Open in app

Sign in

Write

Sign in

Cyber Security- Defense Mechanism

Arka Ghosh CS
4 min readJun 15, 2021

As we all know there are innumerous number of cyber attacks and cyber attacks costs billions of dollars of losses annually around the globe. So, obviously people cant just sit around and watch these attacks take place, here comes the concept of defense mechanisms. A defense wall is set up to protect a system or an organization from attacks. There are two types of defense mechanisms: Basic Defense Mechanism and Critical Defense Mechanism. Let us have a look at them individually.

Basic Defense Mechanism:

Anti-Viruses/Anti-Malware/Anti-Spyware:

Malwares are malicious software or piece of code, that damages our system. Anti- Viruses or Anti-Malwares are a type of utility used for scanning and removing viruses from your computer. The definition of the viruses are uploaded into the antivirus software’s database, and the program scans the database for potential theft and filters them out of the system.

Biometric Security:

Our biometrics are unique and it is something that we are and can’t be taken from us by any means. So, it is one of the best possible way to secure our data as no one in the world except us can open or unlock our data. Of course, there are ways to forge our biometrics, but it requires lots of resources and skills which is not easily accessible to every attackers.

Multifactor Authentication:

It uses more than authentication factor to ensure maximum security to our data. Most common authentication factors are as follows:

  1. Something we have[OTP, Decryption Key, etc]
  2. Something we know[Passcode, Password, etc]
  3. Something we are[Biometrics]

On successful authentication of two or more factors access is provided to the user.

Cryptography:

It is a method of changing a plain text into a cipher text using different encryption algorithm, so that if there is a breach in confidentiality, the attacker cannot decipher the text, as they do not possess the decryption key.

Cryptography + Cryptanalysis = Cryptology

Cryptography Block Diagram

Symmetric Key Cryptography: The key for the encryption and decryption is same and it is known as secret key. Some common Symmetric key algorithm are: AES, DES, IDEA, RC4

Asymmetric Key Cryptography: The key for encryption and decryption are different. Both the sender and receiver have a private[Both Sender and Receiver has different Private Key] and public key[Same for everyone]. The keys are combined together to form the encryption and decryption key. Some common algorithm for asymmetric key encryption are: RSA, ECC.

Applications of Cryptography:

  1. Authentication/ Digital Signature.
  2. Password Protection.
  3. PGP(Pretty Good Privacy), SMIME- Email Security.
  4. IPSec, SSL & TLS.
  5. Encrypting File Systems.

Firewalls:

Firewall is a security system that monitors the incoming and outgoing traffic based on the predetermined security rules. It is like a semipermeable wall between a client and the server or internet. It filters out all the untrusted network from accessing the client’s data.

Types of firewalls:

  1. Packet-Filtering Firewalls: It filters the packets that are incoming and outgoing the system.
  2. Circuit-Level Gateways: A circuit-level gateway is a type of firewall. Circuit-level gateways work at the session layer of the OSI model, or as a “shim-layer” between the application layer and the transport layer of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether a requested session is legitimate.
  3. Stateful Inspection Firewall: In computing, a stateful firewall is a network-based firewall that individually tracks sessions of network connections traversing it. Stateful packet inspection, also referred to as dynamic packet filtering, is a security feature often used in non-commercial and business networks.
  4. Application-Level Gateway(Proxy Firewalls): An application-proxy firewall is a server program that understands the type of information being transmitted — for example, HTTP or FTP. It functions at a higher level in the protocol stack than do packet-filtering firewalls, thus providing more opportunities for the monitoring and control of accessibility.
  5. Next-Gen Firewalls: A next-generation firewall is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection, an intrusion prevention system.

Critical Defense Mechanism:

Risk Management:

To understand risk, we need to first understand, vulnerability and threat. Vulnerability is the weakness of a system. The exploitation of a system’s vulnerability is known as threat. So, after knowing vulnerability and threat, the formula of risk stands out to be:

Risk = Known Vulnerability + Possible Threat

The process of reducing risk is known as risk management. The risk management process include:

  1. Identification of Risks
  2. Risk Assessment:

Step 1: Determine Information Value

Step 2: Identify and Prioritize Assets

Step 3: Identify Threats

Step 4: Identify Vulnerability

Step 5: Analyze controls and implement new controls

Step 6: Calculate the likelihood and impact of various Scenarios on a per year basis.

Step 7: Prioritize risks based on the cost of prevention vs information value.

Step 8: Document results in risk assessment report

3. Risk Mitigation Plans:

Risk Acceptance

Risk Transfer

Risk Avoidance

Risk Reduction

4. Implementation and Monitoring

5. Review and Update Risks

Security Control:

The particular mechanisms implemented in order to mitigate the risk, in order to implement security into the system is known as security control.

Defense in Depth

Incidence Response:

Security incidence is an event that complies that the particular system might be compromised.

1.Incidence Response Plan:

Preparation

Identification

Containment

Eradication

Recovery

Lessons Learned

2.Digital Forensics:

Identification

Preservation

Collection

Analyze

Documentation

3.Backup and Recovery

The defense mechanisms are meant to prevent attacks, although they might not be able to prevent attacks to the fullest, they certainly reduced the risks of attacks. With the amount of Cyber Attacks increasing exponentially, it is high time we start taking security seriously and implement defense mechanisms to the fullest.

Cybersecurity
Cyber Attack Prevention
Cyberattack
Networking
Cyber Forensics

--

--

Arka Ghosh CS

Written by Arka Ghosh CS

1 Follower

I am a B.Sc Computer science Student and an aspiring researcher. My research interests include Cyber Security, Information security and Cryptography.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams