Cyber Security: Attacks and Mitigation Techniques
VerifiedAdded on  2023/06/07
|11
|2291
|301
AI Summary
This essay discusses cyber security, its definition, probable attacks to computer systems, and proper mitigation techniques. It also covers the benefits, negatives, and future developments of cyber security.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CYBER SECURITY
Cyber Security
Name of the Student
Name of the University
Author’s Note:
Cyber Security
Name of the Student
Name of the University
Author’s Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
CYBER SECURITY
Part A
Abstract
The main aim of this essay is to know about cyber security and many other attacks. Cyber
security is the collection of processes, practices and technologies that help in protecting
networks, programs, data and devices from the several damages, attacks and unauthorized
access. The most significant strategies of cyber security majorly involve incident
management, risks management and identity management. This cyber security encompasses
the various software as well as hardware technologies and could be specifically applied at
each and every level. The major attacks of cyber security are DoS attacks, backdoor, direct
access attacks and many others. However, these attacks could be removed with proper
mitigation techniques. This essay has properly described the cyber attacks and mitigation
techniques for those attacks.
CYBER SECURITY
Part A
Abstract
The main aim of this essay is to know about cyber security and many other attacks. Cyber
security is the collection of processes, practices and technologies that help in protecting
networks, programs, data and devices from the several damages, attacks and unauthorized
access. The most significant strategies of cyber security majorly involve incident
management, risks management and identity management. This cyber security encompasses
the various software as well as hardware technologies and could be specifically applied at
each and every level. The major attacks of cyber security are DoS attacks, backdoor, direct
access attacks and many others. However, these attacks could be removed with proper
mitigation techniques. This essay has properly described the cyber attacks and mitigation
techniques for those attacks.
2
CYBER SECURITY
Introduction
Cyber security can be defined as the protectiveness of the Internet connected
computers that solely include software, data and hardware from the cyber attacks (Von Solms
& Van Niekerk, 2013). This security even consists of the physical security as well as cyber
security and these two types of security are utilized by the companies for the protection
against the unauthenticated accesses to the data centres or any other computerized system.
The information security that is being designed for the perfect maintenance of confidentiality,
availability as well as integrity of data, is the significant subset of cyber security. The major
elements of the cyber security for any particular information system are application security,
network security, operational security and many others (Wang & Lu, 2013). The following
essay outlines a brief discussion on the cyber security for any information system. The
various attacks related to cyber security, with their mitigation techniques will be given in this
report.
Discussion
Definition of Cyber Security
Cyber security major refers to the various preventative methodologies that are utilized
for the protection of confidential information or data from getting stolen, attacked or even
compromised (Hahn et al., 2013). There is a major requirement of the knowledge of various
information related threats like malicious codes or viruses. These levels mainly include
governmental, corporate and personal networks and devices. The passwords are the tools for
cyber security, which the individuals would be encountering regularly (Amin et al., 2013).
The other significant tools for cyber security majorly involve software for antivirus or anti
malware, firewalls, two factor authentications and encryption. The proper plan for the cyber
security is extremely important for all organizations.
CYBER SECURITY
Introduction
Cyber security can be defined as the protectiveness of the Internet connected
computers that solely include software, data and hardware from the cyber attacks (Von Solms
& Van Niekerk, 2013). This security even consists of the physical security as well as cyber
security and these two types of security are utilized by the companies for the protection
against the unauthenticated accesses to the data centres or any other computerized system.
The information security that is being designed for the perfect maintenance of confidentiality,
availability as well as integrity of data, is the significant subset of cyber security. The major
elements of the cyber security for any particular information system are application security,
network security, operational security and many others (Wang & Lu, 2013). The following
essay outlines a brief discussion on the cyber security for any information system. The
various attacks related to cyber security, with their mitigation techniques will be given in this
report.
Discussion
Definition of Cyber Security
Cyber security major refers to the various preventative methodologies that are utilized
for the protection of confidential information or data from getting stolen, attacked or even
compromised (Hahn et al., 2013). There is a major requirement of the knowledge of various
information related threats like malicious codes or viruses. These levels mainly include
governmental, corporate and personal networks and devices. The passwords are the tools for
cyber security, which the individuals would be encountering regularly (Amin et al., 2013).
