Cybersecurity

AI vs AI: The Emerging Battleground of Cyber Offensive and Defensive Strategies

/ Miguel Antonio Bigueur / 3 Comments

10 Minutes

The rapid evolution of artificial intelligence (AI) is transforming the landscape of cybersecurity, bringing both exciting opportunities and daunting challenges. As AI systems grow more advanced, they are being harnessed by both cyber attackers and defenders, creating a dynamic and complex battle of wits. This report delves into the intricate dance of AI versus AI in the realm of cybersecurity, offering an in depth overview of offensive and defensive strategies. Explore the profound implications and future possibilities of this high-stakes technological showdown.

The AI Arms Race

The interplay between offensive and defensive AI strategies has given rise to an AI versus AI arms race, where both attackers and defenders are continuously evolving their tactics and techniques. This arms race presents several challenges and implications:

Continue reading

MAC Filtering for IP Reservation and DHCP: Pros and Cons

/ Miguel Antonio Bigueur / Leave a comment
Login

6 Minutes

Let’s face it, MAC filtering is not an effective way to combat brute force attacks against pre-shared keys. On my Access Point (AP) at home, in other words my home router, I use MAC filtering not as a security mechanism but rather as a way to assign a private IPs to a specific device’s MAC address using a method called “IP Reservation” with DHCP. This basically ensures the IP is reserved and ready for use on that particular device the next time it connects to the network. With that said, defeating MAC filtering in regards to cracking pre-shared keys is very doable. MACs can be masqueraded “spoofed” very easily, such as, capturing an end-user’s MAC address using a passive network scanner.

Continue reading

Mitigating DoS and DDoS: Effective Security Measures

/ Miguel Antonio Bigueur / Leave a comment

Radware

7 Minutes

Denial of Service (DoS) is a common attack method used to flood network connections with the intention to render the network server unusable. DoS attacks are typically motivated by retaliation, perhaps from a fired employee or various other reasons, including social hacktivism or cyber terrorism. Most DoS attacks target web servers by overwhelming them with SYN requests faster than the server can respond to them. DoS attacks can barrage a server by depriving it of other critical resources such as CPU, memory, and bandwidth possibly leading to a system crash.

Distributed Denial of Service (DDoS) is an advanced form of Denial of Service that employs the use of many computers located anywhere around the world where there is an Internet connection. “Malware” running on a computer is what gives the attacker remote control of the computer. When a computer is controlled in this way it is referred to as a “Zombie”. Armies of Zombie computers form what is called a “Botnet”, a large network of centrally controlled computers to perform an action, which can be malicious in nature or for valid reasons, as is the case with The Search for Extraterrestrial Intelligence (SETI), a government scientific organization.

Users of malicious Zombie computers are unaware of the control-taking place behind the scenes because the botnet malware usually masquerades itself as valid processes or it can stay hidden deep within the system undetected.

Continue reading

Cloud Computing: Benefits, Risks, and Deployment Models

/ Miguel Antonio Bigueur / Leave a comment
Cyber-Security-(2)

20 Minutes

Computer networks are more advanced today than ever. More and more users are demanding greater access to these systems and as a result administrators are tasked with the dilemma of securing these highly complex networks. Many systems at one time had the luxury of relying on basic firewall implementations, which consisted of IP filtering and port blocking. In todays society this is no longer an option.

As today’s computer network systems advance, so do the intruder’s methods who wish to wreak havoc upon them. One such advancement in network security is the implementation of an IDS/IPS (Intrusion Detection System/Intrusion Prevention system). An IDS/IPS is a great addition to any unified threat management system, which can help thwart off an attacker’s advance or slow them down long enough to initiate alternative security measures. This paper will also explore the costs savings of outsourcing computing resources in conjunction with the security benefits and/or security vulnerabilities associated with doing so.

Continue reading