Synopsis presentation uu Purna Chandra Sethi

An Effective method for Network Security and Improving the Quality of Service

Submitted by : Purna Chandra Sethi

PhD Scholar

Dept. of CSA

Utkal University

Supervised by : Dr. P. K. Behera

Reader Dept CSA

Utkal University

Ph. D Synopsis Presentation

04/18/23 1/30Ph. D Synopsis Presentation (Dept. CSA), UU

Overview

• What is security?

• Why do we need security?

• What is QoS? Why QoS?

• Common security attacks

• Research Proposal

• Conclusion


What is Security?

1. Freedom from risk or danger; safety.2. Freedom from doubt, anxiety, or fear; confidence.3. Something that gives or assures safety, as:• 1. A group or department of private guards: Call building

security if a visitor acts suspicious.• 2. Measures adopted by a government to prevent interrupt or

attack.• 3. Measures adopted, by a business or homeowner, to prevent

a crime such as theft or attack: Security was lax at the firm's smaller plant.


Why do we need security?

• Protect vital information while still allowing access to those who need it– Trade secrets, medical records, etc.

• Provide authentication and access control for resources– Ex: AES

• Guarantee availability of resources– Ex: 99.999% reliability


Data Security & Network Security

04/18/23 Ph. D Synopsis Presentation (Dept. CSA), UU 5/30

Common security attacks in IPv4

• Eavesdropping • Virus• Worms• Trojans• Phishing• IP Spoofing • Denial of Service etc…


Eavesdropping

• Interception of communications by an unauthorized party is called eavesdropping.

• Passive eavesdropping is when the person only secretly listens to the networked messages.

• Active eavesdropping is when the intruder listens and inserts something into the communication stream. This can lead to the messages being distorted. Sensitive information can be stolen this way.

• Protocols defend against Eavesdropping attacks by using encryption for confidentiality.

• Eg: Man in the middle attack

04/18/23Ph. D Synopsis Presentation (Dept. CSA), UU

7/30

VIRUS

• Computer virus refers to a program which damages computer systems and/or destroys or erases data files

• Virus are self-replicating programs that use files to infect the information. Once a file is opened, the virus will activate the system.


8/30

WORM

• Worm are self‐replicating replicating in nature.

• There are two main types of worms, mass‐mailing worms and network-aware worms.

• Mass mailing worms use email as a means to infect other computers.

• Network‐aware worm selects a target and once the worm accesses the target host, it can infect it by means of a Trojan or otherwise.


Trojan Horse

• Trojan Horse is a malicious program that usually comes with monitoring tools and key loggers.

• It enters into the system with general program elements and then generates it replica.

• It can be used to control the total system by an intruder present remotely.


10/30

Phishing

• Phishing is an attempt to obtain confidential information from an individual, group, or organization.

• Phishers trick users into disclosing personal data, such as credit card numbers, online banking credentials, and other sensitive information.


11/30

IP Spoofing

• Spoofing means to have the address of the computer mirror the address of a trusted computer in order to gain access to other computers.

• The identity of the intruder is hidden by different means making detection and prevention difficult. With the current IP protocol technology, IPspoofed packets cannot be eliminated.


12/30

Denial of Service

• Denial of Service is an attack when the system receiving too many requests cannot return communication with the requestors. The main purpose of DoS is to make network service unusable, usually by overloading the server or network.

• Until the handshaking is complete, the system consumes resources. Eventually, the system cannot respond to any more requests rendering it without service.

• Many different kinds of DoS attacks

– SYN flooding

– SMURF

– Distributed attacks

etc …


Technologies for Internet Security

• Cryptographic Systems

• Firewall

• Intrusion Detection System

• Anti-Malware Software and scanners

• Secure Socket Layer

etc…


Cryptographic Systems

• It involved the use of codes and ciphers to transform information into unintelligible data.


Firewalls

• Firewall is a typical border control mechanism or perimeter defense.

• The purpose of a firewall is to block traffic from the outside, but it could also be used to block traffic from the inside.

• A firewall is the front line defense mechanism against intruders.

• It is a system designed to prevent unauthorized access to or from a private network.

• Firewalls can be implemented in both hardware and software, or a combination of both


Intrusion Detection System

• Used to monitor for “suspicious activity” on a network and Can protect against known software exploits, like buffer overflows.

• IDS systems can be software and hardware devices used to detect an attack.

• IDS products are used to monitor connection in determining whether attacks are been launched.

• Some IDS systems just monitor and alert of an attack, whereas others try to block the attack.

• Open Source IDS: Snort, www.snort.org


Anti‐Malware Software and scanners

• Viruses, worms and Trojan horses are all examples of malicious software, or Malware.

• Anti‐Malware tools are used to detect them and cure an infected system.

• Eg: Anti- virus softwares


Secure Socket Layer (SSL)

• The Secure Socket Layer (SSL) is a suite of protocols that is a standard way to achieve a good level of security between a web browser and a website.

• SSL is designed to create a secure channel, between a web browser and the web server, so that any information exchanged is protected within the secured channel.

• SSL provides authentication of clients to server through the use of certificates. Clients present a certificate to the server to prove their identity.


Security Issues of IP Protocol IPv6

1. Header manipulation issues

2. Flooding issues

3. Mobility issues


Security in different Networks

1. Firewalls that detect and report intrusion attempts

2. Sophisticated virus checking at the firewall

3. Enforced rules for employee opening of email attachments

4. Encryption for all connections and data transfers

5. Authentication by synchronized, timed passwords or security certificates


PROPOSED STATEMENT

The research proposal is based on two types of issues:

•Enhancement of Data Security by increasing the level of confidentiality.

