1. INFORAMTION ASSURANCES AND CYBER DEFENSE
INTRODUCTION
It is not clear whether the Cyber-Terrorist is real or simply a theoretical class of adversary. Very
little intelligence or other data exist in open literature that characterizes the behavior or existence
of this class of adversary. We will argue that the Cyber-Terrorist is a very real potential threat to
modern information systems. Therefore, sophisticated defenders must understand the capabilities
and behavior of this adversary in order to defend against it. The Defense Advanced Research
Projects Agency‟s (DARPA‟s) Information Assurance (IA) Program is attempting .To
incorporate the Cyber-Terrorist Into a larger model of threats poised against information systems
operated by the US Department of Defense. This paper lists some of the basic assumptions about
this adversary, with the intent that these assumptions may be challenged within the research
community.
HYPOTHESIS
Information systems that manage the nation‟s defenses and critical infrastructures are vulnerable
to cyber attacks.
PROBLEM STATEMENT
The problem of defending the nation from a cyber attack is complicated.
SIGNIFICANCE OF STUDY
The project is designed to develop conceptual and analytical understanding about the initiatives
that must be taken in order to secure the Cyber technology. This project helps me to understand
the objective to identify common threats and attacks employed against Web-accessible
applications. We analyze and explain the role of cryptography, and scrutinize issues related to
security management and network security.
RESEARCH QUESTION
What is Cyber attack: Is your critical infrastructure is safe?
2. Is Anatomy of sophisticated IT is vulnerable to Cyber attack?
Is cyber attack is a threat not just to our national security, but also to our economic edge and way
of life?
Are Cyber-attacks on critical infrastructure representing a threat to both governments and the
private sector?
Should the National Guard and reserve members‟ role be expended to support cyberspace roles
and functions?
LITERATURE REVIEW
In article (2009)“IATAC’s Critical Role in Information Assurance and Cyber
Security “by Gene Tyler, Dr. Ron Ritchey, and Karen Mercedes Goertzel
Authors analyzed the Measuring Cyber Security and Information Assurance which provides a
broad picture of the current stat e of cyber security and information assurance, as well as a
comprehensive look at the progress made in measurement discipline. The security of our nation
depends on the survivability, authenticity, and continuity of information systems. These systems
are vulnerable to external attacks, due in part to the necessary dependence on commercial
systems and the increased use of the Internet. Security of information systems is also of supreme
importance to the war fighter in defending our national security.
With the increasing amount of concern and Information Warfare (IW) activities requiring rapid
responses, it is difficult to ensure that all appropriate agencies and organizations are given the
knowledge and tools to protect from, react to, and defend against IW attacks. The Information
Assurance Technology Analysis Center (IATAC) is institution for facilitating the sharing of
Information Assurance (IA) and cyber security information throughout government, industry,
and academia so that individuals can gain access to knowledge and tools essential for effective
computer network defense.
In book “CYBER SECURITY ESSENTIALS” had written by Rick Howard, James J. Graham,
Richard Howard 15 dec, (2010). The book then essentially provides an „introduction‟ to the „subject‟
of Cyber Security. It covers the main concepts involved in identifying potential threats, vulnerabilities and
the procedures necessary to combat them, but does not provide a comprehensive, detailed description on
the subject of Cyber Security.
3. The sophisticated methods used in recent high-profile cyber incidents have driven many to need to understand how such security issues work.
Demystifying the complexity often associated with information assurance, Cyber Security Essentials provides a clear understanding of the concepts
behind prevalent threats, tactics, and procedures.
The subject content does provide an overview of current threats and trends, which, as outlined above, are
broken down and explained in simple terms, including the issue of program code exploits (reasonable
details provided on this). Diagrams are used well, enhancing the reader‟s understanding of the subject
matter and relevant references are provided where necessary.
Cyber Security, by its very nature, tends to be technical, and explaining technical concepts to the business
can often be challenging. This book aims to help in this area by removing the technical jargon as far as
possible and substituting these with simple terms to explain technical aspects. Does it work? Well,
almost; like many other complicated subjects where the author tries to make the topics accessible to the
layman, some of the important stuff gets lost in translation! To accomplish this, the team of security professionals from
VeriSign‟s iDefense® Security Intelligence Services supply an extensive review of the computer security landscape. Although the text is accessible to those
new to cyber security, its comprehensive nature makes it ideal for experts who need to explain how computer security works to non-technical staff.
Providing a fundamental understanding of the theory behind the key issues impacting cyber security, the book: Covers attacker methods and motivations,
exploitation trends, malicious code techniques, and the latest threat vectors
Addresses more than 75 key security concepts in a series of concise, well-illustrated summaries designed for most levels of technical
understanding
Supplies actionable advice for the mitigation of threats
Breaks down the code used to write exploits into understandable diagrams
This book is not about the latest attack trends or botnets. It‟s about the reasons why these problems continue to plague us. By better understanding the logic
presented in these pages, readers will be prepared to transition to a career in the growing field of cyber security and enable proactive responses to the
threats and attacks on the horizon
RESEARCH METHODOLOGY
Researchers use secondary data for this research project by applying the methodology of
descriptive and analytical research. Data was collected from different websites, books, and
newspaper articles. Additional research was pursued utilizing college and university websites
that posted studies of similar matters. Furthermore, books written by experts were examined and
relevant information was extracted to reinforce the views within this text. A logical analysis of
the material was conducted and presented in this paper.
LIMITATIONS
1. Being female researcher it was for researchers to go outside for searching data.
2. Time span was very limited for dealing with such a complex and recent topic.
3. Lack of good literature available in Fatima Jinnah Women University.