As technology is running on its wheels, networking has turned into one of our basic aspects. In this world along with
networking inimical vulnerabilities are also advancing in a drastic manner, resulting in perilous security threats. This calls for the great
need of network security. ARP spoofing is one of the most common MITM attacks in the LAN. This attack can show critical
implications for internet users especially in stealing sensitive information’s such as passwords. Beyond this it can facilitate other
attacks like denial of service(DOS), session hijacking etc..,. In this paper we are proposing a new method by encrypting MAC address
to shield from ARP cache poisoning
Enhancement in network security with security protocolseSAT Journals
Abstract Network security is a wider term used habitually to be an eternal security medium to the broadcasting environment. Cryptography, Authentication and access control Mechanisms play a vital role in secure communication over the network. The computer network is a collection of network that shares information across wired or wireless technology. In order to transfer data in a protected and confidential manner there are several security measures available. Network security can also be referred to as network safety. Network security is used to prevent the attacks by using protocols during the communication of data. This paper describes the several types of attacks, threats and protocols which attempts the secure communication between client and server. Keywords: - DSA, DDOS, HTTPS, RADIUS, VPN, IPSEC etc…
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Enhancement in network security with security protocolseSAT Journals
Abstract Network security is a wider term used habitually to be an eternal security medium to the broadcasting environment. Cryptography, Authentication and access control Mechanisms play a vital role in secure communication over the network. The computer network is a collection of network that shares information across wired or wireless technology. In order to transfer data in a protected and confidential manner there are several security measures available. Network security can also be referred to as network safety. Network security is used to prevent the attacks by using protocols during the communication of data. This paper describes the several types of attacks, threats and protocols which attempts the secure communication between client and server. Keywords: - DSA, DDOS, HTTPS, RADIUS, VPN, IPSEC etc…
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE ...IJNSA Journal
Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.
A Survey on Secure Hierarchical LEACH Protocol over Wireless Sensor NetworkIJERD Editor
Wireless Sensor Network contain number of nodes. Lifetime of Sensor nodes depend on their battery
power, which cannot be reenergize. Thus, to save the node energy & lifetime of the Network energy efficient
LEACH protocol is introduced. Wireless sensor networks are facing many experiments such as the partial source
in processing power, storage and energy. The inadequate energy source is one of the main tasks facing the security
in such networks. LEACH doesn’t shield the safety harms. So we want to improve security scenario of Secure
LEACH protocol. Hierarchical or cluster base routing protocol for WSNs is the most energy-efficient among other
routing protocols. This paper shows different security mechanism used in LEACH protocol. This all protocol is
based on Hierarchical routing protocol. This paper shows basic scenario of security in LEACH.
Various OSI Layer Attacks and Countermeasure to Enhance the Performance of WS...IDES Editor
Wireless sensor networks are networks having non
wired infrastructure and dynamic topology. In OSI model each
layer is prone to various attacks, which halts the performance
of a network .In this paper several attacks on four layers of
OSI model are discussed and security mechanism is described
to prevent attack in network layer i.e wormhole attack. In
Wormhole attack two or more malicious nodes makes a covert
channel which attracts the traffic towards itself by depicting a
low latency link and then start dropping and replaying packets
in the multi-path route. This paper proposes promiscuous mode
method to detect and isolate the malicious node during
wormhole attack by using Ad-hoc on demand distance vector
routing protocol (AODV) with omnidirectional antenna. The
methodology implemented notifies that the nodes which are
not participating in multi-path routing generates an alarm
message during delay and then detects and isolate the
malicious node from network. We also notice that not only
the same kind of attacks but also the same kind of
countermeasures can appear in multiple layer. For example,
misbehavior detection techniques can be applied to almost all
the layers we discussed.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Session hijacking occurs when a session token is sent to a client browser from the Web server following the successful authentication of a client logon. A session hijacking attack works when it compromises the token by either confiscating or guessing what an authentic token session will be, thus acquiring unauthorized access to the Web server. This can result in session sniffing, man-in-the-middle or man-in-the-browser attacks, Trojans, or even implementation of malicious JavaScript codes.
Web developers are especially wary of session hijacking because the HTTP cookies that are used to sustain a website session can be bootlegged by an attacker.
A Combined Approach for Worm-Hole and Black-Hole Attack Detection in MANETIJERA Editor
Mobile ad hoc network is a kind of wireless network, in this network all nodes are connected through the wireless links and perform cooperative communication.Due to limited radio range of these devices any time can leave or join the network. Therefore the routing techniques are responsible for the network organization and communication flow. Due to this the performance of MANET is low as compared with the traditional wired communication networks. In addition of that network is suffers from the probability of attacks. Thus in this paper MANET routing strategy and their attacks are investigated and learned. In addition of that in order to secure the communication recent approaches of security in MANET also investigated. Finally a new algorithm for prevention of malicious attack in MANET is suggested. Additionally the based on the concluded facts, future extension of the proposed work is also suggested.
Network Security consists of the provisions and policies adopted by a network
administrator to prevent and monitor unauthorized access, misuse, modification,
or denial of a computer network and network-accessible resources. Network
security involves the authorization of access to data in a network, which is
controlled by the network administrator. Users choose or are assigned an ID and
password or other authenticating information that allows them access to
information and programs within their authority.
