Professional Documents
Culture Documents
50-56
1
Department of MCA, Sree Saraswathi Thyagaraja College, Pollachi, India.
2
483, Lawley Road, Coimbatore, Tamil Nadu, India.
Abstract
Cyberattacks has become quite common in this internet era. The
cybercrimes are getting increased every year and the intensity of damage Article History
is also increasing. providing security against cyber-attacks becomes the
most significant in this digital world. However, ensuring cyber security Received: 30 January 2019
Accepted: 24 May 2019
is an extremely intricate task as requires domain knowledge about the
attacks and capability of analysing the possibility of threats. The main Keywords
challenge of cyber security is the evolving nature of the attacks. This
paper presents the significance of cyber security along with the various Cyberattacks;
Cybersecurity;
risks that are in the current digital era. The analysis made for cyber- Fifth Generation;
attacks and their statistics shows the intensity of the attacks. Various Machine Learning Algorithm;
cyber security threats are presented along with the machine learning Security Threats.
algorithms that can be applied on cyberattacks detection. The need for
the fifth generation cybersecurity architecture is discussed.
CONTACT A. Saravanan ssathya21@gmail.com Department of MCA, Sree Saraswathi Thyagaraja College, Pollachi, India.
Department of Business, Innovation and Skills’ 2015 processes implemented for ensuring the
security survey 90% of the huge organization and 74 security of online transactions. It involves
% of the small organization agonized from security protecting browsers, network, operating
breaches.1 Thus the term cyber security has become systems, and other applications from attacks
the most prominent field under research. Cyber by setting up precise rules and regulations.
security ensures preserving confidentiality, integrity • ICT security is the ability to protect the
and availability of information in the Cyberspace2. Confidentiality, Integrity and Availability of an
Though cybersecurity is a single term, to guarantee organization's digital information assets.
the security it involves the coordination of the various • End-User Knowledge is most significant
other domains. This relationship between various since people are the weakest link in the
domain is depicted in Figure 1. cybersecurity chain. The lack of user
knowledge about cybersecurity risks is the
These domains are simply described below. reason for 50% of the cyberattack and almost
• Application security implementing various 90% of cyberattacks are caused by human
measures to improve the security of an behaviour.
application. This is often done by monitoring
the application and finding, fixing and However, the attacks made by the cyber criminals
preventing security vulnerabilities. are getting smarter and they use new methods and
• Information Security is a set of procedures technology for successful attacks. They often find the
or practices to maintain the confidentiality, security holes and breaches in the secured system
integrity and availability of business data and and steal information or damage the system in less
information in various forms. time.3 In this digital era, since people do all the major
• Network security is a process designed day to day activities online, there is an urgent need
to shield the usability and integrity of the for the improved cyber security with new techniques.
network and its data and provide secured To neutralize the cyberattacks, equal growth in
access towards the network. Network security the cyber security as attacks is required. Though
always includes both hardware and software several new techniques are suggested by various
technologies. researchers and many techniques are currently
• Operations security is a process of identifying in use, the effect of an attack is still increasing.4
and protecting unclassified critical information Cybersecurity has to protect any private, personal
which are often attractive for the competitor or government data from attacks by focusing on
or adversary to gain real information. three main tasks.5
• Internet security involves various security
1. Taking measures to protect equipment, to just the previous few months. But there's an easy
software and the information they contain. way to avoid those attacks, as Norton says that 99.9
2. Guaranteeing the state or quality of being percent of those packages come from unofficial "third
protected from the several threats; and party" app stores. The major cyberattacks for the
3. Implementing and improving these activities. year 2017 is represented as a timeline.
In recent years, many non-profit organizations and According to the report given by Atlanta Journal-
projects have been carried out with the aim of facing Constitution newspaper – www.ajc.com, $ 2.7
security threats. The most popular organization is million spent by the City of Atlanta to repair damage
Open Web Application Security Project (OWASP), from ransomware attack. A report given by 2018 IT
an international non-for-profit charitable organization Professionals Security Report Survey says that 76%
that focuses on the application security.6 Every year of organizations experienced a phishing attack in
they identify and release the series of software the past year and 49% of organizations experienced
vulnerabilities and describe the ten most important a DDoS attack in the past year. The ‘AdultSwine’
in their top ten project. In the year of 2018, the malware was installed up to 7 million times across 60
top ten vulnerabilities listed by the OWASP are Children’s Games Apps. Over 20% of organizations
injection, broken authentication and session are impacted by Cryptojacking Malware every
management, sensitive data exposure, XML week and 40% of organizations were impacted by
External Entities (XXE), Broken Access control, Cryptominers in 2018. (Check Point Research Blog).
