Ethical Hacking
What is ethical Hacking?
Ethical hacking is legally breaking into computers and devices to test an organization’s defenses. This practice is legal and have no threat of being arrested. This is used to identify vulnerabilities in systems by companies.
Cyber Security and Security Concerns
A threat is a potential risk that exploits a vulnerability to infringe security and cause probable damage to the information or service stored in computer systems or through communication links.
Common security concerns are Malware Ransomware Spyware Adware RATS Spoofing Rootkits Eploit kits Backdoor Worms Mass surveillance Phishing Vishing Spam. To defend your system from these types of threats, the system should be protected by a defensive mechanism. Here is the place where cyber security comes to role. Cyber security helps in protecting the information in the system from theft and damage.
The below diagram shows the overview of an information security system. Cyber adversaries are the people who intend to perform malicious actions against a cyber system.
Security assets are anything that supports information related activities like files, data, hardware elements, software elements and processes. These should be protected from unauthorized access, use, disclosure, alteration, destruction, and theft. CIA traid comes into play in here.
CIA Traid
CIA describes the most crucial components of security. This gives a basis for developing a cyber security system and information security policies. There are three components.
- Confidentiality — This prevents the system from unauthorized disclosure of systems and information.
- Integrity — This prevents unauthorized modification of systems and information.
- Availability — This prevents disruption of service and productivity.
Access Control and its Services
Access control. It is the process of identifying a subject and determining their level of access to an object. There are three access control types as physical, logical and administrative.
Logical access control system prevents virtual/electronic access. It performs identification, authentication, authorization, and accountability (AAA).
- Authentication is identifying the real owner or the user. It is easy to proves one’s identity in the human world than the digital world. In the digital world, it is mutual identification is used. Passwords, smart-cards, biometric information, IP addresses are some methods used for authentication. Passwords can be hacked by brute force attacks, dictionary attacks, phishing and many more. To make a strong password, use long passwords, mix letters, numbers, and symbols, and use the “diceware” method to produce a password. NIST, 2FA and using password manager are password security best practices.
- Authorization is determining someone’s access permissions within a system. Models like discretionary access control (DAC), mandatory access control (MAC), role-based access control (RBAC) and rule-based access control (RB-RBAC) are some models used in authorization.
- Accountability ensures whether the users are accountable for their actions.
Authentication, Authorization and Accountability should be performed in the system one after another, respectively.
Role of Machine Learning in Cyber Security
Machine learning plays a major role in cyber security.
Security projects that uses machine learning:
- Cyber Early Warming System (CEWS)
- App Collusion Detection (ACiD)
- Secure the Automobile (SEAT)
- Securing Against the Insider Threat
- IoT Security monitoring
- VoIP Fraud Monitoring
There are some challenges faces in using machine learning in security. low fault tolerance rates, lack of data availability are main challenges faced.
Conclusion
CIA concept is the cornerstone of information security. various security controls should be considered when dealing with sensitive security assets. Access control provides AAA services (Authentication, Authorization and Accountability). Machine learning plays a major role in security but still there are issues to overcome.
