Both cyber security and information security are frequently used interchangeably. The latter adds a new dimension to the former by considering human variables throughout the security process, making the individual the focus of attention and a potential target. However, such talks about cyber security often revolve around social facets of society and have significant implications. To aid in cyber security, several models and systems have been developed. Both the number and complexity of hacks have increased dramatically over the past few decades. Because of this, developing a plan that cannot be compromised by online assaults is essential. As hackers become more sophisticated in their use of state-of-the-art techniques and cutting-edge technology, we are seeing an increase in hacking, attacks, and data leaks. In this chapter, the authors investigate few models and recent trends of threats and attacks of security models. In addition, they have also studied their shortcomings and the methods previously employed to counteract such hazards.
TopIntroduction
Cyberspace is the dynamic environment that arises from the interaction of machines, software, and services. The spread of laptops and other types of technological contact sustains globalisation. It is challenging to create clear boundaries between private people, businesses, military, and governmental organisations in online due to the benefits given by technological advancement. Cyberspace is only anticipated to become more complicated in the coming decades as more and more networks and devices become linked to one another.
The increasing prevalence of cyber dangers and -attacks has made cyber security an urgent concern. This is because cybercriminals have developed more sophisticated strategies for targeting computer systems. Individuals, start-ups, and larger businesses are all impacted. Organizations of all hues, not just those in the IT sector, are starting to wake up to the seriousness of the situation and take measures to strengthen their defences against cybercrime. Cyber security is primarily about individuals, procedures, and techniques working together to mitigate threats and vulnerabilities through deterrence, international involvement, incident response, resilience, and restoration using tools like computer network operational processes, information assurance, law enforcement, etc. The importance of cyber security in today's highly digital world cannot be overstated. Cyberattacks can be extremely costly for businesses. Damage to a company's image and bottom line can result from a data leak. The harm caused by cyberattacks in the modern era is mounting. Cybercriminals' elaborate online attacks evolve over time (Maglaras et al., 2022).
The two most common forms of hacking are denial-of-service and insider threats. Threats posed by the Internet Attacks on the system, subsequently. An attack on a website or its related online apps that originates from within the Internet itself. Some frequent instances of internet violence are as follows:
As a starting point, we have injection attacks, which happen when hackers insert harmful code or data into a website in an effort to gain access to sensitive data. SQL Injection, code injection, log injection, XML injection, and so on are just a few of the most prevalent types of injection attacks.
One vulnerable area of computer network security is DNS hijacking. DNS cache poisoning attacks aim to redirect network traffic to an unauthorised address by inserting harmful content into a DNS resolver's cache. DNS faking assaults pose a serious threat to security because they may go unnoticed for long periods of time.
Finally, in regards to protected networks, a session hacking assault is a security violation that specifically targets a user's session. Web applications use “cookies,” which are text files, to remember information about a user's experience and their preferences. If a thief obtains access to your cookies, they can access any information stored in them, no matter how private.
Phishing is an aggressive method of obtaining personal information from users, such as passwords and credit card numbers. It occurs when a criminal masquerades as a safe person you can communicate with online.
Physical force is a try-and-see approach to offence. This method generates and tests a large number of possibilities in order to crack a passcode or ID number. While hackers may employ this attack to gain access to protected data, security experts may employ it to gauge the efficacy of a company's network defences.
The goal of the sixth type of attack is to prevent users from accessing a website or other network resource. To accomplish this, it floods the target with traffic or transmits it corrupt data that causes it to collapse. It uses a single machine and a single internet link to launch a coordinated assault against a website. Because of this, it can be classified as one of the following: A strategy of overwhelming force the goal of the attack is to consume as many data per second as possible from the targeted website. Attacks against a protocol can be measured in terms of the amount of packets sent and received and the actual amount of server resources consumed. Application layer attacks are those that aim to flood a web server with queries (Khan et al. 2022).
As another common technique, dictionary assaults store a list of commonly used passwords and use authentication to figure out the real one. In some cases, an intruder can trick a web server into displaying material that the user is not authorised to view by tampering with the Address. Putting meaning into an Address is what that term describes.