•Improving the Quality of Service for faster and accurate data transmission.


PROPOSED STATEMENT contd…

• RSA, AES, IDEA uses single key value for encryption. Though RSA provides a good level of security, still it can be cracked.

• Multi signer key implementation by means of ring signature so that multiple keys can be generated using s single prime number shared by the group members but the identity of the key generator can be secure and it will be convertible i.e. only the actual message signer will be capable of generating the signature.

• Cross- organizational key assignment by mean of multiple key implementation at a time, so that using both the keys at a time the information can be accessed. It will work like a locker system.


23/30

Enhancement of Data Security

Improving the Quality of Service

• The quality of service for streaming image, audio and videos are much difficult than the standard text.

• Dynamic assignment of bandwidth for proper utilization of resources.

• The protocols does not have the functionality of dynamic QoS that changes based on the type of data being communicated.


PROPOSED STATEMENT contd…

RESEARCH PERSUED

• In paper [10], I have proposed a group communication technique based on clustering approach called incremental clustering.

• It guarantees the transmission of information to the destination.

• It was implemented using the different ARQ protocols .

High Impact Event Processing using Incremetal Clustering in Unsupervised Feature Space through Genetic algorithm by Selective Repeat ARQ protocol [ICCCT – 2011 (IEEE International Conference) pp – 310 – 315]


RESEARCH PERSUED Contd…

• In paper [12], I had proposed a dynamic mechanism called UPnP (Universal Plug and Play) mechanism.

• Here, each user has to register in the group before any type of operation. After that it can be released such that unnecessarily the candidate has to participate in each type of activities. This provides well utilization of resources of a group connected in the network.

UPnP and Secure Group communication Technique for Zero-configuration Environment construction using Incremental Clustering [International Journal of Engineering & Technology (IJERT) – ISSN : 2278 – 0181, Vol -02, Issue -12, December – 2013 ]


CONCLUSION

• Network security and QoS is an important field that is increasingly getting attention as the Internet expands.

• Due to the complex set of applications being executed over Internet, the security issues such that information can’t be leaked.

• QoS has to be enhanced for smarter and faster application processing.


27/30

Reference[1] Kartalopoulos, S. V., "Differentiating Data Security and Network Security,"

Communications, 2008. ICC '08. IEEE International Conference on, pp.1469‐1473, 19‐23 May 2008

[2] Molva, R., Institut Eurecom, “ Internet Security Architecture”, in Computer Networks & ISDN Systems Journal, vol. 31, pp. 787‐804, April 1999

[3] Sotillo S., East Carolina University, “ IPv6 security issues ”, August 2006,

www.infosecwriters.com/text_resources/pdf/IPv6_SSot illo.pdf.

[4] “Improving Security,” http://www.cert.org/tech_tips, 2006.

[5] Andress J., “IPv6: the next internet protocol”, April 2005, www.usenix.com /publications /login / 2005‐ 04/pdfs/andress0504.pdf.

[6] Adeyinka, O., "Internet Attack Methods and Internet Security Technology," Modeling & Simulation, 2008. AICMS 08. Second Asia International Conference on, vol., no., pp.77‐82, 13‐15 May 2008

[7] Marin, G.A., "Network security basics," Security & Privacy, IEEE , vol.3, no.6, pp. 68‐72, Nov.‐Dec. 2005

[8] Tyson, J., ”How Virtual private networks work,” ttp://www.howstuffworks.com/vpn.htm .


http://www.infosecwriters.com/text_resources/pdf/IPv6_SSot

Reference Contd…

• [9] Jian Ren, Member, IEEE, and Lein Harn: Generalized Ring Signatures, IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 5, NO. 3, JULY-SEPTEMBER 2008.

• [10] P. C. Sethi, C. Dash: High Impact Event Processing using Incremental Clustering in Unsupervised Feature Space through Genetic algorithm by Selective Repeat ARQ protocol: ICCCT- 2nd IEEE Conference – 2011, pp. 310-315.

• [11] Atul Kamble, Incremental Clustering in Data Miningusing Genetic Algorithm, International Journal of Computer Theory and Engineering, Vol. 2, No. 3, June, 2010. 1793-8201.

• [12] P. C. Sethi: “UPnP and Secure Group communication Technique for Zero-configuration Environment construction using Incremental Clustering”, International Journal of Engineering Research & Technology (IJERT), ISSN: 2278 – 0181, Vol. 02 Issue 12, December – 2013.

• [13] Tzu-Fang Sheu, Nen-Fu Huang, and Hsiao-Ping Lee, “In-Depth Packet Inspection Using a Hierarchical Pattern Matching Algorithm”, IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 7, NO. 2, APRIL-JUNE 2010, Page175-188

• [14] Kaoru Kurosawa, Member, IEEE, and Tsuyoshi Takagi, “One-Wayness Equivalent to General Factoring”, IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 55, NO. 9, SEPTEMBER 2009, Page 4249 - 4262

• [15] R.L. Rivest, A. Shamir, and Y. Tauman, “How to Leak a Secret, Advances in Cryptology”, ASIACRYPT, 2001



Education

Synopsis presentation uu Purna Chandra Sethi