Cyber security has been used interchangeably for information security, where later considers the role of the human in the security process while former consider this as an additional dimension and also, focus person has a potential target. However, such discussion on cyber security has important implication as it focuses on the ethical part of the society as a whole. To address the issue of cyber security, various frameworks and models have been developed. It also introduces the concepts of cyber security in terms of its framework, workforces and information related to protecting personal information in the computer. This paper reviews these models along with their limitations and review the past techniques used to mitigate these threats. Furthermore, the report also provides recommendations for future research.
Cyber security has been used interchangeably for information security, where later considers the role of the human in the security process while the former consider this as an additional dimension and also, focus person has a potential target. However, such discussion on cyber security has an important implication as it focuses on the ethical part of the society as a whole. There are various de?nitions of the concept of cyber security with varied aspects such as secured sharing, con?dential and access to information. But still, the de?nitions lacks clarity and consensus. Moreover, cyber security measured with regards to access, integration of data, security, storage and transfer of data through electronic or other modes. Cybersecurity indicates three important factors.
The methods of protecting Information Technology (IT), the data itself, the data being processed and transmitted together with physical and virtual setup, the level of protection obtained by applying such measures and the professional aspects associated [3]. We de?ne that the cyber-security as a measure protecting computer systems, networks, and information from disrup- tion or unauthorized access, use, disclosure, modi?c Viewpoints of cyber security issues reviewed in this paper or destruction. In the context of this review cyber security has been de?ned as the integration of policies, se- curity measures, approaches to risk management, protocols, technologies, process and training which can be utilized in securing the organization and cyber setup along with user assets. This paper focuses on the issues of cyber security threats and summarizes the existing security models represents the main viewpoints reviewed in this paper, which include cyber security workforce, vulnerability scan- ning, email virus ?ltering, personal information protection, prevention of cybersafety, and ?rewall services. The sig- ni?cance of this paper are assisting both academics and professionals gain a holistic view about contemporary cyber security ?eld. The main contributions of this paper have two aspects:
The remainder of this paper is organized by the following orders. Section II reviews and organizes crucial issues in cyber security. A number of aspects are addressed in this section. Next, a discussion about future researches is given in Section III. Finally, we present our conclusions in Section IV.
Cyber security relies upon the care that individuals can take and conclusions they conduct while they organize, manage and utilize systems and internet. Numerous efforts have been made to ?nd the solution for cyber security evaluation challenge and various frameworks have been constructed. However, the frameworks encounter different dif?culties though it was working ?ne initially at the time of development. The restrictions derive from different aspects, such as emerging technologies [9] and facility limitations. Security issues are often considered a tradeoff between security requirements and other bene?ts. A. Cyber security workforce The framework of National Initiative for Cybersecurity Education (NICE) is an inter-agency attempt by the Na- tional Institute of Standards and Technology (NIST). The agency focuses on awareness, cyber security education, awareness, training and professional development. NICE Came up with the Cybersecurity Workforce framework.
This framework insists on recognition by the process of training. Also, accomplishes secure cyber infrastructure as de?ned in the context. Also, the framework has not included the factor new technologies are rapidly emerging that en- hances the challenges in cyber security threats. The scholars also mention that there need to be enough cybersecurity standards and procedures, which need to be frequently reviewed. The researchers further indicate the frameworks has not included the aspects of threats that exploit vulnerable and hence strategies of risk management needs to be addressed. Also, the authors recommend that cybercrime legislation is not in place to handle the criminals. Finally, an effective security strategy can be active in collaboration with modeling business processes.
Cyber safety for protecting personal information in com- puter Cyber-safety is a concept that has been used to explain a set of measures, practices, and actions that help in the protection of computer and privacy from various attacks. At any company, there is a Cyber-safety Program policy, PPM 310-22, which establishes that all devices con- nected to any company electronic communications network must meet certain security standards. As required by the system, most departments offer annual reports de?ning their levels of the compliance. Also, various services are in place to assist all faculty, staff and students to meet the cyber- safety standards. Speci?c information about these services is provided. The cyber safety threats can be caused due to viruses, hackers, identifying thieves, spyware. The virus in- fects the computer through the email attachment and ?le sharing. One infected computer can cause problems to all the computer networks. A people who “trespass” the computer from a remote location are considered as Hackers. These people use a computer to send spam or viruses or do other activities that cause computer malfunction. In the case of identifying thieves, the people who obtain unauthorized access to the personal information like social security, and ?nancial account numbers are considered.
