AUTHENTICATION

VULNERABILITY
In cybersecurity, a vulnerability is a weakness or flaw in computer systems, software,
hardware, or organizational processes that can be exploited by cybercriminals to gain
unauthorized access, steal data, or disrupt operations.

Vulnerability Assessment?

A vulnerability assessment is a procedure that is employed in an information system

to determine and rate potential risks. It seeks to identify vulnerabilities that can be
leveraged by an attacker to compromise the system and to employ tools and
techniques that ensure that data confidentiality, integrity, and availability are
achieved.

Importance of Vulnerability Assessments

 Preventing Data Breaches : Directing single and exclusive attention to every

risk in line with time and noticing the recurrent threats so as to treat them before
they bring about expensive security invasions.
 Ensuring Regulatory Compliance : Conformity to the laws and evasion of
the law.
 Managing Risks: Risk priority and risk control to improve the general
shareholder's risk evaluation .
 Enhancing Security Posture : Periodic evaluations enhance security by
making provisions of security to cater for emerging threats.
 Cost-Effective Security : This solution lowers the expensive costs
associated with security incidents that occur when the vulnerabilities are not
tended to as soon as they are identified.

Intrusion Detection System (IDS)

Intrusion is when an attacker gets unauthorized access to a device, network, or

system. Cyber criminals use advanced techniques to sneak into organizations without
being detected.
Intrusion Detection System (IDS) observes network traffic for malicious transactions
and sends immediate alerts when it is observed. It is software that checks a network
or system for malicious activities or policy violations.

Common Methods of Intrusion

 Address Spoofing: Hiding the source of an attack by using fake or unsecured
proxy servers making it hard to identify the attacker.
 AUTHENTICATION

 Fragmentation: Sending data in small pieces to slip past detection systems.

 Pattern Evasion: Changing attack methods to avoid detection by IDS systems
that look for specific patterns.
 Coordinated Attack: Using multiple attackers or ports to scan a network,
confusing the IDS and making it hard to see what is happening.

Intrusion Prevention System (IPS)

Intrusion Prevention System is also known as Intrusion Detection and Prevention

System. It is a network security application that monitors network or system activities
for malicious activity. Major functions of intrusion prevention systems are to identify
malicious activity, collect information about this activity, report it and attempt to block
or stop it.

The Benefits of Intrusion Prevention Systems

An intrusion prevention system comes with many security benefits:

 Reduced business risks and additional security

 Better visibility into attacks, and therefore better protection

 Increased efficiency allows for Inspection of all traffic for threats

 Less resources needed to manage vulnerabilities and patches

Classification of Intrusion Prevention System (IPS):

Intrusion Prevention System (IPS) is classified into 4 types:

1. Network-based intrusion prevention system (NIPS):

It monitors the entire network for suspicious traffic by analyzing protocol activity.

2. Wireless intrusion prevention system (WIPS):

It monitors a wireless network for suspicious traffic by analyzing wireless
networking protocols.
 AUTHENTICATION

3. Network behavior analysis (NBA):

It examines network traffic to identify threats that generate unusual traffic flows,
such as distributed denial of service attacks, specific forms of malware and policy
violations.

4. Host-based intrusion prevention system (HIPS):

It is an inbuilt software package which operates a single host for doubtful activity
by scanning events that occur within that host.

AUTHENTICATION
In cybersecurity, authentication is the process of verifying a user's, device's, or system's
identity to ensure they are who they claim to be, granting access to sensitive systems
and data. It involves providing evidence, such as passwords (knowledge factor),
security tokens (ownership factor), or fingerprints (inherence factor), to match stored
credentials in a security system

How Authentication Works

1. Identity Claim:
A user or device attempts to access a system.

2. Credential Presentation:
The user provides credentials, such as a username and password, a security token, or
a biometric scan.

3. Verification:
The system compares these credentials against a stored database to confirm the
identity.

4. Access Granted:
If the credentials match, the user or device is authenticated and granted access to the
system or network.

Levels of Authentication
 Single-Factor Authentication (SFA): Uses only one factor, most commonly a
user ID and password combination.
 AUTHENTICATION

 Two-Factor Authentication (2FA): Requires two different types of factors, like a

password and a code from a mobile device.

 Multi-Factor Authentication (MFA): Uses three or more factors, providing a much

higher level of security than SFA or 2FA.

