Cyber Security Awareness -Free-Samples for Students- Myassignment

Question: Discuss about the IT Secruity. Answer: IT securityis the safety of various computer systems from the destruction or theft to the information, software or hardware, as well as from distortion or misleading of all the services provided by them (Behnia, Rashid Chaudhry, 2012). There are various types of IT securities for example, firewalls, encryption, access control, secured networks, and passwords. All these techniques are utilized to make the security of the computer systems strong. The following essay outlines the four basic types of computer security techniques. The four basic types of computer security are encryption, secured networks, access control and firewalls (Abawajy, 2014). This essay covers all the required details of the four mentioned computer securities. The description of above discussion is given below. Encryption: Encryptionis the procedure of concealing a data or message in such a way that only sanctioned users will be access it in cryptography. It does not prevent itself interference, but rejects to a would be interceptor, the understandable content. The expected data or message, which is cited to as aplaintext, is concealed using an encryption algorithm, originatingcipher textthat can only be read if decoded in an encryption algorithm (Lewko, Waters, 2012). An encryption algorithm usually utilizes apseudo randomencryption key produced by an algorithm for various technical reasons. It is in moral possibility to decode the data without getting the encryption key. However, for a well designed encryption algorithm, major computational skills and resources are needed. A sanctioned recipient can decode the data easily with the encryptionkeygiven by the generator to receivers however, never to the unauthorized users (Biham Shamir, 2012). The advantages of encryption are as follows: i) Security: The major advantage of encryption is the security. Data is endangered whenever it is relocated from one place to another. Therefore, it is evident that data or message should be secured before relocation. Encryption plays the important role in such cases. It produces a perfect key that will help the sender to encrypt his data and another key is given to the receiver, who can decode that message. ii) Integrity: Encryption maintains integrity in data. There is always a high chance that hackers can steal and alter data when they sent (Lewko Waters, 2012). Encryption saves the data integrity and hackers are unable to crack it. Privacy: Encryption is utilized to protect the data and thus can be claimed as privacy protector. When a sender is trying to send a data, there is a high chance that the hackers can read the entire message without the senders concern. Due to the key provided by encryption algorithm, hackers are unable to steal the data or message and the privacy is maintained Compliance: Many organizations have various compliance policies to maintain the privacy of the data (Biham Shamir, 2012). Encryption is a part of all these compliance policies. Symmetric Key: Symmetric key algorithms are cryptographic algorithms, which utilize the identical cryptographic keys for both encoding of the plain text and decoding of the cipher text. In this type of encryption algorithm, both the sender and the receiver have the same key for encryption and decryption. The main advantage of this algorithm is that the complexity is reduced as the encoding and the decoding is done with the same key and the data is extremely secured (Agrawal Mishra, 2012). Another advantage of symmetric key is that it is relatively fast because of its simplicity. However, in spite of having so many advantages, symmetric key cryptography do has some major disadvantages. The main disadvantage of this algorithm is that the key is shared, since both the sender and receiver uses the same key. Another key disadvantage of this algorithm is that if the key is lost, there is a high chance that the data cannot be decoded. Public Key: Public key or asymmetric key algorithms are just the opposite to symmetric key. Here the sender and the receiver of the data use two different keys for encoding and decoding the message (Abawajy, 2014). The major advantage of this algorithm is that security is higher than symmetric key algorithm as the key is not shared amongst the sender and receiver. The disadvantage of this algorithm is that it is slower than the symmetric key algorithm. Hashing: Hashing is a type of cryptographic security that is different from encryption. In encryption, only two steps are required, that is first the message is encoded and then the message is decoded (Sobti Geetha, 2012). Whereas in hashing, the message is concealed into an irreparable value of fixed length, which is also known as hash. Symmetric key encryption and Public key encryption are used for confidentiality that is these two algorithms keep the data confidential and secured from intrusion. Whereas, hashing technique is used for authentication as it mains the authenticity of the data (Lewko Waters, 2012). There are various hash functions, which have many security applications like digital signatures that maintain the authenticity. Secure Networks: An organization