Major Project

Endpoint Security

Endpoint security can be defined as the procedure to guarantee the security of networks. It happens by securing a person's devices that are connected to the networks (Yoo, 2018). Another way to define it is a branch of cybersecurity that ensures the security of endpoints and entry points from being attacked and targeted by hackers. It is also advised for corporations to use various endpoints to ensure the safety of their data (Kamruzzaman et al., 2022).

There are some complications and threats that can occur in endpoint security. For instance, ransomware is malware that attacks the files within the device, which causes the systems to be inaccessible. The majority of the time, cybercriminals would blackmail their target to pay them. Email phishing is when a victim is deceived into entering a link, which will get them hacked. Vulnerabilities exploit, also called "zero day attack, " are undetected software cyber criminals use. The reason it is named "zero day attack" is due to the fact that when the target notices the threat, it is already too late to be fixed. This threat mainly targets governments, agenesis, companies, and people who hold sensitive information and data (Kamruzzaman et al., 2022).

According to Slate (2018), organisations that are based on endpoint security are most likely to develop solutions related to this matter. Slate also suggests using artificial intelligence and the cloud to discover and track any dangers that may occur. The reason is that the common security tools are unable to identify unknown patterns. Therefore, using AI can increase the ability to detect and discover patterns that go unnoticed by common tools and the human eye. At the same time, the cloud would support the computer by transferring and supplying it with enough power to operate the AI algorithms. The cloud would also provide real-time analysis and monitoring, location independence, and fast alert systems.

Endpoint Attacks and Defences:

1-   Ransomware:

Malware is used to encrypt data on a device rendering the systems and files pointless. In order to obtain your data back, the attacker will demand payment and threaten to wipe out or publish the victim's files. This type of attack mainly targets businesses in exchange for their valuable data.

 

2-   Email Phishing:

An attack happens by stealing the victim's sensitive data and information. It can occur when a victim is deceived into entering a URL sent by email containing malware ready to be installed into the device. The hackers usually use the victim's school or organisation or use the same logos, signatures, and phasing to make the email seem legitimate to them.

 

3-Zero Day Attack:

It is a hidden security or software flaw that the hacker will exploit. The reason for its name is that by the time the victims become aware of the attack; there will be zero days to fix it. These attacks usually go to governments, huge organisations, and people who possess sensitive data. The zero-day attack is usually successful since it is an unknown security flaw, and no measures were taken to prevent it.

4-Drive-by-Downloads:

A drive-by-download unintended harmful code or program is downloaded into the victim's device. This attack can occur when an attacker takes advantage of unprotected apps, operating systems, and web browsers. A drive-by-download is considered a forced attack since the user is unaware of the harmful code or program. 

(Kamruzzaman, et al,. 2022) 

Reference List: 

Yoo, S.J., 2018. Study on Improving Endpoint Security Technology. Convergence Security Journal, 18(3), pp.19-25.  Available at: 정보보증논문지 (koreascience.kr). [Last Accessed 13th of April 2023]

Kamruzzaman, A., Ismat, S., Brickley, J.C., Liu, A. and Thakur, K., 2022, December. A Comprehensive Review of Endpoint Security: Threats and Defenses. In 2022 International Conference on Cyber Warfare and Security (ICCWS) (pp. 1-7). IEEE. Available at: A Comprehensive Review of Endpoint Security: Threats and Defenses | IEEE Conference Publication | IEEE Xplore. [Last Accessed 13th of April 2023]

Slate, S., 2018. Endpoint Security: An Overview and a Look into the Future. Lat. Am. Polit. Hist, pp.9780429499340-15. Available at: Microsoft Word - Sam Slate Security Final Paper - Endpoint Security- An Overview and a Look into the Future.docx (tufts.edu). [Last Accessed 13th of April 2023]