Ethical Hacking

Chandima Maduwanthi
4 min readMay 29, 2021

--

The term ‘Hacker’ was coined in the 1960s at the Massachusetts Institute of Technology to describe experts who used their skills to re-develop mainframe systems, increasing their efficiency and allowing them to multi-task.

Nowadays, the term routinely describes skilled programmers who gain unauthorized access into computer systems by exploiting weaknesses or using bugs. For example, a hacker can create algorithms to crack passwords, penetrate networks, or even disrupt network services.

What is Ethical Hacking?

Ethical Hacking is an authorized practice of bypassing system security to discover any threats and significant cyber security vulnerabilities that can be found and exploited by an ill-intended attacker. Such vulnerabilities can cost organizations their valuable data, hard earned image or even billions of dollars. That is why ethical hackers exist.

Ethical hackers aim to investigate the system or network for weak points that ill intended hackers can exploit or destroy. They collect and analyze the information to figure out ways to strengthen the security of the system/network/applications.

Need of Cyber Security

Cyber security consists of all the technologies and practices that keep computer systems and all categories of data safe. This includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems.

Without a cybersecurity program, an organization cannot defend itself against data breach campaigns, making it an irresistible target for cybercriminals.

CIA Triad

The CIA triad is a common, respected model that forms the basis for the development of security systems and policies. These are used for the identification of vulnerabilities and methods for addressing problems and creating effective solutions.

The three letters in “CIA triad” stand for confidentiality, integrity, and availability. CIA triad is essential in cybersecurity as it provides vital security features, helps in avoiding compliance issues, ensures business continuity, and prevents reputational damage to the organization.

  • Confidentiality — ensures privacy to the sensitive information while it is in transit over a network.
  • Integrity — refers to preventing data from being tampered with, modified, or altered in an unauthorized way to achieve malicious goals.
  • Availability — ensures the constant availability of resources and services to only authorized parties in a timely manner.

These are three most crucial components of security. Various security controls can be applied to achieve these goals.

Access Control

Access control is the process of identifying a subject(active entities such as user, program or process)and determining their level of access to an object(passive entities such as file, program, hardware or location).

There are three types of access controls:

  1. Physical — Prevent unauthorized physically access
  2. Logical — Prevent unauthorized electronic access
  3. Administrative — Access control policies procedures and guidelines

Modern access control systems combine all three types. In this article, I only discuss about logical access control.

Logical Access Control

Logical Access Control is preventing unauthorized electronic access(virtual access) to objects. We can identify three main access control services:

  • Authentication — process of proving one’s identity to someone else. Methods used for this include password, smart-card, biometric information and IP address.
  • Authorization — determine subject’s access permissions within a system. Various models such as Discretionary access control(DAC) are used for authorization.
  • Accountability — ensure users are accountable for their actions.

Someone who penetrates system’s access controls to gain unauthorized access to a target system is an intruder. An intruder can be motivated by multiple reasons such as profit, protest, information gathering and challenge. Intruder behavior can be explained using cyber attack lifecycle.

Machine Learning in Cyber Security

Machine Learning plays a significant role in security. Through pattern detection, real-time cyber crime mapping and thorough penetration testing, Machine learning preemptively stamps out cyber threats and bolsters security infrastructure.

Machine learning uses algorithms born of previous datasets and statistical analysis to make assumptions about a computer’s behavior. The computer can then adjust its actions and even perform functions for which it hasn’t been explicitly programmed. Machine learning is increasingly being used to uncover threats because of its ability to sort through millions of files and identify potentially hazardous ones.

While Machine learning has become a vital technology for cybersecurity, there are various issues yet to overcome such as high false alarm rates and many more.

--

--

Chandima Maduwanthi

BSc.(Hons) Software Engineering Undergraduate | University Of Kelaniya