NETWORK SECURITY AND ANTI HACKING
Short Description
“By securing a network we can just limit the damage as much as possible”...
Description
2012
NETWORK SECURITY AND ANTI HACKING RESEARCH PAPER Web application security is a branch of Information Security that deals specifically with security of websites, web applications and web services. We have two important areas where security is needed nowadays, i.e. communications and e-mail. This is where anti hacking software comes in picture. Web security can be roughly divided into three parts. First, how are objects and resources named securely? Second, how can secure, authenticated connections be established? Third, what happens when a Web site sends a client a piece of executable code? Without math’s there would be no Internet. But just as important, without mathematics, there would be no Internet security. Mathematics plays a vital role in various applications of web security and anti hacking like cloud computing, social networking sites, mobile code security etc. In this paper we will work to create awareness in cyber security and cyber crime and how we can overcome that by making advancement in mathematical coding. In this paper we provide a glimpse of the future and explain the implementation of transforming from data based to identity based network security.
MODY INSTITUTE OF TECHNLOGY AND SCIENCE, LAKSHMANGARH [RAJ.] AUTHORS:-BELLE PANDYA AND MOHINI GUPTA AFFILIATION WITH: MITS-FET
INTRODUCTION:-
which is controlled by the network administrator. Network security is based on these foundations: - Authentication, Authorization, Auditing, Confidentially, Integrity, Availability .We have two important areas where network security needed now a days: - communication and cloud computing. As emails and social networking is a daily usage example of cloud computing is a technology that uses internet and applications without installations and access their personal file at any computer with internet access, where user chooses a assigned ID & password or other authenticating information that allows them access information and program within their authority .Security over internet can be established in three stages :-first, how objects and resources named ,second, how can a secure authenticated connections can be established and third, how can we get a secure network ? The basic way to secure our information is by giving its unique name and protecting it by password. But now a days there is no simple way to establish secure computer network. In this paper we provide you some solutions for network security issues and a new approach to identity based authentication. As you can see in this graph in last few decades’ numbers of incidents are increased so much.Therefor we need for security and increasing demand for security of network will come up with some solutions that are described in this paper.
Computer and network is the new and fast moving technology and as such, is still being defined and most probably will always be “still defined .Network security involves the authorization of access to data in a network,
Preventing attack is largely based on government authority and responsibility, the detailed knowledge needed to thwart an attack on a cyber system to prevent damage rests primarily with its owner.
ABSTRACT: Web application security is a branch of Information Security that deals specifically with security of websites, web applications and web services. We have two important areas where security is needed nowadays, i.e. communications and e-mail. This is where anti hacking software comes in picture. Web security can be roughly divided into three parts. First, how are objects and resources named securely? Second, how can secure, authenticated connections be established? Third, what happens when a Web site sends a client a piece of executable code? Without maths there would be no Internet. But just as important, without mathematics, there would be no Internet security. Mathematics plays a vital role in various applications of web security and anti hacking like cloud computing, social networking sites, mobile code security etc. In this paper we will work to create awareness in cyber security and cyber crime and how we can overcome that by making advancement in mathematical coding. In this paper we provide a glimpse of the future and explain the implementation of transforming from data based to identity based network security.
2
VULNERABILITY TESTING: - Test all router,
modem, servers, and clients to determine active applications and make sure that they should not be access publicly. SECURITY EVALUTION: - The evolution of
security is very necessary now a days .Use risk analysis to be protected and at what cost. SECURITY PLAINING: - Prepare a security
plan including security policies and conditions .Prepare a report on it. SAFETY vs. SECURITY:-
FOCUS ON NETWORK SECURITY:-
The destination between the term safety and security is often very subtle, there is how ever a clear distinction between the two is regular market (medical, aerospace, industrial).Safety is also related to security in that the lake of security may pose a safety risk.
The network security program emphasizes to secure a network the following background information for security helps in making correct decisions. Some areas are … DIFFERENT TYPES OF ATTACKS: Spoofing,
Sniffing, Mapping, Hijacking, Trojans, DOS, Social engineering.
SAFETY: To be safe requires measures to prevent accidents.
NETWORK SECURITY ARCHITECTURE: -
Eg. Fire alarms, System backup’s
We need some certain skills to secure a network .we need some software’s which makes detection system stronger and replace the firewall techniques.
