How To Secure An Online Exam System Using A Firewall

Transcription

1 Abstract: Secure Online Examination Management System Using Firewall Settings N.Sendhil Kumar 1 Agarapu Raghavendra 2 Head of Department MCA Scholar Theoretical: Online Examination System is a product arrangement, which permits an organization or establishment to mastermind, lead and oversee examinations by means of an online domain. This could be possible through the Internet, Intranet also, or Local Area Network situations. In this paper propose a framework that gives security to enhance line Examination by using DMZ Concept in firewall innovation. This examination paper, examine the execution of online exam concerning the security gave by the firewall innovation. This paper closes that by enhancing the security framework utilizing a firewall that can be joined into the proposed framework to satisfy the test of online examination framework. We proposed a framework utilizing firewall innovation to screen applicants and control system parcels of all machines joining the username and secret word for confirmation. This paper gives a review of online Examination System utilizing firewall innovations. key words: Firewall, Network security, Online examination framework, Firewall security I. INTRODUCTION Department of Master of Computer Applications Sri Venkateswara College of Engineering and Technology Chittoor Online Examinations, now and then alluded as e-examinations, are the examinations led through the web or in an intranet (if inside the Organization) for a remote hopeful (s). Online examination framework is intended for colleges, schools, universities and notwithstanding Banking, Government for enrollment purposes. Today numerous associations are directing online examinations overall effectively and produce the outcomes in online. Online Examination System is utilized for directing online target test; the test will be altered such that framework will have robotized checking of answers in light of the client collaboration. Exam System is extremely valuable for Educational Institute to plan an exam, safe the time that will take to check the paper and plan imprint sheets. Online Examination System (OES) is a Multiple Choice Questions (MCQ) taking into account examination framework that gives a simple to utilize environment for both Test Conductors and Stu imprints showing up for Examination. This framework is secure data is given to client. The greater part of the examinations issue comes about as the applicant complete the examination, when there is an answer handling module additionally included with the framework. Competitor is given a constrained time to answer the inquiries and after the time expiry the answer paper is crippled consequently and answers sent to the inspector. The analyst will assess answers, through robotized procedure and the outcomes will be sent to the hopeful through or made accessible in the site. The framework is ISSN: Page 185

2 comprising of an online server with a database office. Database it contains User data and confirmation for the Examination. This server is arranged with legitimate efforts to establish safety. Customers (hopefuls) can interface through the web with a web program (Eg: Internet Explorer, Mozilla Firefox and so on) or Intranet or utilizing a little application as a part of customer framework to interface the server and take the examination. Analysts also can unite to the server through the web or through the intranet for setting up papers and to do other related undertakings. The framework ought to be planned in as a secured framework applying security measures. Uncommon exemption taking care of component ought to be set up to stay away from framework slips. In the event of situations where information trustworthiness can be traded off, measures ought to be taken to guarantee that all progressions are made before framework is closed down. [One of the defensive systems under genuine thought is the Firewall. A firewall is one of the defensive systems to secure a system which is utilized for directing the safe online examination utilizing web and intranet. It is chiefly utilized for to keep away from the inward and outer system movement and to evade the Outer Ethical programmers for assault the system [7]. Firewalls are getting to be more advanced by the day, and new highlights are always being included, so, regardless of the reactions made of them and Developmental patterns debilitating them, they are still a capable defensive mechanism. private systems associated with the Internet, particularly intranets. All messages entering or leaving the intranet go through the firewall, which analyzes every message furthermore, obstructs those that don't meet the predetermined security criteria. On the off chance that your PC is associated with the Internet, you are a potential focus to a cluster of digital dangers, for example, programmers, key lumberjacks, and Trojans that assault through unmatched security openings. This implies that in the event that you, as the vast majority shop and bank on the web, are defenseless against data fraud and different vindictive assaults. A firewall functions as a boundary, or a shield, between your PC and the internet. When you are joined to the Internet, you are continually sending and getting data in sm all units called parcels. The firewall channels these bundles to check whether they meet certain criteria set by a progression of guidelines and from there on squares or permits the information. Thusly, programmers can't get inside and take data, for example, ledger numbers and passwords from you. II. NEED OF FIREWALL A firewall is a framework intended to avert unapproved access to or from a private system. Firewalls can be executed in both equipment and programming, or a mix of both. Firewalls are much of the time used to forestall unapproved Internet clients from getting to Fig 1 Firewall with network security ISSN: Page 186

