In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A comprehensive study on classification of passive intrusion and extrusion de...csandit
Cyber criminals compromise Integrity, Availability and Confidentiality of network resources in
cyber space and cause remote class intrusions such as U2R, R2L, DoS and probe/scan system
attacks .To handle these intrusions, Cyber Security uses three audit and monitoring systems
namely Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS). Intrusion
Detection System (IDS) monitors only inbound traffic which is insufficient to prevent botnet
systems. A system to monitor outbound traffic is named as Extrusion Detection System (EDS).
Therefore a hybrid system should be designed to handle both inbound and outbound traffic.
Due to the increased false alarms preventive systems do not suite to an organizational network.
The goal of this paper is to devise a taxonomy for cyber security and study the existing methods
of Intrusion and Extrusion Detection systems based on three primary characteristics. The
metrics used to evaluate IDS and EDS are also presented.
A Study on Data Mining Based Intrusion Detection SystemAM Publications
In recent years security has remained unsecured for computers as well as data network systems. Intrusion detecting
system used to safeguard the data confidentiality, integrity and system availability from various types of attacks. Data mining
techniques that can be applied to intrusion detection system to detect normal and abnormal behavior patterns. This paper studies
nature of network attacks and the current trends of data mining based intrusion detection techniques
MACHINE LEARNING IN NETWORK SECURITY USING KNIME ANALYTICSIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
Machine learning in network security using knime analyticsIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly
programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
TAXONOMY BASED INTRUSION ATTACKS AND DETECTION MANAGEMENT SCHEME IN PEER-TOPE...IJNSA Journal
A intrusion provides an unauthorized access, damage or disruption of the network. The process can understand the characteristics and nature of an intruder. The paper presents the taxonomy
consists of the specification of an intruder. Taxonomy provides the classification of intruder and provides mechanism for intruder detection. We found the algorithm for developing an intruder which can be attack at host system or network system. Here provide the mechanism for an intrusion by using the
system attribute and detection mechanism is based on knowledge and behavior of the system. Intrusiondetection mechanism using pattern based and threshold based mechanism for detecting an intruder. An intruder continuously monitored the network and host activities for detecting attack into the network and the task of intrusion-detection is also monitor the usage of such systems and detects the apparition of
insecure states.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A comprehensive study on classification of passive intrusion and extrusion de...csandit
Cyber criminals compromise Integrity, Availability and Confidentiality of network resources in
cyber space and cause remote class intrusions such as U2R, R2L, DoS and probe/scan system
attacks .To handle these intrusions, Cyber Security uses three audit and monitoring systems
namely Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS). Intrusion
Detection System (IDS) monitors only inbound traffic which is insufficient to prevent botnet
systems. A system to monitor outbound traffic is named as Extrusion Detection System (EDS).
Therefore a hybrid system should be designed to handle both inbound and outbound traffic.
Due to the increased false alarms preventive systems do not suite to an organizational network.
The goal of this paper is to devise a taxonomy for cyber security and study the existing methods
of Intrusion and Extrusion Detection systems based on three primary characteristics. The
metrics used to evaluate IDS and EDS are also presented.
A Study on Data Mining Based Intrusion Detection SystemAM Publications
In recent years security has remained unsecured for computers as well as data network systems. Intrusion detecting
system used to safeguard the data confidentiality, integrity and system availability from various types of attacks. Data mining
techniques that can be applied to intrusion detection system to detect normal and abnormal behavior patterns. This paper studies
nature of network attacks and the current trends of data mining based intrusion detection techniques
MACHINE LEARNING IN NETWORK SECURITY USING KNIME ANALYTICSIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
Machine learning in network security using knime analyticsIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly
programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
TAXONOMY BASED INTRUSION ATTACKS AND DETECTION MANAGEMENT SCHEME IN PEER-TOPE...IJNSA Journal
A intrusion provides an unauthorized access, damage or disruption of the network. The process can understand the characteristics and nature of an intruder. The paper presents the taxonomy
consists of the specification of an intruder. Taxonomy provides the classification of intruder and provides mechanism for intruder detection. We found the algorithm for developing an intruder which can be attack at host system or network system. Here provide the mechanism for an intrusion by using the
system attribute and detection mechanism is based on knowledge and behavior of the system. Intrusiondetection mechanism using pattern based and threshold based mechanism for detecting an intruder. An intruder continuously monitored the network and host activities for detecting attack into the network and the task of intrusion-detection is also monitor the usage of such systems and detects the apparition of
insecure states.
