Internet security

Last updated

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, [1] and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. [2] The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, [3] online viruses, trojans, ransomware and worms.

Contents

Many methods are used to combat these threats, including encryption and ground-up engineering. [4]

Threats

Malicious software

Malicious software comes in many forms, such as viruses, Trojan horses, spyware, and worms.

Denial-of-service attacks

A denial-of-service attack (DoS) or distributed denial-of-service attack (DDoS) is an attempt to make a computer resource unavailable to its intended users. It works by making so many service requests at once that the system is overwhelmed and becomes unable to process any of them. DoS may target cloud computing systems. [5] According to business participants in an international security survey, 25% of respondents experienced a DoS attack in 2007 and another 16.8% in 2010.[ citation needed ] DoS attacks often use bots (or a botnet) to carry out the attack.

Phishing

Phishing targets online users in an attempt to extract sensitive information such as passwords and financial information. [6] Phishing occurs when the attacker pretends to be a trustworthy entity, either via email or a web page. Victims are directed to web pages that appear to be legitimate, but instead route information to the attackers. Tactics such as email spoofing attempt to make emails appear to be from legitimate senders, or long complex URLs hide the actual website. [7] [8] Insurance group RSA claimed that phishing accounted for worldwide losses of $10.8 billion in 2016. [9]

Man in the middle

A man-in-the-middle (MITM) attack is a type of cyber attack. Cybercriminals can intercept data sent between people to steal, eavesdrop or modify data for certain malicious purposes, such as extorting money and identity theft. Public WiFi is often insecure because monitoring or intercepting Web traffic is unknown.[ citation needed ]

Application vulnerabilities

Applications used to access Internet resources may contain security vulnerabilities such as memory safety bugs or flawed authentication checks. Such bugs can give network attackers full control over the computer. [10] [11]

Countermeasures

Network layer security

TCP/IP protocols may be secured with cryptographic methods and security protocols. These protocols include Secure Sockets Layer (SSL), succeeded by Transport Layer Security (TLS) for web traffic, Pretty Good Privacy (PGP) for email, and IPsec for network layer security. [12]

Internet Protocol Security (IPsec)

IPsec is designed to protect TCP/IP communication in a secure manner. It is a set of security extensions developed by the Internet Engineering Task Force (IETF). It provides security and authentication at the IP layer by transforming data using encryption. Two main types of transformation form the basis of IPsec: the Authentication Header (AH) and ESP. They provide data integrity, data origin authentication, and anti-replay services. These protocols can be used alone or in combination.

Basic components include:

The algorithm allows these sets to work independently without affecting other parts of the implementation. The IPsec implementation is operated in a host or security gateway environment giving protection to IP traffic.

Threat modeling

Threat Modeling tools helps you to proactively analyze the cyber security posture of a system or system of systems and in that way prevent security threats.

Multi-factor authentication

Multi-factor authentication (MFA) is an access control method in which a user is granted access only after successfully presenting separate pieces of evidence to an authentication mechanism – two or more from the following categories: knowledge (something they know), possession (something they have), and inference (something they are). [13] [14] Internet resources, such as websites and email, may be secured using this technique.

Security token

Some online sites offer customers the ability to use a six-digit code which randomly changes every 30–60 seconds on a physical security token. The token has built-in computations and manipulates numbers based on the current time. This means that every thirty seconds only a certain array of numbers validate access. The website is made aware of that device's serial number and knows the computation and correct time to verify the number. After 30–60 seconds the device presents a new random six-digit number to log into the website. [15]

Electronic mail security

Background

Email messages are composed, delivered, and stored in a multiple step process, which starts with the message's composition. When a message is sent, it is transformed into a standard format according to RFC 2822. [16] Using a network connection, the mail client sends the sender's identity, the recipient list and the message content to the server. Once the server receives this information, it forwards the message to the recipients.

Pretty Good Privacy (PGP)

Pretty Good Privacy provides confidentiality by encrypting messages to be transmitted or data files to be stored using an encryption algorithm such as Triple DES or CAST-128. Email messages can be protected by using cryptography in various ways, such as the following:

  • Digitally signing the message to ensure its integrity and confirm the sender's identity.
  • Encrypting the message body of an email message to ensure its confidentiality.
  • Encrypting the communications between mail servers to protect the confidentiality of both message body and message header.