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
Distributed Denial of Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the current inadequate sate of any viable defense mechanism, have made them one of the top threats to the Internet community today. Since the increasing popularity of web-based applications has led to several critical services being provided over the Internet, it is imperative to monitor the network traffic so as to prevent malicious attackers from depleting the resources of the network and denying services to legitimate users. This paper first presents a brief discussion on some of the important types of DDoS attacks that currently exist and some existing mechanisms to combat these attacks. It then points out the major drawbacks of the currently existing defense mechanisms and proposes a new mechanism for protecting a web-server against a DDoS attack. In the proposed mechanism, incoming traffic to the server is continuously monitored and any abnormal rise in the inbound traffic is immediately detected. The detection algorithm is based on a statistical analysis of the inbound traffic on the server and a robust hypothesis testing framework. While the detection process is on, the sessions from the legitimate sources are not disrupted and the load on the server is restored to the normal level by blocking the traffic from the attacking sources. To cater to different scenarios, the detection algorithm has various modules with varying level of computational and memory overheads for
their execution. While the approximate modules are fast in detection and involve less overhead, they provide lower level of detection accuracy. The accurate modules employ complex detection logic and hence involve more overhead for their execution. However, they have very high detection accuracy. Simulations carried out on the proposed mechanism have produced results that demonstrate effectiveness of the proposed defense mechanism against DDoS attacks.
It is for the new users those don't have much knowledge regarding IT Security. Here i focus on Windows In built firewall, Comodo, Zone Alarm and Out Post pro configuration basics.
AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE ...IJNSA Journal
Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.
A Survey on Secure Hierarchical LEACH Protocol over Wireless Sensor NetworkIJERD Editor
Wireless Sensor Network contain number of nodes. Lifetime of Sensor nodes depend on their battery
power, which cannot be reenergize. Thus, to save the node energy & lifetime of the Network energy efficient
LEACH protocol is introduced. Wireless sensor networks are facing many experiments such as the partial source
in processing power, storage and energy. The inadequate energy source is one of the main tasks facing the security
in such networks. LEACH doesn’t shield the safety harms. So we want to improve security scenario of Secure
LEACH protocol. Hierarchical or cluster base routing protocol for WSNs is the most energy-efficient among other
routing protocols. This paper shows different security mechanism used in LEACH protocol. This all protocol is
based on Hierarchical routing protocol. This paper shows basic scenario of security in LEACH.
Various OSI Layer Attacks and Countermeasure to Enhance the Performance of WS...IDES Editor
Wireless sensor networks are networks having non
wired infrastructure and dynamic topology. In OSI model each
layer is prone to various attacks, which halts the performance
of a network .In this paper several attacks on four layers of
OSI model are discussed and security mechanism is described
to prevent attack in network layer i.e wormhole attack. In
Wormhole attack two or more malicious nodes makes a covert
channel which attracts the traffic towards itself by depicting a
low latency link and then start dropping and replaying packets
in the multi-path route. This paper proposes promiscuous mode
method to detect and isolate the malicious node during
wormhole attack by using Ad-hoc on demand distance vector
routing protocol (AODV) with omnidirectional antenna. The
methodology implemented notifies that the nodes which are
not participating in multi-path routing generates an alarm
message during delay and then detects and isolate the
malicious node from network. We also notice that not only
the same kind of attacks but also the same kind of
countermeasures can appear in multiple layer. For example,
misbehavior detection techniques can be applied to almost all
the layers we discussed.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Session hijacking occurs when a session token is sent to a client browser from the Web server following the successful authentication of a client logon. A session hijacking attack works when it compromises the token by either confiscating or guessing what an authentic token session will be, thus acquiring unauthorized access to the Web server. This can result in session sniffing, man-in-the-middle or man-in-the-browser attacks, Trojans, or even implementation of malicious JavaScript codes.
Web developers are especially wary of session hijacking because the HTTP cookies that are used to sustain a website session can be bootlegged by an attacker.
A Combined Approach for Worm-Hole and Black-Hole Attack Detection in MANETIJERA Editor
Mobile ad hoc network is a kind of wireless network, in this network all nodes are connected through the wireless links and perform cooperative communication.Due to limited radio range of these devices any time can leave or join the network. Therefore the routing techniques are responsible for the network organization and communication flow. Due to this the performance of MANET is low as compared with the traditional wired communication networks. In addition of that network is suffers from the probability of attacks. Thus in this paper MANET routing strategy and their attacks are investigated and learned. In addition of that in order to secure the communication recent approaches of security in MANET also investigated. Finally a new algorithm for prevention of malicious attack in MANET is suggested. Additionally the based on the concluded facts, future extension of the proposed work is also suggested.
Network Security consists of the provisions and policies adopted by a network
administrator to prevent and monitor unauthorized access, misuse, modification,
or denial of a computer network and network-accessible resources. Network
security involves the authorization of access to data in a network, which is
controlled by the network administrator. Users choose or are assigned an ID and
password or other authenticating information that allows them access to
information and programs within their authority.
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
Distributed Denial of Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the current inadequate sate of any viable defense mechanism, have made them one of the top threats to the Internet community today. Since the increasing popularity of web-based applications has led to several critical services being provided over the Internet, it is imperative to monitor the network traffic so as to prevent malicious attackers from depleting the resources of the network and denying services to legitimate users. This paper first presents a brief discussion on some of the important types of DDoS attacks that currently exist and some existing mechanisms to combat these attacks. It then points out the major drawbacks of the currently existing defense mechanisms and proposes a new mechanism for protecting a web-server against a DDoS attack. In the proposed mechanism, incoming traffic to the server is continuously monitored and any abnormal rise in the inbound traffic is immediately detected. The detection algorithm is based on a statistical analysis of the inbound traffic on the server and a robust hypothesis testing framework. While the detection process is on, the sessions from the legitimate sources are not disrupted and the load on the server is restored to the normal level by blocking the traffic from the attacking sources. To cater to different scenarios, the detection algorithm has various modules with varying level of computational and memory overheads for
their execution. While the approximate modules are fast in detection and involve less overhead, they provide lower level of detection accuracy. The accurate modules employ complex detection logic and hence involve more overhead for their execution. However, they have very high detection accuracy. Simulations carried out on the proposed mechanism have produced results that demonstrate effectiveness of the proposed defense mechanism against DDoS attacks.