is always unsafe, when it comes to its security of information. It is the responsibility of the security administrator of that organization, to stop or mitigate any kind of security issues. A major problem of security in any organization is the Denial of Service attacks or DoS attacks (Stallings Tahiliani, 2014). This attack is a type of cyber attack, where the illegal person or the hacker seeks to build a network resource or a machine unavailable to the authorized users by unspecified or temporary disruption of services of a host that is connected to the internet. DoS is usually executed by blocking the service of the user by the hacker. The illegal person or the hacker comes in between the service of the Internet. The main aim is to overload the systems so that the user is unable to use them (Perlman, Kaufman Speciner, 2016). There are various type of Denial of Service attacks. They are as follows: Distributed Denial of Service: In distributed Denial of Service attacks, the hacker utilizes more than one distinctive IP address (Zhang et al., 2015). Most of the time the hacker uses thousands of distinctive IP addresses. The user gets confused that from which IP address hacking is done. Application Layer Attacks: This type of denial of service attacks is different from the distributed denial of service attacks. Here, the hackers focus on the application layer of the Open Systems Interconnection or OSI model. The attack exercises distinct aspects or functions of a particular website with a wrong intention of disabling the aspects and the functions (Yu, 2014). This application layer denial of service attacks are way different than the complete network attack and are mainly utilized against various financial institutions to distract the IT professionals for breaching. An organization is mainly faces the DDoS or the Distributed Denial of Service attacks (Tan et al., 2014). However, the security administrator can take various ways to make their security strong. The two ways to mitigate or stop DDoS in the organization are as follows Firewalls: Deploying a firewall or an anti virus program can help to prevent Denial of Service attacks in an organization. The antivirus program or the firewall restricts the usage of bandwidth to the authorized users only. When the hacker or the intruder tries for denial of service attack, the firewall or the antivirus program stops him. Often, the hacker gets exposed through the firewall. It is a security system of network, which detects and manages the outgoing and the incoming network traffic that is based on previously determined security rules (Tan et al., 2014). An antivirus program usually installs a barrier between the secured network and any other outside network for example the Internet. Firewalls are sub divided into host-based firewalls or network firewalls. Host-based firewalls provide one layer of software on any one host, which manages network traffic. Traffic is filtered within two or more networks in network firewalls (Stallings Tahiliani, 2014). These networks are either hardware based firewalls or general-purpose hardware or software appliances. These two types of firewalls can prevent DoS attacks and can protect the organization. Server Configuration: This configuration of servers can help to decrease the chances of attacks (Zhang et al., 2015). The security administrator or an organization looks at the network configurations and makes the firewall policies strong enough to block the unauthorized users from addressing the resources of the server. The server is secured and configured and thus, it helps the users to stop and mitigate hacking. Passwords are important for all systems to stop hacking (Perlman, Kaufman Speciner, 2016). When the firewall is installed, the hacker is not able to find out the server and even if he is able to find out, he cannot enter or make any changes in the server and finally DoS attack can be prevented. The above-mentioned two ways can be useful for the system administrator to make his organization safe and secured from Denial of Service attacks. Access Control: This is another way of securing the IT systems. Access control is the choosy limitation of access to a particular resource or place (Choi, Choi Kim, 2014). The term access control refers to the practice of limitation of entry to a folder, file or system. Physical access control can be attained by an individual through various ways like locks and keys or through technical means like the access control systems. The security administrator of an organization has the responsibility to control the access of his systems (Ruj Nayak, 2013). There are certain rules for working in secure areas. The rules are as follows: Maintaining Integrity: When a user accesses a system, he/she should maintain the integrity of the system (Zhang et al., 2015). All the employees and the staff members of the organization should maintain the integrity of all the resources of internet. Actions Limited: All the actions and activities of all the employees should be limited that means; internet should not be used for personal purposes (Li, 2013). The users should be authorized and sanctioned Login Required: All employees should login and the information should be