Methods to Detect and Prevent Cyber Security Threats

How can we prevent network vulnerabilities?

• There are many methods that an organisation can use to prevent and deal with threats to network security.
• We will cover the following methods:
  • Biometric Measures.
  • Passwords and Usernames.
  • CAPTCHA.
  • Email Confirmations.
  • Anti-Malware Software and Automatic Software Updates.

Fortunately, there are many different security measures in place to help combat some of these threats.

The most commonly used are:

1. Biometric measures - this uses biometrics to confirm a user’s identity. Biometrics relates to the measurements of the body, and could include finger prints, facial recognition, voice recognition or even retinal scanning.
2. Password systems - making use of passwords which are known only by those people who should access the system.
3. CAPTCHA__ __- these are the little boxes that appear on the screen to prove you are not a robot. They include tests such as ‘select all the images of cars’ or ‘what do these words say’. The idea is to provide tasks that are very difficult for computers to perform, but relatively easy for humans. By doing this, it will stop bots from being able to repeatedly access a site to try and crack passwords.
4. Email confirmations - most companies will send through emails to your email account where you are able to complete additional tasks. For example, in order to reset your password, you may answer a few questions online, but the password reset link (or new temporary password) will ultimately be sent to your inbox so that you can confirm the details there.
5. Automatic software updates - by automatically updating software, the bugs that are patched in new updates of programs will be automatically (and therefore quickly) fixed before they can be exploited.

Biometric Measures

Biometric Measures

Biometrics - Biometrics measures physical traits. Biometrics are measures of biological
quantities or patterns but also means measurements of an individual's features, such as
fingerprints, that can identify or authenticate a person. Used this way, a biometric is
a password that cannot be forgotten, lost or stolen.

• Biometrics covers a variety of technologies in which unique identifiable attributes of people are used for identification and authentication.
• These include, a person’s fingerprint scan, retinal (iris) scan, face scan and voice pattern sample which can be used to validate the identity of individua seeking to control access to computers, airlines, databases and other areas which may need to be restricted.
• The probability of two people having identical biological characteristics is extremely rare, and so these methods can be used to positively identify a person.
• Biometric systems are often used on mobile devices and the advantages of these methods over password entry are that it is not possible to steal or forget a biometric characteristic.
• Biometric Measures - Using some part of a person's biology to access a computer/device system, instead of using a password.
• For example:
  • Mobile phones and tablets that unlock on scanning a fingerprint.
  • Doorbells that unlock when a person's iris or retina is scanned.
  • Voice recognition.
  • Face recognition.

Try It: Biometric Research

• Q1: Research two biometric methods and their uses?

Passwords and Usernames - Is a technique of fraudulently obtaining private information,
often using email or SMS.

• Automated procedures that ensure that secure password policies are followed to ensure that users who do not follow these procedures are not allowed into a system.
• Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks.
• In its usual form, it estimates how many tries an attacker who does not have direct access to the password would need on average to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability.
• Using strong passwords lowers overall risk of a security breach, but strong passwords do not replace the need for other effective security controls.
• Passwords should contain a combination of upper and lower-case letters as well as numbers and symbols. (E.G. $tROng [email protected]$worDs).
• Simarly, default passwords can be a problem. For example, a router's new owner might not change the default password from admin or password when they buy it. The default password is usually found in the instruction manual or on the device itself.
• Leaving a default password is one of the major factors in compromising the security of a system.

CAPTCHA

CAPTCHA - Is an acronym for Completely Automated Public Turing test to tell Computers
and Humans Apart. is a type of challenge–response test used in computing to determine
whether or not the user is human.

• A CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass, but current computer programs cannot. For example, humans can read distorted text as the one shown above, but current computer programs cannot.
• The most common type of CAPTCHA was first invented in 1997 by two groups working in parallel. This form of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen.
• Because the test is administered by a computer, in contrast to the standard Turing test that is administered by a human, a CAPTCHA is sometimes described as a reverse Turing test.

• CAPTCHAs have several applications for practical security, including (but not limited to):
  • Preventing Comment Spam in Blogs.
  • Protecting Website Registration.
  • Protecting Email Addresses From Scrapers.
  • Online Polls.
  • Preventing Dictionary Attacks.
  • Search Engine Bots.
  • Worms and Spam.