30 Oct Submit a reflections paper on your ISS642 readings, exercises and weekly discussion posts. The paper should be at least 2 pages long.? The paper should include: A brief summary of your

1

Research Paper

Steven A. Bruner (4151593)

American Military University

ISSC642

25 Oct 2022

Authentication/ Digital Signatures

Introduction

A digital signature is a numerical tool used to verify the origin and integrity of data stored in a digital format, such as a message, piece of software, or digital document. A digital signature provides the same level of security as a paper document or a stamped seal, but in digital form. The primary purpose of a digital signature is to prevent tampering and identity theft in electronic transactions. Online transaction security is paramount in today’s age of digital communications, making authentication as well as digital signatures indispensable. Digital signature authentication is the method by which the signer demonstrates to the validator that they are the authorized user of the signature in question (Qian et al., 2022). A digital certificate, a cryptographic key used only to sign the digital signature, is typically employed in this process. When a digital signature is made, it must be validated using the digital certificate.

Better security, less fraud, and happier customers are just a few of the outcomes of adopting authentication including digital signatures (Eka Putra et al., 2022). However, there are also drawbacks to its implementation, such as the requirement for stringent security measures to safeguard the private keys and the possibility of spoofing attacks. It is crucial to select a suitable authentication mechanism and employ digital signatures properly to guarantee the safety of online transactions. The findings of this research will add to the literature on authentication as well as digital signatures. Digital signatures for online financial dealings are the primary topic of this research. Digital signatures in online financial dealings will be investigated to determine their usefulness and potential downsides. In addition, the study will determine whether digital signatures improve the safety of online transactions.

Use of Digital Signatures

An electronic document’s, transaction’s, or message’s digital signature can prove its authenticity and status to the recipient. They can also be used as evidence of the signer’s awareness of the document’s contents. Digital signatures are recognized as legally enforceable in many jurisdictions across the world, including the United States (Davelis et al., 2022). The use of digital signatures has become widespread in many industries to simplify procedures and strengthen the reliability of documents. Three major objectives of information security can be accomplished with the use of digital signatures: integrity, authentication, & non-repudiation.

Data integrity

Postal Service or Message Transferring data without losing any of its original form is of paramount importance. Having data integrity guarantees that the message the receiver receives is the same as the one sent. Due to the nature of wide area networks like the Internet, where communications travel through one node or data network to another before reaching their final destination, there is always the possibility that messages will be corrupted in transit. Mechanisms for ensuring the integrity of data can help reduce the likelihood of such occurrences (Davelis et al., 2022). They will be able to tell if the message they obtained has been altered thanks to a data integrity check.

Authentication

Knowing that a file has been received intact isn’t always enough security when dealing with sensitive data. Someone receiving it could also want to verify that it was sent by the person they believe sent it. To rephrase, they’d need some method of verifying the legitimacy of the source (Alagheband & Mashatan, 2022).

Non-repudiation

Finally, there could be data transfers when recipients would prefer senders not deny responsibility for messages they transmitted in the past. They wouldn’t want, for instance, the sender to deny sending a report if that report turns out to be fake (Beckwith et al., 2022).

Benefits of Digital Signatures

The most significant advantage of using digital signatures is the increased level of safety they provide. Digital signatures have built-in security features that prevent forgery and verify the authenticity of the signer. On the other hand, another perk is that it can record the exact time. Timing-sensitive situations include stock trading, lottery ticket issuing, and legal proceedings, all of which benefit from time stamping because it provides the data and time of a digital signature. It abides by all applicable laws and is widely recognized internationally. Secure generation and storage of vendor-generated keys is guaranteed by the public key infrastructure (PKI) standard. A growing number of nations recognize digital signatures as binding legal because of the international standard (Kovalan et al., 2021).

