Threats, Attacks and Malware in IT Security: A Review of Recent Academic Articles
VerifiedAdded on 2022/10/05
|8
|2420
|129
AI Summary
This paper provides a review of recent academic articles on IT security, focusing on the article titled “Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks” by Mohamed Abomhara and Geir M. Køien. It explores the various threats and attacks facing the IT industry, including physical attacks, reconnaissance attacks, denial-of-service attacks, access attacks, attacks on privacy, cyber-crimes, destructive attacks, and SCADA attacks. The paper also discusses the classification of possible intruders and types of malware used, and suggests ways to deal with these issues.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Threats, Attacks and Malware
Introduction
The aim of this paper is to do provide a review about recent academic articles on IT security.
To help with the review, the article chosen is titled, “Cyber Security and the Internet of
Things: Vulnerabilities, Threats, Intruders and Attacks,” authored by Mohamed Abomhara
and Geir M. Køien. The paper seeks to give a detailed explanation about the threats and
attacks that are facing the IT industry and especially in the field of IoT which has become
very popular nowadays. It will begin with a description of some of the key terms that are
related to the topic under research and then explore deeper about how the authors managed to
cover the issues in the article under research. The paper will also give a report about the
problems highlighted in the article and their solutions. Finally, it will provide a discussion
about conclusions from the article and their relevance to threats, attacks and malware in IT.
Intention and Content of The Article
According to the abstract, the intention of the article is to classify the security threats and
attacks facing IT industry and specifically in the field of IoT. It aims at provide a better
understanding of the threats as well as their attributes and motivation. The authors note that
IoT has become integrated with people’s lives in so many ways and therefore there is a dire
need to secure it [1]. In order to provide security, there is an important prerequisite of
understanding the threats and attacks that needs prevention and handling. The article opens
up with a brief background about IoT, the threats facing the sectors and mitigation methods.
IoT has been named as the fasted growing technology and has permeated in almost all sectors
of people’s life nowadays [2]. This calls for a robust security that will adequately secure the
big number of devices and services that are connected to the internet all over the word.
However, the number of threats and their complexity keeps on increasing every day.
Introduction
The aim of this paper is to do provide a review about recent academic articles on IT security.
To help with the review, the article chosen is titled, “Cyber Security and the Internet of
Things: Vulnerabilities, Threats, Intruders and Attacks,” authored by Mohamed Abomhara
and Geir M. Køien. The paper seeks to give a detailed explanation about the threats and
attacks that are facing the IT industry and especially in the field of IoT which has become
very popular nowadays. It will begin with a description of some of the key terms that are
related to the topic under research and then explore deeper about how the authors managed to
cover the issues in the article under research. The paper will also give a report about the
problems highlighted in the article and their solutions. Finally, it will provide a discussion
about conclusions from the article and their relevance to threats, attacks and malware in IT.
Intention and Content of The Article
According to the abstract, the intention of the article is to classify the security threats and
attacks facing IT industry and specifically in the field of IoT. It aims at provide a better
understanding of the threats as well as their attributes and motivation. The authors note that
IoT has become integrated with people’s lives in so many ways and therefore there is a dire
need to secure it [1]. In order to provide security, there is an important prerequisite of
understanding the threats and attacks that needs prevention and handling. The article opens
up with a brief background about IoT, the threats facing the sectors and mitigation methods.
IoT has been named as the fasted growing technology and has permeated in almost all sectors
of people’s life nowadays [2]. This calls for a robust security that will adequately secure the
big number of devices and services that are connected to the internet all over the word.
However, the number of threats and their complexity keeps on increasing every day.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Vulnerabilities
They can be defined as weakness within as system that gives room to an intruder to carry out
his/malicious intentions [3]. For example, IoT vulnerabilities can be found in the software,
hardware, policies or the users of the devices. The software vulnerabilities can be found in
places like the OS, application software and that used in control such as devices drives and
communication protocols [4].
Exposure
A mistake or a problem in the configuration of a system that enables an attacker to conduct
information gathering tasks is referred to as exposure. The biggest threat to IoT in this regard
is physical attacks since most of the devices are left unattended most of the times thus being
exposed physically to potential attackers.
Threats
A threat can be defined as an action that takes a result of the perpetrator identifying a
weakness a security weakness in the target system and leaves a negative impact on the system
[5]. Threats can be divided into two broad categories; natural and human threats [6].
