Masters Thesis on Ethical Hacking Sagar - MISCU

6,690 views

Published on

1 Comment
16 Likes
Statistics
Notes
  • free free download this latest version 100% working.
    download link- http://gg.gg/hqcf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
6,690
On SlideShare
0
From Embeds
0
Number of Embeds
20
Actions
Shares
0
Downloads
1
Comments
1
Likes
16
Embeds 0
No embeds

No notes for slide

Masters Thesis on Ethical Hacking Sagar - MISCU

  1. 1.     Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking   another  technique  to  enhance  information  security?”   Research  based  on  Mumbai  and  Pune,  India.                                                                                                                                                                         Masters  Thesis                                                                                                                                           MS  in  Management  Information  Systems                     Author   Sagar  .R.  Dhande       ID  -­‐  2973641  C o v e n t r y   U n i v e r s i t y ,   U K    
  2. 2. 2           Table  of  Contents   C HAPTER  1  ....................................................................................................................................  10   1.0  Introduction  ..........................................................................................................................  10   1.1  Information  Security  ..................................................................................................................................  10   1.2  Information  and  Data  ................................................................................................................................  10   1.3  Overview  of  Mumbai  and  Pune  .............................................................................................................  13   1.4  Problem  Statement  and  definition   .......................................................................................................  14   C HAPTER  2  ....................................................................................................................................  16   2.0  Research  Question  and  Analysis  ..........................................................................................  16   2.1  Research  Questions  and  Objectives  ....................................................................................................  16   2.2  Primary  Data  .................................................................................................................................................  19   C HAPTER  3  ....................................................................................................................................  20   3.0  Research  Theory  and  Framework  .......................................................................................  20   3.1  Research  Theories  ......................................................................................................................................  20   3.2  Research  Framework  ................................................................................................................................  23   3.2.1  Dependent  Variables  .........................................................................................................................  23   3.2.2  Factors  .....................................................................................................................................................  23   3.2.3  Proposed  Framework  .......................................................................................................................  24   C HAPTER  4  ....................................................................................................................................  25   4.0  L ITERATURE  R EVIEW  ...............................................................................................................  25   4.1  Current  Information  security  Crime  and  Scenario  .......................................................................  25   4.1.1  In-­‐house  Threat  ...................................................................................................................................  25   4.1.1.1  Wipro  Employee  Cheats  $4  million  ....................................................................................  25   4.1.1.2  Bank  of  America  Employee  steals  customers’  data  .................................................  26   4.1.2  Nigerian  Lottery  Email  scam  .........................................................................................................  26   4.1.3  Social  Engineering  Issues  ................................................................................................................  27   4.1.3.1  Social  networking  site  issue  ..................................................................................................  27   Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  3. 3. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   3   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.       4.1.3.2  UTI  Bank  Phishing  Issue  .........................................................................................................  28   4.1.4  Mass  defacement  of  websites  ........................................................................................................  29   4.2  Security  awareness  among  Indians  .....................................................................................................  31   4.3  Emerging  Cyber  security  threats  ..........................................................................................................  32   4.3.1  Hackers  ...................................................................................................................................................  32   4.3.1.1  Types  of  hackers  .........................................................................................................................  32   4.3.1.1.1  Black  Hat  Hackers  .............................................................................................................  32   4.3.1.1.2  White  Hat  Hackers  ............................................................................................................  32   4.3.2  Spyware/  Malware   .............................................................................................................................  32   4.3.3  Viruses  .....................................................................................................................................................  34   4.3.4  Social  Engineering/  Phishing  ........................................................................................................  35   4.3.4  Bot  network  operator  .......................................................................................................................  35   4.3.5  Insider  threat  ........................................................................................................................................  37   4.3.5  Key  logger  ..............................................................................................................................................  37   4.4  Conclusion  for  Information  security  crime  and  scenario  ..........................................................  38   4.5  General  security  tools  and  techniques  ...............................................................................................  39   4.5.1  Antivirus  .................................................................................................................................................  39   4.5.1.1  Drawback  .......................................................................................................................................  39   4.5.1.2  Working  of  Antivirus  ................................................................................................................  40   4.5.1.3  Virus  dictionary  approach   ......................................................................................................  40   4.5.1.4  Suspicious  behavior  approach  .............................................................................................  40   4.5.1.5  Concerns:  .......................................................................................................................................  41   4.5.2  Firewall  ...................................................................................................................................................  41   4.5.2.1  Limitations  ....................................................................................................................................  42   4.5.2.3  Advantage  to  hacker  .................................................................................................................  43   4.5.3  Patches  ....................................................................................................................................................  43   4.5.4  Anti-­‐Spyware  Software  ....................................................................................................................  44   4.5.5  Anti  Key  logger  ....................................................................................................................................  44   4.5.5.1  Limitation  ......................................................................................................................................  45   4.5.6  Biometrics  Tools  .................................................................................................................................  46   4.5.6.1  Working  of  biometrics  tools  ..................................................................................................  47   4.5.6.2  Benefits  of  using  BTPs   ..............................................................................................................  49   4.5.6.3.  Concerns  .......................................................................................................................................  49    
