INFORAMTION ASSURANCES AND CYBER DEFENSE INTRODUCTIONIt is not clear whether the Cyber-Terrorist is real or simply a theoretical class of adversary. Verylittle intelligence or other data exist in open literature that characterizes the behavior or existenceof this class of adversary. We will argue that the Cyber-Terrorist is a very real potential threat tomodern information systems. Therefore, sophisticated defenders must understand the capabilitiesand behavior of this adversary in order to defend against it. The Defense Advanced ResearchProjects Agency‟s (DARPA‟s) Information Assurance (IA) Program is attempting .Toincorporate the Cyber-Terrorist Into a larger model of threats poised against information systemsoperated by the US Department of Defense. This paper lists some of the basic assumptions aboutthis adversary, with the intent that these assumptions may be challenged within the researchcommunity. HYPOTHESISInformation systems that manage the nation‟s defenses and critical infrastructures are vulnerableto cyber attacks. PROBLEM STATEMENT The problem of defending the nation from a cyber attack is complicated. SIGNIFICANCE OF STUDYThe project is designed to develop conceptual and analytical understanding about the initiativesthat must be taken in order to secure the Cyber technology. This project helps me to understandthe objective to identify common threats and attacks employed against Web-accessibleapplications. We analyze and explain the role of cryptography, and scrutinize issues related tosecurity management and network security. RESEARCH QUESTIONWhat is Cyber attack: Is your critical infrastructure is safe?
Is Anatomy of sophisticated IT is vulnerable to Cyber attack?Is cyber attack is a threat not just to our national security, but also to our economic edge and wayof life?Are Cyber-attacks on critical infrastructure representing a threat to both governments and theprivate sector?Should the National Guard and reserve members‟ role be expended to support cyberspace rolesand functions? LITERATURE REVIEWIn article (2009)“IATAC’s Critical Role in Information Assurance and CyberSecurity “by Gene Tyler, Dr. Ron Ritchey, and Karen Mercedes GoertzelAuthors analyzed the Measuring Cyber Security and Information Assurance which provides abroad picture of the current stat e of cyber security and information assurance, as well as acomprehensive look at the progress made in measurement discipline. The security of our nationdepends on the survivability, authenticity, and continuity of information systems. These systemsare vulnerable to external attacks, due in part to the necessary dependence on commercialsystems and the increased use of the Internet. Security of information systems is also of supremeimportance to the war fighter in defending our national security.With the increasing amount of concern and Information Warfare (IW) activities requiring rapidresponses, it is difficult to ensure that all appropriate agencies and organizations are given theknowledge and tools to protect from, react to, and defend against IW attacks. The InformationAssurance Technology Analysis Center (IATAC) is institution for facilitating the sharing ofInformation Assurance (IA) and cyber security information throughout government, industry,and academia so that individuals can gain access to knowledge and tools essential for effectivecomputer network defense.In book “CYBER SECURITY ESSENTIALS” had written by Rick Howard, James J. Graham,Richard Howard 15 dec, (2010). The book then essentially provides an „introduction‟ to the „subject‟of Cyber Security. It covers the main concepts involved in identifying potential threats, vulnerabilities andthe procedures necessary to combat them, but does not provide a comprehensive, detailed description onthe subject of Cyber Security.
The sophisticated methods used in recent high-profile cyber incidents have driven many to need to understand how such security issues work.Demystifying the complexity often associated with information assurance, Cyber Security Essentials provides a clear understanding of the conceptsbehind prevalent threats, tactics, and procedures.The subject content does provide an overview of current threats and trends, which, as outlined above, arebroken down and explained in simple terms, including the issue of program code exploits (reasonabledetails provided on this). Diagrams are used well, enhancing the reader‟s understanding of the subjectmatter and relevant references are provided where necessary.Cyber Security, by its very nature, tends to be technical, and explaining technical concepts to the businesscan often be challenging. This book aims to help in this area by removing the technical jargon as far aspossible and substituting these with simple terms to explain technical aspects. Does it work? Well,almost; like many other complicated subjects where the author tries to make the topics accessible to thelayman, some of the important stuff gets lost in translation! To accomplish this, the team of security professionals fromVeriSign‟s iDefense® Security Intelligence Services supply an extensive review of the computer security landscape. Although the text is accessible to thosenew to cyber security, its comprehensive nature makes it ideal for experts who need to explain how computer security works to non-technical staff.Providing a fundamental understanding of the theory behind the key issues impacting cyber security, the book: Covers attacker methods and motivations,exploitation trends, malicious code techniques, and the latest threat vectors Addresses more than 75 key security concepts in a series of concise, well-illustrated summaries designed for most levels of technical understanding Supplies actionable advice for the mitigation of threats Breaks down the code used to write exploits into understandable diagramsThis book is not about the latest attack trends or botnets. It‟s about the reasons why these problems continue to plague us. By better understanding the logicpresented in these pages, readers will be prepared to transition to a career in the growing field of cyber security and enable proactive responses to thethreats and attacks on the horizon RESEARCH METHODOLOGYResearchers use secondary data for this research project by applying the methodology ofdescriptive and analytical research. Data was collected from different websites, books, andnewspaper articles. Additional research was pursued utilizing college and university websitesthat posted studies of similar matters. Furthermore, books written by experts were examined andrelevant information was extracted to reinforce the views within this text. A logical analysis ofthe material was conducted and presented in this paper. LIMITATIONS 1. Being female researcher it was for researchers to go outside for searching data. 2. Time span was very limited for dealing with such a complex and recent topic. 3. Lack of good literature available in Fatima Jinnah Women University.
TENTATIVE OUTLINE/STRUCTURE OF STUDY CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 CONCLUSION