In addition, there is saving time. With digital signatures, organizations may avoid the time and effort required to physically sign, store, and trade documents. Companies that switch to a paperless system see significant savings in the areas of physical resources, manpower, and real estate. What’s more, it’s usually correlated with a favorable impact on the surrounding ecosystem. Lessening the need to move paper documents also lessens the harmful effect on the environment. Finally, it helps with tracking down the origin of an item. The audit trail created by digital signatures simplifies the maintenance of accurate internal records. A manual signee or record-keeper can make a mistake or lose something, but with everything recorded and stored digitally, those risks are greatly reduced (Esiner et al., 2022).

Challenges of Digital Signatures

Despite the advantages, there are a few dangers that businesses need to think about before using digital signatures:

Risk of fraud & reliability – Organizations still face a high risk of signatory forgery and fraud, even when employing a specific digital signatory software system to address any authentication difficulties with the e-signing process. To combat this, you can take extra anti-fraud precautions, such as confirming your identity over the phone (Dahabiyeh & Constantinides, 2022).

Risk of unauthorized signing – Unauthorized signatures are a serious issue with both wet ink as well as electronic signatures. Because of blockchain technology, businesses can now effectively and securely manage signature lists in real-time while also keeping a comprehensive audit record of any data changes (Dahabiyeh & Constantinides, 2022).

Risk of non-compliance – Organizations must adhere to guidelines for contractual, disclosures, as well as other information at particular stages throughout a transaction, in addition to local, national, and international legislation governing electronic signatures (e.g. MiFID, FCA). Organizations risk regulatory sanctions and fines, loss of accreditation, and harm to their brand equity if they do not comply (Dahabiyeh & Constantinides, 2022).

Impact of Digital Signatures in Security of Electronic Transactions

Users can generate a digital fingerprint through the use of a technology known as digital signatures, which can then be used to verify the authenticity of a user and protect their private information in electronic conversations and files. The message body is included in the digital signature that is attached to an email. A digital signature is a form of electronic signature that can be used to verify the identity of a sender or a signatory and to guarantee that the recipient has received an unaltered copy of a signed document or message. This type of signature can also be used to guarantee that the recipient has received an unaltered copy of a signed document or message. A digital signature in an email serves as an additional layer of protection because it ensures that the sender is the genuine intended recipient and not a spoofing imposter (Velentzas et al., 2022).

Conclusion

For messages to be verified, public-key primitives like digital signatures must be used. It is normal practice in the real world to sign one's name below a written or typed remark. They are used to make the signer legally responsible for the contents of the letter. Digital signatures are useful because they may verify the sender's identity and prevent tampered messages from reaching their intended recipients. The digital signature works best if it is included in the application data and so created at the same time as the message. When the communication is received and processed, the signature is checked. Despite the benefits that come with the use of digital signatures, there are numerous challenges that come with it. By understanding these challenges, it becomes easy to mitigate them for efficiency and convenience (Ilias et al., 2022).

References

Alagheband, M. R., & Mashatan, A. (2022). Advanced digital signatures for preserving privacy and trust management in hierarchical heterogeneous IoT: Taxonomy, capabilities, and objectives.  Internet of Things,  18, 100492.

Beckwith, L., Nguyen, D. T., & Gaj, K. (2022). High-Performance Hardware Implementation of Lattice-Based Digital Signatures. Cryptology ePrint Archive.

Dahabiyeh, L., & Constantinides, P. (2022). Legitimating digital technologies in industry exchange fields: The case of digital signatures.  Information and Organization,  32(1), 100392.

Davelis, A., Butt, U. J., Pender, G., & Hussein, K. E. (2022). Emerging Technologies: Blockchain and Smart Contracts. Blockchain and Other Emerging Technologies for Digital Business Strategies, 143-169.

Eke Putra, T. J., & Resaid, R. (2022). Digital Signatures In the Minutes of Investigation By Investigators. http://eprints.eudl.eu/id/eprint/10180/

Esiner, E., Tewfik, U., Erol, H. S., Mashima, D., Chen, B., Hu, Y. C., … & Nicol, D. M. (2022). LoMoS: Less-Online/More-Offline Signatures for Extremely Time-Critical Systems.  IEEE Transactions on Smart Grid,  13(4), 3214-3226.