  4. 4. 4       4.5.6.4  Limitation  ......................................................................................................................................  49   4.5.7  Hardware  Encryption  .......................................................................................................................  50   4.5.7.1  Encryption  .....................................................................................................................................  50   4.5.7.1.1  Network  Encryption  .........................................................................................................  50   4.5.7.1.2  Disk  Encryptions  ................................................................................................................  51   4.5.8  Hardware  Firewall  .............................................................................................................................  51   4.5.8.1  Limitation  ......................................................................................................................................  52   4.5.9  Laws,  Rules  and  Policies  ..................................................................................................................  53   4.5.9.1  Benefits  ...........................................................................................................................................  53   4.5.9.2  Limitations  ....................................................................................................................................  53   4.6  Penetrating  Firewall,  Antivirus,  Antispyware  ................................................................................  54   4.7  Ethical  Hacking  .............................................................................................................................................  55   4.7.1  Hackers  ...................................................................................................................................................  55   4.7.2  Ethical  hackers  .....................................................................................................................................  56   4.7.3  Ethical  Hacking  ....................................................................................................................................  57   4.7.4  Why  Ethical  Hacking?  .......................................................................................................................  57   4.7.4.1  Evaluation  of  a  system’s  ......................................................................................................  58   4.7.4.2  Types  of  attack  for  Ethical  Hacking  and  Hacking  ....................................................  58   4.7.4.2.1  Non-­‐technical  attacks  ......................................................................................................  59   4.7.4.2.2  Network-­‐infrastructure  attacks  ..................................................................................  59   4.7.4.2.3  Operating-­‐system  attacks  ...................................................................................................  60   4.7.4.2.4.  Application  and  other  specialized  attacks  ..................................................................  60   4.8  The  Ethical  Hacking  Process  ..................................................................................................................  61   4.8.1  Formulating  your  plan   ......................................................................................................................  61   4.8.2  Selecting  tools  ......................................................................................................................................  62   4.8.3  Executing  the  plan  ..............................................................................................................................  62   4.8.4  Evaluating  results  ...............................................................................................................................  62   C HAPTER  5  ....................................................................................................................................  63   5.0  Research  Methodology  .........................................................................................................  63   5.1  Introduction   ...................................................................................................................................................  63   5.2  Purpose  of  Research  ..................................................................................................................................  63   5.3  Research  philosophy   ..................................................................................................................................  64   Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  5. 5. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   5   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.       5.4  Research  Strategies  ....................................................................................................................................  66   5.4.1  Research  Approaches  .......................................................................................................................  66   5.4.2  Time  Horizons  ......................................................................................................................................  66   5.5  Data  Collection  Methods  ..........................................................................................................................  67   5.5.1  Sampling  Design  ..................................................................................................................................  67   5.5.1.1  Quota  sampling  ...........................................................................................................................  67   5.5.1.2  Snowball  sampling   .....................................................................................................................  67   5.5.2  Sample  Frame  and  Sample  Size  ....................................................................................................  67   5.5.2.1  Sample  size  formula:   .................................................................................................................  68   5.5.3  Target  Region  .......................................................................................................................................  68   5.5.4  Target  Industries  ................................................................................................................................  68   5.3.5  Target  Sample  ......................................................................................................................................  69   5.6  Data  Collection  .............................................................................................................................................  70   5.6.1  Secondary  Data  Collection  ..............................................................................................................  70   5.6.2  Primary  Data  Collection  ...................................................................................................................  70  6.0  Data  Analysis  .........................................................................................................................  71   6.1  Primary  Data  Questionnaire  ...................................................................................................................  71   6.2  Analysis  approach  .......................................................................................................................................  72   6.4  Results  of  the  questionnaires  .................................................................................................................  73   6.4.1  Analysis  of  Section  A  .........................................................................................................................  73   6.4.1.1  Gender  .............................................................................................................................................  73   6.4.1.2  Respondents  Designation  ......................................................................................................  73   6.4.1.3  Industry  Type  ..............................................................................................................................  74   6.4.2  Analysis  of  Section  B  .........................................................................................................................  75   6.4.2.1  Type  of  Information  stored  by  respondent  in  system  ...............................................  75   6.4.2.2  Security  tools  used  by  respondents  ...................................................................................  76   6.4.2.2.2    Hardware  security  tools  and  techniques  ....................................................................  77   6.4.2.2.3    Security  rules,  law,  policies  and  access  control  .......................................................  78   6.4.3  Analysis  of  Section  C  ..........................................................................................................................  79   6.4.3.1    Respondents  view  on  information  security  ..................................................................  79   6.4.3.2    Respondents’  expectation  from  security  techniques  ............................................  80   6.4.4  Analysis  of  Section  D  .........................................................................................................................  81   6.4.4.1  Attacked  for  unauthorized  access  to  the  system  ..........................................................  81    