Natural threats are those that occur without human intervention such as earthquakes, floods,
hurricanes and lightning. They may damage computer systems severely and interrupt the
normal operations. The challenge with dealing with the natural threats is that only few
safeguards can be put into place against them and cannot be prevented from happening. The
best method would be setting up backups and contingency plans.
Human threats are the ones that originate from people either accidentally or intentionally for
malicious purposes. They can be categorized further into either unstructured or structured
threats. Unstructured threats are those that are carried out by people with little experience
They can be defined as weakness within as system that gives room to an intruder to carry out
his/malicious intentions [3]. For example, IoT vulnerabilities can be found in the software,
hardware, policies or the users of the devices. The software vulnerabilities can be found in
places like the OS, application software and that used in control such as devices drives and
communication protocols [4].
Exposure
A mistake or a problem in the configuration of a system that enables an attacker to conduct
information gathering tasks is referred to as exposure. The biggest threat to IoT in this regard
is physical attacks since most of the devices are left unattended most of the times thus being
exposed physically to potential attackers.
Threats
A threat can be defined as an action that takes a result of the perpetrator identifying a
weakness a security weakness in the target system and leaves a negative impact on the system
[5]. Threats can be divided into two broad categories; natural and human threats [6].
Natural threats are those that occur without human intervention such as earthquakes, floods,
hurricanes and lightning. They may damage computer systems severely and interrupt the
normal operations. The challenge with dealing with the natural threats is that only few
safeguards can be put into place against them and cannot be prevented from happening. The
best method would be setting up backups and contingency plans.
Human threats are the ones that originate from people either accidentally or intentionally for
malicious purposes. They can be categorized further into either unstructured or structured
threats. Unstructured threats are those that are carried out by people with little experience
using hacking tools that are easily available. On the other hand, the structured threats are
conducted by experienced attackers with a deep understanding of system vulnerabilities.
Instead of depending on the easily available hacking tools, they develop and exploit codes
and scripts. A good illustration of this type of attacks would be the Advanced Persistent
Threats (APT) [7] that had the aim of stealing data from very crucial sectors such as
government organizations, national defense, and businesses [8].
Attacks
Attacks refers to actions that are taken with the aim of causing harm to a system or causing a
disruption in the usual operations by means of exploitation of vulnerabilities that exist in the
system with the help of various tools and techniques. Attackers have various objectives while
launching the attacks such as compensation or just for personal satisfaction. Attack cost refers
to a measure of the attacker’s efforts expressed in terms of motivation and resources. The
people who pose a threat to the digital world are known as the attack actors [9] and could
either be criminals, hackers or even governments. The following are the common attacks;
Physical attacks
These are the attacks that interfere with the hardware parts of the system. IoT devices
are more prone to these types of attacks especially those that are usually unattended to
for most of the time.
Reconnaissance attacks
Refers to when attackers use their tools and techniques to illegally discover and map
services, systems and vulnerabilities. It includes; ports scanning [11], traffic analysis,
packet sniffing [10], and pinging IPs.
Denial-of-service (DoS)
conducted by experienced attackers with a deep understanding of system vulnerabilities.
Instead of depending on the easily available hacking tools, they develop and exploit codes
and scripts. A good illustration of this type of attacks would be the Advanced Persistent
Threats (APT) [7] that had the aim of stealing data from very crucial sectors such as
government organizations, national defense, and businesses [8].
Attacks
Attacks refers to actions that are taken with the aim of causing harm to a system or causing a
disruption in the usual operations by means of exploitation of vulnerabilities that exist in the
system with the help of various tools and techniques. Attackers have various objectives while
launching the attacks such as compensation or just for personal satisfaction. Attack cost refers
to a measure of the attacker’s efforts expressed in terms of motivation and resources. The
people who pose a threat to the digital world are known as the attack actors [9] and could
either be criminals, hackers or even governments. The following are the common attacks;
Physical attacks
These are the attacks that interfere with the hardware parts of the system. IoT devices
are more prone to these types of attacks especially those that are usually unattended to
for most of the time.
Reconnaissance attacks
Refers to when attackers use their tools and techniques to illegally discover and map
services, systems and vulnerabilities. It includes; ports scanning [11], traffic analysis,
packet sniffing [10], and pinging IPs.
Denial-of-service (DoS)
This attack has the aim of making a network resource or machine to be unavailable to
the intended users. Most of the IoT devices suffer from minimal computation
resources and low memory capabilities therefore being susceptible to DoS attacks.
Access attacks
It occurs when people who are not authorized to access a particular network or device
manage to gain access illegally. It can either be physical access to the device or done
remotely through the internet.
Attacks on privacy
This is one of the most challenging types of attacks and can be broken down further
into the following categories.
a) Cyber espionage: refers to the use of malicious software and cracking
techniques to spy on individuals, government or organizations.
b) Data mining: It gives the attackers the ability to unanticipated information in
specific databases.
c) Password-based attacks: these are attacks that are aimed at getting hold of the
real user’s password. Can be either through dictionary attack or brute force
attacks.
d) Tracking: attackers makes use of devices unique identification number (UID)
to track the locations of the users even if they wanted to stay anonymous.
e) Eavesdropping: occurs when an attacker uses tools and techniques to listen to
a communication taking place between two parties.
Cyber-crimes
The attackers can use the internet and smart devices for exploitation of the users as
well as using data for monetary gains. Such crimes include identity theft, intellectual
property theft, fraud and brand theft [12].
the intended users. Most of the IoT devices suffer from minimal computation
resources and low memory capabilities therefore being susceptible to DoS attacks.
Access attacks
It occurs when people who are not authorized to access a particular network or device
manage to gain access illegally. It can either be physical access to the device or done
remotely through the internet.
Attacks on privacy
This is one of the most challenging types of attacks and can be broken down further
into the following categories.
a) Cyber espionage: refers to the use of malicious software and cracking
techniques to spy on individuals, government or organizations.
b) Data mining: It gives the attackers the ability to unanticipated information in
specific databases.
c) Password-based attacks: these are attacks that are aimed at getting hold of the
real user’s password. Can be either through dictionary attack or brute force
attacks.
d) Tracking: attackers makes use of devices unique identification number (UID)
to track the locations of the users even if they wanted to stay anonymous.
e) Eavesdropping: occurs when an attacker uses tools and techniques to listen to
a communication taking place between two parties.
Cyber-crimes
The attackers can use the internet and smart devices for exploitation of the users as
well as using data for monetary gains. Such crimes include identity theft, intellectual
property theft, fraud and brand theft [12].
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Destructive attacks
These are attacks that cause a massive destruction and loss of lives such as terrorist
attacks and revenge attacks which can be carried out with the help of computers or
smart devices.
SCADA attacks
SCADA systems is at risk of various cyber-attacks such as DoS, trojans and viruses
[13].
Classification of Possible Intruders and Types of Malware Used
The people carrying out the attacks can be categorized into the following;
1. Individuals
Refers to professional hackers who operate alone and their main targets are the less
secure systems [14]. The main technique used to obtain information about their
targets is social engineering techniques. They use various tools like worms, viruses
and sniffers to perform exploitation of a system.
2. Organized groups
These are a group of hackers that unite with various motivation and targets. They are
responsible for the big attacks and carry out numerous tasks such as revenge,
espionage, trade secrets theft, selling various forms of data and crippling critical
government operations [15]. They are usually well funded and have advanced
capabilities. They use numerous types of malware and tools such as botnets, DoS,
malicious software like viruses and scareware [16].
3. Intelligence agency
These are attacks that cause a massive destruction and loss of lives such as terrorist
attacks and revenge attacks which can be carried out with the help of computers or
smart devices.
SCADA attacks
SCADA systems is at risk of various cyber-attacks such as DoS, trojans and viruses
[13].
Classification of Possible Intruders and Types of Malware Used
The people carrying out the attacks can be categorized into the following;
1. Individuals
Refers to professional hackers who operate alone and their main targets are the less
secure systems [14]. The main technique used to obtain information about their
targets is social engineering techniques. They use various tools like worms, viruses
and sniffers to perform exploitation of a system.
2. Organized groups
These are a group of hackers that unite with various motivation and targets. They are
responsible for the big attacks and carry out numerous tasks such as revenge,
espionage, trade secrets theft, selling various forms of data and crippling critical
government operations [15]. They are usually well funded and have advanced
capabilities. They use numerous types of malware and tools such as botnets, DoS,
malicious software like viruses and scareware [16].
3. Intelligence agency
Different countries have intelligence agencies that they use to gather information
about other countries such as military and political espionage. This is usually an
advanced job that require assembling of a big number of experts, infrastructure and
technologies. These agencies employ the very best in the computing field to hack and
exploit systems of their targets to gain the information they need using the most
advanced tools and malware.