A BAYESIAN CLASSIFICATION ON ASSET VULNERABILITY FOR REAL TIME REDUCTION OF F...IJNSA Journal
IT assets connected on internetwill encounter alien protocols and few parameters of protocol process are exposed as vulnerabilities. Intrusion Detection Systems (IDS) are installed to alerton suspicious traffic or activity. IDS issuesfalse positives alerts, if any behavior construe for partial attack pattern or the IDS lacks environment knowledge. Continuous monitoring of alerts to evolve whether, an alert is false positive or not is a major concern. In this paper we present design of an external module to IDS,to identify false positive alertsbased on anomaly based adaptive learning model. The novel feature of this design is that the system updates behavior profile of assets and environment with adaptive learning process.A mixture model is used for behavior modeling from reference data. The design of the detection and learning process are based on normal behavior and of environment. The anomaly alert identification algorithm isbuiltonSparse Markov Transducers (SMT) based probability.The total process is presented using real-time data. The Experimental results are validated and presentedwith reference to lab environment.
Intrusion Detection System - False Positive Alert Reduction TechniqueIDES Editor
Intrusion Detection System (IDS) is the most
powerful system that can handle the intrusions of the computer
environments by triggering alerts to make the analysts take
actions to stop this intrusion, but the IDS is triggering alerts
for any suspicious activity which means thousand alerts that
the analysts should take care of it. IDS generate a large
number of alerts and most of them are false positive as the
behavior construe for partial attack pattern or lack of
environment knowledge. These Alerts has different severities
and most of them don’t require big attention because of the
huge number of the false alerts among them. Monitoring and
identifying risky alerts is a major concern to security
administrator. Deleting the false alerts or reducing the
amount of the alerts (false alerts or real alerts) from the
entire amount alerts lead the researchers to design an
operational model for minimization of false positive alarms,
including recurring alarms by security administrator. In this
paper we are proposing a method, which can reduce such kind
of false positive alarms.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Mitigation Technique For Internet Security Threat of Toolkits AttackCSCJournals
The development of attack toolkits conforms that cybercrime is driven primarily by financial motivations as noted from the significant profits made by both the developers and buyers. In this paper, an enhanced hybrid attack toolkit mitigation model was designed to tackle the economy of the attack toolkits using different techniques to discredit it. The mitigation looked into Zeus, a common and the most frequently used attack toolkit to discover the hidden information used by the attackers to launch attacks. This information helped in creating honey toolkits, honeybot and honeytokens. Honeybots are used to submit honeytoken to botmasters, who sells to the internet black market. Both the botmasters, his mules and buyers attempts to steal huge amount of money using the stolen credentials which includes both real and honeytokens and will be detected by an attack detector which sends an alert on any transaction involving the honeytokens. A reconfirmation process which is secured using enhanced RC6 cryptosystem is enacted. The reconfirmation message in plain text is securely encrypted into cipher text and transmitted from the bank to the legitimate account owner and vise visa. The result of the crypto analysis carried out on the encrypted text using RC6 encryption algorithm showed that the cipher text is not transparent.
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
A Performance Analysis of Chasing Intruders by Implementing Mobile AgentsCSCJournals
An Intrusion Detection System in network fetches the intrusions information from systems by using Mobile Agents aid. Intrusion Detection System detects intrusions based on the collected information and routes the intrusion. The intelligent decisions on communications, permit agents to gain their goals more efficiently and provide more survivability and security of an agent system. The proposed model showed a formal representation of information assurance in agent messaging over a dynamic network by probability of redundant routes. The proposed Intrusion Detection System, chase intruders and collect information by the Mobile Agents. Our propose architecture is an information exchange method and chasing intrusion along with a method by implementing Mobile Agents.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Review of Intrusion and Anomaly Detection Techniques IJMER
Intrusion detection is the act of detecting actions that attempt to compromise the
confidentiality, integrity or availability of a resource. With the tremendous growth of network-based
services and sensitive information on networks, network security is getting more and more importance
than ever. Intrusion poses a serious security threat in a huge network environment. The increasing use of
internet has dramatically added to the growing number of threats that inhabit within it. Intrusion
detection does not, in general, include prevention of intrusions. Now a days Network intrusion detection
systems have become a standard component in the area of security infrastructure. This review paper tries
to discusses various techniques which are already being used for intrusion detection.
