Various counter measures to security attacks

The computers are needed to be protect from the unwanted program threats
.There are many defences against computer attacks, from methodology to
Technology. The broadest tool available to system designers and users is
cryptography.

Security situations
• In an isolated computer, the operating system can reliably determine
sender and recipient of all inter process communication, since it controls
communication channels in the computer.

• In a network of computers, the situation is quite different. A networked

computer receives bits from the wire with no immediate and reliable way
of determining what machine or application sent those bits.

The main reasons we go for cryptographic techniques in networked computers:

1. Operating system cannot decide whether to grant a request when it

cannot trust the named source of the request.
2. OS can’t provide protection for a request or data when it cannot determine
who will receive the response or message contents it sends over the
network.

Cryptography is used to constrain the potential senders and/or receivers of a

message. Modern cryptography is based on secrets called keys that are
selectively distributed to computers in a network and used to process messages.
Cryptography enables a recipient of a message to verify that the message was
created by some computer possessing a certain key—the key is the source of the
message.

The above figure shows the process of cryptography techniques. Cleartext is the
simple message need to be sent over the internet. Data is encrypted using the
key1 and creates the ciphertext. The cipher text is not understandable to the
person not possess the corresponding key for key1. The computer with the key2
relating key1 can view this message and decrypt this data into the readable
cleartext.

Encryption:

Encryption is the process of transforming information (referred to as plaintext)

using an algorithm (called cipher) to make it unreadable to anyone except those
possessing special knowledge, usually referred to as a key. The result of the
process is encrypted information.

There are two types of Encryption:

a) Symmetric encryption: The same key is used for encrypt and decrypt
the information. Symmetric encryption is the oldest and best-known
technique. A secret key, which can be a number, a word, or just a string of
random letters, is applied to the text of a message to change the content
in a particular way. This might be as simple as shifting each letter by a
number of places in the alphabet. As long as both sender and recipient
know the secret key, they can encrypt and decrypt all messages that use
this key.

b) Asymmetric or public key encryption: Different key is used to encrypt

and decrypt the information. The problem with secret keys is exchanging
them over the Internet or a large network while preventing them from
falling into the wrong hands. Anyone who knows the secret key can
decrypt the message. One answer is asymmetric encryption, in which
there are two related keys--a key pair. A public key is made freely
available to anyone who might want to send you a message. A second,
private key is kept secret, so that only you know it.

Any message (text, binary files, or documents) that are encrypted by

using the public key can only be decrypted by applying the same
algorithm, but by using the matching private key. Any message that is
encrypted by using the private key can only be decrypted by using the
matching public key.

This means that you do not have to worry about passing public keys over
the Internet (the keys are supposed to be public). A problem with
asymmetric encryption, however, is that it is slower than symmetric
encryption. It requires far more processing power to both encrypt and
decrypt the content of the message.
Ex: E-mail.

c) Digital certificates: The main purpose of the digital certificate is to

ensure that the public key contained in the certificate belongs to the
entity to which the certificate was issued.

Encryption techniques using public and private keys require a public-key

infrastructure (PKI) to support the distribution and identification of public
keys. Digital certificates package public keys, information about the
algorithms used, owner or subject data, the digital signature of a
 Certificate Authority that has verified the subject data, and a date range
during which the certificate can be considered valid.

Without certificates, it would be possible to create a new key pair and

distribute the public key, claiming that it is the public key for almost
anyone. You could send data encrypted with the private key and the
public key would be used to decrypt the data, but there would be no
assurance that the data was originated by anyone in particular. All the
receiver would know is that a valid key pair was used.

Authentication:
Authentication is any process by which you verify that someone is who they
claim they are. This usually involves a username and a password, but can
include any other method of demonstrating identity, such as a smart card, retina
scan, voice recognition, or fingerprints. Authentication is equivalent to showing
your driver’s license at the ticket counter at the airport.

In general, Authentication is based on- User’s possession of something(a key or

card), user’s knowledge of something(id and password), and /or an attribute of
user (fingerprint, retina pattern, or signature).