The other significant tools for cyber security majorly involve software for antivirus or anti
malware, firewalls, two factor authentications and encryption. The proper plan for the cyber
security is extremely important for all organizations.
3
CYBER SECURITY
Probable Attacks to Computer Systems
There are some of the major and the most significant attacks that are vulnerable for
any computer system (Buczak & Guven, 2016). These attacks are listed below:
i) Backdoor: The backdoor within a specific computer system, an algorithm or even a
cryptosystem is the subsequent secret methodology for bypassing the various security
controls or normal authentication. These types of systems eventually exist for several reasons,
which include poor configuration or original designing (Ning, Liu & Yang, 2013). The
legitimate access is being blocked by the attacker and this is done for various malicious
reasons.
ii) Denial of Service Attacks: The next significant attack that is extremely vulnerable
for the cyber security is the denial of service attack. This type of attack is eventually designed
for the purpose of making the network resource as well as machine completely unavailable
for the respective intended users (Elmaghraby & Losavio, 2014). The attackers could easily
deny the services to the specific victims like deliberately entering of wrong passwords for
significantly causing the accounts of the victims to be locked. The capabilities of the network
and machine are overloaded and then the users are subsequently blocked. The network attack
from the single IP address could be easily blocked by the addition of new firewall rules.
iii) Direct Access Attacks: The unauthorized user, who could easily gain the physical
access to any system, has the core ability for copying data from this system. These
unauthorized users even compromise of security by simply making certain modifications of
operating systems, installation of software worms, covert the listening devices and many
more (Dunn Cavelty, 2013). The trusted platform module as well as disk encryption are
eventually designed for the proper prevention of these attacks.
CYBER SECURITY
Probable Attacks to Computer Systems
There are some of the major and the most significant attacks that are vulnerable for
any computer system (Buczak & Guven, 2016). These attacks are listed below:
i) Backdoor: The backdoor within a specific computer system, an algorithm or even a
cryptosystem is the subsequent secret methodology for bypassing the various security
controls or normal authentication. These types of systems eventually exist for several reasons,
which include poor configuration or original designing (Ning, Liu & Yang, 2013). The
legitimate access is being blocked by the attacker and this is done for various malicious
reasons.
ii) Denial of Service Attacks: The next significant attack that is extremely vulnerable
for the cyber security is the denial of service attack. This type of attack is eventually designed
for the purpose of making the network resource as well as machine completely unavailable
for the respective intended users (Elmaghraby & Losavio, 2014). The attackers could easily
deny the services to the specific victims like deliberately entering of wrong passwords for
significantly causing the accounts of the victims to be locked. The capabilities of the network
and machine are overloaded and then the users are subsequently blocked. The network attack
from the single IP address could be easily blocked by the addition of new firewall rules.
iii) Direct Access Attacks: The unauthorized user, who could easily gain the physical
access to any system, has the core ability for copying data from this system. These
unauthorized users even compromise of security by simply making certain modifications of
operating systems, installation of software worms, covert the listening devices and many
more (Dunn Cavelty, 2013). The trusted platform module as well as disk encryption are
eventually designed for the proper prevention of these attacks.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
CYBER SECURITY
iv) Eavesdropping: Another important and significant attack on the cyber security is
eavesdropping. It is the specific act of surreptitiously or secretly listening to any private
conversation within two distinct hosts over a specific network (Sou, Sandberg & Johansson,
2013). Eavesdropping is extremely dangerous for any type of confidential data or
information. Although, the attacker does not usually change the content of the confidential
data; but knows all of it. Hence, the confidentiality of the data is eventually lost.
v) Phishing: The fifth significant type of attack for the cyber security is phishing. It
is the typical fraudulent attempt for the purpose of acquiring any sensitive information like
passwords, usernames or other credentials from the users (Wells et al., 2014). This type of
attack is generally carries out by instant messaging or email spoofing.
vi) Social Engineering: Another popular and noteworthy cyber security threat is
social engineering. This threat has the objective for convincing the authenticated users to
disclose their personal information like card numbers or passwords to access the respective
bank account details.
vii) Spoofing: This is the basic act to masquerade as the authenticated entity by
simply falsifying the sensitive information. Spoofing is done for gaining the resources or
information and using them with wrong intentions (Von Solms & Van Niekerk, 2013). Email
spoofing and biometric spoofing are the most common forms of spoofing.
viii) Tampering: This describes the malicious modifications of products. The various
security services that are planted for surveillance capabilities within the routers is one of the
popular example of tampering.