The first two methods, message signing and message body encryption, are often used together; however, encrypting the transmissions between mail servers is typically used only when two organizations want to protect emails regularly sent between them. For example, the organizations could establish a virtual private network (VPN) to encrypt communications between their mail servers. [17] Unlike methods that only encrypt a message body, a VPN can encrypt all communication over the connection, including email header information such as senders, recipients, and subjects. However, a VPN does not provide a message signing mechanism, nor can it provide protection for email messages along the entire route from sender to recipient.

Message Authentication Code

A Message authentication code (MAC) is a cryptography method that uses a secret key to digitally sign a message. This method outputs a MAC value that can be decrypted by the receiver, using the same secret key used by the sender. The Message Authentication Code protects both a message's data integrity as well as its authenticity. [18]

Firewalls

A computer firewall controls access to a single computer. A network firewall controls access to an entire network. A firewall is a security device — computer hardware or software — that filters traffic and blocks outsiders. It generally consists of gateways and filters. Firewalls can also screen network traffic and block traffic deemed unauthorized.

Web security

Firewalls restrict incoming and outgoing network packets. Only authorized traffic is allowed to pass through it. Firewalls create checkpoints between networks and computers. Firewalls can block traffic based on IP source and TCP port number. They can also serve as the platform for IPsec. Using tunnel mode, firewalls can implement VPNs. Firewalls can also limit network exposure by hiding the internal network from the public Internet.

Types of firewall

Packet filter

A packet filter processes network traffic on a packet-by-packet basis. Its main job is to filter traffic from a remote IP host, so a router is needed to connect the internal network to the Internet. The router is known as a screening router, which screens packets leaving and entering the network.

Stateful packet inspection

In a stateful firewall the circuit-level gateway is a proxy server that operates at the network level of an Open Systems Interconnect (OSI) model and statically defines what traffic will be allowed. Circuit proxies forward network packets (formatted data) containing a given port number, if the port is permitted by the algorithm. The main advantage of a proxy server is its ability to provide Network Address Translation (NAT), which can hide the user's IP address from the Internet, effectively protecting internal information from the outside.

Application-level gateway

An application-level firewall is a third-generation firewall where a proxy server operates at the very top of the OSI model, the IP suite application level. A network packet is forwarded only if a connection is established using a known protocol. Application-level gateways are notable for analyzing entire messages rather than individual packets.

Browser choice

Web browser market share predicts the share of hacker attacks. For example, Internet Explorer 6, which used to lead the market, [19] was heavily attacked. [20]

Protections

Antivirus

Antivirus software can protect a programmable device by detecting and eliminating malware. [21] A variety of techniques are used, such as signature-based, heuristics, rootkit, and real-time.

Password managers

A password manager is a software application that creates, stores and provides passwords to applications. Password managers encrypt passwords. The user only needs to remember a single master password to access the store. [22]

Security suites

Security suites were first offered for sale in 2003 (McAfee) and contain firewalls, anti-virus, anti-spyware and other components. [23] They also offer theft protection, portable storage device safety check, private Internet browsing, cloud anti-spam, a file shredder or make security-related decisions (answering popup windows) and several were free of charge. [24]

Wireless Sensor Networks (WSNs)

A promising technology with low production and installation costs, unattended network operation, and autonomous longtime operation. According to research, building a secure Internet of Things (IoT) should start with securing WSNs ahead of other components. [25]

History

At the National Association of Mutual Savings Banks (NAMSB) conference in January 1976, Atalla Corporation (founded by Mohamed Atalla) and Bunker Ramo Corporation (founded by George Bunker and Simon Ramo) introduced the earliest products designed for dealing with online security. Atalla later added its Identikey hardware security module, and supported processing online transactions and network security. Designed to process bank transactions online, the Identikey system was extended to shared-facility operations. It was compatible with various switching networks, and was capable of resetting itself electronically to any one of 64,000 irreversible nonlinear [ disambiguation needed ] algorithms as directed by card data information. [26] In 1979, Atalla introduced the first network security processor (NSP). [27]

See also

Related Research Articles

In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).

In computing, Internet Key Exchange is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS ‒ and a Diffie–Hellman key exchange to set up a shared session secret from which cryptographic keys are derived. In addition, a security policy for every peer which will connect must be manually maintained.

Various anti-spam techniques are used to prevent email spam.

Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

Crimeware is a class of malware designed specifically to automate cybercrime.

