Cyber Security exam 1

biometric verification

"is this person who she says she is?" -one-to-one matching: match against only the person's biometric in the database

biometric identification

"who is this person?", -one-to-many matching: match against all existing biometrics in the datbase

asymmetric cryptography

(aka public-key cryptography) -uses different keys to encrypt and decrypt messages

symmetric cryptography

(aka secret-key/private-key/shared-key cryptography) -uses the SAME key to encrypt and decrypt the plaintext -its simple and fast, but high risk if the key is leaked to an intruder

substitution methods: replace letters or letter groups

-Caesar cipher -ROT 13 -Multi-alphabet substitution -enigma

hashing

-a core element of a digital signature systems -a method of validating the integrity of content by detecting modification of the content

password management

-avoid writing passwords down -do not share with other people -change passwords regularly

security challenges of biometrics

-biometric spoofing: use artificial replications of biometric sample to trick system

Caesar Cipher

-developed in ancient Rome -named after Julius Caesar, who used it with a shift of three to protect important military messages -letters shift 3 back (D becomes A, E becomes B, etc)

physiological biometrics

-face print -facial thermogram -fingerprints -hand geometry -iris pattern -retinal pattern -vein pattern

behavioral biometrics

-gaits -keystroke dynamics -linguistic style -mouse dynamics -signature recognition -touch dynamics -voiceprint

types of system intrusions

-hackers -crackers: with malevolent intent

issues of risk assessment

-it is often difficult to calculate risk -indirect human factors are often ignored due to the difficulty of assessing them

password selection

-length -composition- use alphabetic, numeric, and punctuation characters -avoidance of reusing passwords from other systems -avoidance of dictionary words and personal information

Secure Hash Algorithm (SHA)

-most widely used

single-factor authentication

-only one factor is used to authenticate users -not recommended for critical systems

types of cryptography

-password hashing -encrypted emails -encrypted online payments -disk encryption -bitcoin

privacy challenges of biometrics

-personal data can be easily collected without consent -geolocation tracking technologies make constant surveillance easier -biometric identification stored in databased can be hacked

Rail fence (transposition)

-set the number of "rails" (key of the cipher) -write the plain text diagonally on successive "rails"

authentication factors: ownership factors

-something the user has (ID card, security token, implanted device, cell phone with built-in hardware token, etc)

Authentication factors: inherence factors

-something the user is or does (fingerprint, retinal pattern, signature, face, voice, keystroke dynamics, mouse dynamics, etc)

authentication factors: knowledge factors

-something the user knows (password, personal identification number, security question etc)

SSO (single sign-on

-use a single ID and password to access multiple systems -it reduces the number of passwords the user is required to remember

multi-factor authentication

-use multiple types of authentication factors

types of malware

-viruses -trojan horse -spyware -logic bomb -ransomware

three pillars of cybersecurity

1. people 2. process 3. technology

CIA triad (the three tenets of information security)

1. protect the CONFIDENTIALITY of data 2. preserve the INTEGRITY of data 3. promote the AVAILABILITY of data for authorized entity

popular algorithms in symmetric cryptography

Data encryption standard (DES), advanced encryption standard (AES), etc

types of insider threats - careless insiders

Ignore security rules or policies

Denial of Service (DoS) attacks

Make a system or network resource unavailable to its intended users by disrupting services of a host -distributed denial-of-service attacks are from multiple sources

What month is National Cyber Security Awareness Month?

October

popular algorithms of asymmetric cryptography

RSA, Diffie-Hellman, DSA, etc

symmetric vs asymmetric cryptography

Symmetric: -algorithms are faster -key must be transferred through external means Asymmetric: -algorithms are slower and more complex -RSA is not appropriate to encrypt long messages -more secure with two keys

define cybersecurity

The protection of computer systems and networks from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.

what is Stuxnet

a malicious computer worm, reportedly used as attack weapon to damage Iran's uranium enrichment facility in 2007 and 2010

ROT 13

a special case of Caesar cipher -replace a letter with the 13th letter after it

types of insider threats - compromised insiders

accounts are compromised and exploited by cyber criminals

tokens

aka identity token, security token, access token -it is a physical device or software that is used to gain access to an electronically restricted resource

multi-alphabet substitution

an improvement on the Caesar cipher -use multiple numbers to shift letters ex: "lazy dog" becomes "mccz frh" --L => M, A =>C, Z=>C--

web attack

attacks intended to break web applications -SQL injection -cross site scripting

classic cryptograph

before computer age, cryptograph focused on message confidentiality

social engineering

breach through human nature

DAD triad from a hacker's view

disclosure, alteration, denial

insider threats

from people within the organization (employees, former employees, contractors or business associates) who have legitimate access

magic number seven (plus or minus two)

human's short-term memory has limited capacity -according to Miller, most adults can store 5 to 9 items in their short-term memory

human factors in cyber security

humans are the weakest link in security -technologies themselves do not guarantee a secure usage -we need to understand how users interact with technologies and use them effectively

third pillar of cybersecurity - technology

integrated tools for threat detection and mitigation

types of insider threats - malicious insiders

intentionally use their legitimate access to get data or intellectual property

the isolation fallacy

isolation does not make a computer system invulnerable to risk -an isolated computer system has very limited utility

why is Caesar cipher not secure?

it only has 26 possible keys (from 0 to 25) -can be easily hacked using "brute force" technique

human factors include:

lack of motivation -lack of awareness -risky belief -risky behavior -inadequate use of technology

entropy

measures the variation of uncertainty in bits

second pillar of cybersecurity - process

mechanisms to achieve cybersecurity strategies or goals

modern cryptography

much more secure than classic methods. -two main types: -symmetric and assymetric

first pillars of cybersecurity - people

people create risk, they are important asset and the first line of defense

organizational factors in cybersecurity

policies, culture, and management support -high workload and low staffing create a conflict of interest between functionality and information security

transposition method:

re-arrange the order of letters

risk assesment

risk assessment is a very common activity in cybersecurity lifecycle. -what are the vulnerabilities? -What is the likelihood that a vulnerability is exploited? -What is the impact?

creating usable security systems

security systems should be understandable, easy to locate, be visible, and be convenient

"penetrate and patch"

strategy used by security companies only addresses superficial, usually fleeting problems

what is wardriving

the act of searching for Wi-Fi wireless networks, usually from a moving vehicle using a laptop of smartphone

what is cryptography

the practice and study of techniques for secure communication in the presence of third parties called adversaries -it is the art to write or decipher secret code

keyspace

the range of possible values of a random key where c is the number of different values for each character; n is the length of the key

authorization

to verify that "you are permitted to do what you are trying to do"

authentication

to verify that "you are who you say you are"

a transposition cipher

unlike substitution methods, a transposition cipher does not replace letters, it changes the order of letters

digital signatures

used to verify the authenticity of messages, ensure integrity and non-repudiation -use asymmetric encryption in reverse order