Proper Mitigation Techniques of Attacks
The various mitigation techniques for the above mentioned attacks are as follows:
CYBER SECURITY
iv) Eavesdropping: Another important and significant attack on the cyber security is
eavesdropping. It is the specific act of surreptitiously or secretly listening to any private
conversation within two distinct hosts over a specific network (Sou, Sandberg & Johansson,
2013). Eavesdropping is extremely dangerous for any type of confidential data or
information. Although, the attacker does not usually change the content of the confidential
data; but knows all of it. Hence, the confidentiality of the data is eventually lost.
v) Phishing: The fifth significant type of attack for the cyber security is phishing. It
is the typical fraudulent attempt for the purpose of acquiring any sensitive information like
passwords, usernames or other credentials from the users (Wells et al., 2014). This type of
attack is generally carries out by instant messaging or email spoofing.
vi) Social Engineering: Another popular and noteworthy cyber security threat is
social engineering. This threat has the objective for convincing the authenticated users to
disclose their personal information like card numbers or passwords to access the respective
bank account details.
vii) Spoofing: This is the basic act to masquerade as the authenticated entity by
simply falsifying the sensitive information. Spoofing is done for gaining the resources or
information and using them with wrong intentions (Von Solms & Van Niekerk, 2013). Email
spoofing and biometric spoofing are the most common forms of spoofing.
viii) Tampering: This describes the malicious modifications of products. The various
security services that are planted for surveillance capabilities within the routers is one of the
popular example of tampering.
Proper Mitigation Techniques of Attacks
The various mitigation techniques for the above mentioned attacks are as follows:
5
CYBER SECURITY
i) Mitigation for Backdoor: The most significant mitigation methodology for the
cyber threat of backdoor is encryption technique (Wang & Lu, 2013). Encryption is the most
effective and efficient method to stop these attacks since it encodes the confidential data or
message in an encrypted format.
ii) Mitigation for DoS Attacks: These types of attacks could be easily with the help of
few techniques such as filtering, network traffic inspection and proper detection. The network
traffic is eventually passed by the high capacity networks with certain filters of traffic
scrubbing.
iii) Mitigation for Direct Access Attacks: The direct access attacks could be
eventually stopped by taking the help of cloud computing (Hahn et al., 2013). The data
management is extremely easier for any organization and hence cyber security is maintained.
The insider attacks are also mitigated with this technology of cloud.
iv) Mitigation for Eavesdropping: This type of attack is eventually mitigated with the
help of encryption technique. There are two types of algorithms present in encryption
technique, which are symmetric algorithm and asymmetric algorithm. Asymmetric algorithm
is the most effective encryption algorithm for this cyber threat.
v) Mitigation for Phishing: Anti phishing technique is the best technology for
mitigating phishing cyber threat in any information system (Ning, Liu & Yang, 2013). This
particular technique helps to stop this type of fraudulent attempt of obtaining personal
information to a greater level.
vi) Mitigation for Social Engineering: This type of attack can be easily mitigated by
hiding the information as well as other assets. Good awareness training is also important for
the mitigation of social engineering attack.
CYBER SECURITY
i) Mitigation for Backdoor: The most significant mitigation methodology for the
cyber threat of backdoor is encryption technique (Wang & Lu, 2013). Encryption is the most
effective and efficient method to stop these attacks since it encodes the confidential data or
message in an encrypted format.
ii) Mitigation for DoS Attacks: These types of attacks could be easily with the help of
few techniques such as filtering, network traffic inspection and proper detection. The network
traffic is eventually passed by the high capacity networks with certain filters of traffic
scrubbing.
iii) Mitigation for Direct Access Attacks: The direct access attacks could be
eventually stopped by taking the help of cloud computing (Hahn et al., 2013). The data
management is extremely easier for any organization and hence cyber security is maintained.