<span class="mw-page-title-main">Wireless security</span> Aspect of wireless networks

Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks, which include Wi-Fi networks. The term may also refer to the protection of the wireless network itself from adversaries seeking to damage the confidentiality, integrity, or availability of the network. The most common type is Wi-Fi security, which includes Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is an old IEEE 802.11 standard from 1997. It is a notoriously weak security standard: the password it uses can often be cracked in a few minutes with a basic laptop computer and widely available software tools. WEP was superseded in 2003 by WPA, a quick alternative at the time to improve security over WEP. The current standard is WPA2; some hardware cannot support WPA2 without firmware upgrade or replacement. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP. Enterprises often enforce security using a certificate-based system to authenticate the connecting device, following the standard 802.11X.

A spoofed URL involves one website masquerading as another, often leveraging vulnerabilities in web browser technology to facilitate a malicious computer attack. These attacks are particularly effective against computers that lack up-to- security patches. Alternatively, some spoofed URLs are crafted for satirical purposes.

Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Disposable email address or "masked" email is a different topic, providing a masked email address that is not the user's normal address, which is not disclosed, but forwards mail sent to it to the user's real address.

Defensive computing is a form of practice for computer users to help reduce the risk of computing problems, by avoiding dangerous computing practices. The primary goal of this method of computing is to be able to anticipate and prepare for potentially problematic situations prior to their occurrence, despite any adverse conditions of a computer system or any mistakes made by other users. This can be achieved through adherence to a variety of general guidelines, as well as the practice of specific computing techniques.

There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.

TCP reset attack, also known as a forged TCP reset or spoofed TCP reset, is a way to terminate a TCP connection by sending a forged TCP reset packet. This tampering technique can be used by a firewall or abused by a malicious attacker to interrupt Internet connections.

Mobile security, or mobile device security, is the protection of smartphones, tablets, and laptops from threats associated with wireless computing. It has become increasingly important in mobile computing. The security of personal and business information now stored on smartphones is of particular concern.

Cyber crime, or computer crime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Netcrime refers, more precisely, to criminal exploitation of the Internet. Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, identity theft, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.

<span class="mw-page-title-main">Email hacking</span> Unauthorized access to, or manipulation of, an email account or email correspondence

Email hacking is the unauthorized access to, or manipulation of, an account or email correspondence.

The following outline is provided as an overview of and topical guide to computer security:

Endpoint security or endpoint protection is an approach to the protection of computer networks that are remotely bridged to client devices. The connection of endpoint devices such as laptops, tablets, mobile phones, Internet-of-things devices, and other wireless devices to corporate networks creates attack paths for security threats. Endpoint security attempts to ensure that such devices follow a definite level of compliance to standards.

In cybersecurity, cyber self-defense refers to self-defense against cyberattack. While it generally emphasizes active cybersecurity measures by computer users themselves, cyber self-defense is sometimes used to refer to the self-defense of organizations as a whole, such as corporate entities or entire nations. Surveillance self-defense is a variant of cyber self-defense and largely overlaps with it. Active and passive cybersecurity measures provide defenders with higher levels of cybersecurity, intrusion detection, incident handling and remediation capabilities. Various sectors and organizations are legally obligated to adhere to cyber security standards.

Data center security is the set of policies, precautions and practices adopted at a data center to avoid unauthorized access and manipulation of its resources. The data center houses the enterprise applications and data, hence why providing a proper security system is critical. Denial of service (DoS), theft of confidential information, data alteration, and data loss are some of the common security problems afflicting data center environments.

This is a list of cybersecurity information technology. Cybersecurity is security as it is applied to information technology. This includes all technology that stores, manipulates, or moves data, such as computers, data networks, and all devices connected to or included in networks, such as routers and switches. All information technology devices and facilities need to be secured against intrusion, unauthorized use, and vandalism. Additionally, the users of information technology should be protected from theft of assets, extortion, identity theft, loss of privacy and confidentiality of personal information, malicious mischief, damage to equipment, business process compromise, and the general activity of cybercriminals. The public should be protected against acts of cyberterrorism, such as the compromise or loss of the electric power grid.

Internet security awareness or Cyber security awareness refers to how much end-users know about the cyber security threats their networks face, the risks they introduce and mitigating security best practices to guide their behavior. End users are considered the weakest link and the primary vulnerability within a network. Since end-users are a major vulnerability, technical means to improve security are not enough. Organizations could also seek to reduce the risk of the human element. This could be accomplished by providing security best practice guidance for end users' awareness of cyber security. Employees could be taught about common threats and how to avoid or mitigate them.

