REVIEW ON RISING RISKS AND THREATS IN NETWORK SECURITY

Transcription

1 REVIEW ON RISING RISKS AND THREATS IN NETWORK SECURITY Babul K Ladhe 1, Akshay R Jaisingpure 2, Pratik S Godbole 3, Dipti S Khode 4 1 B.E Third Year, Information Technology JDIET, Yavatmal ladhebabul23@gmail.com 2 B.E Third Year Information Technology JDIET, Yavatmal startakky@gmail.com 3 B.E Third Year Information Technology JDIET, Yavatmal psgodbole82@gmail.com 4 B.E Third Year Information Technology JDIET, Yavatmal dk031292@gmail.com ABSTRACT This paper presents recent trends and practices in security to handle the rising risks and threats in the area of Network security in today s digital era the various attacking tools is available in internet for surfing and spoofing. This paper proposes a security tools that will help to end user to secure their system more conveniently. This will be beneficial to institution, industrialists and students who incline towards research and development in the area of data mining in network security this paper include various attack that can harm our system Securing the network is the major challenge in this information era from the various types of network threats and attacks to stop those attack we introduce firewall,net-protector etc various protocols The knowledge about these attacks is acquired from the huge volume of network data with data mining tools.data mining tools is used to decrypt the code using secret key cryptography for packet capturing in network data mining tools is used. In this paper our main focus is on various attacks that intruders used nowadays and second one is how we secure our data from those. Here we are using opportunistic computing to secure our data Intruder s mainly keep their eyes open and see which port is free and then they found some loopholes and inject some virus,worms via remotely. Keywords: Firewall, Spoofing, Eavesdropping, Masquerading, Spyware INTRODUCTION In this digital age, we can t imagine the world without communication. The human beings need to exchange information for various purposes. Securing the communication is a vast challenge due to the raising threats and attacks against network security. The threats are classified based on their behaviour such as leakage: unauthorised access of information present on network. Tampering: modifying the information without permission of the user. Vandalism: making malfunction over a normal execution of a system. The various types of attacks such as eavesdropping: collecting the duplicate information without obtaining permission to the admin. Masquerading: making conversation using through others identity without permission of others. Message tampering: modifying an d altering the information while travel on the communication media. Man-in-the-middle attack: is a one type of message interfering in which an attacker interrupt the very first message in an exchange of encrypted keys to establish a secure channel. The attacker substitutes compromised keys that enable them to decrypt subsequent messages before reconfiguring them in the correct keys and passing. For securing our huge database firewall is placed on network firewall works as a barrier in network one he checks the incoming information if he found something wrong he redirect s or cancel request. In end point security antivirus is placed he works same as firewall but as a small scale huge firewall contains racks and those racks contain hardware part that link up with network. Attacks are possible engage if someone leaks information about bank details or response over mail actually fake mail are send to the victim. What is Network Security? Network security refers to any activities designed to protect your network. The network administrator plays an important role here he continuously checks the error in network his responsibility is to secure network. Network security. Network security is included in enterprises, organizations and many other types of institutions. The most common and simple way to secure our network resource is assigning a unique name or password. The system

2 administrator implements the security policy, network software and hardware and he restricts the unauthorized access. The role of layers in networking plays a huge role for security various protocols has been developed for those layers. The layers work together to increase the overall security of the computer network. Network is very vast so it is possible sometime someone found some breaches into it. Sometime security component is used to protect our network infrastructure. How does Network Security work? Network security contents a part of software and hardware. The software must be constantly updated and used to protect networks. A network security system usually consists of several components. Ideally, all components work together, which reduce maintenance and improves security. Anti-virus and anti-spyware Firewall, to block unauthorized access to your network Intrusion prevention systems (IPS), to identify fast-spreading threats in network Virtual Private Networks (VPNs), to provide secure tunnel for connection Anti Virus VPNs Network Firewall IPS Fig-1: Network component Antivirus and anti-spyware Antivirus is a software and it is used to protect our system by some external error. Anti-virus is a special kind of software it works as a spy continuously watching over network and if he found some inauspiciou s activity he just cleaned and deletes that data. Various kind of anti-virus is used today some are free and some are paid but now a day s bypassing a anti-virus is easy so anyone who have knowledge about networks and hacking can easily crack it s only disadvantage of our human invention. Firewall Firewall is the network security component that controls the incoming outgoing network traffic. A Firewall set as a barrier between a trusted network and an external network.firewall technology emerged in the late 1980s when the internet is a fairly new technology As year increase number of internet user increase and number of garbage data increase in network so to protect from those data firewall concept is developed. IPS Intrusion Prevention System Intrusion Prevention System (IPS) is also knows as Intrusion Detection System (IDS) are the network security components that monitor the network. The main work of IPS is to identify the malicious activity log information. An IPS can also correct Cyclic Redundancy Check (CRC).

