Computer systems are inherently non-secure. The large number of new vulnerabilities that are announced each month underscore this. The categories of flaws in software and computer systems have not changed in 20 years. This is partially due to poor software review and quality assurance procedures. Also, it is difficult to test a fielded system for security problems. The underlying problem with this shortcoming is that intruders use these flaws to compromise computer systems.
Common motivations for these intrusions are students and others “joy-riding” on computer systems, software piracy (and industrial and governmental espionage. There have even been assertions that rival academic research groups have broken into their competitor’s computers to steal data and algorithms. In the coming age of petabyte computing, the integrity of a data archive will be paramount as there may be only one copy of the data due to its size. An intruder could freely manipulate the archive and cause researchers using data mining on that archive to reach incorrect conclusions.
Given these threats, we need ways to protect our computer systems in order to assure the confidentiality, integrity, and availability of our data. Currently, prevention is limited to known classes of security problems. Thus, we would like to detect intrusions as they occur in order to protect our systems and to discover new vulnerabilities. Given that we can detect intrusions and stop them, we need to analyze the methods used by the intruder to discover previously unknown attacks and techniques of violating security, in order to determine how to detect and counter them. With this information, we can improve our defences.
Unfortunately, we usually do not find these new vulnerabilities unless the intruder is unskilled or careless. A moderately skilful intruder can go unnoticed for many months on the typical computer system because most sites do not collect sufficient audit data to analyze. Audit trails, when they are collected, are usually kept on local storage to which the intruder will have access. Most intruders erase their tracks upon finding these audit trails. Additionally, there are few sites that have the expertise required to detect or analyze an intrusion. Thus, after the fact, there is rarely anything one can do to reconstruct the actions that an intruder has taken on a computer system.


Recent Posts

Research Paper on Biased Sentencing

Social psychological research has focused on several of these psychological and behavioral factors that could…

2 days ago

Essay on Five Gap Analysis

Gap 1: Consumer expectation - management perception gap It has been often noted that the…

1 week ago

Research Paper on Dissociative Identity Disorder (DID)

In the last two decades interest in Dissociative Identity Disorder (DID), formerly known as Multiple…

2 weeks ago

Essay on Description of Trauma

It can be considered that an event is traumatic from a psychological point of view…

3 weeks ago

Essay on Coronavirus in Spain

According to Lopez, the explosion of autochthonous cases of coronavirus in a short time could…

3 weeks ago

Overview of Taka Cuisines

Taka Cuisine has been succeeding in innovative improvements and by means of diverse technologies in…

1 month ago