SECURITY: It requires measures to prevent crime, illegal activities. Eg. Firewalls, Use of encryption
ENCRIPTION TECHNIQUES: We need to
Security is a necessary but not sufficient prerequisite for achieving safety. A system without security is probably unsafe, but a system with security is not necessarily safe.
understand techniques to ensure Authentications, Authorization, Auditing, Confidently, Integrity, Availability. PROTOCOL’S:- Recognize all kind of protocols
like IP, ARP, ICMP, TCP, UDP, HTTP, SSH, SSL etc. PROTECTION-DETECTION-RESPONSE:
DOS ATTACKS: - Denial of service attacks today are part of every internet users life .They are happening all the time and all internet users as a community have some part in creating them ,suffering from them and even loosing time and money because of them. DOS attacks do not have anything to do with breaking into computers, taking control over remote host over internet or stealing information like credit card numbers. A denial of service attack is a
-
Security has three phase approach, protection via using anti hacking techniques, firewells, detection via using malware and spyware thread controllers and response is our new approach which we discuss later on.
3
special kind of Internet attack aimed at large websites. It is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Denial of Service can result when a system, such as a Web server, has been flooded with illegitimate requests, thus making it impossible to respond to real requests or takes. Yahoo! and e-bay were both victims of such attacks in February 2000. DOS attacks take advantages of weakness in IP protocols stack in order to disrupt internet services.
The consequences of a DOS attack are the following:
Have Good Passwords Use Good Antiviral Products Have a Backup System Audit and Monitor Systems and Networks Have Training and Awareness Programs Test Your Security Frequently Have Good Firewalls Frequent password changing Safe surfing Frequent virus checks Email filters
Always keep a watch on the sites that your children are accessing to prevent any kind of harassment or depravation in children.
Unusually slow network performance. Unavailability of a particular web site. Inability to access any web site. Dramatic increase in the amount of spam you receive in your account.
CYBERCRIME:We are learning about cyber crime because everybody is using computer these days .Conventional crimes like forgery extortion, kidnapping etc are being committed with the help of computers, new generation is growing up with computers and most important thing is monetary transactions are moving on the internet .There are many types of cyber crimes like –
Hacking Email bombing Data diddling Salami attacks Denial of service attacks Virus / worm attacks Logic bombs Web jacking
“HACKERS USES TECHNOLOGY AS HIS WEAPON”
CYBER CRIMES THREATENS NATIONAL SECURITY IN INDIA:-
IP ATTACKS: When a specific IP is specifically
targeted. It auto generate requests or make so many computers access server at the same time and due to this server timed out.
Ex. Union home minister shivraj patil said that the rising level of cyber crime is an indication of an enormous thread to national security. In today’s age when everything from small gadgets
SOME SOLUTIONS FOR DOS ATTACKS:-
4
to nuclear plants are being operated through computers, cyber crime has assumed threatening ramifications. Cyber crimes are capable of breaching the security in the information system of vital installations. There is huge potential for damage to national security through cyber attacks. Predictions says that the 3rd world war will happen between America and China and that should be CYBER WAR .Cyber security involves protection of sensitive personal and business information through prevention, detection & response to different online attacks .
OPPONENTS BEHIND CYBER CRIMES:-
o o o
myth about protecting yourself online. Most people think that as long as they have their virus-busting software in place, they can go on a mad clickingspree all over the Web. But actually anti viruses are like Regular programs like word processors and media players, anti-virus programs need to be constantly updated.
49% are inside employees on the internal network 17% come from dial-up (still inside people) 34% are from Internet or an external connection to another company of some sort.
MOTIVES BEHIND CYBER CRIMES:-
I have an anti-virus so nothing can harm me:- This is probably the single biggest
Money, profit Access to additional resources Experimentation and desire to learn “Gang” mentality Psychological needs Self-gratification Personal vengeance Desire to embarrass the target
When computers slow down, it means that they are old and should be replaced: - It is
possible that running certain programs on older computers could lead to slow performance. However, another possibility is that there are other processes or programs running in the background. If your computer has suddenly become slower, it may be have been compromised by malware or spyware, or you may be experiencing a denial-of-service attack. My URL has HTTPS in the name, so it must be completely safe: - Just because a URL has HTTPS (where S means secure) does not mean that site is free from malicious code that was injected.
Any website can have an HTTPS URL. The owner, either criminal or legitimate, simply needs to install a self signed certificate or purchase one for pennies on the dollar.
