Security in Computing: Encryption, Attacks, and Prevention Methods

Verified

Added on 2020/02/24

AI Summary

This report provides a comprehensive overview of cybersecurity, covering various essential topics. It begins by explaining symmetric and public key encryption, detailing their functionalities and applications. The report then delves into hashing, its role in data security, and its use in encryption and digital signatures. Moving on to network security, it discusses Denial of Service (DOS) attacks, outlining their nature, impact, and methods to defend against them, including specialized hardware and cloud mitigation strategies. Furthermore, the report examines ways to protect computer systems, emphasizing access control, password management, staff training, and the importance of firewalls and backups. The report also explores Deep Packet Inspection (DPI) and Packet Stream Analysis, explaining their roles in network security, traffic evaluation, and intrusion detection. DPI is discussed in the context of its processing intensity and importance in curbing misuse, while packet stream analysis is presented as a critical tool for identifying and managing network activities, particularly in detecting and responding to attacks. The report concludes with a summary of the key concepts, emphasizing the importance of a multi-layered approach to cybersecurity.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

TOPIC 3
SYMMETRIC KEY ENCRYPTION:
Symmetric key encryption is a kind of encryption system which uses same keys for
encryption as well as decryption of a communication. Thereby it means the sender and the
receiver are to use the same key for interpreting the communication string. For example, AES
128, AES 192 and AES 256 are some of the most widely used symmetric encryption keys.
The said method of encryption is safe and secure as well as works at a faster pace. But the
disadvantage that it offers is that there is no warranty as to the safe exchanging of keys
between the two parties in a communication (technopedia. 2017). Thus the said methodology
of encryption conforms to a safe way of exchanging data.
PUBLIC KEY ENCRYPTION
Public key encryption is a kind of encryption which utilises two mathematically linked but
keys which are not identical in nature, thus named as private and public. The later key
ensures encryption of information and the former key decrypts the message. It is this
condition which helps to differentiate the same with the symmetric form of encryption. The
one accepting the dialogue will get hold of a special key which is the private or furtive key.
However the key which is available by the one who is to receive the message is termed as
public key. RSA Cryptosystem , EiGamal Cryptosystem and Elliptic Curve Cryptography are
the three most prominent public key. Hence it can be said that public key encryption is a
system which allows occurrence of an encryption only if the public key is available and
decryption only if the private key is available (redhat.com. 2017). In this manner, it is next to
impossible to interpret the private key although the public key is known to the receiver.
HASHING
Alteration of a loop of typesets into a normally known length value of a petite type or key
that denotes the exclusive order is termed as hashing. With a diminutive hashed key, one can
easily search for the various data and strings, instead of searching for the same via an
exclusive value. Hashing also contributes towards encrypting and decrypting of digital
signatures, catalogue the exclusive key and also is utilised in future every time the data is
linked with the assessment or key is to be resumed. It is a monologue operation (James.
2017). Therefore it is established that hashing is one of the most acceptable methods to

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

conform security at the time of process of transmission of strings of communication specially
when the message is for an exclusive receiver.
It is the symmetric key encryption methodology which is the best for maintaining both
authentication and confidentiality of information.
REFERENCES:
James,M. (2016). Hashing: The Greatest Idea in Programming. Retrieved from http://www.i-
programmer.info/babbages-bag/479-hashing.html
Redhat.com. (2017). Chapter 1: Introduction to Public Key Cryptography. Retrieved from
https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/
html/Deploy_and_Install_Guide/Introduction_to_Public_Key_Cryptography.html
Technopedia. (2016). Symmetric Encryption. Retrieved from
https://www.techopedia.com/definition/1789/symmetric-encryption
TOPIC 4
Denial of Service attacks (DOS) wherein the attackers ensure that the network users are
unable to use the information by flowing in a huge number of requests that link the resources
is one such cyber threat which is feared by all. Thus an intended attempt to ensure crippling
of a network or a website from its expected users can be listed under the DOS attack. Two
ways to defend your company from denial of service attacks are:
1. First method of defending against the DOS attack is the companies can buy and
position specific DOS alleviation equipments. It is a specialised hardware that is
placed within the information centre of a company in abut of the regular servers and
routers and a specially formulated in such a way which helps to find out and sort the
malware traffic. The said deice is a costly one and is useful only when there is a DOS
attack. Further it should be updated on a frequent basis so that the attack can be
defended well as the older versions may not be able to deal with the same. Further to
this the said method is highly useful for defending a small network attack and not a
voluminous one.
2. In the world of cloud computing, it is equally important for the enterprises who have
opted for cloud storage to ensure that defend is ready against the attacks to the cloud

