Authentication influencing structure, it is a question

 

 

 

 

 

 

 

 

 

 

 

 

 Authentication & Comp. Security

 

 

Yuvraj
Shridhar

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

 

 

 

University
of Kent

1/10/2018

 The “Nothing to hide” argument regarding
privacy and government/corporate surveillance

Nothing
to hide conflict suggests that there is no threat to security until the point
when the government or a corporate uncovers unlawful activity, in which case an
individual has no legal authority to affirm that it the matter remains private. 

In
the same way, if an individual engages in the legitimate activity, he/she has
nothing to worry. Regarding government and the corporate actions in
investigating particular information, individuals argue that a security danger
exists when perhaps unlawful private activities are uncovered. For instance,
when the authorities survey one’s phone records and find that one made calls to
her kin, an accomplice in another country, a video store, and an online
shopping service, “So what?” that individual may state. “I am not
embarrassed or traumatised by such a piece of information. If anyone asks me, I
will openly reveal to him or her what stores I shop. I do not have anything to
hide.” The “nothing to hide” debate and its assortments are
astoundingly unavoidable when it comes to the issue of information security.

(closed, 2017)

Information
security master, Bruce Schneier calls it the “broadest answer against
affirmation advocates” The “nothing to hide” debate is one of
the fundamental questions made while changing protection against security. In
its most influencing structure, it is a question that the affirmation intrigue
is unnecessary to some individuals; hence rolling out the improvement against
security concerns is an inevitable goal for information security. When in doubt
the “nothing to hide” debate is offered as a friendly exchange:
“In case you do not have anything to hide, by then, what do you need to
fear?” Others ask, “On the off chance that you are not doing anything
incorrectly, by then what do you need to hide?”

 

Known
attacks against the Diffie-Hellman protocol, and the most common
countermeasures to stop them

Attacks against the DH
tradition are in three categories:

Denial of Service Attacks:
Here, the aggressor will endeavour to prevent two users from efficiently doing
the convention. The attacker can achieve this from multiple points of view, for
instance by erasing the messages that the two users send to each other, or by
overpowering the server with superfluous calculation or correspondence, such
that the server lacks enough capacity to provide services to the legitimate
users.

The
solution for such an attack includes having the software developer’s answers
for cryptographic enigmas (generally called Hashcash or esteeming limits). In
case a server can endorse the IP address of its clients, one can use a less
capable affirmation plot called SYN Cookies. SYN Cookies helps to avoid IP
mocking to a specific degree.

Outsider attacks:
The assailant tries to disturb the transfer of information, for instance,
including, expelling, or handing-off messages, with the aim of extracting
information from communication processes. Such an attack can be prevented by
updating and applying the most recent security patches to all gadgets and
frameworks as well as investing in forensic procedures 

Insider Attacks:
It is possible that one of the individuals in an organisation can initiate a
delicate action to continue running a particular activity with an ultimate
objective to endeavour to get data about the secret key of his peers. It is an essential
attack in case one of the individuals holds a static riddle key. Note that
malignant programming could be amazingly powerful in mounting such an attack.

Insider attacks are prevented by screening and reacting to suspicious or
problematic behaviour and utilising layered protection against remote assaults
(Cao and Rong, 2013. pp.6449-6454)

An
in-depth description of the FREAK SSL/TLS Vulnerability, and its potential
impact and the mitigation techniques used.

FREAK (Factoring
Attack on RSA-EXPORT Keys) SSL/TSL is a weakness in some implementation of
SSL/TLS that provides an attacker to decrypting secure communication between
vulnerable clients and servers. These included obliging exportable programming
to utilise straightforward, open critical sets with RSA moduli of 512 bits or
less, with the aim of enabling them to be broken suitably by the National
Security Agency (NSA), but not by different clients with lesser figuring
assets.

However,
by the mid-2010s, increased technological power ensured that the SSL/TLS could
be broken by anybody with access to barely simple figuring assets are utilising
the striking Number Field Sieve estimation, using as less as $100 of
appropriated preparation of associations. Thus, this enabled an individual with
just an unassuming measure of calculation, to break the security of any site
that permitted the use of 512-piece trade review keys (Pieprzyk, 2010)

To
protect against FREAKS, SSL/TLS attacks users should ensure that they are continually
updating the operating system as well as other communication software to avoid
attacks targeting older software.

Users
should also implement the use of the advanced form of security measure to avoid
the malicious attacks like SSL flaws.

Moreover,
a user is advised to install an SSL certificate obtained from a genuine and
authentic certificate authority like Comodo SSL certificate authority.

 

How
attackers bypass firewalls and some tools and countermeasures, applicable.

Phishing-
the attacks involve sending emails through a firewall to persuade the recipient
to reveal password or download and run malware. The offence is mitigated by
planting a firewall that does not allow email and content originating from the
internet into industrial networks. A given unidirectional path does not allow
any communications or attacks into plant networks.