  6. 6. 6       6.4.4.2  Breaking  system’s  password  .................................................................................................  81   6.4.4.2.1  Operating  system  attack  .................................................................................................  82   6.4.4.3  Getting  information  by  faking  target  .................................................................................  83   6.4.4.3.1Non-­‐  technical  attack  ........................................................................................................  83   6.4.4.4  Violating  companies/  individual  rules,  policies,  law  ..................................................  84   6.4.4.4.1  Violating  (breaking)  laws,  rules  and  policies  attack  ..........................................  85   6.4.4.5  Breaking  network  infrastructure  ........................................................................................  86   6.4.4.5.1  Attacking  Network  infrastructure  ..............................................................................  87   6.4.4.6  Action  taken  after  identifying  security  threat  (vulnerability)  ................................  88   6.4.4.7  Respondent’s  acceptance  of  attacks  to  ensure  security  ........................................  89   C HAPTER  7  ....................................................................................................................................  90   7.0  Discussion  and  Conclusion  ...................................................................................................  90   7.1  Discussion  and  Conclusion  on  section  A  ...........................................................................................  90   7.2  Discussion  and  Conclusion  on  section  B  ...........................................................................................  92   7.3  Discussion  and  Conclusion  on  section  C  ...........................................................................................  94   7.4  Discussion  and  Conclusion  on  section  D  ...........................................................................................  96   7.5  Limitations  of  Research  ..........................................................................................................................   100   7.6  Future  Research  .........................................................................................................................................   100   7.7  Conclusion  ....................................................................................................................................................   100   References  ................................................................................................................................  102   Appendix  1.  Questionnaire  ......................................................................................................  109   Appendix  2.  Gantt  chart  ...........................................................................................................  117                 Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  7. 7. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   7   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.          Table  of  Figures  Figure  1.  Data  and  Information  .........................................................................................................................  11  Figure  2.  Information  System  for  Information  ...........................................................................................  11  Figure  3.  Rising  of  sophisticated  attacking  tool  with  time  ....................................................................  15  Figure  4.  Proposed  Framework  .........................................................................................................................  24  Figure  5.  Fake  HDFC  bank  Webpage  ...............................................................................................................  28  Figure  6.  Statistics  of  defaced  Indian  website  .............................................................................................  29  Figure  7.  Defacement  of  Indian  websites  ......................................................................................................  30  Figure  8.  Statistics  of  security  awareness  in  world  ..................................................................................  31  Figure  9.  Distributed  Denial  of  service  attack  .............................................................................................  36  Figure  10.    Key  Logger  Flow  –  Step  1  ..............................................................................................................  37  Figure  11.  Key  Logger  Flow  –  Step  2  ...............................................................................................................  38  Figure  12.  Software  Firewall  ..............................................................................................................................  41  Figure  13.  Stage  2  of  BTP  process  ....................................................................................................................  47  Figure  14.  Final  stage  of  BTP  process  .............................................................................................................  47  Figure  15.    IRIS  scanner  example  .....................................................................................................................  48  Figure  16.  Hardware  based  Encryption  .........................................................................................................  50  Figure  17.  Disk  Encryption  ..................................................................................................................................  51  Figure  18.  Hardware  Firewall  ............................................................................................................................  52  Figure  19.    Emerging  cyber  security  threats  can  bypass  traditional  security  controls  ............  54  Figure  20.  The  Research  process  "Onion"   .....................................................................................................  64              
  8. 8. 8   Abstract         Table  of  graphs   Graph  1:  Gender  .......................................................................................................................................................  73   Graph  2.  Respondents  Designation   .................................................................................................................  73   Graph  3.  Industry  Type  .........................................................................................................................................  74   Graph  4.  Types  of  Information  stored.  ...........................................................................................................  75   Graph  5.    Software  security  tools  important  and  usage  ..........................................................................  76   Graph  6.  Hardware  security  tools  importance  and  usage   ......................................................................  77   Graph  7.  Security  rules,  polices,  laws  and  permission  importance  and  usage  .............................  78   Graph  8.  Respondents  view  on  Information  Security  ..............................................................................  79   Graph  9.    Respondents  Expectations  from  security  techniques  ..........................................................  80   Graph  10.  Results  for  unauthorized  access  to  the  system  .....................................................................  81   Graph  11.  Breaking  system’s  password  .........................................................................................................  81   Graph  12.  Response  for  Operating  system  attack  .....................................................................................  82   Graph  13.  Getting  information  by  faking  targets  .......................................................................................  83   Graph  14.    Response  for  Non-­‐Technical  attack   ...........................................................................................  83   Graph  15.  Violating  companies/  individual  rules,  policies,  law  ..........................................................  84   Graph  16.  Response  for  violating  rules/  polices/  laws.  ..........................................................................  85   Graph  17.  Breaking  Network  infrastructure  ...............................................................................................  86   Graph  18.    Response  for  attacking  network  infrastructure  ..................................................................  87   Graph  19.    Response  on  action  taken  after  identifying  security  threat   ............................................  88   Graph  20.  Response  on  acceptance  of  attacks  to  ensure  security  ......................................................  89   Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  9. 9. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   9   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.       Abstract  T erm information security is frequently used to describe the risks of guarding information that is in a digital format. This digital information is typically manipulated by processor, transmitted over a network (such asinternet, intranet) and usually stored in computers, server, database, disks etc.Today Information Systems plays valuable role in corporate and personal world,companies and individuals practicing different techniques (using software andhardware’s) to secure data and information. Tremendous security threats likevirus, bots, denial of service attack, telecom fraud, unauthorized access, andphishing etc., are rising at rate more than 25% – 30% than previous year.Research conducted by McAfee Security journal, 2008 states, social engineering(Phishing attacks), spam are increasing; and always upgrading with new methodsto obtain personal and confidential information from users. Whereas the oldtechniques and scripts (virus programs) are decreasing or under control (as theyare constantly under view) new techniques and methods are targeting informationand are successful in drafting the threats graph high against security. Theseemerging and upgrading threats are required to be treated with new advancedcountermeasures; one of them is Ethical Hacking. Antiviruses, anti spyware’s,hardware security ‘tool and rules’, laws are already used and are not sufficient totackle current problem. New advanced Ethical hacking approach includes Ethicalhacker who practices hacker’s techniques and strategies to identify vulnerability(security holes) by attacking the system in the same way as hacker could havedone (intentionally ethical) and if found any security holes or vulnerabilities thenEthical Hackers finds the way to fix and cover it.  