It is for the new users those don't have much knowledge regarding IT Security. Here i focus on Windows In built firewall, Comodo, Zone Alarm and Out Post pro configuration basics.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Impact of Flash Crowd Attack in Online Retail ApplicationsIJEACS
Now days the usage of internet has been enormously
increased. Online shopping has acquired widely in day today
event. Mean which these online shopping is affected by various
advanced network security attacks Flash Crowd Attack is the one
of the advanced attack, where huge amount of dummy requests
are sent at a time and thus putting lot of pressure on server
machine and degrade the efficiency. Also authorized client can’t
receive the acknowledgement notification. We found that this
attack might cause lot of problems to online buy user in the
coming days. This paper depicts the minimization Flash Crowd
Attack and discuses various issue of this attack.
Protecting Global Records Sharing with Identity Based Access Control ListEditor IJCATR
Generally, the information is stored in the database. Protecting sensitive information are encrypted before outsourcing to a
service provider. We send the request to service provider through SQL queries. The query expressiveness is limited by means of any
software-based cryptographical constructs then deployed, for server-side query working on the encrypted data.Data sharing in the
service provider is emerging as a promising technique for allowing users to access data. The growing number of customers who stores
their data in service provider is increasingly challenging users’ privacy and the security of data. The TrustedDB an outsourced
database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints by leveraging
server-hosted. Tamper-proof believed hardware in crucial query processing levels, thereby removing any limits on the type of
supported queries. It focuses on providing a dependable and secure data sharing service that allows users dynamic access to their
information. TrustedDB is constructed and runs on hardware, and its performance and costs are evaluated here.
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS IJITCA Journal
Distributed-Denial of Service (DDoS) is a key intimidation to network security. Network is a group of nodes that interrelate with each other for switch over the information. This information is necessary for that node is reserved confidentially. Attacker in the system may capture this private information and distorted. So security is the major issue. There are several security attacks in network. One of the major intimidations to internet examine is DDoS attack. It is a malevolent effort to suspending or suspends services to destination node. DDoS or DoS is an effort to create network resource or the machine is busy to
its intentional user. Numerous thoughts are developed for avoid the DDoS or DoS. DDoS occur in two different behaviors they may happen obviously or it may due to some attackers .Various schemes are developed defense against to this attack. The Main focus of paper is present basis of DDoS attack, DDoS
attack types, and DDoS attack components, intrusion prevention system for DDoS.
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
Distributed-Denial of Service (DDoS) is a key intimidation to network security. Network is a group of
nodes that interrelate with each other for switch over the information. This information is necessary for
that node is reserved confidentially. Attacker in the system may capture this private information and
distorted. So security is the major issue. There are several security attacks in network. One of the major
intimidations to internet examine is DDoS attack. It is a malevolent effort to suspending or suspends
services to destination node. DDoS or DoS is an effort to create network resource or the machine is busy to
its intentional user. Numerous thoughts are developed for avoid the DDoS or DoS. DDoS occur in two
different behaviors they may happen obviously or it may due to some attackers .Various schemes are
developed defense against to this attack. The Main focus of paper is present basis of DDoS attack, DDoS
attack types, and DDoS attack components, intrusion prevention system for DDoS.
SECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATIONEditor IJMTER
Privacy preserving routing is crucial for some Ad hoc networks that require
stronger privacy protection. A number of schemes have been proposed to protect privacy in
Ad hoc networks. However, none of these schemes offer unobservability property since data
packets and control packets are still linkable and distinguishable in these schemes. In this
paper, we define stronger privacy requirements regarding privacy preserving routing in
mobile ad hoc networks. Then we propose an Unobservable Secure Routing scheme (USOR)
to offer complete unlinkability and content unobservability for all types of packets. USOR is
efficient as it uses a novel combination of group signature and ID-based encryption for route
discovery. Security analysis demonstrates that USOR can well protect user privacy against
both inside and outside attackers. We implement USOR on Network Security (NS2), and
evaluate its performance by comparing with Ad Hoc On demand Distance Vector Routing
(AODV) and MASK. The simulation results show that USOR not only has satisfactory
performance compared to AODV, but also achieves stronger privacy protection than existing
schemes like Mask.
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKIJNSA Journal
Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also make it difficult to devise the resource intensive security protocols because of their limited battery, power, memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack that affects on the network layer. In this paper, the techniques dealing with wormhole attack are investigated and an approach for wormhole prevention is proposed. Our approach is based on the analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a unique key between the individual sensor node and the base station is required to be generated by suitable scheme.
A NEW COMMUNICATION PLATFORM FOR DATA TRANSMISSION IN VIRTUAL PRIVATE NETWORKijmnct
Nowadays security is an evident matter in designing networks and much research has been done in this
field. The main purpose of the research is to provide an appropriate instruction for data transmission in a
reliable platform. One of the instructions of transferring information is to use public networks like internet.
The main purpose of the present paper is to introduce that enables the users to enter to a new security level.
In this paper, VPN as one of the different instructions for establishing the security proposed to be
examined. In this type, tunneling method of internet protocol security (IPsec) is used. Furthermore, the
advanced method of scanning fingerprint is applied to establish authentication and Diffie-Hellman
algorithm for coding and decoding data, of course with conversion in this algorithm.