References

  1. "What Is Internet Security? | McAfee". www.mcafee.com. Retrieved 2021-09-05.
  2. Gralla, Preston (2007). How the Internet Works . Indianapolis: Que Pub. ISBN   978-0-7897-2132-7.
  3. Rhee, M. Y. (2003). Internet Security: Cryptographic Principles, Algorithms and Protocols. Chichester: Wiley. ISBN   0-470-85285-2.
  4. "101 Data Protection Tips: How to Keep Your Passwords, Financial & Personal Information Safe in 2020". Digital Guardian. 2019-12-16. Retrieved 2020-10-23.
  5. Yan, Q.; Yu, F. R.; Gong, Q.; Li, J. (2016). "Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges". IEEE Communications Surveys and Tutorials. 18 (1): 602–622. doi:10.1109/COMST.2015.2487361. S2CID   20786481.
  6. Izak, Belarua. "Welke virusscanners zijn het beste voor macOS High Sierra". Virusscanner MAC (in Dutch). Retrieved 4 January 2018.
  7. Ramzan, Zulfikar (2010). "Phishing attacks and countermeasures". In Stamp, Mark; Stavroulakis, Peter (eds.). Handbook of Information and Communication Security. Springer. ISBN   978-3-642-04117-4.
  8. van der Merwe, Alta; Loock, Marianne; Dabrowski, Marek (2005). "Characteristics and Responsibilities Involved in a Phishing Attack". Proceedings of the 4th International Symposium on Information and Communication Technologies. Trinity College Dublin: 249–254. ISBN   978-1-59593-169-6 . Retrieved 4 January 2018.
  9. Long, Mathew (February 22, 2017). "Fraud Insights Through Integration". RSA. Archived from the original on October 20, 2018. Retrieved October 20, 2018.
  10. "Improving Web Application Security: Threats and Countermeasures". msdn.microsoft.com. 14 July 2010. Retrieved 2016-04-05.
  11. "Justice Department charges Russian spies and criminal hackers in Yahoo intrusion". Washington Post. Retrieved 15 March 2017.
  12. "Securing the Network Layer Against Malicious Attacks". TDK Technologies. October 27, 2020.
  13. "Two-factor authentication: What you need to know (FAQ) – CNET". CNET. Retrieved 2015-10-31.
  14. "How to extract data from an iCloud account with two-factor authentication activated". iphonebackupextractor.com. Retrieved 2016-06-08.
  15. Margaret Rouse (September 2005). "What is a security token?". SearchSecurity.com. Retrieved 2014-02-14.
  16. Resnick, Peter W. (2001). Resnick, P (ed.). "Internet Message Format". tools.ietf.org. doi: 10.17487/RFC2822 . Retrieved 2021-05-01.
  17. "Virtual Private Network". NASA. Archived from the original on 2013-06-03. Retrieved 2014-02-14.
  18. "What Is a Message Authentication Code?". Wisegeek.com. Retrieved 2013-04-20.
  19. "Browser Statistics". W3Schools.com. Retrieved 2011-08-10.
  20. Bradly, Tony. "It's Time to Finally Drop Internet Explorer 6". PCWorld.com. Retrieved 2010-11-09.
  21. Larkin, Eric (2008-08-26). "Build Your Own Free Security Suite". Archived from the original on 2010-11-06. Retrieved 2010-11-09.
  22. "USE A FREE PASSWORD MANAGER" (PDF). scsccbkk.org. Archived from the original (PDF) on 2016-01-25. Retrieved 2016-06-17.
  23. Rebbapragada, Narasu. "All-in-one Security". PC World.com. Archived from the original on October 27, 2010. Retrieved 2010-11-09.
  24. "Free products for PC security". 2015-10-08.
  25. Butun, Ismail (2020). "Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures". IEEE Communications Surveys and Tutorials. 22 (1): 616–644. arXiv: 1910.13312 . doi:10.1109/COMST.2019.2953364. S2CID   204950321 via PISCATAWAY: IEEE.
  26. "Four Products for On-Line Transactions Unveiled". Computerworld . 10 (4). IDG Enterprise: 3. 26 January 1976.
  27. Burkey, Darren (May 2018). "Data Security Overview" (PDF). Micro Focus . Retrieved 21 August 2019.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.