3 III. ATTRIBUTES OF FIREWALL: A.FIREWALL CAPABILITIES A firewall characterizes a solitary stifle point that keeps unapproved clients out the ensured system. A firewall gives an area to checking security-related occasions. Reviews and alerts can be actualized on the firewall framework. A firewall is an advantageous stage for a few Internet capacities that are not security related. A firewall can serve as the stage for IPSec. Utilizing the passage mode ability, the firewall can be utilized to actualize virtual private system. B. DESIGN GOALS All activity from inside to outside, and bad habit verse, must go through the firewall. Only approved activity, as characterized by the nearby security approach, will be permitted to pass. The firewall itself is resistant to infiltration. This infers the utilization of a trusted framework with a protected working framework. C.METHODS OF CONTROL IN FIREWALL User control: Only approved clients are having admittance to the opposite side of the firewall. Access control: The entrance over the firewall is limited to specific administrations. An administration is described e.g. by IP address and port number. Behavior control: For an application, the permitted use situations are known. E.g. channels for connections (infection uprooting). Direction control: Different principles for activity into the Intranet and active movement to the Internet can be defined. IV. SORTS OF FIREWALL For the general client, you can put firewalls into two straightforward classes: equipment and programming. Equipment firewall can be obtained as a stand-alone item but at the same time are normally discovered in switch, and ought to be viewed as an imperative piece of your framework and system set-up. You can connect more PCs to the switch, and each will be ensured by the firewall that is a piece of the switch. A product firewall is one like Zone Alarm. You introduce it on your PC, and it will conceal open ports, divert approaching assaults, and caution you about suspicious active activity. For included security, you can have a programming firewall on every PC that sits behind the switch. An assailant would need to be exceptionally stop mined to overcome your switch's firewall and your product firewall! A.COMMON FIREWALL TECHNIQUES Firewalls are utilized to ensure both home and corporate systems. An average firewall program or equipment gadget channels all data getting through the Internet to your system or PC framework. There are a few sorts of firewall methods that will keep conceivably hurtful data from overcoming. B.PACKET FILTER An essential firewall utilizes parcel separating switches. The switch applies an arrangement of principles to every approaching IP bundle and after that advances or disposes of the parcel. It is normally intended to channel bundles going in both bearings. Separating guidelines are in light ISSN: Page 187

4 of fields in the IP or transport header, including source and destination IP addresses and TCP or UDP port numbers. The channel is situated up as a rundown of standards to figure out if to allow or piece a bundle. At the point when a parcel comes, the switch checks whether it coordinates one of the standards. The guidelines are checked from top to base on the rundown. In the event that a tenet is coordinated, then the standard is conjured. Something else, a default activity is called. C.APPLICATION GATEWAY An application-level portal is likewise called an intermediary server. The client contacts the door utilizing a TCP/IP application and the portal approaches the client for the name of the remote host to be gotten to. At the point when the client reacts and gives a substantial client ID and confirmation data, the portal contacts the remote host and transfers the application information between the two endpoints. On the off chance that the passage does not actualize the intermediary code for a particular application, the administration is not bolstered and can't be sent over the firewall. The passage can be designed to backing just particular application. D.CIRCUIT-LEVEL GATEWAY A circuit-level entryway does not grant an endto-end TCP association. The portal sets two TCP associations, one in the middle of itself and a TCP client on an inward host and one in the middle of itself and a TCP client on an outside host. The firewall catches TCP associations being made to a host behind it a d finishes the handshake for the benefit of this host. The security capacity comprises of figuring out which association will be permitted. Once the two associations are secured, the entryway ordinarily won't exam the TCP fragment. A regular utilization of circuit-level entryway is in a circumstance in which the inside clients are trusted. At that point the door can be designed to bolster circuit-level capacities for outbound associations and intermediary benefit on inbound associations (i.e., check approaching information yet not outgoings information). E.PROXY SERVER A Proxy is a focal machine on the system that permits different machines in that system to utilize an imparted Web association. Intermediary servers are middle servers which acknowledge demands from customers and forward them to other intermediary servers, a source server, or administration the solicitation from their own particular store. The intermediary is additionally called "server" or 'passage'. Intermediary permits clients on a system to peruse the Web, send records over FTP, and work with E -mail and other Internet administrations. A Firewall Proxy gives Internet access to different PCs on the system yet is generally conveyed to give wellbeing or security. It controls the data going in and out the system. Firewalls are regularly used to keep the system protected and free of gatecrashers and infections. Firewall intermediary servers channel, store, log, and control appeals originating from a customer. A firewall intermediary is one that is utilized for limiting associations from an intermediary to the outside world or to the source server within the LAN. This is not quite the same as a customary firewall, in that a ordinary firewall limits associations originating from the outside world. [V. INTERRUPTION DETECTION SYSTEM An interruption location framework (IDS) is intended to screen all inbound and outbound system action furthermore, recognize any suspicious examples that may show a system or framework assault from somebody endeavoring to break into or bargain a framework. IDS is ISSN: Page 188

