NETWORK SECURITY
AND ANTI HACKING
RESEARCH PAPER
Web application security is a branch of Information Security that deals
specifically with security of websites, web applications and web services.
We have two important areas where security is needed nowadays, i.e.
communications and e-mail. This is where anti hacking software comes in
picture. Web security can be roughly divided into three parts. First, how
are objects and resources named securely? Second, how can secure,
authenticated connections be established? Third, what happens when a
Web site sends a client a piece of executable code? Without math’s there
would be no Internet. But just as important, without mathematics, there
would be no Internet security. Mathematics plays a vital role in various
applications of web security and anti hacking like cloud computing, social
networking sites, mobile code security etc. In this paper we will work to
create awareness in cyber security and cyber crime and how we can
overcome that by making advancement in mathematical coding. In this
paper we provide a glimpse of the future and explain the implementation
of transforming from data based to identity based network security.
2012
MODY INSTITUTE OF TECHNLOGY AND SCIENCE,
LAKSHMANGARH [RAJ.]
AUTHORS:-BELLE PANDYA AND MOHINI GUPTA
AFFILIATION WITH: MITS-FET
2
ABSTRACT:
Web application security is a branch of
Information Security that deals specifically
with security of websites, web applications
and web services. We have two important
areas where security is needed nowadays,
i.e. communications and e-mail. This is
where anti hacking software comes in
picture. Web security can be roughly
divided into three parts. First, how are
objects and resources named securely?
Second, how can secure, authenticated
connections be established? Third, what
happens when a Web site sends a client a
piece of executable code?
Without maths there would be no
Internet. But just as important, without
mathematics, there would be no Internet
security. Mathematics plays a vital role in
various applications of web security and
anti hacking like cloud computing, social
networking sites, mobile code security etc.
In this paper we will work to create
awareness in cyber security and cyber
crime and how we can overcome that by
making advancement in mathematical
coding. In this paper we provide a glimpse
of
the
future
and
explain
the
implementation of transforming from data
based to identity based network security.
INTRODUCTION:-
Computer and network is the new and fast
moving technology and as such, is still being
defined and most probably will always be
“still defined .Network security involves the
authorization of access to data in a network,
which is controlled by the network
administrator. Network security is based on
these
foundations:
-
Authentication,
Authorization,
Auditing,
Confidentially,
Integrity, Availability .We have two
important areas where network security
needed now a days: - communication and
cloud computing. As emails and social
networking is a daily usage example of
cloud computing is a technology that uses
internet
and
applications
without
installations and access their personal file at
any computer with internet access, where
user chooses a assigned ID & password or
other authenticating information that allows
them access information and program within
their authority .Security over internet can be
established in three stages :-first, how
objects and resources named ,second, how
can a secure authenticated connections can
be established and third, how can we get a
secure network ? The basic way to secure
our information is by giving its unique name
and protecting it by password. But now a
days there is no simple way to establish
secure computer network. In this paper we
provide you some solutions for network
security issues and a new approach to
identity based authentication. As you can
see in this graph in last few decades’
numbers of incidents are increased so
much.Therefor we need for security and
increasing demand for security of network
will come up with some solutions that are
described in this paper.
Preventing attack is largely based on
government authority and responsibility, the
detailed knowledge needed to thwart an
attack on a cyber system to prevent damage
rests primarily with its owner.
3
FOCUS ON NETWORK SECURITY:-
The network security program emphasizes to secure a network the following background information for security helps in making correct decisions. Some areas are …
DIFFERENT TYPES OF ATTACKS
:
Spoofing, Sniffing, Mapping, Hijacking, Trojans, DOS, Social engineering.NETWORK SECURITY ARCHITECTURE: -
We need some certain skills to secure a network .we need some software’s which makes detection system stronger and replace the firewall techniques.
ENCRIPTION TECHNIQUES: We need to understand techniques to ensure Authentications, Authorization, Auditing, Confidently, Integrity, Availability.
PROTOCOL’S:- Recognize all kind of protocols like IP, ARP, ICMP, TCP, UDP, HTTP, SSH, SSL etc.
PROTECTION-DETECTION-RESPONSE: -
Security has three phase approach, protection via using anti hacking techniques, firewells, detection via using malware and spyware thread controllers and response is our new approach which we discuss later on.
VULNERABILITY TESTING: - Test all router, modem, servers, and clients to determine active applications and make sure that they should not be access publicly.
