Tuesday, May 5, 2020

Network and Security Digital Devices

Question: Discuss about the Network and Security for Digital Devices. Answer: Introduction: The digital devices that are being used everyday are exhibit a major weakness or challenge as the data that are stored in the computer are not encrypted (Henson Taylor, 2013). It is because the technology associated with the encryption is very hard. The technology is not easy to implement so several flaws in technology. Due to absence of encryption, the security is heavily compromised and any device can be used to gather sensitive information. Encryption is scrambling up of present data into a form that cant be logically deciphered; the coding of data allows discrete decoding with help of the rules of coding. Encryption is done for protection of the confidentiality of information. Digital encryption can be performed with the help of hardware and software using a mathematical algorithm. The generated encrypted text is known as the cipher text. It can be referred to as the most effective process of securing data. The encrypted data is then transferred through a medium which need not be secure and reaches the target recipient. The recipient who has the key for decryption decodes the data and retrieves the original text which is called the clear text (Daemen Rijmen, 2013). Full disc encryption or FDE is used for hardware encryption. FDE encrypts all the data available on the hard-disc and doesnt show the data to those doesnt possess the encryption key. The advantage of such encryption is, it allows data privacy even when the hard drive is connected to other system (Chang et al., 2015). Popular operating systems are increasingly offering the services like encryption by default in order to ensure encryption for everyone so that the data of their users are kept safe from thieves and security breaches. Various operating systems who are offering encryption services are Windows, Linux and Mac. The full disk encryption is used in terms of laptops as well as small computing machines. It is because the devices can be lost or stolen. For encrypting all the hard drive one specific key is used. The cost of implementation of full disc encryption is pretty high considering the amount of time, labor and computations involved, but considering the benefits offered by the encryption the cost become inconsiderable. According to the survey conducted by the Ponemon Institute the cost involved for the encryption of the system is around 235 USD but the benefits or the advantages that has been derived from encryption yielded around,650 USD (seagate.com, 2016). The study was invested by various companies like Samsung, Seagate, Toshiba, Micron, etc. thus showing the importance of encryption. There are various advantages of implementation of encryption. The FDE supported by operating system needs no special attention from the user as the encryption is done automatically without special nudging from the user. The encryption and the decryption process are automatic. The FDE is especially useful for the mobile devices which are prone to be theft. Since the encryption key is required for data decoding, absence of such key makes the damage due to theft less devastating as the useful information can t be accessed by the thief (Mller Freiling, 2015). Hence the user can be assured of IP protection. The encryption also assists in meeting and maintaining the regulations. Taken as an example, for protecting the card holder data, the Payment Card Industry makes use of encryption. The main disadvantage with the implementation of disk encryption is the usability of all the data, speed and forgotten key. The data encryption some time makes few data illegible hence creating problem while decrypting. Although companies claim that the effect of encryption upon the system is very less but the size of virtual memory plays a major impact upon the speed of the system. Hence system configuration should always be kept in mind (El-Samie et al., 2013). Last but not the least, the key for decrypting the system is very important and loss of which can lead to data loss which can be very costly. Yes, a person can feel secured and protected after encrypting the disk with the help of the operating system. The device security has been modeled to fend off any attack targeted to the system. But it should be kept in mind that even the strongest of the castle can be compromised, hence safe data practice should always be practiced for best results. The encryption key should also be kept safe to avoid it falling into wrong hand or being forgotten. Secure Networks: New technology has made networks less secure. Discuss and give an example A network is a series of interconnected nodes or communication points connected by the paths called the communication paths. The communication paths could be both wired or wireless and the network could contain sub-network for better management. Network security is the provisions and the policies that are designed by the administrator for monitoring and prevention of unauthorized actions, which includes the modification, denial of services, etc. (Hakansson, 2014). The newer technologies of that are released over the years one after another sound so promising. It is believed that the advancements in science hold the key to radically transform the world and provide better future for the humanity. But the reality is far from what is being propagated. The reality is darker compared to what is being propagated, the increased networking and communication has created security concerns that has helped various criminals around the world for terrorizing people. The technology has made the world more open and this openness has had various unintended consequences (Marc Goodman, 2016). The vulnerabilities are the weaknesses that allow attackers to reduce the assurance of the information of the system. The vulnerability can be understood as the combination of three elements, which are the flaws, attacker and the capability of exploitation of the flaws. The advanced networking technologies like mobile phones, internet, and 3G services have left the world more susceptible to the identity theft, hacking and other associated criminal activities. For interconnectivity organizations use LAN, WAN and mail servers and the hackers are always trying to gain access to the systems (Taylor Fritsch Liederbach, 2014). Although