Intrusion Detection System (IDS) is meant to be a software application which monitors the network or system activities and finds if any malicious operations occur. Tremendous growth and usage of internet raises concerns about how to protect and communicate the digital information in a safe manner. Nowadays, hackers use different types of attacks for getting the valuable information. Many intrusion detection techniques, methods and algorithms help to detect these attacks. This main objective of this paper
is to provide a complete study about the definition of intrusion detection, history, life cycle, types of intrusion detection methods, types of attacks, different tools and techniques, research needs, challenges and
applications.
Autonomic Anomaly Detection System in Computer Networksijsrd.com
This paper describes how you can protect your system from Intrusion, which is the method of Intrusion Prevention and Intrusion Detection .The underlying premise of our Intrusion detection system is to describe attack as instance of ontology and its first need is to detect attack. In this paper, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-governing: self-labeling, self-updating and self-adapting. Our structure employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Selected advanced themes in ethical hacking and penetration testingCSITiaesprime
Since 1980 cyberattacks have been evolving with the rising numbers of internet users and the constant evolving of security systems, and since then security systems experts have been trying to fight these kinds of attacks. This paper has both ethical and scientific goals, ethically, to raise awareness on cyberattacks and provide people with the knowledge that allows them to use the world wide web with fewer worries knowing how to protect their information and their devices with what they can. Scientifically, this paper includes a deep understanding of types of hackers, attacks, and various ways to stay safe online. This research investigates how ethical hackers adapt to the current and upcoming cyber threats. The different approaches for some famous hacking types along with their results are shown. Python and Ruby are used for coding, which we run on Kali Linux operating system.
Vulnerability Prevention Using Ethical Hacking.pdfMithunJV
Hello Everyone,
I am MITHUN.J.V currently pursuing my graduate at BSC in the field of INFORMATION TECHNOLOGY at DR.SNS RAJALAKSHMI COLLEGE OF ARTS AND SCIENCE and this is my reseach paper based on ethical hacking,advantages and disadvantages OF HACKING,types of hacking etc...
We are living in security era, where we are securing all our belongings under different modes of lock but it’s different in the case of system security. We are carelessly leaving our datas and softwares unlocked. The state of security on the internet is bad and getting worse. One reaction to this state of affairs is termed as Ethical Hacking which attempts to increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties. As public and private organizations migrate more of their critical functions to the Internet, criminals have more opportunity and incentive to gain access to sensitive information through the Web application. So, Ethical hacking is an assessment to test and check an information technology environment for possible weak links and vulnerabilities. Ethical hacking describes the process of hacking a network in an ethical way, therefore with good intentions. This paper describes what ethical hacking is, what it can do, an ethical hacking methodology as well as some tools which can be used for an ethical hack.
A BAYESIAN CLASSIFICATION ON ASSET VULNERABILITY FOR REAL TIME REDUCTION OF F...IJNSA Journal
IT assets connected on internetwill encounter alien protocols and few parameters of protocol process are exposed as vulnerabilities. Intrusion Detection Systems (IDS) are installed to alerton suspicious traffic or activity. IDS issuesfalse positives alerts, if any behavior construe for partial attack pattern or the IDS lacks environment knowledge. Continuous monitoring of alerts to evolve whether, an alert is false positive or not is a major concern. In this paper we present design of an external module to IDS,to identify false positive alertsbased on anomaly based adaptive learning model. The novel feature of this design is that the system updates behavior profile of assets and environment with adaptive learning process.A mixture model is used for behavior modeling from reference data. The design of the detection and learning process are based on normal behavior and of environment. The anomaly alert identification algorithm isbuiltonSparse Markov Transducers (SMT) based probability.The total process is presented using real-time data. The Experimental results are validated and presentedwith reference to lab environment.