  10. 10. 10   Chapter  1     CHAPTER 1 1.0 Introduction 1.1 Information Security Information security is the process or ‘combination of techniques’ to protect information. It ensures protection to availability, privacy and integrity of information. Nowadays businesses and individuals are solely rely on the information stored in database, memory; transferred through network. Information can be anything personal staff details, client lists, bank account details (credit card details), username and password, mails; software source code, media, personal documents, marketing and sales information in fact anything that is storable in system and valuable for user, business or system. Information is high priority for any business, which holds the power to wobble the business in such competitive era. (FIPS PUB, 2004) 1.2 Information and Data Raw data is processed by System to generate or produce the desired (required, meaningful) output called information. Data is raw material for data processing. It relates to fact, event and transactions. Information is data that has been processed and filtered in such a way as to be meaningful to the person who receives it. It is anything that is communicated and valuable for any business or individual. (Maeve Maddox, 2008) Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  11. 11. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   11   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.         Figure 1. Data and Information Source: Created by authorTo understand the significance of information, it is essential to highligh the valuean Information. Information is something that can be found in any piece of datathat is required by individual or company. Even the credit card details, usernameand password, personal media (photos, videos, files); from business perspectivecompanies marketing plan, strategic decission, financial details, client details,source code, etc. which is very imporant for any business can be cosidered asinformation.Below diagram helps to undestand how data is being processed into infomation   Figure 2. Information System for Information Source: created by author  
  12. 12. 12   1.0  Introduction     For a company some tools such as Market Intelligence system, financial tools, marketing models, market research system, etc takes data as an input. Where data can be target segment for a product or company, technology (available and required technology for any project or company), Economical condition of country, company or target segment(varies to requirement), competitor, channels (available and required for business) . Above system process the data (as said in earlier paragraph) to produce strategic decision for business; this strategic information could be business plan for next 5 years or product launching strategy which is very crucial for any business, similarly marketing plan for the product or company, financial report of the company which is very crucial for any business. Effective information security systems incorporate a range of policies, security products, technologies and procedures. Software applications, which provide firewall information security and virus scanners are not enough on their own to protect information. A set of procedures and systems needs to be applied to effectively deter access to information. There are people who make a living from hacking or breaking through information security systems. They use their technological skills to break into computer systems and access private information. A hacker with the right hardware can bypass firewalls, which are designed to prevent access to a computer’s network. This could result in the loss of vital information, or a virus could be planted and erase all information. A computer hacker can gain access to a network if a firewall is shut down for only a minute. Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  13. 13. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   13   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      1.3 Overview of Mumbai and PuneThe research being carried on two Indian metro cities Mumbai and Pune, it’ssignificant to throw limelight on needs, challenges, culture and situation of cities.(Mumbai Space, nd)The seven islands that came to constitute Mumbai (formerly known as Bombaytotal 437.71 sq. km) is the capital of Maharashtra state, with second largestpopulated city in the world after Shanghai (china). In 2009; Mumbai was namedan Alpha world city (Diserio.com, nd). City is commercial, financial andentertainment capital of India; Sea port city (Indias largest and busiest) has oneof the world’s largest harbor. According to the recent survey, Mumbai is the fifthmost expensive city in the world and contributes highest GDP than any other cityin India. (Mumbai Space, nd)Pune offers plentiful talent, technology and tolerance the few key attributes thatneeds to make a global city. Known for its international quality education, city isequipped with well known institutes and universities. By delivering successfulcommonwealth youth games in 2008, city set mark for international market whichalso had a great positive impact on the hotel, infrastructure and tourism industry.After Bangalore, Pune (India’s II tier city) is set for another largest IT hub in India.Infosys an Nasdaq listed Indian IT company delivers growing center in Pune.TCS, Wipro, Larsen & Toubro InfoTech, AccelTreesoftware, Advent software,Dynamicslogistics are just some of the known software players that have taken tothe city. Apart from software development, the city is carving a name for BPO;Accenture Services, Wipro and Quexstsolutions operate out of this city with morethan 100 software companies, the city provides class animation and gamingindustry to the globe. (Articles base, July 2009)Cyber crime cell located in Mumbai, states; ‘hacking, child pornography, cyberstalking, denial of service attack, virus dissemination, software piracy, IRC Crime,credit card fraud, net extortion, phishing, internet fraud’ are the most serious  
  14. 14. 14   1.0  Introduction     issues that has been tackled in the metros and rest of India.(CCIC, 2005) High graph of Cybercrime in Mumbai, Pune and Bangalore, Mumbai has managed to set up Control of Cyber Crimes unit. To cope with this situation Mumbai Cyber Lab is a unique initiative of police-public collaboration for training the police officers of Mumbai police in investigation of cyber crime. Mumbai Police and NASSCOM jointly operate Mumbai Cyber Lab. (Mumbai online, 2010) 1.4 Problem Statement and definition Increased in sophisticated attacking tools (includes GUI hacking tools, viruses, spywares, hackers etc.) and required knowledge of attacker is decreasing, is a challenge for today’s (and forthcoming) data and information security, refer below diagram (Clampa M, 2010). Data stored, transferred and accesses via computers, networks, servers, digital components are being under constant attack and poses threats. Users both personal and corporate world are assuring information and data is secured by using software (Antivirus, Anti-spyware, Anti- spam), hardware (Hardware lock, Hardware encryption), firewalls (Software and hardware firewall) (Peter J, 2005), but the question is, are they enough to achieve security goals? If yes, than how successfully they are? If they are successful, and are in use, then why digital world using these techniques and methods are not fully secured? Or is there a need to have any other security mechanism? These questions are enough to have a view of overall security problem. Lots of efforts being taken to secure the viable information, yet people often found at least one news about data hacked, digital fraud and information stolen or similar news every day in newspaper column. Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  15. 15. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   15   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.         Figure 3. Rising of sophisticated attacking tool with time (Source: Ciampa M, 2010)This diagram states, since 1990 new treats are rising with more sophisticatedattacking tool (providing with graphical user interface which helps anybody to usethese tools without programming or systems knowledge) and hence requiredknowledge attack the system in reducing. This is major concern that gavepotential rise to new technology, methods, and techniques to counter suchattacker’s efforts.  