Ilias, M. M., Kumar, K. S., Nandini, K., Arief, M., Rishikesh, M., & Kavya, K. (2022). Biometric Authentication for Cloud Services. JOURNAL OF ALGEBRAIC STATISTICS, 13(3), 2132-2142. https://www.publishoa.com/index.php/journal/article/view/854

Kovalan, K., Omar, S. Z., Tang, L., Bolong, J., Abdullah, R., Ghazali, A. H. A., & Pitchan, M. A. (2021). A Systematic Literature Review of the Types of Authentication Safety Practices among Internet Users. International Journal of Advanced Computer Science and Applications, 12(7). https://pdfs.semanticscholar.org/f173/32605654566b40e0bea1929bc611653de41c.pdf

Qian, Y., Ye, F., & Chen, H. H. (2022). Message Authentication, Digital Signature, and Key Management. https://ieeexplore.ieee.org/abstract/document/9635086/

Velentzas, J., Kiriakoulis, G., Broni, G., Kartalis, N., Panou, G., & Fragulis, G. (2022). Digital and advanced electronic signature: the security function, especially in electronic commerce. In SHS Web of Conferences (Vol. 139, p. 03011). EDP Sciences. https://scholar.archive.org/work/oqlbdctv5zeqnawvbjnmnrbgj4/access/wayback/https://www.shs-conferences.org/articles/shsconf/pdf/2022/09/shsconf_etltc2022_03011.pdf

,

Running Head: DATA 1

DATA 4

Deployment Considerations

Name

Institution

Professor

Course

Date

Network monitoring is a crucial IT activity that monitors network components as well as endpoints and defects, traffic plus performance. Deployment considerations that are involved with utilizing network security monitoring products in acquiring the full content of data include:

Collection of data in addition to alert data – basically, this comprises of collection of the complete content data, statistical data, session data in addition to the data acquired from the programmed tools to make adjustments on data on all single aspects (Habibzadeh, et.al, 2019).

Determination of the specific assets to be kept track of – this gets to answer the particular query, “ who is the attacker”. There is the probability that it might be an external attacker or an internal one.

Zone monitoring – this is one that has its focus on the DMZ, internet, wireless zones in addition to perimeter.

The full content data is considered to be the most flexible kind of information that is network-based. It is a type of evidence that is rich, that provides detail as well as opportunities that are rarely found anywhere else. Immediately after the acquisition of the full content data, the analysts are in a position of deriving alert, session in addition to statistical data whenever necessary. In most situations, it becomes quite impossible to gather the full content data on every single service simultaneously. In different circumstances, it is considered to have a probability, however, this is only possible when one gets to deploy specialized software in addition to hardware. In most occasions, it tends to be possible to gather a substantial amount of the full content data, that even when it is focused narrowly on particular IP address or a specific protocol (Britvin, et.al, 2022).

References

Britvin, A., Alrawashdeh, J. H., & Tkachuk, R. (2022). Client-Server System for Parsing Data from Web Pages. Advances in Cyber-Physical Systems, 7(1), 8-13. https://science.lpnu.ua/sites/default/files/journal-paper/2022/may/28059/220391advverstka-8-14.pdf

Habibzadeh, H., Nussbaum, B. H., Anjomshoa, F., Kantarci, B., & Soyata, T. (2019). A survey on cybersecurity, data privacy, and policy issues in cyber-physical system deployments in smart cities. Sustainable Cities and Society, 50, 101660. https://www.sciencedirect.com/science/article/pii/S2210670718316883

,

Running Head: NETWORK 1

NETWORK 4

Network Activity

Name

Institution

Professor

Course

Date

It is possible to differentiate in between suspicious, malicious as well as normal activities through: studying the behavior of the users that are normal, the resources in addition to the interactions with the networking systems. After that, what is supposed to be done next is creating patterns for every single activity, any of the behavior that is observed that happens to deviate from the drawn sequences is perceived to be suspicious, and therefore, it turns out to be malicious (Radford, et.al, 2018).