Intrusion Detection System - False Positive Alert Reduction TechniqueIDES Editor
Intrusion Detection System (IDS) is the most
powerful system that can handle the intrusions of the computer
environments by triggering alerts to make the analysts take
actions to stop this intrusion, but the IDS is triggering alerts
for any suspicious activity which means thousand alerts that
the analysts should take care of it. IDS generate a large
number of alerts and most of them are false positive as the
behavior construe for partial attack pattern or lack of
environment knowledge. These Alerts has different severities
and most of them don’t require big attention because of the
huge number of the false alerts among them. Monitoring and
identifying risky alerts is a major concern to security
administrator. Deleting the false alerts or reducing the
amount of the alerts (false alerts or real alerts) from the
entire amount alerts lead the researchers to design an
operational model for minimization of false positive alarms,
including recurring alarms by security administrator. In this
paper we are proposing a method, which can reduce such kind
of false positive alarms.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Mitigation Technique For Internet Security Threat of Toolkits AttackCSCJournals
The development of attack toolkits conforms that cybercrime is driven primarily by financial motivations as noted from the significant profits made by both the developers and buyers. In this paper, an enhanced hybrid attack toolkit mitigation model was designed to tackle the economy of the attack toolkits using different techniques to discredit it. The mitigation looked into Zeus, a common and the most frequently used attack toolkit to discover the hidden information used by the attackers to launch attacks. This information helped in creating honey toolkits, honeybot and honeytokens. Honeybots are used to submit honeytoken to botmasters, who sells to the internet black market. Both the botmasters, his mules and buyers attempts to steal huge amount of money using the stolen credentials which includes both real and honeytokens and will be detected by an attack detector which sends an alert on any transaction involving the honeytokens. A reconfirmation process which is secured using enhanced RC6 cryptosystem is enacted. The reconfirmation message in plain text is securely encrypted into cipher text and transmitted from the bank to the legitimate account owner and vise visa. The result of the crypto analysis carried out on the encrypted text using RC6 encryption algorithm showed that the cipher text is not transparent.
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
A Performance Analysis of Chasing Intruders by Implementing Mobile AgentsCSCJournals
An Intrusion Detection System in network fetches the intrusions information from systems by using Mobile Agents aid. Intrusion Detection System detects intrusions based on the collected information and routes the intrusion. The intelligent decisions on communications, permit agents to gain their goals more efficiently and provide more survivability and security of an agent system. The proposed model showed a formal representation of information assurance in agent messaging over a dynamic network by probability of redundant routes. The proposed Intrusion Detection System, chase intruders and collect information by the Mobile Agents. Our propose architecture is an information exchange method and chasing intrusion along with a method by implementing Mobile Agents.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Review of Intrusion and Anomaly Detection Techniques IJMER
Intrusion detection is the act of detecting actions that attempt to compromise the
confidentiality, integrity or availability of a resource. With the tremendous growth of network-based
services and sensitive information on networks, network security is getting more and more importance
than ever. Intrusion poses a serious security threat in a huge network environment. The increasing use of
internet has dramatically added to the growing number of threats that inhabit within it. Intrusion
detection does not, in general, include prevention of intrusions. Now a days Network intrusion detection
systems have become a standard component in the area of security infrastructure. This review paper tries
to discusses various techniques which are already being used for intrusion detection.
Intrusion Detection System (IDS) is meant to be a software application which monitors the network or system activities and finds if any malicious operations occur. Tremendous growth and usage of internet raises concerns about how to protect and communicate the digital information in a safe manner. Nowadays, hackers use different types of attacks for getting the valuable information. Many intrusion detection techniques, methods and algorithms help to detect these attacks. This main objective of this paper
is to provide a complete study about the definition of intrusion detection, history, life cycle, types of intrusion detection methods, types of attacks, different tools and techniques, research needs, challenges and
applications.
Autonomic Anomaly Detection System in Computer Networksijsrd.com
This paper describes how you can protect your system from Intrusion, which is the method of Intrusion Prevention and Intrusion Detection .The underlying premise of our Intrusion detection system is to describe attack as instance of ontology and its first need is to detect attack. In this paper, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-governing: self-labeling, self-updating and self-adapting. Our structure employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Selected advanced themes in ethical hacking and penetration testingCSITiaesprime
Since 1980 cyberattacks have been evolving with the rising numbers of internet users and the constant evolving of security systems, and since then security systems experts have been trying to fight these kinds of attacks. This paper has both ethical and scientific goals, ethically, to raise awareness on cyberattacks and provide people with the knowledge that allows them to use the world wide web with fewer worries knowing how to protect their information and their devices with what they can. Scientifically, this paper includes a deep understanding of types of hackers, attacks, and various ways to stay safe online. This research investigates how ethical hackers adapt to the current and upcoming cyber threats. The different approaches for some famous hacking types along with their results are shown. Python and Ruby are used for coding, which we run on Kali Linux operating system.