  16. 16. 16   Chapter  2     CHAPTER 2 2.0 Research Question and Analysis This chapter focuses on research questions and objectives of the research. Based on the research questions and objectives secondary data is collected (Literature review) and primary data (questionnaire) are drafted and data collected; in order to answer the research questions and objectives. Basically objectives are giving a direction to the research based on which a conclusion is obtained to support the research. Each research question and objective is satisfied by the research, by collecting relevant data, analysing and concluding to achieve the objective.   2.1 Research Questions and Objectives 1. Why current security methods are not enough to tackle security? Objectives are n To understand the limitations of current security techniques. This objective helps to highlights limitation and capabilities of current security techniques practiced such as software, hardware’s, laws etc. this will help to understand what is lacking in the current practiced techniques and where new advanced security techniques are required to focus and work on. n To explore different techniques and methods used to enhance security. This objective will help to enlist different methods, tools, techniques used by different organization to ensure security. The objective behind focusing here is to understand the different or same approaches taken by different organizations and individuals for the same concern ‘security’. n To understand the expectations of information security those are not currently satisfied. Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  17. 17. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   17   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.       This objective would help to enlighten the expectation of information security. Expectations could be use of sophisticated dynamic security control and techniques that could monitor the system all the time, while trying different approaches to uncover vulnerabilities in system.Innovative techniques using high end technology is playing key role in breakingand securing security. Hackers smart enough to find easy to very complex way toseek inside the platform. This section will highlight the innovative sides ofhackers, winning side of destructive tools and the limitations of securing tools andtechnique.Questionnaires will be used to understand the expectation from informationsecurity. Secondary research to support the objective to understand thelimitations of current security techniques and to explore different techniques usedto enhance security. 2. How important is identifying appropriate countermeasure for security threat? Objectives are n To understand importance and urgency of information security. All the time discussing about Information security, but is it really important to secure data and information? What kind of information is valuable for organizations? The objective is to collect different view about information, from different organization in different sectors that which and what kinds of data are they concerned to secure. Why and How important is it to secure? n To understand the need of having effective countermeasure for security threats. This objective is slightly related and answerable from previous objective. Here it is known that information is viable and there is need to effective information security technique. Objective helps to understand that why there is need of effective and advanced security enhancing techniques.Information can be seen in many forms, from credit card information, forcompanies’ applications source codes to documentation and for individual familypictures to passwords and other related information. All have its importance at  
  18. 18. 18   2.0  Research  Question  and  Analysis     different hierarchy from person to person. This will enlighten about having effective and efficient countermeasure. Questionnaires will be use to understand the need of having effective countermeasure for security threats. 3. What role ethical hacker plays in enhancing security and how it contributes? Objectives are n To understand the role and need of ethical hacker. This objective is basically divided in two parts role and need. Role states the key part the Ethical hacker played or playing in the system and need states even if organization has other current security techniques still they are approaching for Ethical hacking, what they are expecting from Ethical hackers, what is it that made organizations to approach Ethical hacker? What ethical hacker can provide them? n To explore the ethical hacking process and steps followed by ethical hacker. This objective will give an idea of Ethical hackers work, like the process of ethical hacking, what kind departments, people and resources available or involved? The policies, rules and regulation, laws that has to be considered by Ethical hacker, sometime company has to give extra access to the system to ethical hacker to test it, at the same time it is essential for company to make sure that ethical hacker do not misuse the system, this makes Ethical hacker to sign several papers including policies, laws etc. this all together forms a process and this objective will also help to see the similarities in the process among different organizations. And the way ethical hacker achieves his goal by satisfying the entire prerequisite (signing documents) also ensure that system is secured. n To understand the effectiveness of ethical hacking over other measures. This objective checks whether ethical hacking is successful process or not? If successfully then how successful it is as compared to other security measure? This measurement is denoted in percentage, each factor versus ethical hacking. Objective helps to understand whether ethical hacking practice is meeting up to user’s expectation. Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  19. 19. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   19   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      Secondary research (thorough literature review) will be done to understand roleand need of ethical hacker and exploring ethical hacking processOther objective is to understand advanced security practices.This objective deeply explains different types of information security practiced toensure security and that are not satisfied by general security tools andtechniques. Objectives focus mainly for new security enhancement technique thatcan be added with current general security practices.2.2 Primary Data  Primary data regarding research questions and objectives collected from ITorganization, banking IT (security) department, Business process outsourcing,Educational industry applying various data collection techniques and methods,this collected data will we used to answer the research question. Pune(Educational hub) and Mumbai (financial capital) both being IT hub, authors maintarget population is the IT Managers, Security officer, Ethical hacker, Network/System administrator along with individual such as students, teachers and othernon professional tech savvy who has better understanding and enoughknowledge on security threats and its counter measures.  
  20. 20. 20   Chapter  3     CHAPTER 3 3.0 Research Theory and Framework Research supports Game Theory and Integrated Systems Theory are discussed below 3.1 Research Theories Theory Characteristics Source Game Theory Security Validation Papadopoulou and Greoriades, 2009 Game Theory Intrusion Detection Systems Otrok, Zhu, Yahyaoui, Bhattacharya, 2009 Integrated Systems Theory In early days author proposed Hong, Chi, Chao, consist of new theory called integrated Tang, 2003 systems theory for information security management. Security Policy Theory Risk Management Theory Control and Auditing Theory Management Systems Theory Contingency Theory Intrusion Detection Systems - It helps to detect the attack at runtime, post-attack or pre-attack. An ethical hacker who manages to detect the security threat from hacker or other attackers molds themselves to intrusion detection system. (Fadia 2007) therefore author believes the ethical hacking supports intrusion detection system, which again follows game theory. Game theory support for research is explained below. Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  21. 21. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   21   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      Security Validation - Ethical hacker needs to think strategically; what hacker istrying to do or what hacker could do? How can he do? And so on, according tothis ethical hacker has to make his/her moves, this move may or may not besimultaneous or sequential to hacker, i.e, ethical hacker and hacker may or maynot be attacking and defending simultaneously, an ethical hacker may be trying tofind vulnerabilities in the system, thinking different possible ways from hackerspoint of view.Papadopoulou and Greoriades (2009), says security recently gained tremendousattention in information systems. Despite the importance there is no appropriatemethod followed for the security. Traditionally, limited systems like computers,electronic devise and machines that were depended on such networks, Securityrequirements specification needs a practical approach. Today, Networksinfrastructure is constantly under attack by hackers and malicious software thataim to break into computers and steal valuable information. To combat andcountermeasure those threats, network designers need complex securityvalidation algorithms and techniques that will assure the minimum level ofsecurity for their future networks. Author supports game-theoretic approach tosecurity requirements validation.Theory proposed by Otrok H, Zhu B, Yahyaoui H and Bhattacharya P (2009)states, A game theory is a model for Intrusion Detection Systems. Intrusion canbe compared with hacker and alarm is raised in case of attack. Various soft-wares, firewalls and techniques can be followed to encounter such intrusionswould help to provide necessary countermeasures and strategies to implementon security.In 2003 Hong, Chi, Chao, Tang says, till now there is no specific informationsecurity management theory. As a result they combined 5 theories SecurityPolicy theory, Risk Management theory, Control and Auditing theory,Management Systems theory, Contingency theory to develop IntegratedInformation systems theory for information security management. The purpose,  