Similar to Avoiding Man in the Middle Attack Based on ARP Spoofing in the LAN (20)
Text Mining in Digital Libraries using OKAPI BM25 ModelEditor IJCATR
The emergence of the internet has made vast amounts of information available and easily accessible online. As a result, most libraries have digitized their content in order to remain relevant to their users and to keep pace with the advancement of the internet. However, these digital libraries have been criticized for using inefficient information retrieval models that do not perform relevance ranking to the retrieved results. This paper proposed the use of OKAPI BM25 model in text mining so as means of improving relevance ranking of digital libraries. Okapi BM25 model was selected because it is a probability-based relevance ranking algorithm. A case study research was conducted and the model design was based on information retrieval processes. The performance of Boolean, vector space, and Okapi BM25 models was compared for data retrieval. Relevant ranked documents were retrieved and displayed at the OPAC framework search page. The results revealed that Okapi BM 25 outperformed Boolean model and Vector Space model. Therefore, this paper proposes the use of Okapi BM25 model to reward terms according to their relative frequencies in a document so as to improve the performance of text mining in digital libraries.
Green Computing, eco trends, climate change, e-waste and eco-friendlyEditor IJCATR
This study focused on the practice of using computing resources more efficiently while maintaining or increasing overall performance. Sustainable IT services require the integration of green computing practices such as power management, virtualization, improving cooling technology, recycling, electronic waste disposal, and optimization of the IT infrastructure to meet sustainability requirements. Studies have shown that costs of power utilized by IT departments can approach 50% of the overall energy costs for an organization. While there is an expectation that green IT should lower costs and the firm’s impact on the environment, there has been far less attention directed at understanding the strategic benefits of sustainable IT services in terms of the creation of customer value, business value and societal value. This paper provides a review of the literature on sustainable IT, key areas of focus, and identifies a core set of principles to guide sustainable IT service design.
Policies for Green Computing and E-Waste in NigeriaEditor IJCATR
Computers today are an integral part of individuals’ lives all around the world, but unfortunately these devices are toxic to the environment given the materials used, their limited battery life and technological obsolescence. Individuals are concerned about the hazardous materials ever present in computers, even if the importance of various attributes differs, and that a more environment -friendly attitude can be obtained through exposure to educational materials. In this paper, we aim to delineate the problem of e-waste in Nigeria and highlight a series of measures and the advantage they herald for our country and propose a series of action steps to develop in these areas further. It is possible for Nigeria to have an immediate economic stimulus and job creation while moving quickly to abide by the requirements of climate change legislation and energy efficiency directives. The costs of implementing energy efficiency and renewable energy measures are minimal as they are not cash expenditures but rather investments paid back by future, continuous energy savings.
Performance Evaluation of VANETs for Evaluating Node Stability in Dynamic Sce...Editor IJCATR
Vehicular ad hoc networks (VANETs) are a favorable area of exploration which empowers the interconnection amid the movable vehicles and between transportable units (vehicles) and road side units (RSU). In Vehicular Ad Hoc Networks (VANETs), mobile vehicles can be organized into assemblage to promote interconnection links. The assemblage arrangement according to dimensions and geographical extend has serious influence on attribute of interaction .Vehicular ad hoc networks (VANETs) are subclass of mobile Ad-hoc network involving more complex mobility patterns. Because of mobility the topology changes very frequently. This raises a number of technical challenges including the stability of the network .There is a need for assemblage configuration leading to more stable realistic network. The paper provides investigation of various simulation scenarios in which cluster using k-means algorithm are generated and their numbers are varied to find the more stable configuration in real scenario of road.
Optimum Location of DG Units Considering Operation ConditionsEditor IJCATR
The optimal sizing and placement of Distributed Generation units (DG) are becoming very attractive to researchers these days. In this paper a two stage approach has been used for allocation and sizing of DGs in distribution system with time varying load model. The strategic placement of DGs can help in reducing energy losses and improving voltage profile. The proposed work discusses time varying loads that can be useful for selecting the location and optimizing DG operation. The method has the potential to be used for integrating the available DGs by identifying the best locations in a power system. The proposed method has been demonstrated on 9-bus test system.
Analysis of Comparison of Fuzzy Knn, C4.5 Algorithm, and Naïve Bayes Classifi...Editor IJCATR
Early detection of diabetes mellitus (DM) can prevent or inhibit complication. There are several laboratory test that must be done to detect DM. The result of this laboratory test then converted into data training. Data training used in this study generated from UCI Pima Database with 6 attributes that were used to classify positive or negative diabetes. There are various classification methods that are commonly used, and in this study three of them were compared, which were fuzzy KNN, C4.5 algorithm and Naïve Bayes Classifier (NBC) with one identical case. The objective of this study was to create software to classify DM using tested methods and compared the three methods based on accuracy, precision, and recall. The results showed that the best method was Fuzzy KNN with average and maximum accuracy reached 96% and 98%, respectively. In second place, NBC method had respective average and maximum accuracy of 87.5% and 90%. Lastly, C4.5 algorithm had average and maximum accuracy of 79.5% and 86%, respectively.
