Internet Security Details: [Internet Security] Content security and protection

(Due to the openness and anonymity of the Internet, all kinds of illegal content emerge in an endless stream. How to prevent it through technical means is explained in detail by Fengbian, a security expert of Ali Cloud.)

Brief introduction:

Internet security is a comprehensive subject involving computer science, network technology, communication technology, cryptography technology, information security technology, applied mathematics, number theory, information theory and other subjects. Internet security is essentially the information security on the Internet. Broadly speaking, all relevant technologies and theories related to the confidentiality, integrity, availability, authenticity and controllability of information on the Internet are the research field of network security.

Background:

“Internet” refers to the global information system, which is an interactive platform for mutual exchange, communication and participation. Therefore, Internet security problems, should be like every household fire prevention and theft problem, do prevent in the future. Threats occur before you even think you will be targeted, and when they do occur, they are often unprepared and cause great damage.

Cyber security issues have as much to do with the personal computer as with the original architecture of the Internet. First, according to the classic “end-to-end” principle, the Internet should be designed to keep data transmission as simple as possible, with authentication of data at the end rather than in transit. The unique TCP /IP protocol of the Internet divides data into several packets, which can be reassembled into complete information only after being transmitted to the terminal device. During this process, the carrier cannot know the contents of the packets. Second, PCS and operating systems as terminals give users the ability to write viruses and malicious programs that can easily spread quickly across the Internet. Since the first worm virus “Morris” appeared in 1988, various viruses, Trojan horses and network attacks have emerged one after another in the world, seriously threatening the prosperity of the Internet and the security of user data. In particular, the manufacture of network viruses has gradually become a profitable industry, and network security has basically become a normal problem with the spread of the Internet, and it is becoming more and more serious. Third, as Internet services and applications become more diverse and complex, and the market becomes more competitive, many software programs that have not been screened for security often carry certain flaws and vulnerabilities, which give viruses and malicious programs various opportunities to invade personal computers. Users download and use various kinds of software, but lack sufficient vigilance and technical ability to protect themselves, and cannot judge software quality and security risks.

Since the Internet is an anonymous open system that transcends national boundaries at the very beginning, it is necessary to start from the endpoint of information flow in order to address its weaknesses in the case that it cannot fundamentally change its original architecture. In reality, there are at least several options: First, for a country, in order to protect its network users from foreign attacks, it can control the exit of its network connecting with other countries’ networks, and set up an intrusion detection system in the exit channel to detect suspicious packets. But this is subject to the country’s communications and speech laws. Second, Internet backbone and access operators (ISPs) implement hierarchical security protection, which violates the “end-to-end” principle and may be questioned by the public and regulated by the state. Of course, countries can also make laws requiring them to take responsibility for safety. Third, in the same way, Internet content and application service providers (ICP) will also take security measures to ensure the security of transactions and services and protect user information from attack and infringement. The state can also impose legal liability. Finally, users can install security software on their computer terminals to protect their personal data. In different countries, these four measures can be applied in combination, or they can be weighted towards certain endpoints. In addition, no matter who carries out the protection, the required security system can be provided by a unified national or specialized security software company. Since the cost of software product replication and distribution is zero, the software provider’s r&d investment in the early stage and technology update in the later stage become a key issue. Compared with the manufacturing and use of weapons in the pre-Internet era, the technological threshold for launching cyber attacks has been greatly lowered, blurring the line between state-targeted cyber warfare and general cyber attacks, and the rules and strategies of war that existed in the era of nuclear war are no longer applicable. In the face of uncertain cyber attacks, the state cannot defend the entire cyber space like providing traditional public goods, but can only focus on the security of national infrastructure and information equipment of government departments. At the same time, a large number of enterprises and individual users in the society are responsible for their own safety, security software installation to take private relief. This can not only reduce the unnecessary financial expenditure of the country, but also produce better security software services through market competition. Providing unique products for different types of network threats is an efficient way to allocate resources. If a country adopts the traditional defense concept that Internet security is subordinate to national information sovereignty security, then it is necessary to control the export channel in the framework, so as to prevent virus invasion at the first gate to the maximum extent, but the cost is extremely high. These measures are part of Lawrence Lessig’s idea that regulating cyberspace by code is more effective than simply legislating against it.

Key threats:

  • Network attack

1. Active attack: deliberate action that contains information the attacker needs to access.

2. Passive aggression. Information is collected rather than accessed, and legitimate users of the data are unaware of this activity.

Passive attacks include: 1. Eavesdropping. Including keystroke logging, network listening, illegal access to data, access to password files. 2. Deception. Including obtaining passwords, malicious code, network spoofing. Denial of service. These include causing anomalies, resource depletion, and deception. 4. Data-driven attacks: including buffer overflow, formatted string attack, input validation attack, synchronization vulnerability attack, trust vulnerability attack.

  • Trojan virus

Trojan virus is to download and install a few unsafe software and browse a few unsafe websites commonly when the intrusion into the computer, suggest you do not browse unsafe network website and do not install unsafe software.

  • Pseudo base station

“Fake base station” means fake base station. Equipment is a kind of high-tech equipment, generally composed of host and notebook computer, via text message mass, message transmitter and other related equipment can take as the center, search within a radius of a mobile phone card information, through disguised as operator stations, arbitrary and using cell phone number to send the user mobile phone fraud, such as advertising sells short message.

  • APT attacks

APT (Advanced Persistent Threat) ——– A form of attack that uses advanced means of attack to attack a specific target over a long period of time. The principle of APT attack is more advanced and advanced than other forms of attack, which is mainly reflected in the fact that APT needs to accurately collect the business process and target system of the target before launching an attack. In the process of collection, the attack will actively explore the vulnerabilities of the trusted system and application programs of the target, use these vulnerabilities to build the network required by the attacker, and use the 0day vulnerability to attack.

  • The wireless network

With the explosive growth of mobile devices, laptops, netbooks, smartphones and tablets will quickly become part of our daily lives in 2011. The security of wireless networks provided in public places, such as cafes and hotels, will also be a focus of attention. Hackers can easily break into personal mobile devices and gain access to private information through public wireless networks.

Content Introduction:

  • Why should we pay attention to content security
  • Classification of harmful information on the Internet
  • Causes of harmful information on the Internet
  • How to find harmful information effectively
  • How to effectively contain harmful information from the source

More excellent courses:

Official website of Ali Yun University (Official website of Ali Yun University, Innovative Talent Workshop under cloud Ecology)