Network Activity
Information security, is very important as it helps to prevent unauthorized access or use and affects every organization including affected medium-sized enterprises. The essence of information data systems cannot be understated and they should thus be secured at all times so as to maintain their resilience and credibility regardless of challenges they face.
An electronic document security system has to be enforced together with new technologies so as to prevent leakage of important customer information from business information systems. As the management, we need to have in place open channels of creating awareness and enhance management support systems that can enhance the overall security of our medium-size online business. Creating awareness can help in reducing fraud and abuse of computing infrastructure hence increase return on investment for the business (Wright, Freedman & Liu, 2008, p. 3). By implementing the electronic document security, we will be able to control confidentiality of information sent to customers or third parties (Smallwood, 2012, p. 10).
Lack of such technologies would cost our enterprise through different illegal means and also result in loss of potential and willing investors. As the management of our medium-size online business, we have to introduce mechanisms and document security systems for preventing data loss and leakage of confidential information to our competitors. By doing this, we will not only protect our company from the dangers and high potential costs of cybercrimes, but also improve our credibility with our customers and partners.
Networks usually perform different roles, and they can be differentiated in terms of their structure, purpose, activities and results.Therefore, network activity is a technique that can be used to depict differences between activities in a particular operation or project.Some of the distinct network activities may include enforcement of relative delays, preferential caching of data, and placing limitations on the effect of administrative utilities on production work. The amount of incoming traffic flow through a firewall is usually used to monitor the differences between network activities. Anomalies in internet packet flow is used to differentiate between the different network activities and malicious activity are usually detected easily because they tend to send excessive traffic hence exhausting the legitimate resources and often targets unused addresses in the network.
Malicious network activity examples may include malicious spams, scanners, worms, and backscatters. Scanners are malicious network activities that come from a single source and usually target the same port in different machines or even different ports on one machine on the network. These will generate excess flow of Internet packet and can also be differentiated by examining the Internet packet size to show whether or not it deviates from the normal. Additionally, scanners can also be differentiated by observing the sources and destinations of the packets. While normal Internet activity possesses different source and destination addresses, the malicious and suspicious Internet activity can share similar source and destination addresses.
The signature-based approach is also used to differentiate these activities by comparing threat signatures to observed events and this helps in identifying particular differences. Malicious network activity can be distinctly identified as they usually originate from the website servers while trying to leave the network through established firewalls. These network activities infiltrate through the firewall and flow into website servers and may also leave the website servers in the nature or form of malicious activity. Compared to normal activity, malicious or suspicious activity flow is much lower.
Traynor, McDaniel, and La Porta identified two new Denial of Service (DoS) threats in cellular services for data. They exploit the link setup and destruction procedures in different networks which implement the General Packet Radio Service (GPRS) by utilizing low traffics on average terms.The first loophole entails the attack of logical channels instead of raw theoretical bandwidth, and this leads to reduction of the amount of traffic necessary to deny service (Traynor, McDaniel, & La Porta, (n.d), p. 311). Thus type of attack exhausts resources and prevents access of service temporarily and can be achieved by sending numerous text messages to a particular network sector consistently so as to ensure that the Temporary Block Flow (TBF) timers expire, resulting in denial of the network from reclamation of its logical resources.
The second loophole or susceptibility is caused by the inefficiency in accessing protocols by cellular data networks and the Internet. The denial of service (DoS) vulnerability happens as a result of similarities in the flow of network treatment, where uniform treatment of all flows regardless of size or duration shows the lack of flexibility of the cellular data network. Any slight changes in the conditions of the system can make it vulnerable to such attacks and because of its rigid design, the subsystems implement assumptions appropriate for one sub-set of traffic on every other traffic. For instance, an attack can occur when such assumptions cause the system to automatically amplify a single incoming packet to a series of expensive delay-inducing setup operations. Similarly changes in system conditions can lead to failure of execution of commands in the system. This ultimately makes the system susceptible to attacks and breakdowns.
By exchanging information between foreign and home base stations systems can authenticate or verify the details of any supplementary characteristics allocated, such as special data services (King, 1995, p. 109).Rogue base or corrupt stations imitate the legitimate base stations so as to confuse the subscribers who are legitimately trying to access services (Burmester, 2006, p. 83).Snarfing involves obtaining large documents from computer programmers without the permission of the author and it usually happens when one uses illegal means such as hacking to access the information of the other programmers.
However, eavesdropping is considered to be legal if used for the general good of the public. An example of this is the interception of the communication of terrorist groups planning an attack on innocent people or even helping in tracking stolen goods. Generally, the security goals of GSM are enhancing confidentiality and anonymity on the radio path. It also aims at preventing fraud by creating strong authentication codes and its ultimate goal is to prevent compromise of security amongst competitors with ill intentions. SMS framework is a platform where people can exchange encrypted and digitally signed text messages. Public key cryptography is usually used in this case to secure communication between private parties.
References
Burmester, M., Yasinsac, A., & International Workshop on Secure Mobile Ad-hoc Networks and Sensors, MADNES 2005. (2006). Secure mobile ad-hoc networks and sensors: First international workshop, MADNES 2005, Singapore, September 20-22, 2005
King, G. A. (1995). Understanding and designing computer networks. Oxford: Newness.
Smallwood, R. F. (2012). Safeguarding critical e-documents: Implementing a program for securing confidential information assets. New Jersey: John Wiey & Sons.
Traynor, P., McDaniel, P., & La Porta, T. (n.d). On attack causality in internet-connected cellular networks. USENIX Association, 16th USENIX Security Symposium. Retrieved from: https://www.usenix.org/legacy/event/sec07/tech/full_papers/traynor/traynor.pdf
Wright, C., Freedman, B., & Liu, D. (2008). The IT regulatory and standards compliance handbook: How to survive an information systems audit and assessments. Burlington, MA: Syngress Publishers.