HOME INTERNET VULNERABILITIES
HECTOR RIVERA
IASP 470 – SYSTEM SECURITY (CAPSTONE)
DR. JOHN YOON
Table of Contents
I.Abstract
II.Introduction
III.Framework of home internet
IV.Common Attacksand Descriptions
V.Defensive measures
VI. Conclusion
VII.References
- Abstract
Due to the increasing demand and production of internet-baseddevices, smart devices on a home-based internet has seen impressively increased attacks from hackers daily.Using cloud-based internet in homes,vulnerabilitiesthrough newly designed appliances, video games, and other mobile devices have multiple attack points that could be exploited through network layers.Through this research, topics will cover the likelihood of an attack and measure that can be taken to prevent an attack occurring in the home.
- Introduction –
Even though many people may think it would be a simple taskto secure computer information, the amount of successfully mounted cybercrimes has increased annually. Over 80 percent of the households use the internet in various activities to include handling finances, streaming videos/games and other applications. With the use of social engineer and other forms of attacks, many homes and mobile devices are susceptible to unknown attacks through the cloud networksystem. IT professionals spend billions of dollars to combat attacks to computer security but the levelof success for these attacks increase rampantly each year. While the costs of cybercrimes have increased in many countries, in 2017, the United States alone has estimated over $21 million dollars in costs which was an increase of over $4 million dollars from the previous year. The costs reported by many companies stemming from areas such as the financial, utilities and other sources, majority of the attacks stemmed using denial of service, malicious codes and web-based attacks.
- Framework of Home Internet
A home Internet is composed mainly of smart terminals, communication networks, clouds, and controller APPs. The framework of a home Internet system is shown in the figurebelow. The router isan important piece of equipment that managesnetwork layer connectivity between a WAN and the LAN.A home’sinternet system contains four attack layers. Each input point in a home internet system canbe used an attack point and each point are aggregated intodifferent attack surfaces. Multiple attack surfaces form anattack layer, therefore, the number of attack points in each attack layerwill be equal to the sum of the number of attack points in eachattack surface.If the number of attack points is large, then the entire system will contain additional risks [1].
- Common Attacks and Descriptions
Social engineering is a method used by many attackers to gain access to unauthorized information or systems. While unethical, many attackers use this method as part of a penetration test. As many people are known to be trustingof others, safeguarding user names and passwords should be priority whenever approached by anyone looking to gain access to information. However,through the use social engineering, hackers themselves employ techniques involving deception, bribery, impersonation and others to collect datato that would be useful withvarious computer systems.
Another more traditional technique of social engineering is known as physical intrusion. Through this technique hackerstake steps to learn daily routines of intended targets. Given the use of drones in local neighborhoods, there would be a large propensity for hackers to add sniffer or other devices to perform malicious activity on any insecure platforms to gain valuable or useful information. Through time, with the sophistication of tools attackers can use through the network, the less knowledge is required forthe use of these tools. In retrospect, every system is vulnerable to attack by anyone who hasaccess to any internet-based device or system.
Other attacks that home internet systemscan be vulnerable but not limited to would be through:
- Spear Phishing – hackers use either email or social media as a trusted source for individuals to click on links to gain access or download malicious code.
- TCPSession Hijacking -when a hacker compromises a session token (either confiscating or guessing), acquiring unauthorized access to the Web server.
- UDP Hijacking - Unlike TCP session hacking, UDP does not use sequencing for session establishment and sending packetsinstead it is used for broadcasting messages across the network.
- Defensive Measures
Based on the knowledgegained about vulnerabilitiesto home internet services, measures can be taken to reduce the risks of attack. The Information Security Technology SecurityVulnerability Classification Guide provides a method where users can measure the level of vulnerability to their system.A mathematical formula is provided, wherethe score can impact on the level of attack that can be calculated.Measures can also be taken to educate through online courses about internet of things (IoT). With the growth of self-driving vehicles, door locks, light bulbs and other smart devices, the understanding of these devices along with applications in transportation management, health care, power grid management becomes more crucial in everyday life.
Usingvarious software packages can help in reducing the risk of attacks. Host-based intrusion prevention system(HIPS)software packagescan assist users in the detection of any suspicious activity by analyzing events occurring within that host aims to stop malware by monitoring the behavior of code.A network-based intrusion detection system (NIDS) can also be used to monitor and analyze network traffic to protect your system from network-based threats. NIDS reads all inbound packets and searches for any suspicious patterns. When threats are discovered, based on its severity, the system can act such as notifying administrators, or barring the source IP address from accessing the network.
The importance for the use of these different software packages becomes relevant when our personal networks come under attack. It is not enough to learn not to click on a hyperlink that is embedded in an untrustworthy email or the various techniques used to intrude in systems, users must take preventive action. As technology changes, personal information becomes more susceptible to exposure as we continue to move to a more automated society with the use IoT devices.
- Conclusion
The research presented and was focused to bring awareness tothe average consumer who usemany of theinternet-baseddevices. While many companies and organizations assist their customers with many of the devices sold, it is in the best interest of the consumer to be aware of the potentiality of harm to important personal information. Awareness of these threats helps to minimize the risk of attack to the best interest of the consumer.
As the market continues to improve on smart devices, the level of cybercrimes committed to home based internet become more rampant. The need for people to become more aware and defend themselves from unwarranted attacks become increasingly demanding. Educating people in the awareness of such attacks is not enough, becoming proactive and discovering the techniques used to defend is equivalent to the Constitutional right to arm and protect one’s home.
- References
[1] Min Lei, Yu Yang, Nan Ma, Huizhong Sun & Chunru Zhou (2018) Dynamically enabled defense effectiveness evaluation of a home Internet based on vulnerability analysis and attack layer measurement
[2] BarryBurd, Lecia Barker, Monica Divitini, Felix Armando Fermin Perez, Ingrid Russell, Bill Siever, Liviana Tudor (2017)Courses, Content, and Tools for Internet of Things in ComputerScience Education
[3] Richard Baskerville, Frantz Rowe, François-Charles Wolff(2018) Integration of Information Systems and Cybersecurity Countermeasures: An Exposure to Risk Perspective
[4] CoriFaklaris, Francesco Cafaro, Sara Anne Hook, Asa Blevins, Matt O’Haver, Neha Singhal (2015) Legal and Ethical Implications ofMobile Live-Streaming Video Apps
[5] Yong-Joon Lee, Nam-KyunBaik,Cheonshik Kim, Ching-Nung Yang (2017) Study of detection method for spoofed IP against DDoSattacks
1