Spyware is software that “piggybacks” on programs that are downloaded and gathers information about online habits and transmits personal information without the users knowledge. In addition to the above-discussed problem, a company may face a number of other consequences if they fail to take actions to protect personal information and user’s computer. The consequence indulges such as loss in the access of campus computer network, con?dential information, inte- gration and access to valuable University data, research on personal electronic data lawsuits, loss of public trust and offer opportunities, pursuit, internal con?ict action and or employment termination. C. Studies of email virus ?ltering Several studies have been conducted on the ?ltering of email virus Prior study had addressed various existing spam detection methods and ?nding the useful, precise, and de- pendable spam detection process. The applications that are currently applied by various anti-spam spam software are considered to be static, which mean that it is quite easy to elude by tweaking the messages. To perform this, the spammer would evaluate the current anti-spam methods and determine the modes to play around with. To combat the spam effectively, it is important to adopt a new technique.
This new approach needs to be complete the spammer’s strategies as they are changed from time to time. It must also able to adapt to the particular organization that it is protecting for the answer lies in Bayesian mathematics. The study ?ndings indicated that some of the spam detection method and the numerous issues associated with the spam. From various studies, it is understood that we will not be able to stop the spam and will be a limit them effectively using Bayesian method when compared to other methods. Moreover, prior research also explored various prob- lems associated with spam and spam ?ltering methods, techniques. The different methods determine the incoming spam methods are Bayesian analysis, Blacklist/Whitelist, Keyword checking and Mail header analysis. The different spam ?ltering techniques adopted Distributed adap- tive blacklists, Rule-based ?ltering, Bayesian classi?er, K nearest neighbors, Support Vector Machine (SVM), Content-based Spam Filtering Techniques - Neural Networks,The multi-layer networks,Technique of search engines,Tech- nique of genetic engineering,Technique of arti?cial immune system.
The study ?ndings revealed that many of the ?ltering techniques are based on text categorization methods, and there is no technique can claim to provide an ideal solution with 0% false positive and 0% false negative. There are a lot of research opportunities to classify multimedia and text messages. Kumar et al. indicated that the spam dataset is ex- amined with the use of TANAGRA data mining tool which determine the ef?cient classi?er in the classi?cation of email spam. Firstly, feature selection and feature construction is conducted to obtain the required characteristics. After that different classi?cation algorithms would be applied to the dataset and a cross-validation would be done on each classi?er. In the end, the best classi?er in email spam is determined on the aspects of precision, error rate and recall. From the obtained results, ?sher ?ltering and runs ?ltering feature selection algorithms performs better classi?cation for many classi?ers. The Rnd tree classi?cation algorithm applied to relevant features after ?sher ?ltering has produced more than 99% accuracy for spam detection. This Rnd tree classi?er is also tested with test dataset which gives accurate results than other classi?ers for this spam dataset.
Studies of ?rewall services Al-Fayyad et al. evaluated the performance of per- sonal ?rewall systems by organizing an arranged walk- through to determine the design factors that could violate the usage standards. In the study of personal ?rewalls usability on Windows XP platform, four modern ?rewalls namely Norton. The study results indicated that Personal ?rewalls encounter poor usability that could lead to vulnerabilities in security. The usability problems could be due to the issue that the data given by the ?rewalls (could be during the process of installing, con?guration or during interaction) was not clear or misleading. Various usability problems have been noticed because of the reduced clarity of alerts. Li evaluated the issues in placing the ?rewalls in the topology of networking design and how to frame the routing tables in the process so that a maximized ?rewall rule set could be minimal that helps to avoid performance bottleneck and limits the security loopholes. There have been two signi?cant contributions that the problems are NP-complete, and that a heuristic solution has been proposed and illustrate the ef?ciency of algorithms using simulations. The outcome of the test indicates that the suggested algorithm has limited the multi-?rewall rule set than other algorithms.