5 thought to be an aloof checking framework, since the fundamental capacity of an IDS item is to caution you of suspicious movement occurring not anticipate them. An IDS basically audits your system activity and information and will recognize tests, assaults, misuses and other vulnerabilities. IDSs can react to the suspicious occasion in one of a few ways, which incorporates showing an ready, logging the occasion or notwithstanding paging a chairman. Now and again the IDS may be provoked to reconfigure the system to lessen the impacts of the suspicious interruption. A.INTRUSION DISCOVERY CAPACITIES INCORPORATE Monitoring and examining both client and framework exercises Analyzing framework arrangements and vulnerabilities Assessing framework and document honesty Ability to perceive designs average of assaults Analysis of unusual action designs Tracking client approach infringement B.VIRTUAL PRIVATE NETWORK (VPN) A Virtual Private Network (VPN) is a system innovation that makes a protected system association over an open system, for example, the Internet or a private system possessed by an administration supplier. Substantial companies, instructive organizations, and government offices use VPN innovation to empower remote clients to safely unite with a private system. A VPN can interface numerous destinations over an extensive separation simply like a Wide Area System (WAN). VPNs are regularly used to stretch out intranets worldwide to scatter data and news to a wide client base. Instructive establishments use VPNs to associate grounds that can be disseminated across the nation or around the globe. Keeping in mind the end goal to obtain entrance to the private system, a client must be validated utilizing an exceptional ID furthermore, a secret key. A validation token is frequently used to get entrance to a private system through an individual recognizable proof number (PIN) that a client must enter. The PIN is an extraordinary validation code that progressions as per a particular recurrence, typically at regular intervals or thereabouts. A VPN lives up to expectations by utilizing the imparted open foundation while keeping up protection through security techniques and burrowing conventions, for example, the Layer Two Tunneling Protocol (L2TP). As a result, the conventions, by scrambling information at the sending end and unscrambling it at the less than desirable end, send the information through a "passage" that can't be "en tered" by information that is not appropriately scrambled. An extra level of security includes scrambling the information, as well as the beginning and accepting system addresses. C.NAT (NETWORK ADDRESS TRANSLATION) System Address Translation (NAT) is the process where a system gadget, typically a firewall, allots an open location to a PC (or gathering of PCs) inside a private system. The primary utilization of NAT is to limit the quantity of open IP addresses an association or organization must use, for both economy and security purposes. D.DMZ (NEUTRAL GROUND) A DMZ (neutral ground) is a calculated system outline where freely open servers are put on a different, disengaged system fragment. The proposition of a DMZ is to guarantee that freely accessible servers can't contact other interior system portions, if a server is traded off. A Firewall is especially important in DMZ execution, since it is in charge of guaranteeing ISSN: Page 189

6 [ SSRG International Journal of Computer Science and Engineering (SSRG-IJCSE) volume 2 issue 5 May 2015 that fitting approaches are set up to shield nearby systems from the DMZ, while keeping up openness to the DMZ. In a DMZ design, most PCs on the LAN run behind a firewall associated with an open system like the Internet. One or more PCs additionally run outside the firewall, in the DMZ. Those PCs on the outside capture movement and agent demands for whatever remains of the LAN, including an additional layer of assurance for PCs behind the firewall. [7] [8] Borromeo, R.M.H., Online exam for distance educators using moodle, Educational Media (ICEM), 2013 IEEE 63rd Annual Conference International Council for DOI: /CICEM Publication Year: 2013, Page(s): 1 4. [9] Gupta, P.K., Mobile examination system, Parallel Distributed and Grid Computing (PDGC), nd IEEE International Conference on DOI: /PDGC ,Publication Year: 2012, Page(s): VI. CONCLUSION In this paper predominantly centered around to Conduct an Online Examination System in more secure way utilizinga Equipment firewall. The DMZ is an one of the fundamental idea in a Hardware Firewall and their use in upgrading security in online Examination framework. The neutral territory is a limited Zone in system. It is mostly utilized for to keep the Online Examination System servers in this Zone for system assurance and to evade the Internal furthermore, External system activity and to maintain a strategic distance from the Internal and External Hackers and to give more secured validated framework to the examination REFERENCES [1] [2] Chi-Chien Pan et al, Secure online examination architecture based on distributed firewall, e-technology, e-commerce and e-service, 2004 IEEE International Conference on, March 2004, [3] [4] [10] Ullah, A. ; Hannan Xiao ; Lilley, M. ; Barker, T., Usability of profile based student authentication and traffic light system in online examinations, Internet Technology And Secured Transactions, 2012 International Conference for Publication Year: 2012, Page(s): [11] Ruhnow, M. ; Kohser, J. ; Bley, T. ; Boschke, E. ; Bulst, M. ;Wegner, S., Robust multi -parametric sensor system for the online detection of microbial bio films in industrial applications Preliminary examinations, Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), 2014 IEEE Ninth International Conference on, Publication Year: 2014, Page(s): 1-4 [12] Jani, H.M., Benefiting from online mental status examination system and mental health diagnostic system, Information Sciences and Interaction Sciences (ICIS), rd International Conference on,publication Year: 2010, Page(s): [13] SweZinHlaing, An Authenticated Paradigm for Mobile Agent System in Online Examination, Computer Engineering and Technology, ICCET '09. International Conference on,volume: 2, 2009, AUTHOR PROFILE N.Sendhil Kumar is currently Head of the Department of MCA in SVCET, Chittoor. He has the total teaching experience of 14 Years. His area of Interest is Visual Programming Techniques and Java Programming [5] BhagyashriKaiche et al, Online Descriptive Examination and Assessment System, International Journal of Emerging Technology and Advanced Engineering, Volume 4, Issue 3, March [6] ISSN: Page 190

7 Agarapu Raghavendra is currently MCA Scholar in SVCET. He finished his UG Degree in His area of Interest is Mobile Computing and Data Mining ISSN: Page 191