Menu

Examination of the Technologies Currently Employed for the Detection of a Worm Attack and Its Subsequent Negation

0 Comment

Lyle (1997) posits that most attacks fall within one of three main categories: attacks on integrity, attacks on confidentiality or attacks on availability. The act of maintaining the integrity of a network is the act of preventing authorized users of the system from making changes beyond their authority, and to prevent unauthorized persons from making changes at all. If the integrity of a system cannot be maintained, then the attacks on confidentiality and availability are much more likely to succeed. Any data stored within a system whose access has been restricted to a set of users can be thought of as confidential. Within a computer network, multiple individuals are performing roles where data access should remain restricted (Lyle, 1997). For example, an Ramp.D department is assumed to be continually engaged in the research, development, and testing of new products. Given that the research and development may involve millions of dollars in expenditure and many millions more in potential profit, it can be safely assumed that the corporation in question would want no unauthorized personnel to access the research data (stored on the department’s computers) under any circumstances. The motivation for attacks is as varied and numerous as the potential attackers in the world. The desired result of an attacker is to compromise security. To accomplish their desires, the attacker must exploit weaknesses within the system they wish to compromise. On a given system any service, protocol or connected system can be viewed as a potential entry point for the attacker. The analogy of a chain is often used when describing the security of a system, in that the weakest member of the system will undoubtedly be the first to fail when tested.At the start of an attack, all the potential attacker may have to go on is the IP address of the machine they want to compromise. While it is conceivable that they could run toolkits that try hundreds or thousands of known vulnerabilities against this IP address, the more than casual attacker will attempt to gather information about their target before launching an attack.