1. INTRODUCTION
It seems that everything relies on computers and the internet now — communication (email, cell phones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else's system? Cyber security involves protecting that information by preventing, detecting, and responding to attacks.
2. ORIGIN OF CYBER SECURITY STANDARDS
Cyber security standards have been created recently because sensitive information is now frequently stored on computers that are attached to the internet. Also many tasks that were once done by hand are carried out by computer; therefore there is a need for Information Assurance (IA) and security. Cyber security is important to individuals because they need to guard against identity theft. Businesses also have a need for this security because they need to protect their trade secrets, proprietary information, and customer’s personal information. The government also has the need to secure their information. This is particularly critical since some terrorism acts are organized and facilitated by using the internet. One of the most widely used security standards today is ISO/IEC 27002 which started in 1995. This standard consists of two basic parts. BS 7799 part 1 and BS 7799 part 2 both of which were created by (British Standards Institute) BSI. Recently this standard has become ISO 27001.
NEED FOR CYBERSECURITY
Individuals and organizations attack and misuse computer systems, creating new Internet threats daily. The number of computer attacks has increased exponentially in the past few years,3 and their severity and sophistication are also growing.4 For example, when the Slammer/Sapphire Worm began spreading throughout the Internet in early 2003, it doubled in size every 8.5 seconds and infected at least 75,000 hosts. It caused network outages and unforeseen consequences such as cancelled airline flights, interference with elections, and ATM failures. The conventional approach to securing computer systems is to design mechanisms such as firewalls, authentication tools, and virtual private networks that create a protective shield. However, these mechanisms almost always have vulnerabilities. They can't ward off attacks that are continually being adapted to exploit system weaknesses, which are often caused by careless design and implementation flaws. This has created the need for intrusion detection, security technology that complements conventional security approaches by monitoring systems and identifying computer attacks. Traditional intrusion detection methods are based on human experts' extensive knowledge of attack signatures (character strings in a message's payload that indicate malicious content). They have several limitations. They can't detect novel attacks, because someone must manually revise the signature database beforehand for each new type of intrusion discovered. And once someone discovers a new attack and develops its signature, deploying that signature is often delayed. These limitations have led to an increasing interest in intrusion detection techniques based on data mining.
3. RELATED RISKS
There are many risks, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. Unfortunately, there's no 100% guarantee that even with the best precautions some of these things won't happen to you, but there are steps you can take to minimize the chances.
Hacker, Attacker and Intruder
These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious activity (stealing or altering information).
3.2. Malicious Code
Malicious code, sometimes called malware, is a broad category that includes any code that could be used to attack your computer. Malicious code can have the following characteristics: It might require you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular web page.
Some forms propagate without user intervention and typically start by exploiting software vulnerability. Once the victim computer has been infected, the malicious code will attempt to find and infect other computers. This code can also propagate via email, websites, or network-based software. Some malicious code claims to be one thing while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.There are various types of malicious code, including viruses, worms, and Trojan horses (see Why is Cyber Security a Problem? for more information). However, the range of consequences varies even within these categories. The malicious code may be designed to perform one or more functions, including
Interfering with your computer's ability to process information by consuming memory or bandwidth (causing your computer to become significantly slower or even "freeze") Installing, altering, or deleting files on your computer Giving the attacker access to your computer Using your computer to attack other computers (see Understanding Denial-of-Service Attacks for more information)Viruses and worms are examples of malicious code.
3.3. Vulnerability
In most cases, vulnerabilities are caused by programming errors in software. Attackers might be able to take advantage of these errors to infect your computer, so it is important to apply updates or patches that address known vulnerabilities. This series of cyber security tips will give you more information about how to recognize and protect yourself from attacks.