Web Scraping for Estimating new Record from Source SiteEditor IJCATR
Study in the Competitive field of Intelligent, and studies in the field of Web Scraping, have a symbiotic relationship mutualism. In the information age today, the website serves as a main source. The research focus is on how to get data from websites and how to slow down the intensity of the download. The problem that arises is the website sources are autonomous so that vulnerable changes the structure of the content at any time. The next problem is the system intrusion detection snort installed on the server to detect bot crawler. So the researchers propose the use of the methods of Mining Data Records and the method of Exponential Smoothing so that adaptive to changes in the structure of the content and do a browse or fetch automatically follow the pattern of the occurrences of the news. The results of the tests, with the threshold 0.3 for MDR and similarity threshold score 0.65 for STM, using recall and precision values produce f-measure average 92.6%. While the results of the tests of the exponential estimation smoothing using ? = 0.5 produces MAE 18.2 datarecord duplicate. It slowed down to 3.6 datarecord from 21.8 datarecord results schedule download/fetch fix in an average time of occurrence news.
Evaluating Semantic Similarity between Biomedical Concepts/Classes through S...Editor IJCATR
Most of the existing semantic similarity measures that use ontology structure as their primary source can measure semantic similarity between concepts/classes using single ontology. The ontology-based semantic similarity techniques such as structure-based semantic similarity techniques (Path Length Measure, Wu and Palmer’s Measure, and Leacock and Chodorow’s measure), information content-based similarity techniques (Resnik’s measure, Lin’s measure), and biomedical domain ontology techniques (Al-Mubaid and Nguyen’s measure (SimDist)) were evaluated relative to human experts’ ratings, and compared on sets of concepts using the ICD-10 “V1.0” terminology within the UMLS. The experimental results validate the efficiency of the SemDist technique in single ontology, and demonstrate that SemDist semantic similarity techniques, compared with the existing techniques, gives the best overall results of correlation with experts’ ratings.
Semantic Similarity Measures between Terms in the Biomedical Domain within f...Editor IJCATR
The techniques and tests are tools used to define how measure the goodness of ontology or its resources. The similarity between biomedical classes/concepts is an important task for the biomedical information extraction and knowledge discovery. However, most of the semantic similarity techniques can be adopted to be used in the biomedical domain (UMLS). Many experiments have been conducted to check the applicability of these measures. In this paper, we investigate to measure semantic similarity between two terms within single ontology or multiple ontologies in ICD-10 “V1.0” as primary source, and compare my results to human experts score by correlation coefficient.
A Strategy for Improving the Performance of Small Files in Openstack Swift Editor IJCATR
This is an effective way to improve the storage access performance of small files in Openstack Swift by adding an aggregate storage module. Because Swift will lead to too much disk operation when querying metadata, the transfer performance of plenty of small files is low. In this paper, we propose an aggregated storage strategy (ASS), and implement it in Swift. ASS comprises two parts which include merge storage and index storage. At the first stage, ASS arranges the write request queue in chronological order, and then stores objects in volumes. These volumes are large files that are stored in Swift actually. During the short encounter time, the object-to-volume mapping information is stored in Key-Value store at the second stage. The experimental results show that the ASS can effectively improve Swift's small file transfer performance.
Integrated System for Vehicle Clearance and RegistrationEditor IJCATR
Efficient management and control of government's cash resources rely on government banking arrangements. Nigeria, like many low income countries, employed fragmented systems in handling government receipts and payments. Later in 2016, Nigeria implemented a unified structure as recommended by the IMF, where all government funds are collected in one account would reduce borrowing costs, extend credit and improve government's fiscal policy among other benefits to government. This situation motivated us to embark on this research to design and implement an integrated system for vehicle clearance and registration. This system complies with the new Treasury Single Account policy to enable proper interaction and collaboration among five different level agencies (NCS, FRSC, SBIR, VIO and NPF) saddled with vehicular administration and activities in Nigeria. Since the system is web based, Object Oriented Hypermedia Design Methodology (OOHDM) is used. Tools such as Php, JavaScript, css, html, AJAX and other web development technologies were used. The result is a web based system that gives proper information about a vehicle starting from the exact date of importation to registration and renewal of licensing. Vehicle owner information, custom duty information, plate number registration details, etc. will also be efficiently retrieved from the system by any of the agencies without contacting the other agency at any point in time. Also number plate will no longer be the only means of vehicle identification as it is presently the case in Nigeria, because the unified system will automatically generate and assigned a Unique Vehicle Identification Pin Number (UVIPN) on payment of duty in the system to the vehicle and the UVIPN will be linked to the various agencies in the management information system.
Assessment of the Efficiency of Customer Order Management System: A Case Stu...Editor IJCATR
The Supermarket Management System deals with the automation of buying and selling of good and services. It includes both sales and purchase of items. The project Supermarket Management System is to be developed with the objective of making the system reliable, easier, fast, and more informative.
Energy-Aware Routing in Wireless Sensor Network Using Modified Bi-Directional A*Editor IJCATR
Energy is a key component in the Wireless Sensor Network (WSN)[1]. The system will not be able to run according to its function without the availability of adequate power units. One of the characteristics of wireless sensor network is Limitation energy[2]. A lot of research has been done to develop strategies to overcome this problem. One of them is clustering technique. The popular clustering technique is Low Energy Adaptive Clustering Hierarchy (LEACH)[3]. In LEACH, clustering techniques are used to determine Cluster Head (CH), which will then be assigned to forward packets to Base Station (BS). In this research, we propose other clustering techniques, which utilize the Social Network Analysis approach theory of Betweeness Centrality (BC) which will then be implemented in the Setup phase. While in the Steady-State phase, one of the heuristic searching algorithms, Modified Bi-Directional A* (MBDA *) is implemented. The experiment was performed deploy 100 nodes statically in the 100x100 area, with one Base Station at coordinates (50,50). To find out the reliability of the system, the experiment to do in 5000 rounds. The performance of the designed routing protocol strategy will be tested based on network lifetime, throughput, and residual energy. The results show that BC-MBDA * is better than LEACH. This is influenced by the ways of working LEACH in determining the CH that is dynamic, which is always changing in every data transmission process. This will result in the use of energy, because they always doing any computation to determine CH in every transmission process. In contrast to BC-MBDA *, CH is statically determined, so it can decrease energy usage.
