Core Concepts of Cybersecurity: Mechanisms and Attacks

Posted on Nov 16, 2025 in Business Administration and Innovation Management

The Crucial Need for Network Security

Network security is crucial in today’s digital world where individuals, businesses, and governments rely heavily on computer networks for communication, data storage, and daily operations. Detailed reasons why network security is essential:

  1. Protection from Unauthorized Access: Network security ensures that only authorized users can access the network and its resources. It prevents hackers or malicious users from gaining access to sensitive information.
  2. Data Protection: Sensitive data such as personal information, financial records, and business secrets must be protected during storage and transmission. Network security ensures the confidentiality and integrity of this data.
  3. Prevention of Cyber Attacks: Threats like viruses, worms, ransomware, and phishing attacks can damage or steal data. Network security tools (like firewalls, antivirus software, and intrusion detection systems) help prevent these attacks.
  4. Ensuring Data Integrity: Data must remain accurate and unaltered during transmission. Network security ensures that information is not modified or tampered with by unauthorized parties.
  5. Ensuring Availability: Network security ensures that network services remain available to users. It helps prevent attacks like Denial of Service (DoS), which aim to make systems unavailable.

OSI Security Architecture Framework

The OSI Security Architecture is a framework that provides guidelines to secure communication in a computer network based on the OSI model (Open Systems Interconnection).

Key Elements of OSI Security

  • Security Services: Provide protection for data (e.g., confidentiality, integrity, authentication, access control, non-repudiation).
  • Security Mechanisms: Tools and techniques to implement security services (e.g., encryption, digital signatures, firewalls, authentication protocols).
  • Security Attacks: Classified into Passive attacks (e.g., eavesdropping, traffic analysis) and Active attacks (e.g., data modification, denial of service).

Defining Security Mechanisms

A security mechanism is a method, tool, or procedure used to protect systems, networks, software, and data from unauthorized access, damage, or theft. It enforces security policies and ensures confidentiality, integrity, and availability (often called the CIA triad) of information.

Common Types of Security Mechanisms

  1. Authentication: Verifies the identity of a user or system.
    • Examples: Passwords, biometric scans, two-factor authentication (2FA).
  2. Authorization: Determines what an authenticated user is allowed to do.
    • Example: File permissions (read, write, execute).
  3. Encryption: Converts data into a coded format to prevent unauthorized access.
    • Example: HTTPS (SSL/TLS) encrypts website data.
  4. Firewalls: Controls incoming and outgoing network traffic based on security rules, helping to block malicious traffic.
  5. Intrusion Detection Systems (IDS) / Intrusion Prevention Systems (IPS):
    • IDS: Detects suspicious activities.
    • IPS: Detects and actively blocks such activities.

Understanding Security Attacks

Security attacks are attempts to compromise the confidentiality, integrity, or availability of information or systems. They are mainly classified into two categories:

  1. Passive Attacks: Monitoring or eavesdropping on data without altering it.
  2. Active Attacks: Attempting to alter, disrupt, or damage the data or system.

Passive Attacks

Goal: Steal information without changing it.

  • Eavesdropping: Listening to private communication (e.g., wiretapping).
  • Traffic Analysis: Observing patterns of data flow to infer sensitive information.

Active Attacks

Goal: Alter data, disrupt service, or impersonate users.

  • Masquerade: Pretending to be someone else (spoofing).
  • Modification: Changing data during transmission.
  • Replay: Resending captured messages to trick the system.
  • Denial of Service (DoS): Overloading a system to make it unavailable.

Cryptography Versus Steganography

Steganography: Hiding the Presence of Data

Definition: Steganography is the practice of hiding secret information inside other non-secret data, so that no one suspects the information is there.

Key Features of Steganography

  • The existence of the message is hidden.
  • Unlike cryptography (which hides content), steganography hides the presence of communication.
  • Commonly used in digital media (images, audio, video, etc.).

Example: Hiding a secret message inside an image file by changing the least significant bits (LSB) of pixel values. To the human eye, the image looks the same, but the message is embedded inside.

Real-Life Analogy: Like writing a secret message using invisible ink on paper—it looks blank, but the message is present.

Cryptography: Securing Information Content

Definition: Cryptography is the science of securing information by converting it into a form that cannot be understood by unauthorized users.

Purpose of Cryptography

  • To protect data from unauthorized access.
  • To ensure confidentiality, integrity, and authenticity of information.

Example: Converting “HELLO” into “URYYB” using a Caesar Cipher (shift of 13).

Cryptanalysis and Attack Methodologies

What is Cryptanalysis?

Definition: Cryptanalysis is the science of breaking cryptographic systems. It involves finding weaknesses in encryption to recover the plaintext or secret key without permission.

Purpose:

  • To test the strength of cryptographic methods.
  • To recover information without knowing the key.

Example: Guessing the key used in a substitution cipher by analyzing letter frequency.

Common Cryptographic Attacks

  1. Ciphertext-Only Attack (COA): The attacker has only encrypted messages and attempts to guess the plaintext or key.
  2. Known-Plaintext Attack (KPA): The attacker knows some plaintext-ciphertext pairs and uses them to find the key.
  3. Chosen-Plaintext Attack (CPA): The attacker can choose plaintexts and obtain their corresponding ciphertexts to analyze the encryption process.
  4. Chosen-Ciphertext Attack (CCA): The attacker can choose ciphertexts and have them decrypted to learn about the key.
  5. Brute Force Attack: Tries all possible keys until the correct one is found.
  6. Side-Channel Attack: Uses physical information, such as timing or power usage, to break encryption.
  7. Linear Cryptanalysis: Uses linear equations to find relationships between plaintext, ciphertext, and key.
  8. Differential Cryptanalysis: Studies how differences in plaintexts affect ciphertexts to find patterns and the key.
  9. Birthday Attack: Exploits the probability of hash collisions to break hash functions.
  10. Man-in-the-Middle Attack (MITM): An attacker intercepts and possibly alters communication between two parties.