3 Virtual Private Network VPN as a private network across a public network such as a internet. A VPN is created by establishing a virtual point-to-point connection by virtual tunnelling protocol. Virtual private network done by secure way during the connection it provide a secure path and information exchange through these path and it can t be easily hack because tunnelling is so secure that the own network can t track the IP address. Attack s involved in Network In network various attacks involved attacks are structured, unstructured, internal, and external attack Attacker mainly used these technique to harm our network Attacker form s a group and they attack in b unch so cost off damage is increase and they totally collapsed network infrastructure. Viruses, Worms and Trojan horses. Eavesdropping ARP spoofing Denial of service attacks Man in the middle attack Ping of Death Virus,worms and trojan horse DOS attack Network infrastructure Eavesdropping ARP spoofing Fig-2: Attacks on Networks Viruses, Worms, and Trojan horse A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Virus also replicates themselves. Worms are very similar to viruses in that they are computer programs that replicate functional copies of themselves. A Trojan horse is a program that does something undocumented which the programmer intended, but that users would not accept if they knew a bout it. By some definitions, a virus is a particular case of a Trojan horse. Eavesdropping: Eavesdropping is a collecting the replica information without obtaining permission to the arbiter. Eavesdropping is the unauthorized real-time interception of a private communication, such as a phone call, instant message, and videoconference or fax transmission. The term eavesdrop derives from the practice of actually standing under the eaves of a house, listening to conversations inside. ARP Spoofing:

4 ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network (LAN). Generally, the aim is to correlate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic intended for that IP address to be sent to the attacker instead. The attack can only be used on networks that make use of the Address Resolution Protocol (ARP), and are limited to local network segments. Man-in the middle attack: Man-in-the-middle attack is a one type of message interfering in which an attacker interrupt the very first message in an exchange of encrypted keys to establish a secure channel. The attacker substitutes compromised keys that enable them to decrypt subsequent messages before reconfiguring them in the correct keys and passing them on. A man-inthe-middle attack can succeed only when the attacker can impersonate each endpoint to the satisfaction of the other it is an attack on mutual authentication (or lack thereof). Most cryptographic protocols consist of some form of endpoint authentication specifically to prevent MITM attacks. Denial of Services: It makes the transmission channels and systems as busy as possible by sending garb age data for denying the service. A Denial-of-service Attack (DOS Attack) is an attempt to make a computer resource unavailable to its anticipated users. Although the means to bring out, motives for, and targets of a DOS attack may differ, it generally consists of the determined efforts of a person or people to avoid an Internet site or service from functioning efficiently or at all, temporarily. Ping of Death: A ping of death is a type of attack on a computer that involves sending a malformed or otherwise malicious ping to a computer. A correctly formed ping message is typically 56 bytes in size, or 84 bytes when the Internet Protocol [IP] header is considered. Many computer systems could not properly handle a ping packet larger than the maximum IPv4 packet size of 64mb. Larger packets could crash the target computer. In recent years, a different kind of ping attack has become widespread ping flooding simply floods the victim with so much ping traffic that normal traffic fails to reach the system. It constitutes a basic denial-of-service attack. CONCLUSION In this paper we explored and analyzed the various challenges of threats and attacks in networks in this recent era, various network sniffing, snooping tools for capturing the network data and log data for analysis and learning, various network component is set for protected our network various big firewall is set in institution campus. Tools that can be freely downloaded from the Internet enable even novice hackers to perpetrate MITM attacks that cause important loss to victims. Existing Web security mechanisms, such as SSL and server certificates, in theory protect users from such attacks. Various Security Components are used to protect our Network from outsider or insider attack.

5 REFERENCES [1] T.-H. Lin, C.-Y. Lin, and T. Hwang, Manin-the-Middle Attack on Quantum Dialogu with Authentication Based on Bell States, International Journal of Theoretical Physics, pp. 1 5,2013. [2] Z. Tan, P. Nanda, R. P. Liu, A. Jamdagni, and X. He, A System for Denial-of-Service. Attack Detection Based on Multivariate Correlation Analysis, IEEE Transactions on Parallel and Distributed Systems, vol. 99, no. 1, p. 1, [3] U. Banerjee, A. Vashishtha, and M. Saxena, Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection, International Journal of Computer Applications, vol. 6, no. 7,pp. 1 5, Sep [4] what is network security. [5] Dr.Asir Antony Gnaana Singh, E.Jebamalar Leavline Data Mining in Network Security - Techniques & Tools: A Research Perspective, Journal of Theoretical and Applied Information Technology 20 November Vol.57 No.2