Ethical Hacking As A Defense Mechanism And Operation
Mechanism of Ethical Hacking
This report aims to discuss the topic ethical hacking as a defense mechanism and operation. A brief discussion of the mechanism of the ethical hacking process is provided in this report. The applications of ethical hacking is clearly discussed in this report. Lastly, this report concludes with an appropriate conclusion.
The method of ethical hacking is a developing tool that is used by the organisations for testing the security of the network. The vulnerabilities and the risks of security in any network is recognised with the method of ethical hacking. Information is the major resource of several organisations in the present times (Abu-Shaqra and Luppicini 2016). The government and the organisations need to adopt the methods of ethical hacking for securing the sensitive documents and the confidential information. A professional of ethical hacking needs to be hired for testing the efficiency of the networks (Engebretson 2013).
Mechanism of ethical hacking
The ethical hacking denotes to the task of locating the vulnerabilities and the weaknesses of the informations systems and computers by replicating the intent and the actions of the malicious hackers (Baloch 2014). This variety of hacking can also be referred as the testing for penetration, intrusion testing, and red teaming. Any ethical hacker is the security expert who implements the talents of hacking for reasons of defense on part of the owners of the informations systems. Operation of an ethical hacker is strictly monitored by the permission of the organisations and they basically operate under the supervision of the organisation.
The process of ethical hacking consists of strictly follows a sequence for obtaining a legal and usable result:
Planning: This part of hacking is essential to have a successful project. It delivers an opportunity for providing key understanding to the task at hand, allows in setting goals for the future, and it also allows a risk assessment for evaluating the running cycle of a project (Pike 2013). There are numerous factors that needs to be considered for executing the planning phase of any ethical hack. These factors can include regulations and laws, culture, best practices, the requirements of the industry, and the policy of security. Every one of these factors acts as an integral part in the process of decision making when the ethical hacking is considered. The planning phase of any ethical hack would impact profoundly in the process of hack and the information collected and shared, and it will directly influence the integration and deliverable of the results in the program of security (Crosbie 2015).
Reconnaissance: This phase of searching for the publicly available information for assisting in any attack. It can be a simple or the newsgroups of browsing on internet in the exploration of resentful employees who are interested in sharing the secret information or increasingly messy as the task of digging is done (Regalado et al. 2015). The reconnaissance consists of the tapping phones, networks and engineering. The option of searching is restricted only by the extremes by which the ethical hacker and the organisation are interested in undertaking the task of recovering the information that is required (Shah and Mehtre 2013). This phase of reconnaissance creates the connection among the tasks that needs to be completed and the techniques that are necessary for protecting the information and assets of the organisation (Trabelsi and McCoey 2016).
Applications of Ethical Hacking
Enumeration: This phase is also called as the phase of discovery of vulnerability or the network. This is the task of gaining the sensitive information, networks and application that is publicly accessible from the system of the target (Rathore 2016). It is essential that the phase of enumeration is basically the point where the line among the malicious attack and ethical hack can grow to become blur as it is common to deviate from the planning phase (Wu 2014). Basically, the process of enumeration is simple and easy as it consists of some basic task of collecting the data and perform an evaluation of the data completely for establishing a concrete plan to increased investigation or matrix creation of vulnerability analysis phase (Trabelsi and Ibrahim 2013). Moreover, the enumeration phase is where the ability of the ethical hacker in making logical deductions acts as a major factor.
Vulnerability analysis: For the effective analysis of data, any ethical hacker should deploy some pragmatic and logical method. In the phase of analysis for vulnerability, information that is collected is matched with the identified vulnerabilities in some applied process (Juneja 2013).
Exploitation: Considerable time amount is expended in the preparation and the evaluation of any ethical hack. Definitely, the planning will be used for attacking a target system (Chowdappa, Lakshmi and Kumar 2014). The exploitation of any system can be simple as executing any small program or it can be difficult as the series of complicated sequences that needs to be executed in a specific method for gaining access (Wang and Yang 2017). The process of exploitation is segregated into a collection of subtasks that can contain several steps or any single step in executing the attack (Rao et al. 2014). As the execution of each step is done, the evaluation is conducted for ensuring the expected outcome is generated.
Ethical hacking is accomplished for testing the safety in the systems. This method can be utilised in several applications in the situation of applications on the web that are often damaged (Curbelo and Cruz 2013). This commonly includes the applications of HTTP or Hypertesxt Transfer Protocol and the SMTP (Simple Mail Transfer Protocol) that are most often attacked as majority of firewalls and several other security consists of total access to the programs residing in the internet. The illegal software consists of the Trojan horses and viruses that can damage a system (Sahare, Naik and Khandey 2014). Spam is the kind of junk e-mail that causes needless and violent disturbance on the system and the carry the virus, therefore the ethical hacking helps in the revealing these kinds of attacks against any computer system and delivers the security of system (Schreuders and Ardern 2015). The major application of ethical hacking is to offer security on the infrastructure that is wireless and this is the main intent for several businesses. The sector of ethical hacking has emerged to be a crucial sector in the organisations who are intending to check the technical and intellectual capability against any malicious attackers (Trabelsi and Alketbi 2013). The methods of ethical hacking plays a crucial role in offering security. The resources and the computer services that can perform the tasks without the users. Another application of ethical hacking is to gain access to the network and infrastructure of any other company (Prasad and Manjula 2014). This offers the security in the information technology area referred as infosec. This offers security for the high level attacks like the traffic that is passing through the firewalls and the viruses.
