Vulnerabilities in Von Neumann Architecture and Security Threats Explained

Vulnerabilities in Von Neumann Architecture

The system architect of the von Neumann is the way that it can allow direct memory access to the low level languages like C and C++.

If the program goes and tries to access the memory out of bound by allocating code injection to the system, it allows the system to access the memory out of the stack which causes buffer overflow and the attacker can access the other memory from the allocated stack. This way an attacker can get access to the system. Therefore von Neumann architecture is vulnerable to code injection, the effect of the buffer overflow.

Understanding Threats and Attacks

Threats

• It is a potential security violation that might exploit vulnerability of the system or assets.
• Threats can be accidental, environmental (natural disaster), human errors, human negligence.
• Different types of threats are interruption, interceptions, fabrications, and modifications.
• Intentional or unintentional
• May or may not be malicious
• Circumstances that have the ability to damage the system
• Chance to damage or information alteration varies from low to very high
• Hard to detect

Attacks

• It is an attempt to break the system or assets.
• It can be active or passive attacks.
• It can motivate intentional or unintentional
• Objective to damage the system
• The chance of damage or information alteration is very high
• Easy to detect

Examples of Threat Types

Security can be violated by many different categories, which could be the breach of confidentiality, breach of integrity, breach of availability, theft of service, and denial of service.

• Privilege escalations
• Session hijacking
• Masquerading

Program Threats and Security

Malware: it is made to destroy, disable, or exploit the system. Virus: it typically needs the host to run. It replicates itself in the system. Worm: This is also a virus but doesn't require a host to run it.

Distributed Denial of Service Attack

Distributed denial of service attack is the attack where the attacker does not want that system or service to be delivered. This attack happens by sending multiple requests from a number of systems to access the web page, service, application, or system. This request makes servers down and it gets impossible to get access to the system by different users.

Risks of Storing Passwords

Having a password in plain text makes it easy to access the password. Even if it has been in use for accessing the authorized website, but if the password is not encrypted, it is more likely to get hacked in the future. To prevent this, the password must be stored in encrypted form and it can be in hash form as well. We can also use multi-factor authentication to access the password with fingerprint or face lock, which makes it harder for hackers to hack the system. We can also use some authorized password manager which has been built in most of the browsers.

Brute Force Attack Explained

Brute force attack is the attack where a program checks every single combination of letters and digits of the password and tries to access the system one by one. By generating these passwords and trying accessing the system once, it will make a connection to the system and allows access to the system. Therefore, even if the attacker is not aware of the system, by guessing every single combination and applying it to the system to login, it will get the password without seeing it before.