![]() ![]() 2.9.īefore we can discuss attacks and defences in cyberspace, we must clarify what is at stake. 2.8 before we conclude the chapter in Sect. Finally, we stress the importance of continuous testing in Sect. Subsequently, we present security fundamentals in various domains, namely cryptography for data security in Sect. 2.2 and reviewing typical attack and defence techniques in Sect. We start by defining common threats in Sect. In this chapter, we introduce the basic concepts of cybersecurity. Given these difficulties, there is now much interest in reactive security, which embraces the insight that we cannot prevent all attacks. Sometimes security controls are in place but are not used properly, for instance, because they conflict with the needs of users. ![]() ![]() Therefore, successful attacks are not necessarily the result of negligence. Attackers can choose from a large variety of approaches, while defenders have to pay attention to every detail and be prepared for anything at any time. Moreover, cybersecurity is subject to significant asymmetries. There are not only more devices hooked up to the Internet, but also more manufacturers building them, which increases both the size and diversity of the systems forming the cyberspace and thus the probability of failures. According to Bruce Schneier “complexity is the enemy of security” (Chan 2012). Cyberspace has become the handle of choice to refer to the virtual world created by networked computer systems that affect large parts of our lives securing it is challenging. However, we are still in the process of learning how to secure cyberspace. In addition, we have a number of technical means at our disposal to secure our property and our secrets. We have devised sophisticated laws that govern what is acceptable and what is illegal. In the physical world, we can rely on decades of experience to defend against malicious actors. Honesty was never a given in human history. As asymmetries and externalities are at the core of many security problems, devising effective security solutions that are adopted in practice is a challenge. For instance, well-intended security mechanisms may have undesired side effects such as leaking sensitive information to attackers. Although introductory in nature, this chapter already addresses a number of ethical issues. Finally, the chapter reviews techniques for continuous testing, stressing the need for a free distribution of dual-use tools. Subsequently, selected topics from network security, namely reconnaissance, firewalls, Denial of Service attacks, and Network Intrusion Detection Systems, are analysed. In the following, typical attack strategies and principles for defence are reviewed, followed by cryptographic techniques, malware and two common weaknesses in software: buffer overflows and SQL injections. It begins with common threats to information and systems to illustrate how matters of security can be addressed with methods from risk management. This introductory chapter reviews the fundamental concepts of cybersecurity. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |