Before a detailed discussion about the issue of social engineering on the context of cyber security is done, it is very important to understand what social engineering connotes. It is a skill of manoeuvring individuals in such a manner that they end up compromising upon the private and secret information they possess. The kind of data that these hackers try to take out of the people is different and circumstantial. Generally these criminals are trying to ploy to get hold of passwords and bank account details or get an access to the system so as to inject malware and thus get a hold over one’s system. Therefore criminals and attackers usually take recourse into social engineering methods as they find it easy to take advantage of the trust people entrust on a person. The biggest problem that can be understood is the blind trust that a person puts upon another thereby ending up disclosing such information which are highly confidential in nature ((Kumar et.al. 2015). Thus without knowing the background of a person thoroughly, if a person is being trusted then there are high chances of facing vulnerable consequences.
There are various ways and means through which social engineering attacks in context to cyber security are being made. First and one of the easiest ways is by sending emails. If the attacker gets hold of an email password of a person, then he can get an access to the entire contact list as well and many a times a way to even hack the bank accounts as well. Thus once the hacker has a particular email id under his control then he may end up sending mails from that id to the people stored in the contact list containing such malicious software or illegitimate data such as asking for donation for a charitable trust(Conteh & Schmick 2016). The attacker may send a link to the contact list people and they trusting the fact that it has come from their friend, may end up opening the same which would lead to giving access to the criminal to the other person’s system as well. Second technique is known as phishing wherein the attacker usually sends mails, comments or such text messages that seem to have been sent via a lawful and trustworthy source. Such messages may contain information about any incident, or requesting for help or even making a person feel that he has won a lottery (Rader, & Rahman, 2013).
These two are the most common ways of attacking the people’s trust. There are various ways corroborated to deal with such social engineering cyber attacks. One of the most common is education and awareness. People should be educated and trained from time to time not to disclose their confidential data to anyone but only for themselves. Further data should not be shared via messenger or chats or phone calls to person they do not know or whose activities create suspicion in our minds. If any mail is being received from a person who is unknown, such mails should be immediately deleted or if it has come from a known source but seems to be unusual evsoftware. en then the same should not be clicked as it may be a malware attack. One should not click on links which mentions incorrect spellings or is not from the official website of the companies. Further to his one of the recent techniques adopted by various companies to deal with the issue of baiting is blocking of insertion of USB devices as baiting is known to be the digital equivalent of an online Trojan Horse wherein the criminals prompt illegal messages luring the users to plug in their USB devices and in turn hack the system (Perlman 2014). Lastly, the future of data hacking is so strong and detrimental that a twin authentication factoring is a must so as to make it very difficult for the attackers to become a part of the organization’s IT system.
Prior to understanding the meaning and schemes of symmetric and asymmetric encryption it is crucial to know the meaning of encryption. The said term is being used since ancient times for security purposes during war times. It basically is a procedure of encoding messages so as to fool the other parties. Thus in terms of information system it is rightly said to be a method of converting normal text data into such a form with the help of varying algorithms so that it is not understandable by any layman. Thus it is a methodology basically used for safeguarding confidential data from being stolen or mishandled (Rouse, 2013). There are two ways of encryption i..e symmetric and asymmetric.
The former method of encryption is an easy and a faster one wherein a common key is used for both encryption as well as decryption of information. The said key can be any numeric value, alphanumeric or a word which is used to alter the text of the message being sent in a specific manner. But since the sender and receiver of message are aware of the key they can easily decode the message. However the biggest drawback of the said method encryption is the fact that the key has to be exchanged between the two parties in a secret manner so that the same is not leaked (Bisht & Singh, 2015). However an asymmetric method of encryption offers two different keys for encoding and decoding messages. A public key is used for encoding the text message whereas a private key is used for decoding the same at the other end. Thus unlike the symmetric cryptography, the said method is slow due to heavy computational load. The most widely used symmetric keys are DES,3DES, AES and RC4 and asymmetric keys are Diffie-Hellman and RSA. Due to the same, the symmetric method is used for transmitting huge volumes of information whereas the asymmetric methodology is applied for interchanging confidential keys (Higashi, 2013).
The main strong point for using asymmetric method of encryption is that it has the potential to sustain a safe channel above the unsafe mode such as the internet. The same happens by sharing only the public keys which used only for encryption and the private keys used for decryption is not exchanged thus ensuring greater amount of safety in comparison to the symmetric mode of cryptography. However both methods can be attacked by criminals. Brute-force attack is one of the most common method of attacking and braking through a symmetric encryption system wherein all the possible combinations are tried using a trial and error method. Therefore to ensure that such an attack is prevented successfully, the key size should be adequately long thus presently the AES algorithm of 256- bit key is found to be one of the most secured amongst all. When it comes to attacking a symmetric cryptosystem, the most successful way to intervene into a RSA system is through the method of factoring of RSA’s public module which is a huge number string. Presently, for implementing a RSA system, 2048 bit key is said to be the most secured and more highly confidential data such as national security information, a 4096 bit key is said to be the safest although very expensive (Triparthi, & Agarwal, 2014).
Thus on comparing the two systems it can be construed that although both the methods are safe yet have their own usability and hence depending on the usage, the choice of cryptography should be made else it would turn out to be very expensive.
Importance of the security of the network cannot be under estimated as presently this is the most crucial requirement. Various techniques have been used for ensuring that the data is being kept in safe and secure manner. One of the most talked about method is the Network Intrusion Detection System (NIDS). Various algorithms and techniques have been found out and developed which can discover and fight against the various security threats. However, NIDS has been the most success amongst many. A NIDS’s main goal is to sense the potential invasions into the system such as through any unlawful acts or via viruses thus signalling the required people about such a mishap (Zuech et.al. 2015). It keeps vigilance over the data packets being exchanged via a particular network thus keeping a track of the suspicious data being sent. A bigger NIDS can be installed on the links of the backbone network so as to keep a check on all exchanges happening and also it can be setup on the centralised or the mains server which would scan all the data, find out any malicious acts and thus ensure data reliability is maintained (Kumar, 2007).
However, the current trends show some issues in the NIDS. One of the major limitations is the problem of raising alarms when not needed. Many a times it raises an alarm for such traffic which is not harmful to the system.
However the NIDS’ can be reconfigured so as to deal with the said problem to some extent but not in totality. Further to this, in order to keep a record of the TCP/IP connection, the main network must ensure to keep a track of all single TCP/IP envelopes (Lohiya et.al. 2015).
But there may be a situation when a particular TCP envelop gets reordered or mingled wherein the receiver end may have to reorder the entire packet with the help of a packet sequence number. In such a case attacks such as tear drop try to confuse the procedure of reassembling the stream by forming a cushion spread out with the help of malicious packets or envelops. Unfortunately the main packet does not look any different from an ordinary one so much the system fails to find out the said attack.
The current issues related to NIDS has made it a compulsion for the increased interference of the human communication for effective operations. Although NIDS has the potential of connecting the various attacks on various machines in a particular network system but at the same time it lacks in determination of the main procedures which is happening on the main system (Sharma & Kaur 2014).
Thus the said report highlighted in a very brief and crisp manner what a NIDS is and the current issues. Yet it would be incorrect to say that NIDS has no future since it offers an array of methods to protect the system from various vulnerabilities. However the successful futures without much glitches lies in the fact that the said system of detection should be standardised.
Kumar,S. (2007). Survey of Current Network Intrusion Detection Techniques. Retrieved from https://www.cse.wustl.edu/~jain/cse571-07/ftp/ids/
Lohiya,R. Varma,P. & Patel,Y. (2015). Current Trends in Network Intrusion Detection Techniques. International Journal of Computer Sciences & Communication Networks. 5(2). 72-78
Sharma,M. & Kaur,T. (2014). A Study on Network Intrusion Detection Based on Poractive Mechanism. International Journal of Emerging Research in Management & Technology. 3(1). 9-15
Zuech,R. Khoshgoftaar,T.M. & Wald,R. (2015). Intrusion detection ad Big Heterogeneous Data: a Survey. Journal of Big Data. 2(3). Retrieved from https://journalofbigdata.springeropen.com/articles/10.1186/s40537-015-0013-4
Bisht,N. & Singh,S. (2015). A Comparative Study of Some Symmetric and Asymmetric Key Cryptography Algorithms. International Journal of Innovative Research in Science Engineering and Technology. 4(3). 1028-1031
Higashi,M. (2013). Symmetric vs Asymmetric Encryption – Which Is Best?. Retrieved from https://www.ciphercloud.com/blog/cloud-information-protection-symmetric-vs-asymmetric-encryption/
Rouse,M. (2013). Encryption. Retrieved from https://searchsecurity.techtarget.com/definition/encryption
Triparthi,R. & Agarwal,S. (2014). Comparative Study of Symmetric and Asymmetric Cryptography Techniques. International Journal of Advance Foundation and Research in Computer. 1(6). 68-76
Conteh,N.Y. & Schmick, P.J. (2016). Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research. 6(23). 31-38
Kumar,A., Chaudhary,M. & Kumar, N. (2015). Social Engineering Threats And Awareness : A Survey. European Journal of Advances in Engineering and Technology. 2(11). 15-19
Perlman,M. (2014). 8 Tips to Prevent Social Engineering Attacks. Retrieved from https://lightcyber.com/8-tips-to-prevent-social-engineering-attacks/
Rader, M.A. & Rahman, S.M. (2013). Exploring Historical And Emerging Phishing Techniques And Mitigating The Associated Security Risks. International Journal of Network Security & Its Application. 5(4). 23-41
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2018). Network Intrusion Detection On Poractive Mechanism. Retrieved from https://myassignmenthelp.com/free-samples/network-intrusion-detection-on-poractive-mechanism.