The article makes a discussion that most of the IoT devices are at risk of numerous threats at
any given time. It points out that the easy steps of identifying system vulnerabilities and
avoiding threats is not good enough. It calls for tougher methods to be employed, a smooth
process of policy implementation and robust procedures to be put in place. The authors note
that attacks and threats organized by criminal groups and intelligence agencies are the most
difficult to deal with since they are more organized and uses advanced forms of malware. The
article concludes that even though a lot of efforts have been done to curb security issues in
IT, there is still a lot that needs to be done.
Conclusion
The IT industry is still facing a lot of problems as highlighted in the article. There are
different types of threats and attacks that pose a challenge to IT systems. Some are physical
while others are from humans. This paper has managed to do a review of the article and
explained the threats and attacks and suggested some ways of dealing with some of the
issues. It has highlighted the various malware that the attackers use to perpetrate their attacks
depending on their targets. Although the article under review was based in IoT, it has given
an overview of the problems that are facing the other sectors of IT since most of them are
connected to the internet and are at susceptible to those problems too.
about other countries such as military and political espionage. This is usually an
advanced job that require assembling of a big number of experts, infrastructure and
technologies. These agencies employ the very best in the computing field to hack and
exploit systems of their targets to gain the information they need using the most
advanced tools and malware.
The article makes a discussion that most of the IoT devices are at risk of numerous threats at
any given time. It points out that the easy steps of identifying system vulnerabilities and
avoiding threats is not good enough. It calls for tougher methods to be employed, a smooth
process of policy implementation and robust procedures to be put in place. The authors note
that attacks and threats organized by criminal groups and intelligence agencies are the most
difficult to deal with since they are more organized and uses advanced forms of malware. The
article concludes that even though a lot of efforts have been done to curb security issues in
IT, there is still a lot that needs to be done.
Conclusion
The IT industry is still facing a lot of problems as highlighted in the article. There are
different types of threats and attacks that pose a challenge to IT systems. Some are physical
while others are from humans. This paper has managed to do a review of the article and
explained the threats and attacks and suggested some ways of dealing with some of the
issues. It has highlighted the various malware that the attackers use to perpetrate their attacks
depending on their targets. Although the article under review was based in IoT, it has given
an overview of the problems that are facing the other sectors of IT since most of them are
connected to the internet and are at susceptible to those problems too.
References
[1] M. Taneja, "An analytics framework to detect compromised IoT devices using mobility
behavior", 2013 International Conference on ICT Convergence (ICTC), pp. 38-43, 2013.
Available: 10.1109/ictc.2013.6675302 [Accessed 1 October 2019].
[2]"Internet of Things, Smart Spaces, and Next Generation Networks and Systems", Lecture
Notes in Computer Science, p. 464, 2018. Available: 10.1007/978-3-030-01168-0
[Accessed 1 October 2019].
[3] E. Bertino, L. Martino, F. Paci and A. Squicciarini, Security for Web Services and
Service-Oriented Architectures. Berlin, Heidelberg: Springer-Verlag Berlin Heidelberg,
2010, pp. 25-44.
[4] J. Kizza, Guide to computer network security. London: Springer, 2013.
[5] H. Brauch, Coping with global environmental change, disasters and security. Berlin:
Springer, 2011, pp. 61-106.
[6] K. Dahbur, B. Mohammad and A. Tarakji, "A survey of risks, threats and vulnerabilities
in cloud computing", Proceedings of the 2011 International Conference on Intelligent
Semantic Web-Services and Applications - ISWSA '11, p. 12, 2011. Available:
10.1145/1980822.1980834 [Accessed 1 October 2019].
[7] C. Tankard, "Advanced Persistent threats and how to monitor and deter them", Network
Security, vol. 2011, no. 8, pp. 16-19, 2011. Available: 10.1016/s1353-4858(11)70086-1
[Accessed 1 October 2019].
[8] F. Li, A. Lai and D. Ddl, "Evidence of Advanced Persistent Threat: A case study of
malware for political espionage", 2011 6th International Conference on Malicious and
[1] M. Taneja, "An analytics framework to detect compromised IoT devices using mobility
behavior", 2013 International Conference on ICT Convergence (ICTC), pp. 38-43, 2013.
Available: 10.1109/ictc.2013.6675302 [Accessed 1 October 2019].
[2]"Internet of Things, Smart Spaces, and Next Generation Networks and Systems", Lecture
Notes in Computer Science, p. 464, 2018. Available: 10.1007/978-3-030-01168-0
[Accessed 1 October 2019].