MYTHS ABOUT INTERNET:-
While surfing the internet most people believe that they are protected from online threads because they are cautions not to venture into anything suspicious or they have the latest tools to deal with. Although most computer users are aware of online threats, Internet security risks, and how to stay safe online, there are still many misconceptions. Here we are trying to separate fact from fictions …
5
I can only get infected if I download files: - For those who assume that only downloading content makes them vulnerable to cyber threats need to get facts checked. Most malware infections now occur through a “drive-by” download. Hackers inject the malicious code into the actual Web page content,
then it downloads and executes automatically within the browser as a by-product of simply viewing the Web page.
complex, technical attacks, but they share the information and the tools required to pull off the attack on the Internet. The “open sharing” of hacking information and tools allows individuals with minimal technical knowledge to duplicate the attack. Often, it is as easy as downloading the attack tool from the Internet and launching it against targets. You don’t need to know anything other than how to run the attack tool. The bottom line is that it doesn’t take a genius to successfully attack systems and networks, it just takes someone downloading attack tools.”
All above are basically myths, these are most common excuses given by the users. Be smart about what websites you visit and where you click – keep your guard up when surfing the web - and protect yourself and your PC. Install an anti-malware solution, such as Ad-Aware, to protect against viruses, spyware and many other cyber threats.
CHALLENGES FOR CYBER SECURITY:-
LIMITING DAMAGE DURING A SUCCESSFUL ATTACK:-
Explosion of computer and broadband internet availability. Low priority of security for software developers. Challenges of timely patching vulnerabilities on all systems.
The central idea of this strategic objective is to limit damage in the trans-attack period by constructing an “incident management system”. This also implies having pre-established response options at the company, industry or national level. Several kind of responses are possible like re-authentication of all users, backing up system status, providing real-time warning to other systems and increasing the collection of forensic evidence.
IDENTITY BASED AUTHENTICATION (A NEW APPAROCH) It’s a quiet revolution where the concept of identity becomes as much a part of the network as IP address. By identity based authentication, we mean user will have unique key that will be a combination of numbers, symbols and alphabets. Some authorized organization will be issuing this authenticated ID number. Every time user login with this key, due to coding
When most people read about Internet hacking incidents, they get the impression that these are highly complex, technical attacks that takes a genius to create. Reality is that the really smart people first come up with these highly
6
(made with the help of permutations) behind this key, some different combination of numbers ,symbols ,alphabets will be displayed in the records of that organization that will be understood by only them . This new combination can only be decoded by that organization only.
CONCLUSION:-
Today security problem is one of the main problems of the computer network and the internet developing .there is no simple way to establish a secure network .As security is a path not a destination. According to us network can be made more secure by adopting the identity based authentication instead of data based authentication. By adopting this method we can limit the network traffic and can reduce the cyber attacks. Be smart about what websites you visit and where you click – keep your guard up when surfing the web - and protect yourself and your PC. Install an anti-malware solution, such as Ad-Aware, to protect against viruses, spyware and many other cyber threats. With the explosion of the public internet and e-commerce, private computer and computer networks, if not adequately secured and increasingly vulnerable to damaging attacks. Hackers, viruses, vindictive employees and even human error all represent a clear and present danger to network. The security issues in our networked system as described in this paper identify some of the work that need to be done and the urgency with which concerns needs to be addressed.
Due to different combinations every time hacker will get confused and decoding that combination will be difficult .This will reduce cyber crime to a certain level .And its users responsibility to not to share that ID with anybody just like our bank account number or ATM pins .
According to our idea, let say we have two different users one may be employee and another may be illegal one .They are sending data to the authority ,and data will get mix-up , that means we cannot point that which one is of employee or which one is of another one . But due to the coding behind the system that setup will identify authenticated data on the basis of its identity.
“By securing a network we can just limit the damages much as possible”
REFRENCES:1. Network security :a process not a product paper from www.scribd.com 2. Wikipedia articles on Network security and Anti hacking 3. Study material from www.Authorstream.com 4. Articles from www.indigoo.com 5. Security incidents data from “Cisco system”. 6. Opponents data from “Computer security institute “.
MERITS:
Limiting internet traffic.
Reduce the cyber crime.
Bandwidth will no more be limited.
7
7. American bar association, international cyber crime project of the ABA privacy and computer crime society.
8
View more...
Comments