Passwords:

The most common approach to authenticating a user identity is the use of

passwords. When the user identifies herself by user ID or account name, she is
asked for a password. If the user-supplied password matches the password stored
in the system, the system assumes that the account is being accessed by the
owner of that account

The passwords are so simple that anyone can guess the weak password
depending upon the person’s information. All too frequently, people use obvious
information (such as the names of their cats or spouses) as their passwords. An
attacker can look over the shoulder of a user (shoulder surfing) when the user
is logging in and can learn the password easily by watching the keyboard.
Anyone with access to the network on which a computer resides can seamlessly
add a network monitor, allowing her to watch all data being transferred on the
network (sniffing), including user IDs and passwords.

One-time Passwords:
To avoid the problems of password sniffing and shoulder surfing, a system could
use a set of paired passwords. When a session begins, the system randomly
selects and presents one part of a password pair; the user must supply the other
part. In this system, the user is challenged and must respond with the correct
answer to that challenge.

In this one-time password system, the password is different in each instance.

Anyone capturing the password from one session and trying to reuse it in
another session will fail. One-time passwords are among the only ways to
prevent improper authentication due to password exposure.

Biometrics:

Biometrics is the science and technology of measuring and analyzing biological

data. In information technology, biometrics refers to technologies that measure
and analyze human body characteristics, such as DNA, fingerprints, eye retinas
and irises, voice patterns, facial patterns and hand measurements,
for authentication purposes.

Palm- or hand-readers are commonly used to secure physical access—for

example, access to a data center. These devices read your finger's ridge
patterns and convert them into a sequence of numbers. Over time, they can
store a set of sequences to adjust for the location of the finger on the reading
pad and other factors. Software can then scan a finger on the pad and compare
its features with these stored sequences to determine if the finger on the pad is
the same as the stored one.

More security defences:

There are many security solutions available for network or system security. Most
security professionals follow the theory of defence in depth, which states that
more layers of defence are better than fewer layers. Consider the security of a
house without a door lock, with a door lock, and with a lock and an alarm.

Security Policies:
The first step toward improving the security of any aspect of computing is to
have a security policy. Policies vary widely but generally include a statement of
what is being secured. For example, a policy might state that all outside
accessible applications must have a code review before being deployed, or that
users should not share their passwords, or that all connection points between a
company and the outside must have port scans run every six months. Without a
policy in place, it is impossible for users and administrators to know what is
permissible, what is required, and what is not allowed. The policy is a road map
to security, and if a site is trying to move from less secure to more secure, it
needs a map to know how to get there.

Virus protection:

Virus creates the unwanted environment in the system. Protection from viruses
thus is an important security concern. Antivirus programs are often used to
provide this protection. Some of these programs are effective against only
particular known viruses. They work by searching all the programs on a system
for the specific pattern of instructions known to make up the virus. When they
find a known pattern, they remove the instructions, disinfecting the program.

User Account Control (UAC):

User Account Control (UAC) is a feature in Windows that can help prevent
unauthorized changes to your computer. UAC does this by asking you for
permission or an administrator‌ password before performing actions that could
potentially affect your computer's operation or that change settings that affect
other users. When you see a UAC message, read it carefully, and then make sure
the name of the action or program that's about to start is one that you intended
to start.

By verifying these actions before they start, UAC can help prevent malicious
software (malware) and spyware from installing or making changes to your
computer without permission.

Firewalling to protect systems and networks

A firewall is software or hardware that checks information coming from the

Internet or a network, and then either blocks it or allows it to pass through to
your computer, depending on your firewall settings.

A firewall can help prevent hackers or malicious software (such as worms) from
gaining access to your computer through a network or the Internet. A firewall can
also help stop your computer from sending malicious software to other
computers.

Conclusion:

The system security is of at most need in now. since, We spend more time with
the computer. If we are unaware of the things happening around the computer
network security and protection, If lose lot of personal information and data to
the attackers. The amount of protection we need depends on how we want to be
protected and how we use the computer. Security programs are tools to get the
protection we need but not a 100% protection if we don’t apply safe computing
techniques. Stay informed on security and privacy matters that you or your
organization is using or will use to be able to implement security policies or
action in preventing security and privacy problems.