For instance, it is possible to utilize these:

Signature scan mechanisms which is a technique that utilizes a database in keeping signatures. The passive scan of the network traffic tend to be carried out, the any of the sequences that happens to match the signatures that are stored are considered to be malicious as well as suspicious. There is also the intrusion detection as well as prevention systems that is abbreviated as IDPS. This is well known for carrying out detection as well as the prevention of attacks that are malicious in addition to any activity that might be suspicious on the specific networks. This technique is one that has the capacity to monitor the traffic of the network in addition to analyzing the events that are suspicious.

Examples of these activities that are perceived to be suspicious mainly include:

Modem activity that is unusual or the presence of connection in addition to deviation that is not expected from network traffic that is authoritative. The example of activities that are malicious include: violations of protocols like invalid option bits within a TCP packet, connections that are made during times that are unusual as well as network connection that is from places in addition to locations that are unusual (Fernandes, et.al, 2019).

References

Fernandes, G., Rodrigues, J. J., Carvalho, L. F., Al-Muhtadi, J. F., & Proença, M. L. (2019). A comprehensive survey on network anomaly detection. Telecommunication Systems, 70(3), 447-489. https://link.springer.com/article/10.1007/s11235-018-0475-8

Radford, B. J., Apolonio, L. M., Trias, A. J., & Simpson, J. A. (2018). Network traffic anomaly detection using recurrent neural networks. arXiv preprint arXiv:1803.10769. https://arxiv.org/abs/1803.10769

,

4

Difference Between Alert data Tools and NSM Monitoring Tools

Student’s Name:

Date Due:

Difference Between Alert data Tools and NSM Monitoring Tools

Data alerts entail predetermined actions to ensure only authorized network use. Whenever suspicious activity is discovered on a network, the user can opt to get alerts from the system (Dnsstuff, 2019). The system recognizes deviations by comparing them to predefined events in an event management system. The network monitoring service pingdom is one of the generation tools that can deliver real-time notifications should any malicious activity be detected (dnsstuff, 2019). An alert is issued to a system administrator any time a malicious action, like an unauthorized login or attempted access to a prohibited site, occurs on a network. Information on the type and location of interference or malicious activity is provided to better target countermeasures.

The information can be retrieved at a later time by a system administrator from where it was initially entered into the event management system. The alert information is located at key nodes in the network and is used to deduce network activity. The positioning priority is determined by the severity of the potential damage from illegal network access to the data being protected. Comparisons of network activity to predefined protocols help determine if data is legitimate or malicious. Information is gathered in the form of alerts whenever an unauthorized user attempts to do actions such as uninstalling a program or installing a new one (Dnsstuff, 2019).

On the other side, network security monitoring entails the collection and analysis of computer intrusions for the purpose of escalation and network protection. Tools for collecting NSMs include ones for detecting threats via networks, building proactive networks, and integrating with numerous data sources (NetFort, 2021). NSM helps businesses track down information such IP addresses, final destinations, event descriptions, and severity rankings. When a malicious event occurs, the NSM will send out notifications and provide details about any active outgoing and incoming networks. The network administrator can use the IP address to help pinpoint the source of the warning and determine whether it is related to malicious activities (NetFort, 2021).

By studying the information contained within network traffic, a system administrator can acquire valuable insight into the factors that lead to occurrences of security incidents. The efficient sharing of information about network threats achieved through packet capture has an effect on the environment. Monitoring network traffic, which is essential for deep-packet analysis, which is used to extract human-readable files and data, provides support for convergence. Deep-packet analysis is used to extract data and files (NetFort, 2021).

References

Dnsstuff. (2019). Alerting tools for IT infrastructure. https://www.dnsstuff.com/alerting-tools

NetFort. (2021). Network Security Monitoring. https://www.netfort.com/category/network-security-monitoring/

,

1

Information Security

Student’s Name

Institutional Affiliation

Course

Date

Information security is the practice of protecting information by mitigating information risks. It refers to the techniques or precautions used to prevent unauthorized access to electronic data. Information dangers include unauthorized disclosure, usage, interception, and data loss. Controls for information security are designed to ensure data availability, integrity, and secrecy. Confidentiality, integrity, and availability are the three primary goals of information security. Only authorized individuals have access to confidential data. The inability to update data without permission is referred to as data integrity (BOUZIANI et al., 2022). The ease with which authorized users can access data is referred to as its availability. Many types of information security controls exist, including access control, activity monitoring, data encryption, and firewall protection. Implementing an effective information security program requires a comprehensive approach that includes all three security goals.