the target of the hackers is mostly the large organization but the threat to the general mass of people is same as the data that are stored in the servers of the large organization is related to people. A recent incident regarding the security breach in DCNS, France has leaked confidential data regarding the Scorpene submarines acquired by India. The deal has compromised bolt to bolt information regarding the war machine which gives the competitors knowledge about the stealth capabilities and the particulars of generated noise level of the submarine. The deal has compromised the investment of 20 billion USD and has created a bad name for the French organization which is about to ink a 50 Million USD deal with Australia (Can French keep a secret?, 2016). The cause of the leak has been sighted as a step to defame the organization and a weapon of economic warfare. The document leak has created a concern in different countries as DCNS is a large organization with advanced security measure to cope up with attacks. The incident also points out that the increased networking has to be taken seriously as it compromises the sensitive data regarding the organization. The reason behind the security breach can be attributed to IP protection and Data Classification and protection (Mo et al., 2014). Intellectual Property (IP) protection is a challenging task as the protection deals with various stages of security for protection and the unorganized nature of the information and the interconnectivity of the todays world make it more difficult. The data classification too is important because assignment of lesser priority to important information makes the information more vulnerable. Due to advanced connectivity the hackers, whose physical presence is not needed for the activity, can easily remove the digital trails which make it more difficult to track the m. Hence a new news article can be noticed everyday in the news paper regarding stepping up of the security in various firms around the world which was pretty uncommon in earlier days (More investment in security solutions needed to combat cyber attacks: FireEye | ET Telecom, 2016). Access Control: Someone says that they wish to protect their desktop PC from a walk-up attacker with a password or passwords. Give them advice and reasons for your advice. Include in your explanation what do FRRs mean when fingerprint scanning is used to secure a PC against walk-up attacks? What might produce high FRRs? Can you think of a way that this problem could be reduced in fingerprint scanning? Walk-up attacks are those security breaches that are done by accessing a computer physically and thus creating a security concern for the organization. In this case the hacker himself walks-up to the computer physically and creates the breach by booting the software into the computer. There are several steps that could be taken to prevent such attack. The first step that has to be taken to prevent such attack is to place the computer in such a place that prevent the sight of the computer screen and keyboard and is placed in such a way that the user of the computer is visible to all. Another step that has to be taken for ensuring the security is to use password for access. Although passwords do have few weaknesses and can be cracked easily, but having a password is better than no security at all. The selected password should be hard to crack, and to ensure that, the chosen password should be at least 8 characters long and should contain alphabets in both small and capital format; it should also contain special characters and numbers for increasing the difficulty of cracking the password. Ideally the password should be as random as possible as the attacks like rainbow attack and hybrid dictionary attack are well capable of cracking any code. It should be ensured that the password is shared with no one; also it should be made sure that the system is locked and needs password for unlocking when leaving the system. The password of the system should be changed every 4 to 6 months to avoid any discrepancy that might have occurred. In case there is fear of locking oneself out of the system, then the password can be kept in a sealed envelope in a very safe place away from the public access. These precautions always help in creating a safe practice and help to fend off walk-up attacks . For better security fingerprint locking can be done, which uses fingerprint of the user to access the system instead of password. If the user wants to make the system more secure both fingerprint and password authentication can be used for accessing the computer. Fingerprint protection is better compared to passwords as biometrics is unique to each individual, plus the cost of the equipment too is cheap which acts as another advantage apart from freedom from remembering a password. But using fingerprint for authentication reduces the diversity of the authentication code that makes the system vulnerable. Apart from the static nature of the fingerprint, there exist methods like gelatin fingerprint generation that makes the system equally vulnerable if not more. FRR (False rejection Rate) and FAR (False Acceptance Rate) are the common terms that are associated with the fingerprint sensors. In biometric sensor the captured comparison data is compared every time the fingerprint sensor or the biometric sensor is used. The acceptance of the fingerprint depends upon the match algorithm that has been installed inside the computer. As the comparison is done with advanced tools, there exist discrepancies those results in faulty acceptance of wrong fingerprint (FARs) or faulty rejection of right fingerprint (FRRs). For a system FARs pose a serious security threat compared to FRRs. FRRs can be accepted to a certain extent. FRRs for walk-up attacks can lead to rejection of legitimate user. There could be various reasons for FRRs, faulty or dirty scanner, even improper placement of the finger or a wrong finger could result in FRRs. Hence high FRRs can be reduced by implementing few preventive measures like cleaning the sensor, cleaning hand of oil for better detection and registering more than one finger for authentication will help in reduction of FRRs. Firewalls: Could malware rename itself in order to get through a firewall? Is this possible? Give examples to support your answer. Malware stands for malicious software and is software that is used to disrupt the services of a computer. The malwares could also be designed for spurious activities like displaying advertisements and were initially known as viruses. Malicious intent is the main reason behind spreading the malware; they are stealthy and quietly steal information from the host and send it to the attacker. Malware is an umbrella term used for various software like worm, adware, spyware, etc. There exists malwares that can rename itself and is often possible to bypass the Anti Virus gateway by simply renaming itself. The renaming involves changing the extension of the file from .EXE or .VBS to arbitrary extensions like .ABC. But the main disadvantage of this alteration is, it needs the user to rename the file as it was for the malware to be effective or functional again. Hence user mistake has to be there for the malware to attack the computer, else the malware remain dormant till the day it is deleted. But through social engineering convincing user has become simple and user often falls prey to such actions and the organizations have suffered the consequences. The self changing (renaming) ability of the malware can be classified into two categories. They are metamorphic and polymorphic malware. These malwares have the ability to change their codes as they propagate. The metamorphic malware rewrite their code with iteration, such that the next version of the malware is different from the preceding one and this makes the detection of the malware very difficult. The present Anti-viruses are designed to undertake the malware with specific signature and the metamorphic viruses dodge them easily. Although the iteration for the malware is same, but the longer it stays in the computer undetected the harder it becomes to detect (Mirzazadeh Moattar Jahan, 2015). The polymorphic malware also change their codes to avoid detection but in this case there are two parts of the malware, one remains constant and the other constantly changes. Due to the constant part, the polymorphic malwares are easier to detect compared to metamorphic malware. But the pol ymorphic malware are encrypted and embedded to an application. When the application is run, the malware decrypts and infects the computer. Once the virus is installed it is again encrypted and attaches itself to another application for infecting other computer making the software invisible to the eye of the Anti Virus software (Cesare Xiang Zhou, 2013). The polymorphic viruses are difficult to write compared to the metamorphic viruses which are more difficult to detect. The possibility of such attack is very rare as constructing the software is extremely difficult. The renaming capability does pose a threat to the security but it doesnt give a free access through the firewall. The security breach totally depends on the capability of the firewall. For an instance is the security settings of the firewall is set to Block port 20 for file transfer protocol (FTP), a malware can access the system during the FTP session. Hence it could be understood that the security settings for detection of malware is very important. Ther could be incidents of malware. Reference material This is a great question to spur student involvement Yes, malware can rename itself. However, this does not mean it will necessarily make it though the firewall. It depends on the type of firewall, and the specific functionality of that firewall. For example, if a firewall is set up to block Port 20 (FTP), a user (or malware) could always tunnel the FTP session through a different port. Also, suppose an application-layer firewall is configured to block all Microsoft databases. A malware writer, or the malware itself, could change the database file extension to get through the firewall. Finally, the firewall could have antivirus filtering capabilities (UTM), or work with another AV appliance. In this case, it's unlikely that the malware could make it through since the AV appliance would be looking for a specific signature. References Henson, M., Taylor, S. (2013, June). Beyond full disk encryption: protection on security-enhanced commodity processors. InInternational Conference on Applied Cryptography and Network Security(pp. 307-321). Springer Berlin Heidelberg. Daemen, J., Rijmen, V. (2013).The design of Rijndael: AES-the advanced encryption standard. Springer Science Business Media. Chang, B., Wang, Z., Chen, B., Zhang, F. (2015, December). Mobipluto: File system friendly deniable storage for mobile devices. InProceedings of the 31st Annual Computer Security Applications Conference(pp. 381-390). ACM. seagate.com. (2016). [online] Available at: https://www.seagate.com/files/staticfiles/docs/pdf/whitepaper/ponemon-software-vs-hardware-tco-paper-executive-summary.pdf [Accessed 26 Aug. 2016]. Mller, T., Freiling, F. C. (2015). A Systematic Assessment of the Security of Full Disk Encryption.IEEE Transactions on Dependable and Secure Computing,12(5), 491-503. El-Samie, F. E. A., Ahmed, H. E. H., Elashry, I. F., Shahieen, M. H., Faragallah, O. S., El-Rabaie, E. S. M., Alshebeili, S. A. (2013).Image encryption: a communication perspective. CRC Press. Hakansson, H. (2014).Corporate Technological Behaviour (Routledge Revivals): Co-opertation and Networks. Routledge. Can French keep a secret?. (2016). Theaustralian.com.au. Retrieved 26 August 2016, from https://www.theaustralian.com.au/opinion/itll-be-50bn-down-the-gurgler-ifthe-french-cant-keep-a-secret/news-story/535be2819009eb7180b468ef5751f7fb Marc Goodman, S. (2016). How technology makes us vulnerable - CNN.com. CNN. Retrieved 26 August 2016, from https://edition.cnn.com/2012/07/29/opinion/goodman-ted-crime/ Taylor, R. W., Fritsch, E. J., Liederbach, J. (2014).Digital crime and digital terrorism. Prentice Hall Press. Mo, S. D., Suh, S. B., Lee, S. M., Jeong, B. D. (2014).U.S. Patent No. 8,904,552. Washington, DC: U.S. Patent and Trademark Office. Cesare, S., Xiang, Y., Zhou, W. (2013). Malwise# x2014; an effective and efficient classification system for packed and polymorphic malware.IEEE Transactions on Computers,62(6), 1193-1206. Mirzazadeh, R., Moattar, M. H., Jahan, M. V. (2015, October). Metamorphic malware detection using Linear Discriminant Analysis and Graph Similarity. InComputer and Knowledge Engineering (ICCKE), 2015 5th International Conference on(pp. 61-66). IEEE.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.