Security in Software Defined Networks (SDN): Challenges and Research Opportun...Editor IJCATR
In networks, the rapidly changing traffic patterns of search engines, Internet of Things (IoT) devices, Big Data and data centers has thrown up new challenges for legacy; existing networks; and prompted the need for a more intelligent and innovative way to dynamically manage traffic and allocate limited network resources. Software Defined Network (SDN) which decouples the control plane from the data plane through network vitalizations aims to address these challenges. This paper has explored the SDN architecture and its implementation with the OpenFlow protocol. It has also assessed some of its benefits over traditional network architectures, security concerns and how it can be addressed in future research and related works in emerging economies such as Nigeria.
Measure the Similarity of Complaint Document Using Cosine Similarity Based on...Editor IJCATR
Report handling on "LAPOR!" (Laporan, Aspirasi dan Pengaduan Online Rakyat) system depending on the system administrator who manually reads every incoming report [3]. Read manually can lead to errors in handling complaints [4] if the data flow is huge and grows rapidly, it needs at least three days to prepare a confirmation and it sensitive to inconsistencies [3]. In this study, the authors propose a model that can measure the identities of the Query (Incoming) with Document (Archive). The authors employed Class-Based Indexing term weighting scheme, and Cosine Similarities to analyse document similarities. CoSimTFIDF, CoSimTFICF and CoSimTFIDFICF values used in classification as feature for K-Nearest Neighbour (K-NN) classifier. The optimum result evaluation is pre-processing employ 75% of training data ratio and 25% of test data with CoSimTFIDF feature. It deliver a high accuracy 84%. The k = 5 value obtain high accuracy 84.12%
Hangul Recognition Using Support Vector MachineEditor IJCATR
The recognition of Hangul Image is more difficult compared with that of Latin. It could be recognized from the structural arrangement. Hangul is arranged from two dimensions while Latin is only from the left to the right. The current research creates a system to convert Hangul image into Latin text in order to use it as a learning material on reading Hangul. In general, image recognition system is divided into three steps. The first step is preprocessing, which includes binarization, segmentation through connected component-labeling method, and thinning with Zhang Suen to decrease some pattern information. The second is receiving the feature from every single image, whose identification process is done through chain code method. The third is recognizing the process using Support Vector Machine (SVM) with some kernels. It works through letter image and Hangul word recognition. It consists of 34 letters, each of which has 15 different patterns. The whole patterns are 510, divided into 3 data scenarios. The highest result achieved is 94,7% using SVM kernel polynomial and radial basis function. The level of recognition result is influenced by many trained data. Whilst the recognition process of Hangul word applies to the type 2 Hangul word with 6 different patterns. The difference of these patterns appears from the change of the font type. The chosen fonts for data training are such as Batang, Dotum, Gaeul, Gulim, Malgun Gothic. Arial Unicode MS is used to test the data. The lowest accuracy is achieved through the use of SVM kernel radial basis function, which is 69%. The same result, 72 %, is given by the SVM kernel linear and polynomial.
Application of 3D Printing in EducationEditor IJCATR
This paper provides a review of literature concerning the application of 3D printing in the education system. The review identifies that 3D Printing is being applied across the Educational levels [1] as well as in Libraries, Laboratories, and Distance education systems. The review also finds that 3D Printing is being used to teach both students and trainers about 3D Printing and to develop 3D Printing skills.
Survey on Energy-Efficient Routing Algorithms for Underwater Wireless Sensor ...Editor IJCATR
In underwater environment, for retrieval of information the routing mechanism is used. In routing mechanism there are three to four types of nodes are used, one is sink node which is deployed on the water surface and can collect the information, courier/super/AUV or dolphin powerful nodes are deployed in the middle of the water for forwarding the packets, ordinary nodes are also forwarder nodes which can be deployed from bottom to surface of the water and source nodes are deployed at the seabed which can extract the valuable information from the bottom of the sea. In underwater environment the battery power of the nodes is limited and that power can be enhanced through better selection of the routing algorithm. This paper focuses the energy-efficient routing algorithms for their routing mechanisms to prolong the battery power of the nodes. This paper also focuses the performance analysis of the energy-efficient algorithms under which we can examine the better performance of the route selection mechanism which can prolong the battery power of the node
Comparative analysis on Void Node Removal Routing algorithms for Underwater W...Editor IJCATR
The designing of routing algorithms faces many challenges in underwater environment like: propagation delay, acoustic channel behaviour, limited bandwidth, high bit error rate, limited battery power, underwater pressure, node mobility, localization 3D deployment, and underwater obstacles (voids). This paper focuses the underwater voids which affects the overall performance of the entire network. The majority of the researchers have used the better approaches for removal of voids through alternate path selection mechanism but still research needs improvement. This paper also focuses the architecture and its operation through merits and demerits of the existing algorithms. This research article further focuses the analytical method of the performance analysis of existing algorithms through which we found the better approach for removal of voids
Decay Property for Solutions to Plate Type Equations with Variable CoefficientsEditor IJCATR
In this paper we consider the initial value problem for a plate type equation with variable coefficients and memory in
1 n R n ), which is of regularity-loss property. By using spectrally resolution, we study the pointwise estimates in the spectral
space of the fundamental solution to the corresponding linear problem. Appealing to this pointwise estimates, we obtain the global
existence and the decay estimates of solutions to the semilinear problem by employing the fixed point theorem
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
1. International Journal of Computer Applications Technology and Research
Volume 5– Issue 5, 249 - 252, 2016, ISSN:- 2319–8656
www.ijcat.com 249
Avoiding Man in the Middle Attack Based on ARP
Spoofing in the LAN
Peta Kaleemsha
Sree Vidyanikethan Engineering College
Tirupathi, India
Pulluru Likhitha
Sree Vidyanikethan Engineering College
Tirupathi, India
Abstract: As technology is running on its wheels, networking has turned into one of our basic aspects. In this world along with
networking inimical vulnerabilities are also advancing in a drastic manner, resulting in perilous security threats. This calls for the great
need of network security. ARP spoofing is one of the most common MITM attacks in the LAN. This attack can show critical
implications for internet users especially in stealing sensitive information’s such as passwords. Beyond this it can facilitate other
attacks like denial of service(DOS), session hijacking etc..,. In this paper we are proposing a new method by encrypting MAC address
to shield from ARP cache poisoning.