Security misconfigurations, Cross Site Scripting
(XSS), Insecure Deserialization, Using Components Over 300 apps in the google play store contained
with known vulnerabilities, Insufficient logging and malware and were downloaded by over 106 million
monitoring.7 users.9 614 GB of data related to weapons, sensor
and communication systems stolen from US Navy
The cyber-attacks have emerged to fifth generation, contractor, allegedly by Chinese government hackers.
though, 97%. Of organizations are using outdated Check Point global attack sensors undergone a
security technologies and equipped for second survey on the new vulnerabilities introduced in the
and third generation attacks.8 The cyber security past 8 years The values are depicted in Figure 3.10
generations are elaborated in Figure 2.
Cyber Security Threats
Cyber Attack Statistics The common goal of the cyberattacks is to disable
The number of unique cyber incidents in the second or to gain access to the target system. The goal can
quarter of 2018, as defined by Positive Technologies, be achieved by applying various attacks on the target
was 47 percent higher than the number from just a system. Several cyberattacks exist and even evolve
year previous. In the third quarter of 2018, Kaspersky day by day. Some of the common cyberattacks are
Labs the number of malicious mobile installation explained below:
packages was up by nearly a third when compared
implemented. Attackers target the disclosed the content to differentiate whether the message
vulnerability during this window of time. Zero-day is spam or not. The machine learning algorithms
vulnerability threat detection requires constant such as Bayesian classifier,15 SVM,16 MapReduce,17
awareness. Behaviour-based spam detection using neural
networks,18 Text detection method for image spam
Spam filtering19 were suggested.
It an e-mail message that is unwanted.12 Spam
e-mails can be not only a time-consuming task for Statistical analysis based malware detection was
recipients but a source of Java applets that may introduced in.20 Marlware detection using machine
execute automatically when the message is read.13 learning was suggested.21 Statistical and dynamical
based malware detection was suggested by Shijo
Apart from the above mentioned threats, SANS and Salim.22 detecting of internet worm malcodes
Institute identifies the following malicious spyware using principal component analysis and multiclass
actions as the most frequent, malicious activities14: support vector machine was introduced. 23 For
• changing network settings, detecting phishing email, random forest machine
• disabling antivirus and antispyware tools, learning technique was employed. 24 Several
• turning off the Microsoft Security Center and/ supervised learning algorithms were introduced to
or automatic updates, detect the phishing sites.25 Thus clustering algorithm
• installing rogue certificates, and classification algorithms such as SVM, Random
• cascading file droppers, Forest, Naïve Bayes classifier, neural network, fuzzy
• keystroke logging, based classifier is commonly used in detecting
• URL monitoring, form scraping and screen the security threats that includes spam detection,
scraping, malware detection and phishing detection.
• turning on the microphone and/or camera,
• pretending to be an antispyware or antivirus Moving to Fifth Generation Cyber Security
tool, Architecture
• editing search results, The rapid digital transformation of business places
• acting as a spam relay, increasing demands on security. Current security
• planting a rootkit or altering the system to architectures to manage all this are outdated and
prevent removal, are the most common cause for unavailability and
• installing a bot for attacker remote control, security issues that lead to failure. Thus there is a
• intercepting sensitive documents and need for implementing fifth generation architecture
exfiltrating them, or encrypting them for that includes cloud infrastructure and Internet of
ransom, Things, though, businesses can eliminate single
• planting a sniffer. points of failure by providing the necessary strength
and resiliency to maintain operations and security
Some of the fifth generation cyber-attacks includes under any circumstances.