SECURITY EVALUTION: - The evolution of security is very necessary now a days .Use risk analysis to be protected and at what cost.
SECURITY PLAINING: - Prepare a security plan including security policies and conditions .Prepare a report on it.
SAFETY vs. SECURITY:-
The destination between the term safety and security is often very subtle, there is how ever a clear distinction between the two is regular market (medical, aerospace, industrial).Safety is also related to security in that the lake of security may pose a safety risk.
SAFETY: To be safe requires measures to prevent accidents.
Eg. Fire alarms, System backup’s
SECURITY: It requires measures to prevent crime, illegal activities.
Eg. Firewalls, Use of encryption
Security is a necessary but not sufficient prerequisite for achieving safety. A system without security is probably unsafe, but a system with security is not necessarily safe.
DOS ATTACKS: -
Denial of serviceattacks today are part of every internet users life .They are happening all the time and all internet users as a community have some part in creating them ,suffering from them and even loosing time and money because of them. DOS attacks do not have anything to do with breaking into computers, taking control over remote host over internet or stealing information like credit card numbers. A denial of service attack is a
4 special kind of Internet attack aimed at large websites. It is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Denial of Service can result when a system, such as a Web server, has been flooded with illegitimate requests, thus making it impossible to respond to real requests or takes. Yahoo! and e-bay were both victims of such attacks in February 2000. DOS attacks take advantages of weakness in IP protocols stack in order to disrupt internet services.
The consequences of a DOS attack are the following:-
Unusually slow network performance. Unavailability of a particular web site. Inability to access any web site.
Dramatic increase in the amount of spam you receive in your account.
IP ATTACKS: When a specific IP is specifically targeted. It auto generate requests or make so many computers access server at the same time and due to this server timed out.
SOME SOLUTIONS FOR DOS ATTACKS:-
Have Good Passwords Use Good Antiviral Products Have a Backup System
Audit and Monitor Systems and Networks
Have Training and Awareness Programs Test Your Security Frequently
Have Good Firewalls Frequent password changing Safe surfing
Frequent virus checks Email filters
Always keep a watch on the sites that your children are accessing to prevent any kind of harassment or depravation in children.
CYBERCRIME:-
We are learning about cyber crime because everybody is using computer these days .Conventional crimes like forgery extortion, kidnapping etc are being committed with the help of computers, new generation is growing up with computers and most important thing is monetary transactions are moving on the internet .There are many types of cyber crimes like –
Hacking Email bombing Data diddling Salami attacks
Denial of service attacks Virus / worm attacks Logic bombs
Web jacking
“HACKERS USES TECHNOLOGY AS HIS WEAPON”
CYBER CRIMES THREATENS NATIONAL SECURITY IN INDIA:-
Ex. Union home minister shivraj patil said that the rising level of cyber crime is an indication of an enormous thread to national security. In today’s age when everything from small gadgets
5 to nuclear plants are being operated through computers, cyber crime has assumed threatening ramifications. Cyber crimes are capable of breaching the security in the information system of vital installations. There is huge potential for damage to national security through cyber attacks. Predictions says that the 3rd world war will happen between America and China and that should be CYBER WAR .Cyber security involves protection of sensitive personal and business information through prevention, detection & response to different online attacks .
OPPONENTS BEHIND CYBER CRIMES:-
o 49% are inside employees on the internal network
o 17% come from dial-up (still inside people)
o 34% are from Internet or an external connection to another company of some sort.
MOTIVES BEHIND CYBER CRIMES:-
Money, profit
Access to additional resources Experimentation and desire to learn “Gang” mentality
Psychological needs Self-gratification Personal vengeance
Desire to embarrass the target
MYTHS ABOUT INTERNET:-
While surfing the internet most people believe that they are protected from online threads because they are cautions not to venture into anything suspicious or they have the latest tools to deal with. Although most computer users are aware of online threats, Internet security risks, and how to stay safe online, there are still many misconceptions. Here we are trying to separate fact from fictions …
I have an anti-virus so nothing can harm
me:- This is probably the single biggest myth about protecting yourself online. Most people think that as long as they have their virus-busting software in place, they can go on a mad clicking-spree all over the Web. But actually anti viruses are like Regular programs like word processors and media players, anti-virus programs need to be constantly updated.
When computers slow down, it means that
they are old and should be replaced: - It is possible that running certain programs on older computers could lead to slow performance. However, another possibility is that there are other processes or programs running in the background. If your computer has suddenly become slower, it may be have been compromised by malware or spyware, or you may be experiencing a denial-of-service attack.
