The Problem Of Cyber Security Solutions

For the purpose of this assignment snort will be used as intrusion detections systems which is an open source IDS, snort has the ability to monitor traffics in real time and packet locking its also inspecting each packets as they enters into the network, Snort can be used as packet sniffer to analyse the network traffic in order to detect any bizarre looking packets or payloads which might have malicious data in it. Snort can also detect payloads attacks against the network or host system including but not limited to stealth port scan, and buffer overflows.

KDDCup99 dataset was introduced at the Third International Knowledge Discovery and Data Mining Tools Competition which was held by DARPA in 1999 .KDDCup99 is a refined data set from DARPA 1998 dataset as it contains only network data[3]. KDDCup99 is commonly used developers and implementers of new IDS to evaluate their systems. IDS systems take the KDDCup99 dataset as an input to train ,test the system and check performance of the IDS in classifying and detecting attack records. KDDCup99 dataset is used by most researchers because it contains 22 different attack types which could be classified into four main attack categories of the network discussed in the previous section. The full DARPA dataset consists of relatively 4,900,000 lines of connection vectors where each single connection vectors consists of 41 features and is marked as either normal or an attack, with exactly one particular attack type [38]. Among the 41 features of the connection, only sixteen significant attributes are considered which are: A1,A5,A6,A8, A9, A10, A11, A13, A16, A17, A18, A19, A23, A24, A32, A33[38] The KDD 99

Network Intrusion Detection: Software exists to watch traffic on your network to search for malicious intent. Is an Intrusion Detection System going to be implemented? An IDS is not a fire and forget type system. It requires constant monitoring. Smaller organizations will be overwhelmed by the amount of information it produces.

CSEC 630 Lab2 -Intrusion Detection System and Protocol Analysis Lab (n.d.). University of Maryland University College. Retrieved from: https://learn.umuc.edu/d2l/common/viewFile.d2lfile/Database/NzkyMzkw/CSEC630_lab2_LEO.pdf?ou=33745

* The Intrusion Detection System (IDS) provides the network with a level of preventive security against any suspicious activity. The IDS achieves this objective through early warnings aimed at systems administrators. However, unlike IPS, it is not designed to block attacks.

The goal of intrusion detection is to monitor network assets, detect anomalous behavior, and identify misuse within a network (Ashoor, Gore, 2011). An intrusion detection system (IDS) is a device or software application that monitors network system activities for malicious activity or policy violations and produces reports to a management station (Kashyap, Agrawal, Pandey, Keshri, 2013), additionally there are three types of IDS:

IDPS technology uses a lot of different methods to detect attacks. Signature-based, anomaly-based, and stateful protocol analysis. Most IDPS technology use multiple methods either separately or together to broaden and have better accuracy detection. The simplest detection method is signature-based because it corresponds to a known attack or type of attack. Signature based detection is the process of comparing observed events with known signatures of attacks to help identify possible attacks. Detection technologies only implementing signature-based attacks will be ineffective at detecting day-zero attacks.

Since the onset of the first packet switching event that many believe to be beginning of the internet, no other technology besides the printing press has ever transformed the ability to deliver information. Although the internet is used by a large percentage of the civilized world, few Americans realize how vital cyberspace is to our national infrastructure. Today, we are faced with even more threats although it has been a recognized problem since 2009, when President Barrack Obama said “The cyber threat is one of the most serious economic and national security challenges we face as a nation. It’s also clear that we’re not as prepared as we should be, as a government or as a country (Obama, 2009).” Every industry that operates in the United States is dependent on the internet for some aspect of their business. Commerce, transportation, financial institutions, military, as well as industrial control systems are all interconnected. This interconnectedness has created vulnerabilities within their infrastructure that have increasingly become targets of terrorists, script kiddies, foreign governments and hackers of all types.

Instability or Stability in the Industrial Revolution: The industrial revolution,which took place in the 18th to 19th century was the process to change from an agrarian economy to a much more industry and machine manufacturing economy. This revolution commenced in Britain were slowly people were starting to adapt new accomodating everyday machines in their homes. Many astounding, innovative far ahead inventors such as Thomas Edison,Henry Ford,James Watt etc, advanced and improved life for humanity by inventing the use of basic materials such as iron and steel,new energy sources including fuels, steam engines, phonographs, light bulbs, airplanes, telephones etc. Although the industrial revolution brought an increase to the economy,preferable machines for everyday use and

Cyber security threats change quickly as Internet increases, and also the related dangers are getting to be progressively international. Being covered against cyber security threats requires almost all end users, actually the most complex versions, to know the particular threats in addition to enhance their particular safety measures with a continuing foundation. On April 28, 2014 President Obama has declared that the “cyber threat is one of the most serious economic and national security challenges we face as a nation” and that “America 's economic prosperity in the 21st century will depend on cyber security.” The internet enables and also helps people in a many ways and a example is collect, store, process huge amounts of data, which includes vulnerable data of small business, transactional and personal. Everything in this world is based on internet now a days.

In recent year’s law and policy makers have expressed alarm at the exponentially growing threat of malicious traffic that has been traveling across the Internet. While most agree that something needs to be done, consensus falls apart around the issues pertaining to cybersecurity policies, laws and enforcement. This policy paper will briefly discuss the current state of our cybersecurity infrastructure. The terms of malicious traffic, liability and its forms will defined, key components will be introduced, the roles that the Internet Service Provider (ISP), software producer, end user, operating systems developer play in this process will be examined and key legislation will be mentioned. These key factors and research herein, help to supply that the liability should lie with the Internet Service Provider should be sought.

Firewalls is categorized as a preventive control which is used as a defense shield around IT systems to keep intruders and hacking from occurring, whereas, an Intrusion Detection System (IDS) which is categorized as a detective control is used to detect intrusions that have already occurred (Cavusoglu, Mishra, & Raghunathan, 2005). However, IDSs are not

Although the test bed is not close to real internet testing the application on it can help to understand the performance of the proposed approach to detect DDoS attack. The real experiments conducted on the testbed to evaluate the performance of the IDR system shows that it is a very effective solution in protecting the network against DDoS attacks.

The increase in the usage of the computer networks leads to the huge rise in the threat and attacks. These attackers change, steal and destroy the valuable information and finally cause complete damage to the computer system of the victim. They affect the performance of the computer system through the misconfiguration activities and generation of software bugs from internal and external networks. Irrespective of the existence of various security mechanism, attackers often attempt to harm the computer system of the intended legitimate users. Hence, security is a main factor for the efficient operation of the network in various applications such as healthcare monitoring, military surveillance, etc. The most common security mechanisms are firewalls, antivirus programs and Intrusion Detection System (IDS).

In the last decade, technology has evolved dramatically. Even to the point in which is indispensable in our lives. As the world becomes more and more interconnected through technology, the amount of information that is stored in servers all around the world continues to grow. At the same time, governments, businesses, organizations, military groups, and terrorist groups are constantly developing new technology in order to achieve a competitive advantage over the rest of the world. The technology of today is much more advanced, powerful, and dangerous than the technology from ten years ago, even to the point in which a single cyber-attack can cause the death of millions of people. For that reason, cyber security has