"Network Intrusion Detection On Poractive Mechanism." My Assignment Help, 2018, https://myassignmenthelp.com/free-samples/network-intrusion-detection-on-poractive-mechanism.
My Assignment Help (2018) Network Intrusion Detection On Poractive Mechanism [Online]. Available from: https://myassignmenthelp.com/free-samples/network-intrusion-detection-on-poractive-mechanism
[Accessed 09 April 2020].
My Assignment Help. 'Network Intrusion Detection On Poractive Mechanism' (My Assignment Help, 2018) <https://myassignmenthelp.com/free-samples/network-intrusion-detection-on-poractive-mechanism> accessed 09 April 2020.
My Assignment Help. Network Intrusion Detection On Poractive Mechanism [Internet]. My Assignment Help. 2018 [cited 09 April 2020]. Available from: https://myassignmenthelp.com/free-samples/network-intrusion-detection-on-poractive-mechanism.
With time, MyAssignmenthelp.com has become one of the best college essay writing services. Our all rounded services give students the confidence to overcome assignment related issues. Our services are fast enough to meet most urgent deadlines. We are capable of delivering fast essay writing services with the help of our specially designed provisions and writers' teams. Our urgent essay help services guarantee most rapid delivery of assignment solutions. Some of our most popular essay services are application essay help, exploratory essay help, literary review essay help and argumentative essay help.
Answer: Introduction The purpose of the report has been using 7-step SDLC model for helping Lizard Island Resort for developing a new CRM system. Initially, this report introduces about Lizard Island Resort and analyse external and internal environment. Therefore, the current customer relationship management issues and challenges in the Lizard Island Resort. As per the 7-step SDLC model, Lizard Island Resort needs to create a project team for a...Read More
Answer: Introduction Information security management consists of set of policies and rules that are used to secure all the confidential and sensitive information. This security system is used to minimize the risk and assure that business continuity is maintained by making sure that security breach does not occur. In this report, smart software Pvt lmt. Is considered it is one of the leading software company situated in Melbourne. The risk pla...Read More
Answer: Introduction The purpose of this research proposal is to establish a 7-Step Model for Systems Development Life Cycle or SDLC to implement the Operational CRM System within the Primus Hotel in Sydney. This entire implementation plan needs to be developed through an overall background of the organization presented to see whether the implementation is feasible enough. Next, the proposal would analyse the external and the internal environ...Read More
Answer: Introduction This aim of this report is to discuss the implementation of the ERP system in the company Powepod. The company specialises in the business of vending machines and it provides the customers with the battery packs, charger cables and headphones whenever it is required. This business is based in Queensland and it includes the product development, importing and sourcing, marketing and branding, and business development. A bri...Read More
Answer: Implementation of CRM System in Sydney Harbor Marriot Hotel Introduction The upcoming pages of the report deal with implementation of CRM (Customer Relationship Management) in Sydney Marriot by making use of SDLC Model. The report begins with an analysis of internal and external environment of Marriot group (Evanoff 2016). Apart from this, it tends to highlight the importance of new CRM system for achieving its required goals. As per...Read More
Just share your requirements and get customized solutions on time.
Our writers make sure that all orders are submitted, prior to the deadline.
Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.
Feel free to contact our assignment writing services any time via phone, email or live chat.
Our writers can provide you professional writing assistance on any subject at any level.
Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.
Get all your documents checked for plagiarism or duplicacy with us.
Get different kinds of essays typed in minutes with clicks.
Calculate your semester grades and cumulative GPa with our GPA Calculator.
Balance any chemical equation in minutes just by entering the formula.
Calculate the number of words and number of pages of all your academic documents.
Our Mission Client Satisfaction
I hope I get good mark! I hope I get good mark!I hope I get good mark!I hope I get good mark!I hope I get good mark!I hope I get good mark!
HANDED IN ON TIME THOUGH GAVE A VERY SHORT TIME TO DO SO. THE WORK WAS WELL DONE TOO!!
Always impecable work. I super reccoment this service to anyone. The quality of work and agile delivery are the high points.
this was an excellent assignment I cant understand how the assignments can differ in presentation, is it that some writers are trained and some are not.