Back to Threads
Tags: Cyber Security, Cybersecurity, Methods
There are many cyber security techniques to combat cyber security attacks. This is also important to learn because hackers and criminals have become technologically more advanced.
It is a process of identifying an individual and ensuring that the individual is the same as he or she claims to be. A typical method for authentication over the internet is via username and password. With the increase in the reported cases of cybercrime by identity theft over the internet, organizations have made some additional arrangements for authentication like One Time Password (OTP).
As the name suggests OTP is a password that can be used one time only and is sent to the user as an SMS or an email at the mobile number/email address that he or she has specified during the registration process. It is known as the two-factor authentication method and requires two types of evidence to authenticate an individual to provide an extra layer of security for authentication. Some other popular techniques for two-way authentication are:
which are used in conjunction with username and password.
Authentication has become more important because today multinational organizations have changed the way the business was to be say 15 years back. They have offices present around the Globe, and an employee may want access which is present in a centralized server.
Or an employee is working from home and not using the office internet and wants access to some particular file present in the office network. The system needs to authenticate the user and based on the credentials of that user, may or may not provide access to the information he requested.
The process of giving access to an individual to certain resources based on the credentials of an individual is known as authorization. Now, one can easily understand the role of strong passwords for authorization to ensure cyber security. An easy password can cause security flaws and can put the whole organization at high risk. Therefore, the password policy of an organization should be such that employees are forced to use strong passwords (more than 12 characters and a combination of lowercase and uppercase alphabets along with numbers and special characters) and prompt user to change their password frequently. In some of the bigger organizations or organizations that deal in sensitive information like defense agencies, financial institutions, planning commissions, etc a hybrid authentication system is used which combines both the username and password along with hardware security measures like biometric systems, etc. Some of the larger organizations also use VPN (Virtual Private Network), which is one of the methods to provide secure access via hybrid security authentication to the company network over the Internet.
It is a technique to convert the data to an unreadable form before transmitting it over the internet. Only the person who has access to the key and convert it into a readable form and read it. Formally encryption can be defined as a technique to lock the data by converting it to complex codes using mathematical algorithms. The code is so complex that even the most powerful computer will take several years to break the code. This secure code can safely be transmitted over the internet to the destination. The receiver, after receiving the data can decode it using the key. The decoding of the complex code to the original text using a key is known as decryption. If the same key is used to lock and unlock the data, it is known as symmetric key encryption.
In symmetric key encryption, after the coding of data, the key is sent to the destination user via some other medium like postal service, telephone, etc. because if the key is obtained by the hacker, the security of the data is compromised. Key distribution is a complex task because the security of the key while transmission is itself an issue. To avoid the transfer of keys a method called asymmetric key encryption, also known as public key encryption, is used.
In asymmetric key encryption, the keys used to encrypt and decrypt the data are different. Every user possesses two keys viz public key and private key. As the name suggests, the public key of every user is known to everyone but the private key is known to the particular user, who owns the key. Suppose sender A wants to send a secret message to receiver B through the Internet. A will encrypt the message using B's public key, as the public key is known to everyone. Once the message is encrypted, the message can safely be sent to B over the internet. As soon as the message is received by B, he will use his private key to decrypt the message and regenerate the original message.
It is a technique for the validation of data. Validation is a process of certifying the content of a document. The digital signatures not only validate the data but are also used for authentication. The digital signature is created by encrypting the data with the private key of the sender. The encrypted data is attached along with the original message and sent over the internet to the destination. The receiver can decrypt the signature with the public key of the sender. Now the decrypted message is compared with the original message. If both are the same, it signifies that the data is not tempered and also the authenticity of the sender is verified as someone with the private key(which is known to the owner only) can encrypt the data which was then decrypted by his public key.
If the data is tempered while transmission, it is easily detected by the receiver as the data will not be verified. Moreover, the message cannot be re-encrypted after tempering as the private key, which is possessed only by the original sender, is required for this purpose. As more and more documents are transmitted over the internet, digital signatures are an essential part of the legal as well as the financial transition. It not only provides the authentication of a person and the validation of the document, but it also prevents the denial or agreement at a later stage. Suppose a shareholder instructs the broker via email to sell the share at the current price. After the completion of the transaction, by any chance, the shareholder reclaims the shares by claiming the email to be forged or bogus. To prevent these unpleasant situations, digital signatures are used.
There are varieties of malicious programs like viruses, worms, trojan horses, etc that are spread over the internet to compromise the security of a computer either to destroy data in the computer or gain financial benefits by sniffing passwords, etc. To prevent these malicious codes from entering your system, a special program called an anti-virus is used which is designed to protect the system against viruses. It not only prevents the malicious code from entering the system but also detects and destroys the malicious code that is already installed into the system. There are lots of new viruses coming every day. The antivirus program regularly updates its database and provides immunity to the system against these new viruses, worms, etc.
It is hardware/software that acts as a shield between an organization's network and the internet and protects it from threats like viruses, malware, hackers, etc. It can be used to limit the persons who can have access to your network and send information to you.
There are two types of traffic in an organization viz. inbound traffic and outbound traffic. Using a firewall, it is possible to configure and monitor the traffic of the ports. Only the packets from trusted source addresses can enter the organization‟s network and the sources which are blacklisted and unauthorized addresses are denied access to the network. It is important to have firewalls to prevent the network from unauthorized access, but a firewall does not guarantee this until and unless it is configured correctly. A firewall can be implemented using hardware as well as software or a combination of both.
In the operating system like Windows 2003, Windows 2008 etc. it comes embedded with the operating system. The only thing a user needs to do is to optimally configure the firewall according to their requirement. The firewalls can be configured to follow “rules” and “policies” and based on these defined rules the firewalls can follow the following filtering mechanisms.
The firewalls are an essential component of the organizations‟ network. They not only protect the organization against viruses and other malicious code but also prevent hackers from using your network infrastructure to launch DOS attacks.
It is a technique of hiding secret messages in a document file, image file, program or protocol, etc. such that the embedded message is invisible and can be retrieved using special software. Only the sender and the receiver know about the existence of the secret message in the image. The advantage of this technique is that these files are not easily suspected.
There are many applications of steganography which include sending secret messages without ringing the alarms, preventing secret files from unauthorized and accidental access and theft, digital watermarks for IPR issues, etc.
Let us discuss how the data is secretly embedded inside the cover file( the medium like image, video, audio, etc which is used for embedding secret data) without being noticed. Let us take an example of an image file that is used as a cover medium. Each pixel of a high-resolution image is represented by 3 bytes(24 bits). If the 3 least significant bits of these 24 bits are altered and used for hiding the data, the resultant image, after embedding the data into it, will have an unnoticeable change in the image quality and only very experienced and trained eyes can detect this change. In this way, every pixel can be used to hide 3 bits of information. Similarly, introducing white noise in an audio file at regular or random intervals can be used to hide data in audio or video files. There are various free software available for Steganography. Some of the popular ones are: QuickStego, Xiao, Tucows, OpenStego, etc.
Great Article, Thanks for sharing :)
You must be logged in to leave a comment. Login here