Csec-630

The use of malicious code attacks against web applications and more specifically, web enabled databases, is on the rise and continues to be a greater threat as systems become more complicated and reliant on third party libraries and frameworks. There are many different types of exploits and vulnerabilities associated with malicious code attacks which can potentially threaten the very databases that power such applications. Several areas of vulnerabilities are discussed below. ...

SQL injection has been a method of attacking databases through multiple tiers of application infrastructure for many years, MacVittie (2008). SQL or Sequential Query Language is a database language used to interact with large quantities of data, typically stored in tables inside a Relational Database Management System (DBMS). Each command using the SQL language typically generates a result set of data. An example of this follows: select * from accounts The (*) is effectively used to return (all) columns of data in the ‘accounts’ table. A similar, and more dangerous statement could be issued using the drop command: ...

The Internet has brought us a wealth of conveniences and everyday tools that we could not live without and more importantly a dependency that we cannot break. In the workplace the Internet has become a part of our day to day lives. We rely on instant communication with our co-workers, friends and colleagues as well as access to a multitude of information at our fingertips. Children from younger ages are becoming more involved with computers and technology in a trend will continue as the Internet of Things evolves around us in every day appliances. Unfortunately, with all these convenience come challenges and risks that we need to deal with. ...

In his article on usable security, Lampson (2009) asserts that usable security needs to begin with policy and how we model security systems within the organization. He makes the case that security has to be simple and at the same time it has to minimize hassle (for the end user). He concludes that the root cause of this problem is one of economics whereby we “don’t know the costs either of getting security or of not having it, so users quite rationally don’t care much about it. Therefore, vendors have no incentive to make security usable.” To get around this we must first look at simple models of security the user understands. ...

A lot of time can be spent in an organization firming up authentication and access control systems to ensure greater levels of security to their network. All of this however is only one step to insuring a users credentials are not compromised. Considerations need to be made for post authentication. There are several things organizations can do to mitigate risk associated with post login activities. First and foremost, training should be one of the top priorities of the organization. There must be a comprehensive training program for employees within different divisions of the organization (adjusted accordingly for the various levels of access and privileges). In terms of proper use of access control technologies (such as tokens, etc.), policies, and best practices, “Organization members (need to) know what questions to ask and how to find the services they need” (Johnson, E. M., & Goetz, E, 2007). They need to be aware that it is not acceptable, for example, to leave workstations unattended. Policies should be enforced ensuring that systems are locked down effectively when being left unattended. ...

Establishing and enforcing policies that limit employee access to sensitive data and IT systems are one of the most effective mitigation strategies against a malicious insider (Brancik, 2008). There are a number of strategies that organizations can implement in order to better secure their digital assets. ...

Security breaches caused by internal employees, consultants, business partners and any other individual or group of individuals that have privileged access to certain parts of the network remain one of the highest threats to digital assets. In an article about the employee life cycle and identification of internal organizational threats, Conrad et al (2009) asserts that within an organization, the employee population is the source of potential malicious insiders. ...

Honeypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence. A typical honeypot traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system. ...

Intrusion Detection is the process of monitoring an information system in order to determine if any action is being performed with malicious or otherwise cause that may negatively affect its availability, confidentiality or integrity of data contained within. In order to get started with intrusion detection, it is important to first of all gain an understanding of what an intrusion might look like and how it might impact a system or network. ...