Principles Of Information Security Analysis Essay Example
Principles Of Information Security Analysis Essay Example

Principles Of Information Security Analysis Essay Example

Available Only on StudyHippo
  • Pages: 5 (1166 words)
  • Published: August 6, 2018
  • Type: Analysis
View Entire Sample
Text preview

Abstract

The Internet was initially created as a research initiative by the US military to connect US universities and research centers.

Internet usage has grown worldwide, with 3.17 billion users (Privgcca, 2016), enabling easier communication via chat, email, and online transactions (Friedman, 2014). The Internet has also enhanced customer service, reduced paperwork, boosted productivity, and provided convenience for customer inquiries and transactions. This paper will highlight the importance of online banking and transaction security.

Introduction

The banking industry has embraced new technologies and practices, transforming traditional banking methods into streamlined online systems. These changes have resulted in continuous modifications to payment systems. Although these systems have improved security measures, it is important to ensure their compatibility for users. With the growing prevalence of threats today, banks are exposed to significant risks and vulnerabilities, especially from man-in-the-middle attack

...

s (MITM) and man-in-the-browser attacks (MITB). Therefore, financial institutions must prioritize the adoption of effective authentication techniques.

The Two Common Attacks

The primary focus of this analysis is on two common attacks in the finance industry: Man in the Middle (MITM) and Man in the Browser (MITB). Identifying and safeguarding against these attacks pose a challenge. MITM occurs when a hacker can observe and manipulate communication between a client and a bank, tricking both parties into thinking they are communicating directly while secretly eavesdropping. This attack is often found on insecure networks.

MITB attacks involve infecting a web browser by exploiting its security vulnerabilities with malware. This results in the modification and manipulation of web pages.

Understanding the Technical Differences: MITB vs. MITM

Distinguishing between these attacks is crucial as MITM attacks take place at the network layer, whereas MITB attacks specifically focus on the application layer, whic

View entire sample
Join StudyHippo to see entire essay

pertains to the web browser.

Despite the popularity of MITM attacks, attackers are increasingly favoring MITB attacks. This is because banks can use session IDs to identify and detect MITM attacks. Session IDs allow banks to analyze and determine if there has been any malicious activity during a transaction, enabling them to detect fraudulent attempts and cancel them. To achieve this, banks assign a unique ID to the customer's device and use algorithms to analyze and link multiple user sessions where banking activities are typically performed (Eisen, 2012). Unlike MITM attacks, MITB attacks are much more deceptive as they fully take control of the user's website and manipulate the browser while the user remains unaware.

According to Trusteer (2013), in this scenario, the attackers secretly manipulate web views and account balances. They can also divert sensitive traffic to their own system after the user logs in, while maintaining the original SSL/TLS protections.

MITB

MITB attacks often target users due to browser security issues. In these attacks, malware is typically disguised as browser extensions, which exploit vulnerabilities. Browser extensions are commonly seen as useful software that enhances user experience but can actually be malicious code or software - known as Trojans. Browser extensions can take the form of plugins, Browser Helper Objects (BHO), JavaScript, and add-on features.

BHOs, also known as Browser Helper Objects, are typically used to enhance a browser's functionality. These can potentially be created by individuals with programming skills, including attackers. The issue with BHOs lies in their ability to evade detection from antivirus software, rendering them undetectable. During a MITMB (Man-in-the-middle) attack, BHOs are employed to modify websites by adding or removing fields. Additionally, they can insert

registry entries and automatically load during system booting (Utakrit, 2009).

Grease Monkey, a popular Chrome add-on, enables users to modify website appearance and remove ads. Although this JavaScript is not harmful, it shares the same approach as malicious JavaScript applets. The concern with add-ons is that they can effortlessly monitor and access users' information whenever desired. Some security experts have considered SSL as a potential solution against MITB attacks, but its effectiveness has been proven ineffective.

The reason for this is that the attacker injects or gives the user a Trojan which carries out malicious activities directly inside the browser. Therefore, no suspicious activity is detected.


MITM

MITM attacks are less common as security professionals have learned ways to mitigate the attacks that use this method. It is also widely known as session hijacking. In this case, the attacker usually seeks vulnerable hotspots or networks. The attacker would usually direct the victim to a fake login page of a website (perhaps a phished page) and then obtain the credentials as soon as they are authenticated.

The account can be accessed by the attacker effortlessly, enabling them to carry out unauthorized activities like withdrawing funds or conducting transactions. Even security measures such as OTP (One-Time Password) are ineffective in thwarting this attack since the attacker can deceitfully acquire and utilize the temporary password during its designated timeframe. The primary issue with this attack lies in the user's inability to verify the requester's identity, rendering even two-step verification susceptible.

Protective measures

The Security Triad, which is a vital principle for experts in the field, comprises three essential elements: Confidentiality (preventing unauthorized access or viewing of data or systems), Availability (ensuring system or data accessibility

when required), and Integrity (preserving data or system reliability and authenticity). In transaction contexts, maintaining integrity is crucial.

Banks and financial institutions must ensure the maintenance of integrity by implementing controls, also known as countermeasures.


User Protection Strategies and Controls


MITB

To minimize these attacks, both users and banks need to have knowledge of the risks. Users can take precautions such as installing antivirus software, although its effectiveness depends on the detection capability and can only reduce the chances of an attack.

Secondly, a USB drive with a hardened browser can be used for moderate protection. Thirdly, online banking should only be done with banks that are aware of these threats and have implemented countermeasures. Ultimately, there will always be risks and threats involved in any banking procedure unless online banking is completely avoided.

Mitigation for Banks


MITB

As mentioned earlier, attackers have also learned how to compromise two-step authentication, as well as captcha and other security measures. The malware can wait for the user to authenticate themselves and intercept and modify responses when SSL or encryption is used.

Moderate protection may be provided by the bank itself through the provision of Hardened Browsers on USBs. These browsers contain cryptographic smart tokens for authentication, and are more resistant to infection. In addition, an OTP token with a signature could be employed, requiring the user to re-enter transaction details to the OTP device, which generates a signature based on the information. This ensures that any alteration made by a MITB would result in

a mismatch. However, this method can be inconvenient for users. Fraud detection techniques based on transaction type and amount are sometimes effective, and certain banks even contact the client for verification in cases of abnormal transactions. User profiling can also be utilized as a security measure.

Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New