5. VARIOUS WAYS TO PROTECT FROM THREATS
Be careful where you post personal information - By limiting the number of people who have access to your contact information or details about your interests, habits, or employment, you reduce your exposure to bullies that you do not know. This may limit your risk of becoming a victim and may make it easier to identify the bully if you are victimized. Avoid escalating the situation - Responding with hostility is likely to provoke a bully and escalate the situation. Depending on the circumstances, consider ignoring the issue. Often, bullies thrive on the reaction of their victims. Other options include subtle actions. For example, if you are receiving unwanted email messages, consider changing your email address. If the bully does not have access to the new address, the problem may stop. If you continue to get messages at your new account, you may have a stronger case for legal action. Document the activity - Keep a record of any online activity (emails, web pages, instant messages, etc.), including relevant dates and times. In addition to archiving an electronic version, consider printing a copy. Report cyber bullying to the appropriate authorities - If you are being harassed or threatened, report the activity to the local authorities. Law enforcement agencies have different policies, but your local police department or FBI branch are good starting points. Unfortunately, there is a distinction between free speech and punishable offenses, but the legal implications should be decided by the law enforcement officials and the prosecutors. Depending on the activity, it may also be appropriate to report it to school officials who may have separate policies for dealing with activity that involves students. Use and maintain anti-virus software - Anti-virus software recognizes and protects your computer against most known viruses, so you may be able to detect and remove the virus before it can do any damage. Because attackers are continually writing new viruses, it is important to keep your definitions up to date. Use caution with email attachments - Do not open email attachments that you were not expecting, especially if they are from people you do not know. If you decide to open an email attachment, scan it for viruses first. Not only is it possible for attackers to "spoof" the source of an email message, but your legitimate contacts may unknowingly send you an infected file. Be wary of downloadable files on web sites - Avoid downloading files from sites that you do not trust. If you are getting the files from a supposedly secure site, look for a web site certificate. If you do download a file from a web site, consider saving it to your computer and manually scanning it for viruses before opening it. Keep software up to date - Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it. Take advantage of security settings - Check the security settings of your email client and your web browser. Apply the highest level of security available that still gives you the functionality you need. Does business with credible companies - Before supplying any information online, consider the answers to the following questions: do you trust the business? Is it an established organization with a credible reputation? Does the information on the site suggest that there is a concern for the privacy of user information? Is there legitimate contact information provided? Do not use your primary email address in online submissions - Submitting your email address could result in spam. If you do not want your primary email account flooded with unwanted messages, consider opening an additional email account for use online. Make sure to log in to the account on a regular basis in case the vendor sends information about changes to policies. Avoid submitting credit card information online - Some companies offer a phone number you can use to provide your credit card information. Although this does not guarantee that the information will not be compromised, it eliminates the possibility that attackers will be able to hijack it during the submission process. Devote one credit card to online purchases - To minimize the potential damage of an attacker gaining access to your credit card information, consider opening a credit card account for use only online. Keep a minimum credit line on the account to limit the amount of charges an attacker can accumulate. Avoid using debit cards for online purchases - Credit cards usually offer some protection against identity theft and may limit the monetary amount you will be responsible for paying. Debit cards, however, do not offer that protection. Because the charges are immediately deducted from your account, an attacker who obtains your account information may empty your bank account before you even realize it.6. TESTING THE PROTECTED PRIVACY
Privacy policy - Before submitting your name, email address, or other personal information on a web site, look for the site's privacy policy. This policy should state how the information will be used and whether or not the information will be distributed to other organizations. Companies sometimes share information with partner vendors who offer related products or may offer options to subscribe to particular mailing lists. Look for indications that you are being added to mailing lists by default—failing to deselect those options may lead to unwanted spam. If you cannot find a privacy policy on a web site, consider contacting the company to inquire about the policy before you submit personal information. Evidence that your information is being encrypted - To protect attackers from hijacking your information, any personal information submitted online should be encrypted so that it can only be read by the appropriate recipient. Many sites use SSL, or secure sockets layer, to encrypt information. Indications that your information will be encrypted include a URL that begins with "https:" instead of "http:" and a lock icon in the bottom right corner of the window. Some sites also indicate whether the data is encrypted when it is stored. If data is encrypted in transit but stored insecurely, an attacker who is able to break into the vendor's system could access your personal information.7. CONCLUSION
If you have read this far, you will have seen that attacker sophistication seems to be ahead of defensive tools. That is the nature of the war between hackers and defenders: the attackers are always a step ahead. But by making the attackers' job harder and harder and by increasing the length of goal sentences for cyber crime and improving international police co-operation and skill levels, we can continue to keep up with the attackers and, over time, begin to turn the tide.
ACKNOWLEDGEMENT
First, I would like to thank Almighty for His blessings towards the successful completion of this survey paper. I would like to extend my gratitude to my Husband Mr. M. S. Raja Sekaran for his moral support and co-operation.REFERENCES
[1] Rice’s theorem. http://en.wikipedia.org/wiki/Rice’s_theorem
[2] K. Beck. Test Driven Development: By Example. Addison-Wesley Professional, 2002.
[3] S. S. Brilliant, J. C. Knight, and N. G. Leveson. Analysis of faults in an N-version software experiment. IEEE Transactions on Software Engineering, 16:238–247, 1990.
[4] E. M. Clark, O. Grumberg, and D. A. Peled. Model Checking. MIT Press, 1999.
[5] S. A. Kauffman. The Origins of Order: Self-Organization and Selection in Evolution. Oxford University Press, 1993.
[6] B. Littlewood, P. Popo, and L. Strigini. Modeling software design diversity. ACM Computing Surveys, 33:177–208, June 2001.
[7] J. Oberheide, E. Cooke, and F. Janhanian. CloudAV: N-version antivirus in the network cloud. In Proceedings of the 17th USENIX Security Symposium, San Jose, CA, July 2008.
[8] B. Salamat, T. Jackson, A. Gal, and M. Franz. Intrusion detection using parallel execution and monitoring of program variants in user-space.
ROSILINE JEETHA B.
LECTURER, DEPARTMENT OF MCA
RVS COLLEGE OF ARTS & SCIENCE
COIMBATORE ? 641 402
0 comments:
Post a Comment