My URL has HTTPS in the name, so it must be completely safe: - Just because a
URL has HTTPS (where S means secure) does not mean that site is free from malicious code that was injected. Any website can have an HTTPS URL. The owner, either criminal or legitimate, simply needs to install a self signed certificate or purchase one for pennies on the dollar.
I can only get infected if I download
files: - For those who assume that only
downloading content makes them vulnerable to cyber threats need to get facts checked. Most malware infections now occur through a “drive-by” download. Hackers inject the malicious code into the actual Web page content,
6 then it downloads and executes automatically within the browser as a by-product of simply viewing the Web page.
All above are basically myths, these are most common excuses given by the users. Be smart about what websites you visit and where you click – keep your guard up when surfing the web - and protect yourself and your PC. Install an anti-malware solution, such as Ad-Aware, to protect against viruses, spyware and many other cyber threats.
CHALLENGES FOR CYBER SECURITY:-
Explosion of computer and broadband internet availability.
Low priority of security for software developers.
Challenges of timely patching
vulnerabilities on all systems.
When most people read about Internet hacking incidents, they get the impression that these are highly complex, technical attacks that takes a genius to create. Reality is that the really smart people first come up with these highly
complex, technical attacks, but they share the information and the tools required to pull off the attack on the Internet. The “open sharing” of hacking information and tools allows individuals with minimal technical knowledge to duplicate the attack. Often, it is as easy as downloading the attack tool from the Internet and launching it against targets. You don’t need to know anything other than how to run the attack tool. The bottom line is that it doesn’t take a genius to successfully attack systems and networks, it just takes someone downloading attack tools.”
LIMITING DAMAGE DURING A SUCCESSFUL ATTACK:-
The central idea of this strategic objective is to limit damage in the trans-attack period by constructing an “incident management system”. This also implies having pre-established response options at the company, industry or national level. Several kind of responses are possible like re-authentication of all users, backing up system status, providing real-time warning to other systems and increasing the collection of forensic evidence.
IDENTITY BASED AUTHENTICATION
(A NEW APPAROCH)
It’s a quiet revolution where the concept of identity becomes as much a part of the network as IP address. By identity based authentication, we mean user will have unique key that will be a combination of numbers, symbols and alphabets. Some authorized organization will be issuing this authenticated ID number. Every time user login with this key, due to coding
7 (made with the help of permutations) behind this key, some different combination of numbers ,symbols ,alphabets will be displayed in the records of that organization that will be understood by only them . This new combination can only be decoded by that organization only.
Due to different combinations every time hacker will get confused and decoding that combination will be difficult .This will reduce cyber crime to a certain level .And its users responsibility to not to share that ID with anybody just like our bank account number or ATM pins .
According to our idea, let say we have two different users one may be employee and another may be illegal one .They are sending data to the authority ,and data will get mix-up , that means we cannot point that which one is of employee or which one is of another one . But due to the coding behind the system that setup will identify authenticated data on the basis of its identity.
MERITS:-
Limiting internet traffic. Reduce the cyber crime.
Bandwidth will no more be limited.
CONCLUSION:-
Today security problem is one of the main problems of the computer network and the internet developing .there is no simple way to establish a secure network .As security is a path not a destination. According to us network can be made more secure by adopting the identity based authentication instead of data based authentication. By adopting this method we can limit the network traffic and can reduce the cyber attacks. Be smart about what websites you visit and where you click – keep your guard up when surfing the web - and protect yourself and your PC. Install an anti-malware solution, such as Ad-Aware, to protect against viruses, spyware and many other cyber threats. With the explosion of the public internet and e-commerce, private computer and computer networks, if not adequately secured and increasingly vulnerable to damaging attacks. Hackers, viruses, vindictive employees and even human error all represent a clear and present danger to network. The security issues in our networked system as described in this paper identify some of the work that need to be done and the urgency with which concerns needs to be addressed.
“By securing a network we can just limit the damages much as possible”
REFRENCES:-
1. Network security :a process not a product paper from www.scribd.com
2. Wikipedia articles on Network security and Anti hacking
3. Study material from
www.Authorstream.com
4. Articles from www.indigoo.com
5. Security incidents data from “Cisco system”.
6. Opponents data from “Computer security institute “.
8 7. American bar association, international
cyber crime project of the ABA privacy and computer crime society.