SECURITY PROBLEMS OF INFORMATION SOURCES STORED ON THE INTERNET
Keywords:
traffic analysis and scanning, prismdump, tcpdump, nmap, wireshark, scanrand, cain and abel, nessus, metasploit, aircrack-ng, wardriving.Abstract
Keeping up with the burgeoning Internet of Things (IoT) requires staying up to date on the latest network attack trends in dynamic and complicated cyberspace, and take them into account while developing holistic information security (IS) approaches for the IoT. Due to multiple vulnerabilities in the IoT foundations, many targeted attacks are continuing to evolve. This survey of related work in the very specialized field of IS assurance for the IoT develops a taxonomy of typical attacks against IoT assets (with special attention to IoT device protection). Based on this taxonomy, the key directions for countering these attacks are defined. According to the modern demand for the IoT and big IS-related data processing, we propose applying the Security Intelligence approach. The results obtained, when compared with the related work and numerous analogues, are based on the following research methodology: view the IoT as a security object to be protected, leading to understanding its vulnerabilities and possible attacks against the IoT exploiting these vulnerabilities, and from there approaches to protecting the IoT. A few areas of the future research, among which the IoT operational resilience and usage of the blockchain technology seem to us the most interesting, are indicated.
References
Jamoliddinov, Raxmatilla, and Maftuna Sultonova. "ПОТЕНЦИАЛ ИСКУССТВЕННОГО ИНТЕЛЛЕКТА В ОБЕСПЕЧЕНИИ ОБЩЕСТВЕННОЙ БЕЗОПАСНОСТИ И УМЕНЬШЕНИЯ ПРЕСТУПНОСТИ." Наука и технология в современном мире 2.18 (2023): 4-11.
Paula de M. One Man’s Trash Is... Dumpster-diving for disk drives raises eyebrows // U.S. Banker. 2004. № 114 (6). C. 12. https://search.proquest.com/docview/ 200721625.
J. Brodkin. Google crushes, shreds old hard drives to prevent data leakage // Network World. 2017. http://www.networkworld.com/article/2202487/data-center/google-crushes-shreds-old-hard-drives-to-preventdata-leakage.html.
Brandom. Russian hackers targeted Pentagon workers with malware-laced Twitter messages // The Verge. 2017. https://www.theverge.com/2017/5/18/15658300/ russia hacking-twitter-bots-pentagon-putin-election
Swanson A. Identity Theft, Line One // Collector. 2008. № 73 (12). C. 18–22, 24–26. https://search.proquest.com/docview/223219430.
Gupta P., and Mata-Toledo R. Cybercrime: in disguise crimes // Journal of Information Systems & Operations Management. 2016. C. 1–10. https://search.
a. proquest.com/docview/1800153259.
b. Gold S. Social engineering today: psychology, strategies and tricks // Network
c. Security. 2010. № 2010 (11). C. 11–14. https://search.proquest.com/docview/
787399306?accountid=45049. DOI: http://dx.doi.org/10.1016/S1353-4858(10) 70135-5.
Anderson T. Pretexting: What You Need to Know // Secur. Manage. 2010. № 54 (6). C
https://search.proquest.com/docview/504743883.
Harrison B., Svetieva E., and Vishwanath A. Individual processing of phishing emails // Online Information Review. 2016. № 40 (2). C. 265–281. https://search. proquest.com/docview/1776786039.
Каршиев У. Х. и др. ZAMONAVIY ICHKI ISHLAR ORGANI HODIMLARIDA CHET TILLARINI O’RNI VA AHAMIYATI! //INNOVATION IN THE MODERN EDUCATION SYSTEM. – 2023. – Т. 3. – №. 29. – С. 493-500.
Top 10 Phishing Attacks of 2014 – PhishMe // PhishMe. 2017. https://phishme.com/top-10-phishing-attacks-2014/. Amir W. Hackers Target Users with ‘Yahoo Account Confirmation’ Phishing
Email // HackRead. 2016. https://www.hackread.com/hackerstarget-users-withyahoo-account-confirmation-phishing-email/.
Dooley E. C. Calling scam hits locally: Known as vishing, scheme tricks people into giving personal data over phone // McClatchy – Tribune Business News. 2008. https://search.proquest.com/docview/464531113. Hamizi M. Social engineering and insider threats // Slideshare.net. 2017. https:// www.slideshare.net/pdawackomct/7-social-engineeringand-insider-threats. Hypponen M. Enlisting for the war on Internet fraud // CIO Canada. 2006. № 14 (10). C. 1. Available: https://search.proquest.com/docview/217426610.
Baxtiyor o‘g‘li, Jamoliddinov Raxmatilla. "O ‘ZBEKISTONDA REFERENDUM O ‘TKAZISHINING AKTUALLIGI." Journal of Universal Science Research 1.4 (2023): 564-567.
Duey R. Energy Industry a Prime Target for Cyber Evildoers // Refinery Tracker. 2014. № 6 (4). C. 1–2. https://search.proquest.com/docview/1530210690.
Chang J. J. S. An analysis of advance fee fraud on the internet // Journal of Financial Crime. 2008. № 15 (1). C. 71–81. https://search.proquest.com/docview/23598 6237?accountid=45049. DOI: http://dx.doi.org/10.1108/13590790810841716.
Packet sniffers – SecTools Top Network Security Tools // Sectools.org. 2017. http://sectools.org/tag/sniffers/