The insider attacks are also mitigated with this technology of cloud.
iv) Mitigation for Eavesdropping: This type of attack is eventually mitigated with the
help of encryption technique. There are two types of algorithms present in encryption
technique, which are symmetric algorithm and asymmetric algorithm. Asymmetric algorithm
is the most effective encryption algorithm for this cyber threat.
v) Mitigation for Phishing: Anti phishing technique is the best technology for
mitigating phishing cyber threat in any information system (Ning, Liu & Yang, 2013). This
particular technique helps to stop this type of fraudulent attempt of obtaining personal
information to a greater level.
vi) Mitigation for Social Engineering: This type of attack can be easily mitigated by
hiding the information as well as other assets. Good awareness training is also important for
the mitigation of social engineering attack.
6
CYBER SECURITY
vii) Mitigation for Spoofing: Packet filtering and spoofing detection software is the
most efficient mitigation techniques for spoofing (Dunn Cavelty, 2013). Moreover, protocols
of cryptographic network are also effective for this.
viii) Mitigation for Tampering: The improvement of data visibility is the basic way
for mitigating tampering attack. AI is also effective in this case.
Conclusion
Therefore, from the above discussion, it can be concluded that cyber security is the
specific protection of various systems from damage or theft to the software, hardware as well
as electronic data. Moreover, the misdirection or disruption of services by the information
systems is also checked with the help of cyber security. The reliance or dependency on the
Internet connection and computer systems have increased significantly and the several
wireless networks like the wireless fidelity or Bluetooth are well protected with the help of
cyber security. These types of security issues have risen due to the development of the smart
devices like smart phones, smart televisions and many others, which comprise of the Internet
of Things. The most significant and dangerous attacks on the cyber security of any
information system or smart device are denial of service attacks, eavesdropping, phishing,
spoofing, tampering and many more. The above essay has clearly outlined a brief discussion
on cyber security and the attacks.
CYBER SECURITY
vii) Mitigation for Spoofing: Packet filtering and spoofing detection software is the
most efficient mitigation techniques for spoofing (Dunn Cavelty, 2013). Moreover, protocols
of cryptographic network are also effective for this.
viii) Mitigation for Tampering: The improvement of data visibility is the basic way
for mitigating tampering attack. AI is also effective in this case.
Conclusion
Therefore, from the above discussion, it can be concluded that cyber security is the
specific protection of various systems from damage or theft to the software, hardware as well
as electronic data. Moreover, the misdirection or disruption of services by the information
systems is also checked with the help of cyber security. The reliance or dependency on the
Internet connection and computer systems have increased significantly and the several
wireless networks like the wireless fidelity or Bluetooth are well protected with the help of
cyber security. These types of security issues have risen due to the development of the smart
devices like smart phones, smart televisions and many others, which comprise of the Internet
of Things. The most significant and dangerous attacks on the cyber security of any
information system or smart device are denial of service attacks, eavesdropping, phishing,
spoofing, tampering and many more. The above essay has clearly outlined a brief discussion
on cyber security and the attacks.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
CYBER SECURITY
Part B
Benefits of Cyber Security
The main benefits of cyber security are as follows:
i) Cyber security helps in improving security of the cyberspace.
ii) The second benefit is that it protects resources and networks (Hahn et al., 2013).
iii) It even protects computers and systems against virus, malware, spyware and
worms.
iv) Cyber security protects individual private data.
Negatives of Cyber Security
The negative aspects of cyber security are as follows:
i) Cyber security is extremely expensive.
ii) The configuration is extremely difficult for cyber security (Von Solms & Van
Niekerk, 201).
iii) The cyber security often makes the system slower.
iv) Regular up gradation of the software is required for cyber security.
Future Developments of Cyber Security
The future developments of cyber security are as follows:
i) Machine Learning: Arms race is the new advancement of machine learning, which
helps in cyber security (Dunn Cavelty, 2013).
ii) Resolving Ransomware: The attacks of ransomware are reduced eventually.
CYBER SECURITY
Part B
Benefits of Cyber Security
The main benefits of cyber security are as follows:
i) Cyber security helps in improving security of the cyberspace.
ii) The second benefit is that it protects resources and networks (Hahn et al., 2013).
iii) It even protects computers and systems against virus, malware, spyware and
worms.
iv) Cyber security protects individual private data.