  22. 22. 22   3.0  Research  Theory  and  Framework     importance and the characteristics of each theory in integrated information systems theory for information security management by Hong, Chi, Chao, Tang, 2003 are given below Theory Description Security Establishment of information security policy should include five Policy theory procedures, which are: 1. to assess and persuade top management; 2. to analyze information security requirements: 3. to form and draft a policy; 4. to implement the policy; and 5. to maintain this policy. Theory also covers comprehensive E-audit; e-risk management policy; computer security policy; cyber insurance policy; e-mail policy; Internet policy; and Software policy. Risk Risk management theory suggests that through organizational risk Management analysis and evaluation, the threats and vulnerabilities regarding theory information security could be estimated and assessed. The evaluation results could be used for planning information security requirements and risk control measures. Risk management is a process of establishing and maintaining information security within an organization. The crux of risk management is risk assessment; namely, through information security risk assessment, an organization could take appropriate measures to protect information cost effectively. Reid and Floyd 2001 cited by Hong, Chi, Chao, Tang, 2003 proposed a “risk analysis flow chart”, and considered that an organization should assess the threats and vulnerabilities of its information assets. Control and Control and auditing theory suggests that organizations should Auditing establish information security control systems; and after being theory implemented, auditing procedures should be conducted to measure the control performance. It includes organizational security, personal security, physical and environmental security, communication and operational security, systems development and maintenance security. Management Based on the organizational requirement s and security strategies, Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  23. 23. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   23   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      Systems Sherwood, 1996 cited by Hong, Chi, Chao, Tang, 2003 proposedtheory information security architecture SALSA (Sherwood Associated Limited Security Architecture) which includes: business requirements, major security strategies, Security services, security mechanism and security products and technologies.Contingency Information security management is a part of contingencytheory management that is meant for the prevention, detection and reaction to the threats, vulnerabilities and impacts inside and outside of an organization or system.No predefined past framework is supported by the research. Author hasdeveloped framework based on the variables and factors suggested by CiampaM, 2010 and Sans, 2010.3.2 Research Framework3.2.1 Dependent Variables Enhancing Information Security3.2.2 Factors(Source: Ciampa M, 2010)Software’s Hardware’s Rules, policy, Ethical Hacker lawsAnti-Virus Forensic tools Parental/ access (Proposed by (source: Sans, 2010) control author)Anti-Spyware Hardware LockAnti-Adware Hardware FirewallSoftware Firewall Anti KeyloggerEncryption/Decryption Hardware encryptionOperating systems Bio Metrics tools (Source: Patrick Love, 2007)Patches  
  24. 24. 24   3.0  Research  Theory  and  Framework     3.2.3 Proposed Framework   Figure 4. Proposed Framework Here dependent variable ‘enhancing information security’ has fours factors software’s, hardware’s, ‘policies, rules and laws’, Ethical Hacker. These factors together affect the behavior of Enhancing information securities behavior. Factors are tools, software’s, hardware’s techniques and methods that are used (single or in combination) to Enhance security. Idea behind research is investigating on Ethical hacker factor, Ciampa M (2010) states Software’s (including antivirus, software firewall etc.), hardware (including forensic tools, hardware lock etc.), ‘Rules, polices, and laws’ are different approaches for security here parental / access control can be a non - technical technique, while author’s concerns is to consider Ethical hacker as another technique. Ethical hacker is considered as a factor which can affect the behavior of ‘Enhancing information security’ (Dependent variable). Here Ethical hacking done by ethical hacker contains many approaches, Ethical hacker uses many techniques (those techniques are later explained in next chapter) to protect the information or system.   Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  25. 25. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   25   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.       CHAPTER 4 4.0 LITERATURE REVIEW4.1 Current Information security Crime and ScenarioThis section will highlight on current security and cybercrime scenario in India.Below discussion will help to understand the importance of security, and majorthreats and security scenario in India; especially in Mumbai and Pune.Indian companies more worried about cyber-attacks than terrorism. (Cheek M,2010)According to research conducted by Symantec, Indian companies lost anaverage of 5.8 million rupees in January 2010, and 66% has experienced cyber-attacks in 2009.Symantec India managing director Vishal Dhupar said, “Security has become amain concern to Indian enterprises as cyber-attacks are posing a greater threatthan terrorism, natural disasters and conventional crimes”.Total 80% budget has been increased for forensic and penetration testingimplementation strategies.4.1.1 In-house Threat Rather than keeping eye and worrying about External threats, it may happen someone very close to you steal the most valuable thing available to you. In- house threat is the most readable topic in newspaper. Indian Banking and IT companies had frequent bad experiences with in-house threat to information security.4.1.1.1 Wipro Employee Cheats $4 million Indian IT giant experienced largest rip-off, chartered account of the company successfully cleaned $4mn from its financial books (i.e. an information source)  
  26. 26. 26   4.0  Literature  review     in year 2010 Sources added following this incident Technology Giant has tightened its information security. (DC Correspondent, 2010) 4.1.1.2 Bank of America Employee steals customers’ data Employees fund guilty for stealing customers sensitive data and sell it to third party to create fake credit card with required information. This employee secretly steals customers information having account balance more than $1,00,000 and produce credit card.(Cheek M, 2010) 4.1.2 Nigerian Lottery Email scam India is catching up lottery email scan with lightning speed. Internet Users receiving mail on behalf of esteemed organizations (actually fake email id created in the name esteemed organization) declaring them as a winner for million dollars. Hackers try everything to win victims trust by specifying mail domain id that is matching to organizations name or banks name. Users are requested to fill the form attached with the documents (this may be infected with virus) that supposed to collect user’s information about bank account number, swift code, bank address as those things are required to transfer money to users account. Looking at artistic form and genuine responder, users fill the form and send it to the hacker. Here hackers pass this catch fish to its network, which make a note of mail id for further money stealing techniques (as it is known the user is not knowledgeable in this regard or less technically assure about security). Hackers confirm the report after verifying users form and request to the select one of the three options to claim the lottery amount. 1. To collect it by person Un-viable option as it not possible for user to visit declared, as it could be risky to visit there without any security. Hacker can turn into gangster to cleanup everything from claimer. Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  27. 27. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   27   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      2. To open an account in required country, as they money will get transferred tothis account and from where user can further transfer amount to their respectiveaccount in their country. Here as the claimer is not aware of the rules andprocedure of opening account in other country (Opening account in other thanhome country is not that easy, as it requires all residential documents, passport,income source, income statement, etc.). These two options shifts hope towardsthird and final option.3. To send account opening charges to the lottery person, so that they can openaccount on behalf of claimer. This is the real trap that is being laid by hacker tocatch in the safe hand. Some emotional touch and feelings are showingconversation to the claimer so that they win the trust and provide them requiredamount to open account. In` this even claimers often found negotiating theaccount opening charges and on this the deal may get closed stating that half ofthe account opening charge will be paid by claimer and remaining by agent. Andsimilarly wining prize will be distributed between both parties.Once the claimer transfers the amount to agent to open account, and received byagent all the communication is sealed; leaving claimer to complaint police.For example, hackers often found sending emails from hdfconlinebank.com butthe genuine domain is hdfcbank.com.4.1.3 Social Engineering Issues4.1.3.1 Social networking site issueThe biggest challenge and threat to today’s security is social engineering.Youngster’s queuing up hit the social networking server is increasing blindly, andnumber of malwares and viral scripts are targeting at the matching frequency.Users often found that their account is hacked and hackers misused personalinformation to defame the image or to make the profile work in weird way.  
