A New Model For Cyber Security

The use of modern internet and digital communications have made it an essential part of daily life. The exchange and transfer of electronic data is a key element in how people interact and communicate with one another, both individually and as a business. Cyber security is now a top priority due to the trend towards cloud computing, where companies and individuals store important documents online.

Although encryption, antivirus software and firewalls were all used to protect data long before the advent of the digital revolution, none of these methods have become as efficient as modern-day security options to handle the new modes of digital communication. The devices that can connect to the Internet or global data network have become smaller and smarter. A modern cellphone can be used to access email, update blogs and access corporate documents.

In the past, security approaches were based on the concept of limiting access through firewall systems and detecting intrusions such as viruses using signature-based scanning systems. All of these solutions are based on the principle to restrict, channelize, hide, and limit data access. Fireproof walls, which are made from fire-resistant materials, are used to name firewalls. They are intended to prevent fire from entering safe areas. Any external access to an internal network or public network that is not necessary is considered fire and blocked. The Virus signature model and antivirus solutions have been found to be ineffective due to the time it takes to update signature files, and the resources required to scan thousands of files. It's like sending police officers to every house in a large city to find the bad guys. Modern computers can store several thousand files and modern viruses are changing rapidly, so the signature-based scanning model is no longer practical Sophos Panama

Problem with current approaches is that with digital networks becoming more widespread, there has never been a way to dynamically update signature databases or firewalls to allow for new types and threats. Nearly every day new applications are added to enable people to gain access to new digital services. The current security model is not designed to quickly distinguish between good and bad activity. To protect against the possible threats of a few, it actually restricts freedom for the whole group. The best security system can allow and maintain access to the group, while limiting or denouncing access to activities that are not in line with the established norm.

Every security method has a cost. Generally firewalls, antivirus software and VPN networks have a greater impact on access to digital networks than they do protecting them. Administrators and corporate IT security managers cannot continue to follow the restrict all model. They are only restricting legitimate access, severely limiting users' ability to take advantage of the digital information revolution, and do little to stop actual hackers or unauthorized access to their networks.

An effective cyber security solution must be dynamic and flexible enough to keep up with the changing needs of all digital access devices and applications. It's not possible to scan all of the applications or restrict access to them. This will only hinder users from taking full advantage of the digital networks and internet, which has increased productivity and power, and is a huge use of computing resources.

A cybersecurity security model for data networks is one that denies access to unauthorized users and prevents downtime of authorized services due to unauthorized activities (Denial-of-Service attacks). It also preserves the overall functional health of a network at 99%.

1) Data and system protection from unauthorised access

Data protection is a top priority for cybersecurity because more information is stored online, including financial information, credit card numbers and classified documents. There have been numerous security breaches that resulted in the theft of sensitive data, including millions of credit card numbers and corporate trade secrets. Foreign countries may also be able to access national security information using trojans or other intrusion methods.

Intrusion methods include

Backdoor network intrusion apps hidden in or disguised to be legitimate applications are installed by authorized users that enter into a network.

Brute force attacks are where weak passwords and common user names are exploited by systems that attempt millions of combinations of username and password sets to gain access.

Exploits in operating system Microsoft Windows that allow a secure or authorized services to be exploited using found flaws within the software's design.

Employees or other authorized personnel with access to the networks are at risk of being hacked or stolen. Notes left on desks and computers that are not logged into to secure areas.

External breaches can be exposed by placing documents on USB pendrives or laptops to allow for the presentation of such data in meetings that are not part of the network. Employees often place documents on USB pendrives that are intended for remote presentations. However, they also have other secure documents that were not related to the meeting. They then place the pen drive into a third-party computer to present one document. However, they don't know that this computer contains a trojan that copies all data from their USB to an unauthorised 3rd party location.

2) Preventing the downtime caused by unauthorized activities

Brute force attacks and scanners can bring down a network's servers and main access routes, causing it to become unusable. These attacks can cause significant damage to networks and disrupt their operations on a daily base. It is crucial to have the ability to identify such attacks and stop them from reaching the core network and its services.

3) Maintaining the overall functional health of a network.

The preservation of the health and integrity of a digital network involves more than just preventing attacks and unauthorized activities. It also includes the preservation of core services, data access and other essential services that are used by authorized users. It is impossible to prevent or stop attacks or potential attacks without limiting or prohibiting authorized access. It must be capable of preventing attacks and breaches to its integrity, while allowing authorized users to access its resources without restriction or denial.

The many ways in which security can be compromised in data networks is evident. Furthermore, the dependence on these networks means that current security methods not only are inadequate to protect them, but also cause additional security issues and network access problems. It is urgent that cybersecurity be redesigned and adapted to changing threats to data networks.

The following goals must be met in order to create a new IDS model:

Any IDS system should have the goal of protecting the network integrity and allowing it to operate in its optimal operating condition at 99.99%. An IDS system should be light and easily deployed. An IDS system must not be used to intrude on another network.

An IDS system should be able adapt to changing environments and update its signature records in response to evolving threats. An IDS system should not need to be able to update its signature files constantly and verify that it is detecting real threats. An IDS system must be capable of simultaneously protecting the network from attacks, unauthorized usage, and downtime. It should also allow authorized clients to access network resources and prevent or limit network access. It must not be intrusive and keep the network open to all users.