Vulnerability Prevention Using Ethical Hacking.pdfMithunJV
Hello Everyone,
I am MITHUN.J.V currently pursuing my graduate at BSC in the field of INFORMATION TECHNOLOGY at DR.SNS RAJALAKSHMI COLLEGE OF ARTS AND SCIENCE and this is my reseach paper based on ethical hacking,advantages and disadvantages OF HACKING,types of hacking etc...
We are living in security era, where we are securing all our belongings under different modes of lock but it’s different in the case of system security. We are carelessly leaving our datas and softwares unlocked. The state of security on the internet is bad and getting worse. One reaction to this state of affairs is termed as Ethical Hacking which attempts to increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties. As public and private organizations migrate more of their critical functions to the Internet, criminals have more opportunity and incentive to gain access to sensitive information through the Web application. So, Ethical hacking is an assessment to test and check an information technology environment for possible weak links and vulnerabilities. Ethical hacking describes the process of hacking a network in an ethical way, therefore with good intentions. This paper describes what ethical hacking is, what it can do, an ethical hacking methodology as well as some tools which can be used for an ethical hack.
Adversarial Attacks and Defenses in Malware Classification: A SurveyCSCJournals
As malware continues to grow more sophisticated and more plentiful - traditional signature and heuristics-based defenses no longer cut it. Instead, the industry has recently turned to using machine learning for malicious file detection. The challenge with this approach is that machine learning itself comes with vulnerabilities - and if left unattended presents a new attack surface for attackers to exploit.
In this paper we present a survey of research in the area of machine learning-based malware classifiers, the attacks they encounter, and the defensive measures available. We start by reviewing recent advances in malware classification, including the most important works using deep learning. We then discuss in detail the field of adversarial machine learning and conduct an exhaustive review of adversarial attacks and defenses in the field of malware classification.
Ethical Hacking A high-level information security study on protecting a comp...Quinnipiac University
As organizations in recent years continue to increase their investment into the advancements of technology to upsurge productivity and efficiently, more and more companies begin to realize that protecting of this technology is just as significant (Information Security), if not; even more important in order to protect their reputation and integrity as a company.
This paper provides a comprehensive high-level view of ethical hacking, such as what it is, what it entails, and why companies hack into their own technology. Additionally, counter measures including penetration testing and real-world examples will be examined to give the reader a better understanding of ethical hacking and why it’s such an essential element of Information Security in the Information Systems/Technology field.
Vulnerabilities of Fingerprint Authentication Systems and Their SecuritiesTanjarul Islam Mishu
The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
Similar to COMPROMISING SYSTEMS: IMPLEMENTING HACKING PHASES (20)
HEAP SORT ILLUSTRATED WITH HEAPIFY, BUILD HEAP FOR DYNAMIC ARRAYS.
Heap sort is a comparison-based sorting technique based on Binary Heap data structure. It is similar to the selection sort where we first find the minimum element and place the minimum element at the beginning. Repeat the same process for the remaining elements.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
Online aptitude test management system project report.pdfKamal Acharya
The purpose of on-line aptitude test system is to take online test in an efficient manner and no time wasting for checking the paper. The main objective of on-line aptitude test system is to efficiently evaluate the candidate thoroughly through a fully automated system that not only saves lot of time but also gives fast results. For students they give papers according to their convenience and time and there is no need of using extra thing like paper, pen etc. This can be used in educational institutions as well as in corporate world. Can be used anywhere any time as it is a web based application (user Location doesn’t matter). No restriction that examiner has to be present when the candidate takes the test.
Every time when lecturers/professors need to conduct examinations they have to sit down think about the questions and then create a whole new set of questions for each and every exam. In some cases the professor may want to give an open book online exam that is the student can take the exam any time anywhere, but the student might have to answer the questions in a limited time period. The professor may want to change the sequence of questions for every student. The problem that a student has is whenever a date for the exam is declared the student has to take it and there is no way he can take it at some other time. This project will create an interface for the examiner to create and store questions in a repository. It will also create an interface for the student to take examinations at his convenience and the questions and/or exams may be timed. Thereby creating an application which can be used by examiners and examinee’s simultaneously.