Conclusion
Conclusion
Therefore, it can be concluded that the methods of ethical hacking is essential is securing the information and the networks. The method of ethical hacking is a developing tool that is used by the organisations for testing the security of the network. The vulnerabilities and the risks of security in any network is recognised with the method of ethical hacking. The ethical hacking denotes to the task of locating the vulnerabilities and the weaknesses of the informations systems and computers by replicating the intent and the actions of the malicious hackers. This method can be utilised in several applications in the situation of applications on the web that are often damaged. This commonly includes the applications of HTTP or Hypertesxt Transfer Protocol and the SMTP (Simple Mail Transfer Protocol) that are most often attacked as majority of firewalls and the security has total permission to the internet programs.
References
Abu-Shaqra, B. and Luppicini, R., 2016. Technoethical Inquiry into Ethical Hacking at a Canadian University. International Journal of Technoethics (IJT), 7(1), pp.62-76.
Baloch, R., 2014. Ethical hacking and penetration testing guide. Auerbach Publications.
Chowdappa, K.B., Lakshmi, S.S. and Kumar, P.P., 2014. Ethical hacking techniques with penetration testing. International journal of computer science and information technologies, 5(3), pp.3389-3393.
Crosbie, M., 2015. Hack the cloud: Ethical hacking and cloud forensics. In Cloud Technology: Concepts, Methodologies, Tools, and Applications (pp. 1510-1526). IGI Global.
Curbelo, A.M. and Cruz, A., 2013. Faculty Attitudes toward Teaching Ethical Hacking to Computer and Information Systems Undergraduates Students. In Proceedings of the Eleventh LACCEI Latin American and Caribbean Conference for Engineering and Technology.
Engebretson, P., 2013. The basics of hacking and penetration testing: ethical hacking and penetration testing made easy. Elsevier.
Juneja, G.K., 2013. Ethical hacking: A technique to enhance information security. International Journal of Innovative Research in Science, Engineering and Technology, 2(12), pp.7575-7580.
Pike, R.E., 2013. The “ethics” of teaching ethical hacking. Journal of International Technology and Information Management, 22(4), p.4.
Prasad, M. and Manjula, B., 2014. Ethical Hacking Tools: A Situational Awareness. Int J. Emerging Tec. Comp. Sc. & Elec, 11, pp.33-38.
Rao, G.S., Kumar, P.N., Swetha, P. and BhanuKiran, G., 2014, December. Security assessment of computer networks-an ethical hacker’s perspective. In Computer and Communications Technologies (ICCCT), 2014 International Conference on (pp. 1-5). IEEE.
Rathore, N.K., 2016. Ethical hacking & security against cyber crime. Journal on Information Technology (JIT), 5(1), pp.7-11.
Regalado, D., Harris, S., Harper, A., Eagle, C., Ness, J., Spasojevic, B., Linn, R. and Sims, S., 2015. Gray Hat Hacking The Ethical Hacker’s Handbook. McGraw-Hill Education Group.
Sahare, B., Naik, A. and Khandey, S., 2014. Study Of Ethical Hacking. Int. J. Comput. Sci. Trends Technol, 2(4), pp.6-10.
Schreuders, Z.C. and Ardern, L., 2015. Generating randomised virtualised scenarios for ethical hacking and computer security education: SecGen implementation and deployment.
Shah, S. and Mehtre, B.M., 2013. A modern approach to cyber security analysis using vulnerability assessment and penetration testing. Int J Electron Commun Comput Eng, 4(6), pp.47-52.
Trabelsi, Z. and Alketbi, L., 2013, July. Using network packet generators and snort rules for teaching denial of service attacks. In Proceedings of the 18th ACM conference on Innovation and technology in computer science education (pp. 285-290). ACM.
Trabelsi, Z. and Ibrahim, W., 2013, March. Teaching ethical hacking in information security curriculum: A case study. In Global Engineering Education Conference (EDUCON), 2013 IEEE (pp. 130-137). IEEE.
Trabelsi, Z. and McCoey, M., 2016. Ethical hacking in Information Security curricula. International Journal of Information and Communication Technology Education (IJICTE), 12(1), pp.1-10.
Wang, Y. and Yang, J., 2017, March. Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool. In Advanced Information Networking and Applications Workshops (WAINA), 2017 31st International Conference on (pp. 110-113). IEEE.
Wu, A.J., 2014, May. Project development for ethical hacking practice in a website security course. In Proceedings of the Western Canadian Conference on Computing Education (p. 18). ACM.