  28. 28. 28   4.0  Literature  review     4.1.3.2 UTI Bank Phishing Issue Phishing an part of social engineering issues is found commonly in day to day life. Ahmadabad based UTI bank (now Axis bank), one of the largest financial institution of India was serious target for phishing. URL of fake version of UTI banks homepage was circulated on the email users. This webpage asks for the login and password and rest all the things including logo, text are kept as same as original bank site. Incase user enters username and password thinking its genuine website, hackers get a view of details on the receiving side (Phisher’s database). (Cyber crime, 2007) (Screen shot of fake website is attached below) Fake HDFC banks webpage (below snapshot created by author).   Figure 5. Fake HDFC bank Webpage Source: Created by author Same things were happening on phone banking, users receives calls from hacker claiming to be calling from bank for verification (as required by Indian government) and ask person details like address, fathers name, card no. Etc. here user providing all the details get trap in the fraud. (Cyber crime, 2007) Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  29. 29. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   29   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      4.1.4 Mass defacement of websitesOver 1900 Indian websites were defaced in the first three months of year 2010(Srikanth RP, 2010). Mass defacement GUI tool that’s provides the whole serverarchitectural view of web server. Suppose a website name www.sagar-info.com isto be defaced, hacker has created below tool which shows all the directories,permissions (chmod – change mode in image), linking, robots text file and otheradministrative features of the site that can be changed. These tools can be usedfor mass defacement of websites. (Armstrong Tim, 2010)   Figure 6. Statistics of defaced Indian website (Srikanth RP, 2010)Above graph shows, 1263 websites with .in (India) domain was hacked (defaced)in the first three months of January 2010 followed by 587 websites with .com(commercial) domain.  
  30. 30. 30   4.0  Literature  review       Figure 7. Defacement of Indian websites (Armstrong Tim, 2010) According to Dr. Muthukumaran B (2008), Home Personal Computer users in India are the most frequently targeted sector of its 37.7 million Internet users. More than 86% of all attacks, mostly via bots were aimed with Mumbai and Delhi’s PC users. The major cyber crimes are DDOS Attack (Distributed Denial Of Service Attack), website defacement, viruses, Trojan and worms, social engineering (refer below diagram), phishing, spam etc. Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  31. 31. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   31   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      4.2 Security awareness among IndiansAccording to the survey conducted by Norton, Norton Online Report 2009 statesfew people are protecting themselves online, but leaving themselves vulnerable46% by visiting un-trusted Websites, 55% by not backing up data, 66% by notchanging passwords frequently and 33 % by giving out personal information oninternet.67% adults in India are least likely to install any security software   Figure 8. Statistics of security awareness in worldThe biggest difference in security awareness occurs in INDIA and Brazil.33% Indian do not use security software, and 52% Indian has unsafe passwords.  
  32. 32. 32   4.0  Literature  review     4.3 Emerging Cyber security threats According to Government Accountability Office (2005), Sources of emerging cyber security threats 4.3.1 Hackers Based on the purpose and intention of hacking, hackers are mainly divided into to categories Black hat and White hat hackers. 4.3.1.1 Types of hackers 4.3.1.1.1 Black Hat Hackers - Hackers break into the networks for thrill of the challenge or for bragging right in hacker’s community. (Government Accountability Office, 2005)Hackers also write hacking tools, including the viruses, malware, scripts that perform various functions according to algorithm. Hackers break into the systems and cover track record. They even make it look some other third person has hacked the system. (Ciampa M, 2010 pg no 17) 4.3.1.1.2 White Hat Hackers– The Ethical Hackers stands with security to cope with intruder, social engineering, viruses, threats and vulnerability so called in network, infrastructure and individually (Syed S, 2006). These are good hackers who practices hacking on the system with the permission of systems owner; in order to find the security flaws by applying various hacking techniques and if found any, they cover the security hole. This helps the owner to identify systems week point from where the Black hat hacker could have penetrated. Although for being good for the owner, Ethical hacker gets paid for the work. (Syed S, 2006). 4.3.2 Spyware/ Malware Spyware is a general term used to describe program that violates a user’s personal security. (Microsoft, 2010) Programs that displays pop on the screen, collects personal information, or changes the configuration without users concern is spyware. Spyware programs Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  33. 33. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   33   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      are designed in a way that it is difficult to remove. Even if uninstalled from thesystem, you might find that the program reappears as soon as you restart yourcomputer. (Microsoft, 2010)The Anti-spyware alliance defines spyware as “tracking software that is deployedwithout adequate notice, consent, or user control”.According to Ciampa Mark, 2010 Spyware can • Spyware implemented in ways that damage a users control over the system. • Uses the system resources, including another programs installed in the system. • Collecting and distributing personal and sensitive information over the network. • Material changes that affect the user experience, privacy, or system security.Two spyware characteristics make users more worried areSpyware creators are motivated by profit: Spyware coder’s goal is to generateincome by acquiring personal information and use it personally by gaining accessover the banking account or by selling the information to users corporatecompetitor. This motivation makes spyware more intrusive than any othermalware and comparatively difficult to detect and remove once infected. (CiampaM, 2010, Pg no 113-114)Harmful Spyware are difficult to identify: This not necessary that all thesoftware’s that keeps track on users, decontrols and blocks the users arespywares. With the proper notice, consent, and control, some of these samebehaving programs and technologies can provide benefits. For example, parentalcontrol and user monitoring tools can help parents keep track of the online  