secured. Password: All systems should be password protected. Trash or recycle bin is a temporary storage for various files which are deleted by the user. However, the deleted files does not get permanently erased from the system (Hu, 2013). The user has to manually erase from the computer and only the files will be permanently deleted. There is an option to undelete or recover those files from the computer and they will be again saved in the previous location. In the trash folder, a record is stored of each file and the main location of the directory. On definite operating systems, different files are carried out from the trash bin only before they can again be used (Perlman, Kaufman Speciner, 2016). Whether or not the files that are deleted by a particular program automatically move to the recycle bin is dependent on its degree of amalgamation with a particularfunction and its desktop environment. The lower level advantages usually surpass the layer completely and remove the files immediately. A particular program, which includes the file ma nager functionality, may or may not forward files to the trash bin, or it may enable the user to select within those options (Li, 2013). Trash bins can be protected with the help of certain security like passwords. These passwords are to be changed from time to time, so that unauthorized users are unable to access them. There is always a danger or risk for unauthorized computer access in any system. However, this can be controlled with various techniques (Stallings Tahiliani, 2014). The different techniques to mitigate or reduce the desktop PC theft or unauthorized computer access are as follows: i) Use of passwords: Every system should be password protected, so that there will be no risk of fake access of devices or systems. ii) Antivirus: All systems should be antivirus protected so that there is no chance of virus or malware attacks. iii) Up to Dated Software: This is another technique of reducing the risk of unauthorized access to the computers. Software plays an important role in the access control of any computer (Zhang et al., 2015). Therefore, the software should be up to dated regularly to avoid hackers and wrong access to desktops. iv) Software Security: Security of the installed software should be verified without failure (Perlman, Kaufman Speciner, 2016). This is another technique of reducing the risk of unauthorized access. v) Firewalls: All systems should have their own personal firewalls that can protect the system from being hacked by intrusions. vi) Early backups: This is another important technique for reducing the risk of desktop PC theft. Backups should taken time to time. vii)Protection from power losses: The desktop should be protected from any type of power losses and surges (Hu, 2013). viii) Safe Internet Surfing: Unauthorized websites lead to hacking. Internet surfing should be safe and secure. Firewalls: Firewall is a security system of network, which detects and manages the outgoing and the incoming network traffic that is based on previously determined security rules (Salah, Elbadawi Boutaba, 2012). An antivirus program usually installs a barrier between the secured network and any other outside network for example the Internet. Firewalls are sub divided into host-based firewalls or network firewalls. Host-based firewalls provide one layer of software on any one host, which manages network traffic. Traffic is filtered within two or more networks in network firewalls (Dhage Meshram, 2012). These networks are either hardware based firewalls or general-purpose hardware or software appliances. IDS: Intrusion Detection System is an application of software, which detects the systems or the networks for any type of violations in policies and malicious activities (Li, 2012). When any type of intrusion is detected in the system, it is immediately informed to the administrator or recorded through a system known as Security Information and Event Management or SIEM. This SIEM system amalgamates the outputs from the various sources and utilizes techniques for filtering the alarm to identify the malicious activities from false alarms. There are two types of filtering IDS use. They are as follows: a) Deep Packet Inspection: Deep packet inspection or DPI in short is a type of packet filtering of computer network, which evaluates the part of data of a particular packet as it passes through a point of inspection (Stewart, 2013). It searches for non compliance protocol, intrusions, spam, virus or defined criteria to determine whether that packet should pass or routing is needed towards a different destination. There is another purpose of storing statistical information, which works at the Application Layer of the Open Systems Interconnection or OSI model. There are various ways to attain packets for deep packet inspection. Span Port or Port Mirroring is the most common way for acquiring packets (Liao, 2013). Deep Packet Inspection allows security functions, user service, advanced network management, internet censorship, eavesdropping and internet data mining. DPI is utilized in a broader range of applications, at the so called enterprise level that is the larger institutions and t he corporations in the service providers of