter manipulation related threats like query manipulating query string, form field, cookie or HTTP header.
2. Information security
Information security (IS) is the types of computer security which refers to the process and methodology to protect the confidentiality, integrity and availability of computer system from unauthorized access, use, modification and destruction.
It(IS) focuses on the CIA triad model, which is to ensure confidentiality, integrity, and availability of data, without affecting organization productivity.
3. Network Security
Network security is other types of IT security which process of preventing and protecting against unauthorized intrusion into computer networks.
It is a set of rules and configurations which designed to protect the confidentiality, integrity and accessibility of computer networks system and information using both software and hardware technologies.
Network security methods
There are many methods to improve network security and here we have mentioned the most common network security components.
4. Endpoint Security
Human error is a major weak point which is easily exploited by cyber criminals. End users are becoming the largest security risk in any organizations.
However, end user has no fault of their own, and mostly due to a lack of awareness and ICT policy. They can unintentional open the virtual gates to cyber attackers.
So, that’s why comprehensive security policies, procedures and protocols have to be understood in depth by users who accessing the sensitive information.
It is better to providing security awareness training program to them and should cover the following topics:
- Cyber security threats
- Phishing and Social Engineering attack
- Password creation and usages
- Device Security
- Physical Security
Learn More About Social Engineering Attack
5. Internet Security
Internet security is the important types of computer security which has defined as a process to create set of rules and actions to protect computers system that are connected to the Internet.
It is a branch of computer security that deals specifically with internet-based threats such as:
A Hacker is a person who finds weakness and exploits the vulnerability in computer systems or network to gain access.
Hacking refers to activities that exploit a computer system or a network in order to gain unauthorized access or control over systems for illegal purpose.
Learn more about Hacking
B. Computer viruses
A computer virus is a software program that can spread from one computer system to another computer without the user’s knowledge and performs malicious actions. It has capability to corrupt or damage data, destroy files, format hard drives or make disks unreadable.
There are computer viruses which are as follows:
- Boot Sector Virus
- Direct Action Virus
- Resident Virus
- Macro Virus
- Multipartite Virus
- File Infector Virus
- Browser Hijacker
- Polymorphic Virus
- Web Scripting Virus
Learn More About Computer Virus
A computer virus may spread on your computer and other devices as the following ways:
- Downloads Software Or Files
- E-Mail Attachments
- Phishing Emails
- External Devices
- Online Advertisements
- Click On Malicious File
- Infected Website
- Copying Data From Infected Computer
- Unsolicited E-Mail
- Social Media Scam Links
Learn More About How Computer Virus Spread
C. Denial-of-Service Attacks
A Denial-of-Service or DoS attack is an attack that shut down a system and making it inaccessible to the users. It occurs when an attacker prevents legitimate users from accessing specific computer systems, devices or other resources.
In addition, DoS attack typically flooding a targeted system with requests until normal traffic is unable to be processed, resulting in denial-of-service to users.
Malware is short for “malicious software” that typically consists of software program or code. It is developed by cyber attackers which are designed to extensive damage to data and systems.
The malware is delivered in the form of a link or file over email and it requires the user to click on the URL link or open the file to execute the malware.
There are different types of malware such as computer viruses, spyware, ransomware, worms, Trojan horses, adware, or any type of malicious code.
Learn More About Malware