Keywords: ARP (Address Resolution Protocol), MAC (Media access control), IP (Internet protocol), MITM, Session Hijacking, DoS,
cryptography.
1. INTRODUCTION
Protecting our online data is never going to be a cake walk,
especially now-a-days where attackers are regularly
contriving some new techniques to sneak data. MITM attack
is a serious threat to the internet users and it is far-reaching to
detect as the third person, an attacker secretly places himself
between two victims and he is capable of attempting any
passive or active attacks. There are many techniques available
today to evade MITM attack some of them are monitoring
ARP traffic, making ARP cache static and highly secured data
encryption. But secured data encryption cannot create a path
free of ARP spoofing and it is time taking too. Instead of
encrypting data we are proposing a new way of secure
communication by encrypting MAC address using
cryptography.
2. BASICS
2.1 ARP communication
ARP protocol operates by broadcasting messages across a
network to determine layer two MAC address of the host
using predetermined IP address. Then the host with destined
IP address replies back his MAC address. Thus ARP
messages provide a link between IP and MAC addresses. ARP
will work across a bridge. Bridges will propagate the ARP
broadcasts and bridge the replies. A router will block ARP
packets. This means an ARP monitor is required on each
separate network segment to detect new ethernet addresses.
Network switches will pass the ARP traffic because it is
broadcast traffic. This means that any computer on the
network can see the ARP broadcast traffic. The reply packets
are usually returned directly to the requesting computer, and
network switches will block this unless it is addressed to your
station[1] [2].
2.2 ARP cache poisoning
It is one of the oldest forms of MITM attacks where attacker
on the same subnet can eavesdrop on network traffic between
the victims. It takes the advantage of insecurity indulged in
ARP protocol. The malicious attacker sends a falsified ARP
message and links his MAC with attacker IP address, then the
attacker takes the role of "MITM", any traffic intended for
that right source is send through attacker system. As it occurs
at lower level the end user is oblivious to its occurrence[1].
Let A, B are two legitimate hosts communicating with each
other and C be an attacker who tries to steal the information
acting in between them as shown in below figure.
2. International Journal of Computer Applications Technology and Research
Volume 5– Issue 5, 249 - 252, 2016, ISSN:- 2319–8656
www.ijcat.com 250
2.3 Denial of Service (DoS):
DoS refers to an attack that overwhelms system with data-
most commonly a flood of simultaneous requests send to a
website, causing the server to crash or simply becomes
inoperable as it struggles in responding to more requests than
it can handle. As a result, legitimate users who try to access
the websites control by server are unable to get the service.
There are other types of DoS attacks that use different tactics,
but they all have the same effect: preventing legitimate users
from accessing the site[1][4].
2.4 Session hijacking
Session hijacking attacks consists of the exploitation of web
sessions controlling mechanism, which is normally managed
for a session token. As http communication uses many TCP
connections the web server needs a method to recognize every
user’s connection. The most useful method depends on the
token that the web server sends to the client browser after a
successful client authentication. A session token normally
consists of string of variable width and it can be in different
ways like in the URL. The session hijacking attack
compromises the session token by stealing or predicting a
valid token to gain unauthorized access to the web
server[1][4].
2.5 Cryptography
Cryptography is a method of information hiding and
verification to provide security from unauthorized access. It
includes the protocols, algorithms and strategies to securely
and consistently prevent or delay unauthorized access to
sensitive information and enables verifiability of every
component in a communication. It is the powerful techniques
available today to go against information attackers. The two
techniques of cryptography are substitution and
transposition[3].
2.6 Substitution
Substitution is a method of encoding by which units of plain
text will be replaced with cypher text using some fixed key,
the units may be single letters, pair of letters, triplets of letters
or mixture of above. As the origin letters in the text are
replaced. It cannot be deciphered without knowing pre used
key[3][5].
Eg: Plain text: NETWORKING
KEY:2
ENCRYPTED OUTPUT: PGVYQTMKPI
2.7 Transposition
In cryptography, a transposition cipher is a method of
encryption by which the positions held by units of plain text
are shifted according to a regular system, so that the cipher
text constitutes a permutation of the plaintext. That is, the
order of the units is changed. Mathematically a
bijective function is used on the character’s positions to
encrypt and an inverse function to decrypt it[3][5].