telecommunications and also in governments. DPI helps them to secure their internet service providers and internal networks (Dhage Meshram, 2012). Other uses are quality of service, lawful intercept, targeted advertising, copyright enforcement, policy definition and enforcement and offering tiered services. b) Packet Stream Analysis: A packet analyzer or a packet sniffer is a computer program, which can log and alter traffic that crosses over a part of a network or a digital network. When the data streams flow through the network, the packet analyzer captures each of the packet and whenever needed, can decrypt the raw data of the packet. This shows the values of different packet fields and evaluates the content accordingly. The process of logging and altering or intercepting data is known as packet capture (Li, 2012). On LANs like FDDI networks, Token Ring and Ethernet, the traffic can be captured on either parts of the network or the entire network from a single machine. However, some of the methods often avoid narrowing of traffic to obtain access by specific switches to traffic from all other systems. The example of this is the ARP Spoofing. In network monitoring purposes, all the data packets are monitored by utilizing a network in a LAN with a monitoring port (Salah, Elbadawi Bout aba, 2012). This monitoring port mirrors all the packets, which crosses through all of the ports of the switches, when the systems are connected to a switch port. The main uses of packet analyzers are as follows: Monitor usage of network Analyze problems of network Detect misuse of network by various users Obtain information for the intrusion of network Monitoring data in motion (Stewart, 2013). Detecting attempts of network intrusion Isolating exploited systems Filter suspected content from network traffic Spy on other network users Therefore, from the above discussion it can be concluded that IT security is important for all computers and there are various techniques for security. The above assignment contains four important techniques of IT security with proper details References Abawajy, J. (2014). User preference of cyber security awareness delivery methods.Behaviour Information Technology,33(3), 237-248. Agrawal, M., Mishra, P. (2012). A comparative survey on symmetric key encryption techniques.International Journal on Computer Science and Engineering,4(5), 877. Behnia, A., Rashid, R. A., Chaudhry, J. A. (2012). A survey of information security risk analysis methods.SmartCR,2(1), 79-94. Biham, E., Shamir, A. (2012).Differential cryptanalysis of the data encryption standard. Springer Science Business Media. Choi, C., Choi, J., Kim, P. (2014). Ontology-based access control model for security policy reasoning in cloud computing.The Journal of Supercomputing,67(3), 711-722. Dhage, S. N., Meshram, B. B. (2012). Intrusion detection system in cloud computing environment.International Journal of Cloud Computing,1(2-3), 261-282. Hu, V. C., Ferraiolo, D., Kuhn, R., Friedman, A. R., Lang, A. J., Cogdell, M. M., ... Scarfone, K. (2013). Guide to attribute based access control (ABAC) definition and considerations (draft).NIST special publication,800(162). Lewko, A. B., Waters, B. (2012, August). New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques. InCRYPTO(Vol. 7417, pp. 180-198). Li, J., Chen, X., Li, J., Jia, C., Ma, J., Lou, W. (2013, September). Fine-grained access control system based on outsourced attribute-based encryption. InEuropean Symposium on Research in Computer Security(pp. 592-609). Springer, Berlin, Heidelberg. Li, Y., Xia, J., Zhang, S., Yan, J., Ai, X., Dai, K. (2012). An efficient intrusion detection system based on support vector machines and gradually feature removal method.Expert Systems with Applications,39(1), 424-430. Liao, H. J., Lin, C. H. R., Lin, Y. C., Tung, K. Y. (2013). Intrusion detection system: A comprehensive review.Journal of Network and Computer Applications,36(1), 16-24. Perlman, R., Kaufman, C., Speciner, M. (2016).Network security: private communication in a public world. Pearson Education India. Ruj, S., Nayak, A. (2013). A decentralized security framework for data aggregation and access control in smart grids.IEEE transactions on smart grid,4(1), 196-205. Salah, K., Elbadawi, K., Boutaba, R. (2012). Performance modeling and analysis of network firewalls.IEEE Transactions on network and service management,9(1), 12-21. Sobti, R., Geetha, G. (2012). Cryptographic hash functions: a review.IJCSI International Journal of Computer Science Issues,9(2), 461-479. Stallings, W., Tahiliani, M. P. (2014).Cryptography and network security: principles and practice(Vol. 6). London: Pearson. Stewart, J. M. (2013).Network Security, Firewalls and VPNs. Jones Bartlett Publishers. Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R. P. (2014). A system for denial-of-service attack detection based on multivariate correlation analysis.IEEE transactions on parallel and distributed systems,25(2), 447-456. Yu, S. (2014).Distributed Denial of Service Attack and Defense(pp. 15-29). Springer New York. Zhang, H., Cheng, P., Shi, L., Chen, J. (2015). Optimal denial-of-service attack scheduling with energy constraint.IEEE Transactions on Automatic Control,60(11), 3023-3028.