Studies of vulnerability scanning
Sudha Rani et al analyzed Intrusion Detection System (IDS) methods to identify an attack of a computer network. In order to prevent vulnerable virtual machines network, intrusion detection system is proposed. In addition, the study has taken potential security risks as well as the security considerations taken into account for implementing a virtual private network. The study ?ndings revealed General operation ?ow of cybersafety prevention that there is two types of intrusion detection system host based and network based. In addition proposed solution provides information on how to use programmability of software switches based on the solutions that improve the detection accuracy and defeat. Other research focused on the vulnerability as- sessment for automatic environments along with the web applications and various threats which are detected during the vulnerability assessment for different networking prod- ucts.
The study has adopted OpenVas tool with exploratory research method. The study ?ndings revealed some of the methods that can ?x vulnerability for removing threats using the function PHP info () and other methods like Trojan helps in keeping networking systems safe. Ye et al studied the quantitative vulnerability assess- ment model in cyber security for DAS. The evaluation pro- cess is distinguished into three sections namely vulnerability adjacency matrix formation, attack processes modeling, and physical consequences analysis. The increasing smart grid merits cyber security problems has enhanced because of the higher integration of cyber systems to the physical power systems. It has been found that DAS is highly exposed to cyber attacks when compared to various control systems in substations or power plants. However, it has to make sure that each DAS is secure and economically not favorable and technically not essential. The theory involves creating ADG models, evaluation of potential physical effects due to cyber-attacks and sug- gesting vulnerability adjacency matrix to show the con- nection among various weaknesses. Numerous case studies on account of RBTS bus 2 indicate the effectiveness and validation of the proposed vulnerability assessment model.
Prevention of Cybersafety
There are seven signi?cant cyber-safety actions which are Running Anti-virus Software, Installing OS/Software Updates, Preventing Identity Theft, Switch on the Personal Firewalls, Prevent Adware/Spyware, protection of Pass- words and Backing up Important Files [29]. Fig. 2 represents a general operation ?ow of the cybersafety prevention.
Install OS/Software updates:
Running Anti-Virus Software:
Preventing Identity Theft:
Switching on Personal Firewalls:
Protecting passwords:
–Mix upper and lower case letters
–Use a minimum of 8 characters
–Use mnemonics to help you remember a compli- cated password
From the review it was observed that, there are various studies conducted on cyber safety especially earlier studies have tried to attempt the problems linked to spam and spam ?ltering techniques. In speci?c, spam dataset is analyzed using TANAGRA data mining tool to explore the ef?cient classi?er for email spam classi?cation. Further studies also analyzed various existing spam detection meth- ods and identi?ed an ef?cient, accurate, and reliable spam detection method. The usage of personal ?rewall systems by performing a cognitive analysis in determining design elements which would violate the principles of usability.
The issue of how to arrange the topology of ?rewalls in a network design and how the frame the routing tables in execution so that the max ?rewall rule set could be limited. Attribute-based solutions can be an option for speci?c security requirements. The usage of Intrusion Detection System (IDS) procedure to ?nd a computer network attack. The vulnerability assessment in automatic setups together with web applications and other threats, such as data validations. An innovative quantitative vulnerability assess- ment model on cyber security for DAS is evaluated. Further the analysis indicated various safety and prevention functionalities.
From the review, it was found that majority of the studies have been conducted on the email security, ?rewalls, and vulnerabilities. Yet, not many studies from the perspective of password security. There are general recommendations on how to secure the password but not any authenticated protocol to protect the system inherently. Therefore, there is a need for more studies in terms of technics and models from this perspective to ensure that passwords are protected.
Cyber Security Threats and Security Models. (2022, Aug 30).
Retrieved December 15, 2024 , from
https://studydriver.com/cyber-security-threats-and-security-models/
A professional writer will make a clear, mistake-free paper for you!
Get help with your assignmentPlease check your inbox
Hi!
I'm Amy :)
I can help you save hours on your homework. Let's start by finding a writer.
Find Writer