Eg: Plain text: NETWORKSECURITY
KEY: HACK
H A C K
3 1 2 4
N E T W
O R K S
E C U R
I T Y
ENCRYPTED OUTPUT: ERCTTKUYNOEIWSR
3. PREVIOUS WORKS
3.1 Making ARP cache static
One way to protect against ARP poisoning is to change the
unsecured dynamic nature of ARP cache into a static thing. It
helps only when your network configuration doesn't change
often and when it is pretty simple to make a list of static ARP
entries. This will ensure that device will always rely on their
local ARP cache rather on ARP requests and replies[2].
3.2 Monitoring ARP traffic
This involves monitoring the network traffic of host by a third
party using some intruder detection software’s such as Snort
but it is feasible when only single host is considered and it can
be a bit cumbersome when entire network is concerned[2].
3.3 Virtual Private Networking
A VPN is a technology which creates an encrypted connection
over a less secure network. It protects your internet and lets
you browse with privacy. It extends a private network across a
public network. It enables a computer to send and receive data
across shared or public networks as if it were directly
connected to the private network The benefit of using a VPN
is that it ensures the appropriate level of security to the
connected systems when the underlying network
infrastructure alone cannot provide it A VPN is created by
establishing a virtual point-to-point connection through the
use of dedicated connections, virtual tunneling protocols or
traffic encryptions, such as PPTP (Point-to-point Tunneling
Protocol) or Internet Protocol Security (IPSec). The most
common types of VPNs are remote access VPNs and site-to-
site VPNs. Using a VPN will shut down many of the places
where a MITM attack might happen, but not all of them.
Specifically, it will protect your traffic between your device
and the VPN gateway, preventing your ISP (or most
governments) from performing a MITM attack targeted
toward you. However, once your traffic passes from
3. International Journal of Computer Applications Technology and Research
Volume 5– Issue 5, 249 - 252, 2016, ISSN:- 2319–8656
www.ijcat.com 251
the VPN gateway to its eventual destination, it becomes
vulnerable to a MITM attack. With a VPN, your traffic is then
semi-anonymized, so it is much more difficult to target any
attack toward any particular person, but an indiscriminate
attack against all users of a particular website is still very
possible. And it is also too expensive to setup[4][5].
3.4 Secure Shell Tunnelling
SSH tunnel transfers unencrypted traffic over an encrypted
channel created using SSH protocol connection. Generally,
SSH is used to securely acquire and use a remote terminal
session. For setting up a tunnel the port of one machine needs
to be forwarded to a port in the other machine which is at
other end of the tunnel. This uses different kinds of port
forwarding mechanisms namely Local port forwarding,
Remote port forwarding, Dynamic port forwarding. SSH
tunnel is often called as “Poor Man’s VPN” as it provides
some of the same features as a VPN without more
complicated server setup process however an SSH tunnel
doesn’t offer all the benefits of a VPN. Unlike with a VPN,
you must configure each application to use SSH tunnel’s
proxy. With a VPN we are assured that all traffic will be sent
through it - but you do not have this assurance with an SSH
tunnel. And it also doesn’t offers high security as data is in
unencrypted form[4][5].
4. PROPOSED IDEA
In our method we are trying to eliminate MITM attack
especially ARP poisoning by using switch as a third party to
encrypt the mac address of the host.so that the attacker cannot
interfere. The technique used for this method is as follows:
Algorithm:
let Ceaser(C), Harrison(H) are two hosts and Shlomo(S) as
a third party switch. consider a scenario where Ceaser wants
to communicate with Harrison.
step 1: Ceaser sends to Shlomo his mac address attached with
some key k1 and IP address of Harrison, the destination.
step 2: Shlomo broadcasts the destination IP address and waits
for the reply.
step 3: Then Harrison replies with his MAC address along
with his key k2.
step 4: Instead of giving actual MAC address of Harrison,
Shlomo encrypts it by using transposition technique with key
k2 taken from him. Shlomo also adds substitution security by
using his own static key k3.
step 5: Shlomo uses the same technique and encrypts the mac
address of Ceaser by using transposition with key k1 and also
adds substitution security with his private key k3 and gives it
to Harrison.
step 6: Now the connection was established between Ceaser
and Harrison without knowing their actual MAC addresses.
step 7: For replying back Shlomo decrypts the MAC
addresses and goes to the right person.
step 8: For further security, amelioration we can use
randomness in keys provided by hosts for different connection
establishments.
[C] [S] [H]
5. CONCLUSION
In our technique only third party, switch knows the actual
MAC addresses of the hosts in the subnet. As we are using
two keys one from the host and the other from the switch,
security hardens and any attacker who wants to sniff the target
system’s MAC address can see only the encrypted MAC.
Thus there will be a great chance to get rid of ARP spoofing
with our method.
6. REFERENCES
[1] Sean Whales, “An Introduction to ARP Spoofing
[EB/OL]”,http://packetstormsecurity.org/papers/protocol
s/, 2001.
[2] Guo Hao and Guo Tao, “Principle of and Protection of
Man-in-the-middle Attack Based on ARP Spoofing”,
Journal of Information Processing Systems, Vol.5, No.3,
September 2009.
4. International Journal of Computer Applications Technology and Research
Volume 5– Issue 5, 249 - 252, 2016, ISSN:- 2319–8656
www.ijcat.com 252
[3] Whitfield Diffie and Martin Hellman, “Multi-user
cryptographic techniques”, [Diffie and Hellman, AFIPS
Proceedings 45, pp109-112, June 8, 1976].
[4] Behour A. Forouzan, Sophia Chung Fegan ―” Data
Communication and Networking”, Fourth Edition 2009.
[5] William Stallings,“Cryptography and Network
Security”, Fourth Edition 2006.