Andromeda, AdvisorsBot, Cerber, CNRig, Cryptoloot,
Fireball, HiddenMiner, Iotroop, Nivdort, NotPetya, This security architecture must build a consolidated,
RubyMiner, Trickbot, WannaCry, WannaMine, unified security architecture that manages and
Ransomeware, adultSwine, and cryptocurrency integrates with mobile, cloud and networks to protect
attacks. These are sophisticated attacks that cause against and prevent fifth generation cyberattacks.
severe damage. Integrated threat prevention also needs to work
with a dynamic security policy across all platforms
Machine Learning and Cybersecurity that expresses business needs, supports cloud
Numerous methods and procedures have been demands with auto scaling and is able to flexibly
developed in the literature for the detection of threats integrate with third-party APIs. Furthermore, a
in the cyberspace. Recently machine learning has unified and advanced multi-layered threat prevention
contributed much in the cyber security. In case of environment must include CPU-Level sandbox
spam detection, basically filters are used to analyse prevention, threat extraction, anti-phishing and
SARAVANAN & BAMA, Orient. J. Comp. Sci. & Technol., Vol. 12(2) 50-56 (2019) 55
anti-ransomware solutions to defend against known the latest attacks, organizations should implement
and unknown ‘zero-day’ attacks. In this way, having the fifth generation security architecture to protect
the right architecture upon which the entire security their network infrastructure, cloud and mobile
infrastructure operates is the only way to ensure a infrastructure. Thus to conclude, the awareness
single, cohesive wall of protection to prevent fifth among the organizations and individuals about the
generation cyberattacks.26 cyberattacks and their effect along with the security
solutions are to be increased. Everyone should use
Conclusion the technology only after analysing the pros and cons
In the past 20 years, cyberattacks and the and the security breaches and care must be taken
cybersecurity have advanced and evolved rapidly to secure their information. The future work aims at
due to the technological advancement. Though proposing the fifth generation security framework to
this is the case, unfortunately, most organizations protect the online digital infrastructure that includes
have not evolved and are still using second or third cloud, mobile and network infrastructure.
generation cyber security even after the evolution of
the fifth generation of These fifth generation attacks Acknowledgements
are named as mega attacks as it large-scale and This research has not received any specific grant
fast-moving attacks. These sophisticated attacks from funding agencies in the public, commercial, or
can effortlessly bypass the conventional, static not-for-profit sectors. The authors declare no conflict
detection-based security systems that are used by of interest.
the most of the today’s organizations. Thus to defend
Reference
13. Cranor LF. Lamacchia BA. Spam!. Commun vulnerabilities in android using static analysis.
ACM. 1998; 41(8):74–83 2015; pp 915–918.
14. SANS Institute. Top 15 Malicious Spyware 21. Markel Z., Bilzor M. Building a machine
Actions. 2018. Available Online: https://www. learning classifier for malware detection. In:
sans.org/secur ity-resou rces/ Second workshop on anti-malware testing
15. Wang Z.J., Liu Y., Wang Z.J. E-mail filtration research (WATeR). IEEE. Canterbury. UK.
and classification based on variable weights 2015.
of the Bayesian algorithm. Appl Mech Mater. 22. Shijo P.V., Salim A. Integrated static and
2014; 513–517:2111–2114. dynamic analysis for malware detection.
16. Hsu W.C., Yu T.Y. E-mail spam filtering based Procedia Comput Sci. 2015; 46:804–811.
on support vector machines with Taguchi 23. Divya S., Padmavathi G. A novel method for
method for parameter selection. J Converg detection of internet worm malcodes using
Inf Technol 2010. 5(8):78–88. principal component analysis and multiclass
17. Caruana G., Li M., Qi M. A MapReduce based support vector machine. Int J Secur Appl.
parallel SVM for large scale spam filtering. In: 2014; 8(5):391–402
IEEE 2011 eighth international conference 24. Akinyelu A.A., Adewumi A.O. Classification of
on fuzzy systems and knowledge discovery phishing email using random forest machine
(FSKD), 2011; pp 2659–2662. learning technique. J Appl Math 2014; pp 1–6.
18. Wu C.H. Behavior-based spam detection using 25. Santhana Lakshmi V., Vijaya M.S. Efficient
a hybrid method of rule-based techniques and prediction of phishing websites using
neural networks. Expert Syst Appl. 2009: supervised learning algorithms. Procedia
36(3):4321–4330. Eng. 2012; 30:798–805.
19. Hazza Z.M., Aziz N.A. A new efficient text 26. Check point 2018 security report. 2018.
detection method for image spam filtering. Available Online: https://www.checkpoint.
Int Rev Comput Softw. 2015; 10(1):1–8. com/downloads/product-related/report/2018-
20. Dhaya R., Poongodi M. Detecting software security-report.pdf.