Negatives of Cyber Security
The negative aspects of cyber security are as follows:
i) Cyber security is extremely expensive.
ii) The configuration is extremely difficult for cyber security (Von Solms & Van
Niekerk, 201).
iii) The cyber security often makes the system slower.
iv) Regular up gradation of the software is required for cyber security.
Future Developments of Cyber Security
The future developments of cyber security are as follows:
i) Machine Learning: Arms race is the new advancement of machine learning, which
helps in cyber security (Dunn Cavelty, 2013).
ii) Resolving Ransomware: The attacks of ransomware are reduced eventually.
8
CYBER SECURITY
iii) Serverless Applications: The serverless applications are the next future
developments of cyber security.
CYBER SECURITY
iii) Serverless Applications: The serverless applications are the next future
developments of cyber security.
9
CYBER SECURITY
References
Amin, S., Litrico, X., Sastry, S., & Bayen, A. M. (2013). Cyber security of water SCADA
systems—Part I: Analysis and experimentation of stealthy deception attacks. IEEE
Transactions on Control Systems Technology, 21(5), 1963-1970.
Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods
for cyber security intrusion detection. IEEE Communications Surveys &
Tutorials, 18(2), 1153-1176.
Dunn Cavelty, M. (2013). From cyber-bombs to political fallout: Threat representations with
an impact in the cyber-security discourse. International Studies Review, 15(1), 105-
122.
Elmaghraby, A. S., & Losavio, M. M. (2014). Cyber security challenges in Smart Cities:
Safety, security and privacy. Journal of advanced research, 5(4), 491-497.
Hahn, A., Ashok, A., Sridhar, S., & Govindarasu, M. (2013). Cyber-physical security
testbeds: Architecture, application, and evaluation for smart grid. IEEE Transactions
on Smart Grid, 4(2), 847-855.
Ning, H., Liu, H., & Yang, L. (2013). Cyber-entity security in the Internet of
things. Computer, 1.
Sou, K. C., Sandberg, H., & Johansson, K. H. (2013). On the exact solution to a smart grid
cyber-security analysis problem. IEEE Transactions on Smart Grid, 4(2), 856-865.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.
CYBER SECURITY
References
Amin, S., Litrico, X., Sastry, S., & Bayen, A. M. (2013). Cyber security of water SCADA
systems—Part I: Analysis and experimentation of stealthy deception attacks. IEEE
Transactions on Control Systems Technology, 21(5), 1963-1970.
Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods
for cyber security intrusion detection. IEEE Communications Surveys &
Tutorials, 18(2), 1153-1176.
Dunn Cavelty, M. (2013). From cyber-bombs to political fallout: Threat representations with
an impact in the cyber-security discourse. International Studies Review, 15(1), 105-
122.
Elmaghraby, A. S., & Losavio, M. M. (2014). Cyber security challenges in Smart Cities:
Safety, security and privacy. Journal of advanced research, 5(4), 491-497.
Hahn, A., Ashok, A., Sridhar, S., & Govindarasu, M. (2013). Cyber-physical security
testbeds: Architecture, application, and evaluation for smart grid. IEEE Transactions
on Smart Grid, 4(2), 847-855.
Ning, H., Liu, H., & Yang, L. (2013). Cyber-entity security in the Internet of
things. Computer, 1.
Sou, K. C., Sandberg, H., & Johansson, K. H. (2013). On the exact solution to a smart grid
cyber-security analysis problem. IEEE Transactions on Smart Grid, 4(2), 856-865.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
CYBER SECURITY
Wang, W., & Lu, Z. (2013). Cyber security in the smart grid: Survey and
challenges. Computer Networks, 57(5), 1344-1371.
Wells, L. J., Camelio, J. A., Williams, C. B., & White, J. (2014). Cyber-physical security
challenges in manufacturing systems. Manufacturing Letters, 2(2), 74-77.
CYBER SECURITY
Wang, W., & Lu, Z. (2013). Cyber security in the smart grid: Survey and
challenges. Computer Networks, 57(5), 1344-1371.
Wells, L. J., Camelio, J. A., Williams, C. B., & White, J. (2014). Cyber-physical security
challenges in manufacturing systems. Manufacturing Letters, 2(2), 74-77.
1 out of 11
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.