Information Security Threats and Information Assurance

Zenodo (CERN European Organization for Nuclear Research), 2005

In this paper, we present the design and implementation of a Collaborative Intrusion Detection System (CIDS) for accurate and efficient intrusion detection in a distributed system. CIDS employs multiple specialized detectors at the different layers-network, kernel and application-and a manager based framework for aggregating the alarms from the different detectors to provide a combined alarm for an intrusion. The premise is that a carefully designed and configured CIDS can reduce the incidence of false alarms and missed alarms compared to individual detectors, without a substantial degradation in performance. In order to validate the premise, we present the design and implementation of a CIDS which employs Snort, a network level IDS, Libsafe, an application level IDS, and a new kernel level IDS called Sysmon. The system has a manager to which the detectors communicate their alarms using a secure message queue. The manager has a graph-based and a Bayesian network based aggregation method for combining the alarms to finally come up with a decision about the intrusion. The system is evaluated using a web-based electronic store front application and under three different classes of attacks-buffer overflow, flooding and script-based attacks. The experiments are conducted to measure the performance degradation between the baseline system with no detection and CIDS with the three detectors and the manager. The results show degradations of 3.9% and 6.3% under normal workload and a buffer overflow attack respectively. Experiments are then conducted to explore the cases of false alarms and missed alarms with a normal transaction and 7 different attack cases corresponding to the 3 attack classes. The results show that the normal workload generates false alarms for Snort. Also the experiments produce missed alarms for all the elementary detectors. CIDS does not flag the false alarm and reduces the incidence of missed alarms to 1 of the 7 cases. CIDS can also be used to measure the propagation time of an intrusion which is useful in choosing an appropriate response strategy. Timing measurements are conducted to illustrate the point.

InterConf, 2021

This research is dedicated to the study of the problems the information systems of most states is currently facing and the methods of information system protection. Due to the fast development of new information technologies, the potential of information systems increases, ecommerce develops, and at the same time forms a platform for cybercrime, acts of cyber terrorism and other actions that become a threat to the national security of the state. In these circumstances, the activity of information systems must be coordinated and regulated by normative and legislative acts on the rights and security measures of persons and information. Violation of the information system security of the public authorities and other institutions may compromise the confidentiality and integrity of this information, and consequently cause financial or material damage, including damage to the security of the State. The security of computer networks is an essential factor for the proper functioning of the information society. Information systems are threatened both internally and externally. EU and its Member States are facing today internal and external security challenges which represent a complex, dynamic and open system. They are complex, constantly expanding and interdependent. Information security is used primarily to provide assurance that intellectual property rights are adequately protected.

2019

With the ushering in of the information age, a wide range of technologies in the field of computer science have emerged such that many network techniques are broadly utilized in different sectors of the society at large and in its wake not only has made great economic and social benefits, but also have immensely promoted the rapid development in culture and systems. While the openness and adaptability of computer network has brought us a ton of benefits both throughout our lives and work, it also has caused a series of information security problems which put our life at risk. With the fast advancement of computer network technology, ensuring the security of the computer becomes a very essential factor that cannot be disregarded. Three major threats confronting computer network security include: threat from hackers, computer virus and denial of service attacks whiles some measures leading to the safety of the network also include legal measures, technical measures as well as management measures. This paper seeks to investigate the primary risk confronting computer network security, address system security innovations and advances to help tackle the shrouded risk of the current basic system security. KEYWORDS-Information age, Computer network, information security

International Journal for Research in Applied Science and Engineering Technology IJRASET, 2020

Currently, companies are more into using distributed systems and relying on network and communication facilities for transmitting critical and important information that needs to be secured. Therefore, protecting companies information becomes more important, and information security is essential to maintain. Information security is defined as protecting the information, the system, and the hardware that use, store and transmit the information, to ensure integrity, confidentiality and availability of data and operation procedures are protected. In this paper, we illustrate the factors that impact information security in different fields; cyber security, Internet of Things and network security from various studies and outline the security requirements to reduce this impact. I. INTRODUCTION Nowadays, most of the companies are interested in technology system in order to achieve a quicker procedure than the old-fashioned way, and for this system to be more effective, it must be saved from threats and information security must be maintained. The main objectives of information security that must be implemented to ensure the protection of data in any corporation are: (i) confidentiality, (ii) integrity and (iii) availability. The companies structure should be protected from active and passive attacks, such as (illegal access, unauthorized improvement of data and interruption) [1]. Information security and cyber security are both global and exciting subject for many researchers. The international standard, ISO/IEC 27002 (2005), defines Information Security as: "The preservations of the confidentiality, integrity and availability of information, for any form (hard copy or soft copy, electronic store, transmitted by email, or any other format)". While, the International Telecommunications Union (ITU) defines cyber security as follows: "Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets" [2]. Both cyber security and information technology security requires continuous assessment and newness because they are vastly developed fields. Reputation and compromise intellectual property of organization will be affected by cyber attacks. Cyber attackers face problems in system security that uses multi-layer firewalls, so they depend on social engineering [3]. Due to the rapid increase of using technologies, that provide some comfort to the user, such as saving time and effort. The Internet of Things (IoT) is considered the best technology, with its applications that facilitate our work and live by providing features (i.e. connectivity, active engagement) that help us to achieve improvement, increase evolution and knowledge exchange. IoT is defined as a group of people and devices interconnected with each other. In addition, it allows devices to communicate with each other without involvement of human, it includes interconnected sensors of real world, devices of electronics and systems to the Internet. The main support of the IoT is the Internet. So that, any security threats that target the Internet can affect the IoT [4]. According to the importance of network and technology for any application, the security of network should be taken very important. The design of network depends on Open System Interface (OSI) model that gives many benefits when designing network security (e.g. flexibility, standardization of protocols, and easy to use). Network is unprotected to attacks while transferring data into communication channels. The security requirements of network are confidentiality and integrity. In addition, it is better to confirm that the complete network is secure when considering with network security [5]. In this paper, we will illustrate the factors effect on the multiple domains (Information System IS, cyber space, IoT and Network security) from various studies, to show how these factors effect and what are security requirements that can be used to reduce this effect. The reminder of this paper is organized as follows. Section II illustrates studies of various topics IS, Cyber space, IoT, and Network. In Section III, we discuss about different attacks that effect on security of multiple fields and the security requirements to prevent the attacks. Section IV is devoted to represent some relevant comments and concluding remarks.

INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN APPLIED SCIENCE (IJRIAS) , 2024

Network security has remained a major concern especially in the modern world where technological advancement is rapidly evolving. This study explores the concept of data and information security especially in today's environment where cyber risks like malware, phishing, DDoS, and insider threats are rampant. It covers the fundamentals of the network's security measures such as Firewall, IDS, Encryption, Access control, VPNs, and Security Auditing & Monitoring. A qualitative analysis of secondary data and case studies such as the Equifax data breach and the Yahoo data hack is used to assess the effectiveness of these security measures in the real world. Regulatory compliance is also encouraged through the use of standards like GDPR, PCI DSS, and HIPAA to ensure that companies meet the set requirements; failing to do so attracts fines, lawsuits, or loss of reputation among other consequences. Measures like regular software updates and patching, secure user authentication, network segmentation and security consciousness among the workers should be adopted. These are important in avoiding risk occurrences, minimizing threats and providing a hardy protection for new risks. This will be a detailed step by step guide to help organizations improve their network security, manage compliance and data protection in the interconnected world of today, with a focus on the importance of strong network protection in ensuring data integrity and trust.

TELKOMNIKA Indonesian Journal of Electrical Engineering, 2015

Security of information systems has become a critical problem of companies. In this paper, the principles of security and the description of some attacks that threatening the information system are given. After Techniques of cryptography, digital signature to ensure the confidentiality, integrity and authentication of data, are described. Some security protocol such as Secure Shell (SSH), Secure Socket Layer (SSL), Internet Protocol SECure (IPSEC), in order to ensure the security of connection resources, are described. Intrusion detection is implemented using free IDS "SNORT" software.

FBIM Transactions, 2019

With the development of computerization, information and communication technologies (ICT) are rapidly penetrating in all areas of human life. The state of information security and security of information systems is at a relatively low level. Threats and risks related to ICT by relevance and severity of possible consequences are most often directed at the state level, somewhat less towards banks, insurance companies, marketing and other companies that have larger amounts of personal data of users. However, small businesses and individuals are also very often exposed to the attacks. The authors analyze the legal environment in the IT sector of the Slovak Republic. After introductory considerations, the paper analyzes the legal regulations of the European Union and, in particular, of the Slovak Republic. The accent was placed on the security standards of the information systems of Slovakia. After that, the technical norms of relevance to the security of information and communication technologies are discussed. The authors dealt with long-term issues of security and the spread of good practice in the protection of property, information and communication systems. The aim of this article is to present the standard security and information systems of the European Union. Based on the research carried out, the authors point out that the goal of the academic environment should be to continuously find solutions to the new and emerging challenges that arise every day. One of the most difficult tasks is the transfer of this new knowledge into the legal framework and technical standards.

Encyclopedia of Multimedia Technology and Networking, Second Edition

Originally developed for research and education purposes as Arpanet in 1970s, the Internet has become a worldwide network that offers numerous services to the immense community of users. An everyday progress of the network technology brings also new security risks regarding a lot of sensitive data transferred over the network, especially in banking, commercial, and medical applications. Therefore the Internet security could be in general defined as a set of measures that should prevent vulnerabilities and misuse of data transmitted and used through the network.

Ahlam Towfeeq Al-Sarraf, 2013

The emergence of internet security started to enforce its importance with the advance technology of the internet computing processes. It is quite clear that the morphological structure of the internet itself allows for different types of threats to happen. Recently, security for the internet usage becomes a fundamental con-cern. Thus, It is quite feasible to study the architecture of the internet to develop and modify the computing processes to face the serious problem of computing processes attacked by different liberal or definable organizations of various types of internet data encryption. Some scholars believe in the cryptographic algorithms and protocols as central components to protect network transmission and data storage. Others, believe in the self content approach to characterize different computing defense protection which thought to be an active parameter to implement noticeable protection. It can be automated by building an automatic blocking device within the morphological structure of the computing set to create a parametric internet security. In this paper the highly sophisticated techniques and verified methods used by many attackers are considered as a serious problem which has to be solved to develop and achieve better internet security measure.