servers. Thereby the Cloud mitigation providers help to deal with the said attack. A
huge amount of network bandwidths have been constructed and DOS lessening
competence at various places surrounding the internet that has the potential to capture
any kind of network traffic. They can scrub the traffic and only send the unaffected
data to the data center. The said type of protection calls for expertise who are required
to check on a continuous basis the various ways of DOS being used by the malafide
people. It helps in filtering at various layers which is very crucial in this complex
method of storage of data (Leach 2013).
REFERENCES:
Leach,S. (2013).Four ways to defend against DDoS attacks. Retrieved from
https://www.networkworld.com/article/2170051/security/tech-primers-four-ways-to-
defend-against-ddos-attacks.html
TOPIC 5
It has become almost impossible for the entities and individuals to live without their PCs and
laptops. When it comes to a company, then the entire system is interconnected in such a
manner that the said system no more remains as simple. Thereby it is very crucial to ensure
that the said systems are being protected well from various attacks as one attack may lead to a
huge loss of data in monetary terms as well. Some of the ways of protecting the same are:
1. Access of the systems are not given to all, but to only very specific people who are
highly trusted.
2. The crucial and the most wanted data and reports should be safeguarded by applying
strong passwords due to which any kind of access which is not authorised can be
prevented.
3. Apart from penning down the security rules, the system administrator should impart
adequate training on a regular basis.
4. Installation of firewalls and timely backups also prevent data being lost by malicious
attacks.

5. Lastly, mails from unknown sources should not be opened and the attachments should
not be downloaded as they may contain viruses which may infect the entire system
(Shinder 2007).
Apart from the above, various times one deletes data and thinks the same is no more available
to be accessed. However these deleted database are stored in the recycle bins from where it
can be easily restored back. Hence the same should be protected by a passcode which would
ensure that unauthorised accessibility is denied.
So as to prevent robbery of the company’s PCs and laptops, the entities should ensure
maintenance of a log book which would mention the inventory of stock of these systems.
Apart front he same, those systems which have been out of use for quite sometime should be
kept in a room which is locked and a security alert bell should be mounted which would ring
as soon as unauthorised individuals try to enter the system (National Centre for Education
Statistics. 2017). Lastly, the security of accessibility of long unused PCs can be maintained
by ensuring that a strong password is given which would make access difficult.
REFERENCES:
National Centre for Education Statistics. (2017). Security Policy: Development and
Implementation. Retrieved from https://nces.ed.gov/pubs98/safetech/chapter3.asp
Shinder,D. (2007). 10 physical security measures every organization should take. Retrieved
from http://www.techrepublic.com/blog/10-things/10-physical-security-measures-
every-organization-should-take/
TOPIC 6
DEEP PACKET INSPECTION (DPI)
DPI is a sort of computer network packet which helps in evaluation and inspection of the data
collection transmitted from one PC to the other with the help of a network. It is a
complicated method which works at the seventh step of the Open System Interconnection
suggestion model. The importance of the vendors who supply DPIs have augmented over the
years simply because of the large number of attacks being done due to the internet due to
which people are more inclined towards ensuring that the incorrect use of the system are

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

curbed (Ohlhorst, 2014). DPI along with serving to the header and footer of a document, also
caters to the main content and hence checks for illegality if any (tec.gov.in. 2015). The DPI is
processing intensive because it concerns about the various grounds which are a part of the
packet, hence because of this the DPI demands for more time and processing power and
thereby have the courage to do it a 10Gbps.
PACKET STREAM ANALYSIS
At the time of working on arresting the machines, there may be innumerable instances of
network activities which are on the go. For example many websites have been opened with
the help of a single browser and there comes an instance when it becomes difficult to manage
the same, it is then when the packet streams have a role to perform. Hence while any
application analyse, it is critical to use the packet arrest solutions because they permit usage
of main packets engaged in the user dialogues and find out the fundamental grounds of an
issue. Also one can summarise the same by saying that it is critical because a singular packet
will not acquire much latent to decide certain type of attacks. For example it calls for various
packets to search whether a network is taken care of in a pre-defined manner and checked
into or if a TCP half-open DOS attack is occurring(Netfort.com. 2014).
Packet stream analysis needs the Intrusion Detection System to re-establish and distinguish
the packets so as to wrap up if an attack is intriguing. The enlarged packet whole and re-
enactment spots a vast indulgence strain on IDS.
REFERENCES:
tec.gov.in. (2015). Deep Packet Inspection. Retrieved from
http://tec.gov.in/pdf/Studypaper/White%20paper%20on%20DPI.pdf
Netfort.com. (2014). Flow Analysis Versus Packet Analysis . What Should You Choose?
Retrieved from
https://www.netfort.com/wp-content/uploads/PDF/WhitePapers/NetFlow-Vs-Packet-
Analysis-What-Should-You-Choose.pdf
Ohlhorst,F. (2014). Why Deep Packet Inspection still matters .Retrieved from
http://www.techrepublic.com/article/why-deep-packet-inspection-still-matters/