The current world has been subjected to tremendous technological developments and improvements that have improved the quality of life. However, the changes are also associated with a number of challenges and concerns. Thus, the sole purpose of this paper is to offer a solid discussion platform for discussing different extents of computer and network attacks. The paper will begin by defining computer attack taxonomy. The next section will look at ways of detecting and consequently preventing unwanted programs such as malware and Trojans. It will then be followed by some of the industry based best practices that can be used to prevent theft identity. The final section of the paper will include a coherent description of ways of detecting spoofing, social engineering, and phishing.
Define the computer attack taxonomy
Computer attack taxonomy is inherently a classification technique that is used by bodies such as CERTs to categorize and consequently handle different kinds of computer attacks (Wu, Ou & Liu, 2011). Consequently, researchers have been imperative that by the look of things, cyber-attacks are here to stay. Hence, the fact that computer attack taxonomy can offer a common classification scheme means that bodies that are entrusted at handling attacks can use the taxonomy as a platform for conveying their communications efficiently. It should be noted that the nature of computer attacks that are registered in different organizations, states and countries are not only increasing but also becoming more sophisticated than initial predictions. That means that as much as new techniques of dealing with the attacks are being developed, the situation is still far from being contained. Hence, computer attack taxonomy is one of the major realizations that have provided a cornerstone for categorizing and dealing with the attacks (Wu, Ou & Liu, 2011).
Computer attack taxonomy can be grouped into four categories aimed at offering a holistic taxonomy that can be used to address attacks that are associated with networks and computers (Wu, Ou & Liu, 2011). The first category is essentially designed to deal with the vector and overall behavior of the attack at hand. The second category provides room for classifying the targets of the attacks. Network and computer vulnerabilities are placed in the third subcategory. Finally, the associated payloads occupy the fourth category. With that in mind, it is equally logical to note that computer attack taxonomy is a tool that is used to deal with new attacks by offering a lucrative platform for attaining consistency in the language that is used to describe attacks as well as improving both computer and network security. Additionally, the taxonomy is also created basing on reviews that have been redirected at the nature of computer and network attacks thereby providing an improvised way of dealing with current and new attacks (Wu, Ou & Liu, 2011).
Explain how to detect and protect potentially unwanted programs, such as malware, Trojans, worms, and zombies
Unwanted programs such as Trojans, worms, zombies, and malware are potential dangers to both system and data. Understanding some of the symptoms that are associated with these unwanted programs is the best way of detecting and consequently preventing the extent of damage that is likely to be experienced. For instance, these unwanted programs can be detected computer, networks and even programs start to run slower than usual (Huang et al., 2011). Considerably, unwanted programs could make your computer to run unwanted programs on the background that could affect the processing speed of programs computers and even the internet. Thus, if you realize that your computer has become slower than usual; chances are that it could be infected with unwanted programs. One can also detect the presence of these programs when unwanted messages and ads start popping on the Windows. However, it is important to note that only messages that come from your anti-virus could be used to show that your computer is infected. Other messages and ads that tend to pop up while browsing are essentially scams and could be potential sources of infections (Huang et al., 2011).
One can also detect the presence of unwanted programs by reviewing the underlying stability of the computer. That is due to the fact that a majority of unwanted programs tend to affect important files that can make a computer unstable. Apart from that, one can also detect the presence of malware and other unwanted programs by assessing whether the firewall or antivirus program is working properly. Considerably, most unwanted programs tend to stop Windows firewall and anti-virus programs from functioning. It is also possible to detect the availability of unwanted programs by reviewing the nature of warning messages. The reason behind that is the fact that a majority of errors messages are inherently associated with presence of unwanted programs in a computer (Huang et al., 2011).
There are various ways of preventing unwanted programs such as Trojans, zombies, warms and malware from infecting a computer (Huang et al., 2011). For instance, one can protect a computer from such unwanted programs by keeping software and operating systems up to date. The use of Windows firewall is also another proven technique that can be used to protect a computer from unwanted programs. It is also important not to ignore warning messages from anti-virus programs and Windows firewall. Other measures include and are not limited to; avoiding the use of pirated software, avoiding clicking on links whose sources are unknown, downloading software from trusted sources, and using secure browsers such as Chrome and Firefox (Huang et al., 2011).
Describe a recognized industry best practice or standard for identity theft protection
Various best practices are in pace to prevent theft of identity. For instance, it is important to incorporate as much information as possible into the underlying decision making profit (Romanosky, Telang & Acquisti, 2011). This practice is aimed at ensuring that responsible use of data is apprehended. Another practice is to avoid thinking conventionally. That is due to the fact that traditional data handling procedures are not good at detecting frauds. Far from that, it is also important to dig deeper into the provided information. For instance, one can review the social security information of the users to determine whether they are valid or not (Romanosky, Telang & Acquisti, 2011). Looking for the presence of inconsistencies in the information that has been supplemented is also a best practice that should be used to reduce the possibilities of suffering from theft of identity. The procedure that should be followed while verifying data of the applicants should be as follows:
Collecting data that can be used to identify the applicant properly (Romanosky, Telang & Acquisti, 2011).
Validating the provided data.
Correlating the data to identify the possible inconsistencies.
Trying to detect the presence of fraud patterns in the information that has been supplemented by the applicant.
Verification of the account that has been created to review the intent of the applicant to open the account (Romanosky, Telang & Acquisti, 2011).
Discuss how spoofing, social engineering, and phishing can be detected
Spoofing can be detected by monitoring access to the entire network (Irani et al., 2011). It can also be detected by conducting a real-time assessment of all the devices that are having access on particular networks. Additionally, spoofing can also be detected by having the ability to detect the type of devices that are accessing a network including possible changes on the devices. Another technique of detecting spoofing is by retaining the specific information of the devices that are accessing a network (Irani et al., 2011).
One can detect social engineering in situations where calls are received with the callers stating that they are the Tech Support (Irani et al., 2011). Apart from that, it is also possible to detect social engineering by digging into the details of unexpected inspections because they could be organized with the prime aim of tarrying to have access to sensitive information. One can also associate social engineering with urgency requests telling them to act with immediate effect. Additionally, social engineering can also be associated with the use of fear tactics such as “the boss will be angry.”
Phishing can be detected by looking at the URL of the messages more carefully because a majority of them are likely to have mismatched URLs (Irani et al., 2011). Phishing can also be detected by looking at the domain names because they could be misleading. Additionally, one can also detect phishing by looking at the presence of spelling and grammatical mistakes because trusted companies will always review the messages that they send to large groups of people. If a message seeks personal data, then it can also be associated with phishing and thus should be avoided. For instance, your bank cannot ask you to supply personal information because they already have your data. One can also detect phishing in situations where good offers are provided. Actions that have not been initiated, being asked to send money to cover for particular expenses, and messages that threaten can also be used to detect phishing (Irani et al., 2011).
- Huang, H. D., Lee, C. S., Kao, H. Y., Tsai, Y. L., & Chang, J. G. (2011, April). Malware behavioral analysis system: TWMAN. In Intelligent Agent (IA), 2011 IEEE Symposium on (pp. 1-8). IEEE.
- Irani, D., Balduzzi, M., Balzarotti, D., Kirda, E., & Pu, C. (2011, July). Reverse social engineering attacks in online social networks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 55-74). Springer Berlin Heidelberg.
- Romanosky, S., Telang, R., & Acquisti, A. (2011). Do data breach disclosure laws reduce identity theft?. Journal of Policy Analysis and Management, 30(2), 256-286.
- Wu, Z., Ou, Y., & Liu, Y. (2011, September). A taxonomy of network and computer attacks based on responses. In Information Technology, Computer Engineering and Management Sciences (ICM), 2011 International Conference on (Vol. 1, pp. 26-29). IEEE.