  34. 34. 34   4.0  Literature  review     activities of their children while surfing, and remote login to sneak into children’s machine or even to operate office machine from home. Genuine software’s sometimes open pop up and redirects to company’s license page. While virus creator, creates program on installing it directs browser page to genuine looking site and starts downloading malware. Such scenarios make it difficult for user to identify legitimate software’s in system. (Ciampa M, 2010, Pg no 113-114) Usually spyware gets into the system through instant messaging, various P2P (peer to peer) programs, online gaming, many porn/crack sites, ad-based banners where users are lured to install free full software’s and more. (Shetty S, 2005) Malware is a general term used to refer to a wide variety of malicious programs. It includes threats such as viruses, worms. Trojan horses, Spyware and any other malicious programs. (Ciampa M, 2010. Pg no 26) 4.3.3 Viruses Computer virus is a malicious set of instructions (that replicates itself) that need carrier in order to survive. Carrier can be of two types, via Document or Program, i.e. viruses can be attached to any of these carrier and transmit to users system, whereas viruses starts its execution when this document is opened or program is executed. Most viruses are harmful can cause system to crash, delete files, download and installing un-trusted infected malicious code, degrading security settings, and infect other files. (Ciampa M, 2010, Pg no 41) “It is estimated that there are over eight million computer viruses in existence.” (Ciampa M, 2010, Pg no 41) Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  35. 35. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   35   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      4.3.4 Social Engineering/ Phishing (Microsoft SE, 2010)Social engineering is a way for where attacker tries to gain access over thesystem. Basic purpose of social engineering is secretly installing spyware or totrick user into handing over their login details, sensitive financial or personalinformation.Phishing is the most common part of social engineering. Phishing scams includefraudulent Web sites or e-mail messages that fool the user into divulging personalinformation. (Microsoft SE, 2010)For social engineering attack example refer section 4.1.34.3.4 Bot network operatorBot network operators are hackers, instead of breaking into systems for challengeor bragging right, they take over multiple systems to enable them to coordinateattacks and distribute malware, spam and phishing scams, the services of thisnetwork are sometime made available on underground markets (e.g., purchasinga denial –of-service attack, servers to spam or phishing scam, etc.) (GovernmentAccountability Office, 2005)Bot networks in which attacker remotely take control of machine without usersconcern is increasing at alarming rate. Machines infected with bots code behaveanomalously and download malicious code, which may contain Trojan, or evensends email to others (this emails may be sent for illegal purpose, as lifethreatening, or abusing email to someone to whom we even don’t know).Machines that are not in users control are referred to zombie machine. Attackersoften target bunch for machine to operate like zombie and then to scan forvulnerable system and attack the Server/system. By using backdoor methodwhich bypass the authentication layer (antivirus) and hits target; backers residesas known and required application in the system (this creates an impression thatattacking machine is the source but the victims not aware of the real attacker. (Dr.Muthukumaran B, 2008)  
  36. 36. 36   4.0  Literature  review     Frequently news flash with some websites servers down cause of attack, one of the best possible reasons could be denial of service attack. Attacker’s targets bunch of machine to operate them as zombie and then it operate the entire zombie machine at once to target the server in order to reduce the performance or to crash it. DOS attack is often very difficult to trace to know who the real attacker is. Attacker does not attack the target server from their own machine but uses zombies to attack. (Dr. Muthukumaran B, 2008) Example of DDOS   Figure 9. Distributed Denial of service attack (Source: Kome D, 2010) Here spoofed SYN generator is attacker who operates zombie machine (TCP server) by synchronizing them with targets source IP address (internet protocol address) and attacks target/victim networks through these zombie machines. Approximately $ 120 million worth of mobiles phone are being lost or stolen every year, where users find it difficult to protect their details stored in phone, contacts and other vital information that can misused by stranger. Almost 69% of Sagar  .R.  Dhande   Coventry  ID.  2973641(INTI  –  I09005084)   May  2009  Session  
  37. 37. Threats  to  Information  Security  are  rising.  Is  “Ethical  Hacking  another  technique   37   to  enhance  information  security?”  Research  based  on  Mumbai  and  Pune,  India.      information stealing case is observed in current and ex-employees and 31% byhackers. India has to go a long way in protecting the vital information. (Dr. B.Muthukumaran, 2008)4.3.5 Insider threatThe disgruntled organization insider is a principal source of computer crimes.Insiders may not need a great deal of knowledge about computer intrusionsbecause their knowledge of a target system often allows them to gain unrestrictedaccess to cause damage to the system or to steal system data. The insider threatalso includes outsourcing vendors. Employees who accidentally introducemalware into systems also fall into this category. (Government AccountabilityOffice, 2005)For insiders threat attack refer section 4.1.14.3.5 Key loggerKey logger is a program that records each key pressed (i.e., whatever user typeson their keyboard is recorded) and this stream of keystroke can be used byhacker to obtained users confidential data along with login details, pins, creditcard information etc. generally backdoor Trojans comes bundled with keylogger.(Kaspersky lab, nd).Key logger can be installed via secondary disk (flash drive, floppy, local network)or via internet bundled with any document, program or other malware. Key loggercan also be considered as spyware, but as key loggers only function is to recordall key strokes, its scope is far more less than spyware and can be considered asa part of spyware.   Figure 10. Key Logger Flow – Step 1

×