Computer systems are inherently non-secure. The large number of new vulnerabilities that are announced each month underscore this. The categories of flaws in software and computer systems have not changed in 20 years. This is partially due to poor software review and quality assurance procedures. Also, it is difficult to test a fielded system for security problems. The underlying problem with this shortcoming is that intruders use these flaws to compromise computer systems.
Common motivations for these intrusions are students and others “joy-riding” on computer systems, software piracy (and industrial and governmental espionage. There have even been assertions that rival academic research groups have broken into their competitor’s computers to steal data and algorithms. In the coming age of petabyte computing, the integrity of a data archive will be paramount as there may be only one copy of the data due to its size. An intruder could freely manipulate the archive and cause researchers using data mining on that archive to reach incorrect conclusions.
Given these threats, we need ways to protect our computer systems in order to assure the confidentiality, integrity, and availability of our data. Currently, prevention is limited to known classes of security problems. Thus, we would like to detect intrusions as they occur in order to protect our systems and to discover new vulnerabilities. Given that we can detect intrusions and stop them, we need to analyze the methods used by the intruder to discover previously unknown attacks and techniques of violating security, in order to determine how to detect and counter them. With this information, we can improve our defences.
Unfortunately, we usually do not find these new vulnerabilities unless the intruder is unskilled or careless. A moderately skilful intruder can go unnoticed for many months on the typical computer system because most sites do not collect sufficient audit data to analyze. Audit trails, when they are collected, are usually kept on local storage to which the intruder will have access. Most intruders erase their tracks upon finding these audit trails. Additionally, there are few sites that have the expertise required to detect or analyze an intrusion. Thus, after the fact, there is rarely anything one can do to reconstruct the actions that an intruder has taken on a computer system.

admin

Recent Posts

Research Paper on Coronavirus

Can a new coronavirus be cured? Yes, sure. However, there is no specific antiviral drug…

1 week ago

Research Paper on Dissociative Identity Disorder (DID)

In the last two decades interest in Dissociative Identity Disorder (DID), formerly known as Multiple…

3 weeks ago

Significance of Succession Planning

The long-term success of any organization depends primarily on the quality of people who assume…

4 weeks ago

Research Paper on Capital Sentencing

Judicial instructions provide the law which jurors are to follow when making their decisions. These…

1 month ago

Essay on Drug Abuse among young children

The health of young people has long been of interest to the World Health Organization…

1 month ago

Essay on Environmental Leverage

“Environmental leverage is a tool for balancing the economic and environmental merit of projects in…

2 months ago