USER AUTHENTICATION METHODS

User authentication methods are techniques used to verify the identity of a user before
granting access to systems, networks, or applications. They ensure that only authorized
individuals can access sensitive data or resources. Here are the main user authentication
methods:

1. Knowledge-Based Authentication (Something You Know)

 Passwords / PINs – Most common method, but vulnerable to guessing, phishing, or

brute-force attacks.
 Security Questions – Personal questions (e.g., mother’s maiden name), but often
insecure as answers can be guessed or found online.

2. Possession-Based Authentication (Something You Have)

 One-Time Passwords (OTPs) – Sent via SMS, email, or authenticator apps.

 Smart Cards / Access Cards – Physical cards with embedded chips.
 Security Tokens – Hardware or software devices generating time-based codes.

3. Inherence-Based Authentication (Something You Are)

 Biometrics – Unique physical/behavioral traits:

o Fingerprint scanning
o Facial recognition
o Iris/retina scanning
o Voice recognition
o Hand geometry
 More secure, but raises privacy and accuracy concerns.

4. Location-Based Authentication (Somewhere You Are)

 Uses geolocation or IP address to verify the user’s location.

 Example: Blocking login attempts from suspicious or unusual regions.
 AUTHENTICATION

5. Time-Based Authentication (When You Are)

 Grants access only during specific times or sessions.

 Often used in corporate or exam systems.

6. Multi-Factor Authentication (MFA)

 Combines two or more authentication factors (knowledge + possession + inherence).

 Example: ATM access requires card (something you have) + PIN (something you know).
 Most secure approach as it reduces the risk of single-factor compromise.

7. Adaptive (Risk-Based) Authentication

 Uses AI/ML and behavioral analysis to assess login risk.

 Considers device, location, typing speed, browsing patterns.
 Applies stricter verification only when behavior seems unusual

Biometric Authentication Methods

1. Fingerprint Recognition

 How it works: Scans ridges and valleys on a fingertip.

 Pros: Fast, widely used (phones, attendance systems, ATMs).
 Cons: Can be spoofed with high-quality replicas; hygiene issues.
 Example: Smartphone unlock, Aadhaar biometric verification.

2. Face Recognition

 How it works: Analyzes facial features (distance between eyes, jawline, nose shape).
 Pros: Non-intrusive, quick.
 Cons: Lighting, masks, or aging can affect accuracy; privacy concerns.
 Example: Apple Face ID, airport security systems.
 AUTHENTICATION

3. Iris Recognition

 How it works: Scans unique patterns in the colored part of the eye.
 Pros: Highly accurate, stable over time.
 Cons: Expensive equipment, can be affected by glasses or reflections.
 Example: High-security facilities, border control.

4. Retina Scanning

 How it works: Maps unique patterns of blood vessels in the retina (back of the eye).
 Pros: Extremely accurate and nearly impossible to fake.
 Cons: Intrusive, requires close-up scanning; costly.
 Example: Military or government high-security systems.

5. Voice Recognition

 How it works: Analyzes vocal pitch, tone, and speech patterns.

 Pros: Convenient for phone-based authentication.
 Cons: Background noise, illness, or voice imitation can affect accuracy.
 Example: Banking helplines, virtual assistants.

6. Hand Geometry Recognition

 How it works: Measures shape, size, and length of fingers and palm.
 Pros: Reliable for physical access control.
 Cons: Less unique than fingerprints/iris; devices are bulky.
 Example: Workplace attendance, secured building entry.

7. Signature Recognition

 How it works: Captures handwriting style, speed, and pressure.

 Pros: Useful for digital document verification.
 Cons: Easy to forge; accuracy depends on writing condition.
 Example: E-signatures in banks, legal documents.
 AUTHENTICATION

8. Vein Pattern Recognition (Palm/Hand Vein Scan)

 How it works: Uses infrared light to scan unique vein patterns under the skin.
 Pros: Very secure (veins are internal and hidden).
 Cons: Expensive; less common.
 Example: High-security facilities, healthcare authentication.

9. Behavioral Biometrics

 How it works: Analyzes user behavior such as typing rhythm, mouse movements, gait
(walking style).
 Pros: Continuous authentication, hard to imitate.
 Cons: May need AI-based systems; accuracy varies.
 Example: Fraud detection in online banking