Researchers Evolve New Mechanism to Improve Operating System Security

The security researchers have evolved an approach, which comprises of three elements - attack identification, isolation of the security flaw and recovery.

Albuquerque, NM (prHWY.com) January 28, 2011 - In the recent times, there has been a steady increase in the number of attacks on websites of universities, government institutions, online shopping portals, military and counter-crime agencies. Attackers identify the vulnerabilities on websites and web applications, gain access to associated databases and compromise information. Attackers also exploit flaws in networks and operating systems. Cybercriminals use sophisticated mechanisms to insert malware and execute malicious code on target computers. Data breach has multiple implications for all stakeholders. Therefore, data protection assumes high significance for continued and undisrupted business operations.

Recently, researchers at North Carolina State University (NCSU) have evolved a mechanism to enable operating systems to defend themselves against security threats. The security researchers have evolved an approach, which comprises of three elements - attack identification, isolation of the security flaw and recovery. The researchers aim at strengthening the operating systems against threats. Usually, organizations deploy advanced data loss protection mechanisms and avail services of professionals who have undergone certified ethical hacker training to strengthen the defenses against attacks. In the case of the new research conducted at the NCSU, snapshot of the operating system taken during its normal functioning will be used to retrieve back to the original state after a security breach incident. The mechanism will enable the targeted operating system to identify and isolate the attack vector.

For customers, data breach may result in compromise of sensitive personal and financial information, which may be misused by attackers to indulge in identity theft, fraud, blackmail, misrepresentation, opening of fraudulent bank and credit accounts among others. For businesses, data breach may result in compromise of privileged business information and leakage of customer information resulting in strategic, financial and reputational implications. However, many attacks require user intervention to succeed. Online computer training may help users in adopting secure computing practices, evade attack traps and reduce instances of security breaches.

Further research may result in evolvement of advanced mechanisms to protect IT infrastructure from security breaches. Regular security evaluation through penetration testing, security audit and proper implementation of the IT policy are crucial to deal with the proactive threats in the IT environment.

EC-Council provides industry training and certification for information security professionals in ethical hacking among many other specializations. "Understanding how hackers exploit these vulnerabilities is a key requirement to hardening software and hardware. That is why EC-Council focuses on ethical hacking as an approach to information security evaluation" as stated by EC-Council's Senior Director, Steven Graham. EC-Council through its Certified Ethical Hacker program has trained such information security professionals from all over the world.

ABOUT EC-COUNCIL

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences. The global organization is headquartered in Albuquerque, New Mexico.

Press Contact

Steve Graham
6330 Riverside Plaza Ln NW
Suite 210
Albuquerque, NM 87120
Steve.graham@eccouncil.org
505.341.3228

###

Tag Words: security breach, security audit, snapshot, data breach, data recovery, operating system, vulnerabilities, computer training, penetration testing

Categories: Internet

Link To This Press Release:

URL HTML Code