The
common engineering-this method involves looking at a sticky note on an
individual’s monitor or under his/her keyboard or at times shoulder surf as
they key in the password. At times a moving tale is told to persuade one to
reveal the password while at other times a user is convinced to install
keystroke loggers. The best way to mitigate such an attack is through a two-factor
authentication process that ensures a stolen password is not enough to grant
access.

Compromise
the domain controller- it compromises of a trusted external asset. Since in the
past, control systems are designed not to rely on any external system for safe,
correct, and reliable operation. However, this has changed with time and
control system, relies on IT domain controllers. When an attacker compromises
the domain controller, they do not need to attack the other systems as they can
change passwords or create their accounts. The best way to mitigate against
such an attack is not to allow industrial systems to trust a domain controller.

Firewall rules and unidirectional gateways can be helpful in blocking all
communication from corporate domain controllers.

Attack
exposed clients- this is possible since the client software is as vulnerable as
the industrial servers are. Once an external server is compromised, the attack
can be propagated to the industrial clients, e.g., when one pulls a file from a
virus-infected server, and there will be a virus in the industrial network. The
best way to mitigate such an attack is not to allow clients to access less
trusted networks by changing the firewall rules or deploying unidirectional
gateways (Asadzadeh Kaljahi, Payandeh, and
Ghaznavi-Ghoushchi, 2014, pp.1659-1671)

How attackers bypass intrusion detection systems and the available tools
and countermeasures.

Flooding-
The IDS relies on resources such as the processing power and memory to analyse
traffic and capture packets to report malicious attacks. Attackers exhaust
resources such as the processing power and the memory by flooding the network
with noise traffic to target the system with little or no intervention from the
IDS.

Encryption-
various site media have a limitation on transmission units, there is a need to
permit fragmentation of traits in different sized packets. The attackers
exploit this chance by dividing attacking packets into smaller portions that
are not detectable by the IDS but may cause an attack when reassembled by a
target host.

Encryption-the
network-based intrusion detection uses the analysis of the traffic captured as
it goes through the network from the source to the destination. When an
attacker establishes an encrypted SSH, SSL or VPN tunnel the IDS seise to analyse
packets and malicious traffic.

Obfuscation
– this technique involves concealing an attack with special characters. These
characters may include the space, delete, backspace, and even at times be in
hex format to deceive the IDS. In some cases, Unicode might be used to
represent a specific value such as ci to represent slash for a web page request
(Psiaki, Humphreys and Stauffer, 2016, pp.26-53)

 

Ways
of dealing with such attacks.

Polymorphism

Mark based IDS regularly search for common assault
examples that coordinate noxious activity. To recognise cradle flood attacks,
an IDS may search for, the confirmation of NOP slides, which are utilised to
debilitate the insurance of address space, format randomisation.

Fracture and little bundles

One basic strategy is to patch the attack payload into
different small packages, with the objective that the IDS must reassemble the
package stream to recognise the strike. A clear strategy for part packages is
by separating them. In any case, an adversary can similarly just claim to fame
bundles with small payloads. The ‘bristle’ avoidance device calls are created packets
with small payloads known as session grafting.

More
ways of protecting against these attackers include making sure that a company
has a robust network monitoring put in place, especially for the open source
open program. It entails scrutinising on open source programs before opening
one.

The
other measure is to use anti-malware solutions such as Trend Micro Office Scan.

Since most attackers include an emulation of network traffic so that the
activity can appear genuine to avoid setting off the alarms, the anti-malware
is designed to handle such attacks.

 

 

 

 

 

 

 

 

 

 

 

References

Asadzadeh Kaljahi, M.,
Payandeh, A. and Ghaznavi-Ghoushchi, M. (2014). TSSL: improving SSL/TLS
protocol by trust model. Security and Communication Networks, 8(9),
pp.1659-1671.

closed, H.

(2017). How can attackers bypass firewalls?. online Security.stackexchange.com.

Available at:
https://security.stackexchange.com/questions/19457/how-can-attackers-bypass-firewalls
Accessed 30 Dec. 2017.

Cao, Z. and Rong, X.

(2013). A Mechanism of Intrusion Detection System Cooperating with
Firewall. Information Technology Journal, 12(21), pp.6449-6454.

Pieprzyk, J.

(2010). Topics in Cryptology – CT-RS 2010. Berlin: Springer-Verlag.

Psiaki, M., Humphreys,
T., and Stauffer, B. (2016). Attackers can spoof navigation signals without our
knowledge. Here’s how to fight back GPS lies. IEEE Spectrum, 53(8),
pp.26-53.

 

 

Go Top
x

Hi!
I'm Rita!

Would you like to get a custom essay? How about receiving a customized one?

Check it out