[3] E. Bertino, L. Martino, F. Paci and A. Squicciarini, Security for Web Services and
Service-Oriented Architectures. Berlin, Heidelberg: Springer-Verlag Berlin Heidelberg,
2010, pp. 25-44.
[4] J. Kizza, Guide to computer network security. London: Springer, 2013.
[5] H. Brauch, Coping with global environmental change, disasters and security. Berlin:
Springer, 2011, pp. 61-106.
[6] K. Dahbur, B. Mohammad and A. Tarakji, "A survey of risks, threats and vulnerabilities
in cloud computing", Proceedings of the 2011 International Conference on Intelligent
Semantic Web-Services and Applications - ISWSA '11, p. 12, 2011. Available:
10.1145/1980822.1980834 [Accessed 1 October 2019].
[7] C. Tankard, "Advanced Persistent threats and how to monitor and deter them", Network
Security, vol. 2011, no. 8, pp. 16-19, 2011. Available: 10.1016/s1353-4858(11)70086-1
[Accessed 1 October 2019].
[8] F. Li, A. Lai and D. Ddl, "Evidence of Advanced Persistent Threat: A case study of
malware for political espionage", 2011 6th International Conference on Malicious and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Unwanted Software, pp. 102-109, 2011. Available: 10.1109/malware.2011.6112333
[Accessed 1 October 2019].
[9] B. Schneier, Secrets and Lies: Digital Security in a Networked World 15th Anniversary
Ed. John Wiley & Sons, 2011.
[10] S. Ansari, S. Rajeev and H. Chandrashekar, "Packet sniffing: a brief introduction", IEEE
Potentials, vol. 21, no. 5, pp. 17-19, 2002. Available: 10.1109/mp.2002.1166620
[Accessed 1 October 2019].
[11] M. de Vivo, E. Carrasco, G. Isern and G. de Vivo, "A review of port scanning
techniques", ACM SIGCOMM Computer Communication Review, vol. 29, no. 2, p. 41,
1999. Available: 10.1145/505733.505737 [Accessed 1 October 2019].
[11] C.Wilson, “Botnets, cybercrime, and cyberterrorism:Vulnerabilities and
policy issues for congress.” DTIC Document, 2008.
[13] A. Daneels and W. Salter, “What is scada,” in International Conference
on Accelerator and Large Experimental Physics Control Systems, 1999,
pp. 339–343.
[14] J. Sheldon, “State of the art: Attackers and targets in cyberspace,” Journal
of Military and Strategic Studies, vol. 14, no. 2, 2012.
[15] C.Wilson, “Botnets, cybercrime, and cyberterrorism:Vulnerabilities and
policy issues for congress.” DTIC Document, 2008.
[16] A. Nicholson, S. Webber, S. Dyer, T. Patel, and H. Janicke, “Scada
security in the light of cyber-warfare,” Computers & Security, vol. 31,
no. 4, pp. 418–436, 2012.
[Accessed 1 October 2019].
[9] B. Schneier, Secrets and Lies: Digital Security in a Networked World 15th Anniversary
Ed. John Wiley & Sons, 2011.
[10] S. Ansari, S. Rajeev and H. Chandrashekar, "Packet sniffing: a brief introduction", IEEE
Potentials, vol. 21, no. 5, pp. 17-19, 2002. Available: 10.1109/mp.2002.1166620
[Accessed 1 October 2019].
[11] M. de Vivo, E. Carrasco, G. Isern and G. de Vivo, "A review of port scanning
techniques", ACM SIGCOMM Computer Communication Review, vol. 29, no. 2, p. 41,
1999. Available: 10.1145/505733.505737 [Accessed 1 October 2019].
[11] C.Wilson, “Botnets, cybercrime, and cyberterrorism:Vulnerabilities and
policy issues for congress.” DTIC Document, 2008.
[13] A. Daneels and W. Salter, “What is scada,” in International Conference
on Accelerator and Large Experimental Physics Control Systems, 1999,
pp. 339–343.
[14] J. Sheldon, “State of the art: Attackers and targets in cyberspace,” Journal
of Military and Strategic Studies, vol. 14, no. 2, 2012.
[15] C.Wilson, “Botnets, cybercrime, and cyberterrorism:Vulnerabilities and
policy issues for congress.” DTIC Document, 2008.
[16] A. Nicholson, S. Webber, S. Dyer, T. Patel, and H. Janicke, “Scada
security in the light of cyber-warfare,” Computers & Security, vol. 31,
no. 4, pp. 418–436, 2012.
1 out of 8
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.