Information security includes both physical and cyber security measures. Physical security measures protect information and information systems from threats such as fire, theft, or vandalism. Physical security measures might include security guards, locked doors, and security cameras. Cyber security measures protect information and information systems from electronic threats such as hacking, phishing, or malware (Whitman & Mattord, 2021). Cyber security measures might include firewalls, intrusion detection systems, and encryption.

Information security is a growing concern for organizations as the amount of electronic information continues to grow. Organizations must protect their electronic information from unauthorized access, disclosure, interception, or destruction. Information security is essential because it helps to protect businesses and individuals from data loss or theft and helps organizations ensure the accuracy and completeness of their electronic data (Ng et al., 2021). Therefore, Information security is a critical part of any organization’s overall security posture and should be considered in all aspects of business, from the physical security of facilities to the cyber security of information systems.

References

BOUZIANI, M. M., MERBAH, M. M., TISKAR, M. M., ET-TAHIR, M. A., & CHAOUCH, M. A. (2022). When can we talk about implementing an Information Security Management System, according to ISO 27001?.  Turkish Journal of Computer and Mathematics Education (TURCOMAT),  13(2), 394-401. https://turcomat.org/index.php/turkbilmat/article/view/12256

Ng, K. C., Zhang, X., Thong, J. Y., & Tam, K. Y. (2021). Protecting against threats to information security: An attitudinal ambivalence perspective.  Journal of Management Information Systems,  38(3), 732-764. https://www.tandfonline.com/doi/abs/10.1080/07421222.2021.1962601

Whitman, M. E., & Mattord, H. J. (2021).  Principles of information security. Cengage learning. https://books.google.com/books?hl=en&lr=&id=Hwk1EAAAQBAJ&oi=fnd&pg=PP1&dq=what+is+information+security&ots=VipNeKgXRb&sig=RLNUc635RuhWGhmwFJJ6JSmDq7U

,[removed],

Running Head: NETWORK 1

NETWORK 4

Incident Response

Name

Institution

Professor

Course

Date

The various tools as well as tactics for attacking the network security monitoring include:

Social engineering – this is quite common to hacking because most of the individuals employ this type of trickery on a daily basis, both professionally as well as criminally. May it be haggling for a price that is lower on a lawn at the garage sale or having to do some convincing to get something new, it all involves having the target manipulated.

Lost password – This is the most popular objective of a hacker. It is obtaining a user account that is valid in addition to a password. A times it is also the only means a hacker is capable of bypassing security measures. Therefore, whenever an institution makes use of firewalls, the intrusion detection systems among others, the hacker needs to borrow an actual account till they are able to obtain root access as well as set up an account that is new for himself (Lin, et.al, 2018).

Social spying – it is the process that involves utilizing observation for information acquisition. Additionally, regardless of the fact that social engineering is capable of providing hackers with crucial data, the small enterprises are safeguarded better against social engineering since most individuals within the small firms know one another.

Sniffing – this tends to be a device or a program that gets to control every information that goes through the computer network. This sniffs the data that passes via the network off the wire while determining where this data goes to, where it comes from plus what it is on. Apart from these fundamental functions, the sniffers may be having additional features enabling them to filter a specific kind of data in addition to capturing passwords (Alhayani, et.al, 2021).

References

Alhayani, B., Abbas, S. T., Khutar, D. Z., & Mohammed, H. J. (2021). Best ways computation intelligent of face cyber attacks. Materials Today: Proceedings. https://www.sciencedirect.com/science/article/pii/S2214785321016989

Lin, H., Yan, Z., Chen, Y., & Zhang, L. (2018). A survey on network security-related data collection technologies. IEEE Access, 6, 18345-18365. https://ieeexplore.ieee.org/abstract/document/8320776/

</