Examination System is very useful for Teachers/Professors. As in the teaching profession, you are responsible for writing question papers. In the conventional method, you write the question paper on paper, keep question papers separate from answers and all this information you have to keep in a locker to avoid unauthorized access. Using the Examination System you can create a question paper and everything will be written to a single exam file in encrypted format. You can set the General and Administrator password to avoid unauthorized access to your question paper. Every time you start the examination, the program shuffles all the questions and selects them randomly from the database, which reduces the chances of memorizing the questions.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptxnikitacareer3
Looking for the best engineering colleges in Jaipur for 2024?
Check out our list of the top 10 B.Tech colleges to help you make the right choice for your future career!
1) MNIT
2) MANIPAL UNIV
3) LNMIIT
4) NIMS UNIV
5) JECRC
6) VIVEKANANDA GLOBAL UNIV
7) BIT JAIPUR
8) APEX UNIV
9) AMITY UNIV.
10) JNU
TO KNOW MORE ABOUT COLLEGES, FEES AND PLACEMENT, WATCH THE FULL VIDEO GIVEN BELOW ON "TOP 10 B TECH COLLEGES IN JAIPUR"
https://www.youtube.com/watch?v=vSNje0MBh7g
VISIT CAREER MANTRA PORTAL TO KNOW MORE ABOUT COLLEGES/UNIVERSITITES in Jaipur:
https://careermantra.net/colleges/3378/Jaipur/b-tech
Get all the information you need to plan your next steps in your medical career with Career Mantra!
https://careermantra.net/
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
Literature Review Basics and Understanding Reference Management.pptxDr Ramhari Poudyal
Three-day training on academic research focuses on analytical tools at United Technical College, supported by the University Grant Commission, Nepal. 24-26 May 2024
1. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
DOI: 10.5121/ijcsit.2019.11203 27
COMPROMISING SYSTEMS: IMPLEMENTING
HACKING PHASES
Marlon intal tayag1
and Maria emmalyn asuncion de vigal capuno2
1
College of Information and Communications Technology,Holy Angel University,
Angeles, Philippines
2
Faculty of Information Technology, Future University, Khartoum, Sudan
ABSTRACT
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines
use in the process. The virtual machines specification is also listed. it will also provide means and insights
on how to protect one system from being compromised.
KEYWORDS
compromised systems, hacking, penetration testing, exploit, vulnerability
1. INTRODUCTION
With the outset of the computer and internet age, cyber security is now in the headlines of every
topic being discussed in terms of securing system and personal data that resides in enterprise
system or cloud infrastructure.
As more and more systems are being compromised and data being stolen, there is now a need to
understand how these things are being perpetrated in the mindset of an individual called a hacker.
The work hacking is actually a misnomer. Hacking is the action done by a person who is
knowledgeable on his field of expertise such as technology [1] . Technically a hacker is someone
who likes to explore and tinker things, by learning how computer systems runs and love
discovering new things [2]. The person involved in this action is called a hacker. In its true form,
the media is defining it the wrong way, a person who sets out to destroy or compromise a system
and gain access to it with the intention of wreaking havoc is actually called a cracker.
Hackers are divided into different categories based on their skills as shown on Figure 1. White
Hat hacker, is person or individual who uses his hacking skills to find vulnerabilities either in
hardware or software and reports those vulnerabilities to the person or organization affected and
help them find solution to their security weakness [3]. EC-Council, is a training company that
offers certification and training to individual who wants to become ethical hackers, according to
them a cyber security specialist needs to put himself in the shoe of the hacker to understand how
they think, that is “to beat an hacker, you have to think like an hacker” [4]. Next we have the
2. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
28
Black hat hacker, are individual who attempts to gain unauthorized access to system by means
exploiting its weakness. They implicit damage once they gained access and steal data [5]. Black
hats can be cyber criminals or cyber terrorist.
And the last one is the Grey Hat hacker, is a mixture of a white hat and a black hat, they hack into
system without permission and look for the vulnerability, once it is found they report it to the
owner and for fee they will patch-up the vulnerability. They are malicious in nature; however,
this type of hacking is still illegal because no permission is given by the owner to test the system
for vulnerability [6].
Figure 1: Hacker Categories
Hacking does not only pertain to targeting system and hardware but covers individual who uses
those systems. Targeting people or person to divulge information useable to the hacker is called
Social Engineering, one such example is calling an employee in which the hacker can pretend as
a member of the technical team in charge on maintaining the servers. The hacker will ask the
employee’s password or credential with the excuse that they are currently implementing
preventive maintenance on the server and they need the employee account to do backup.
As the need for securing system arises, some hackers are using their skill in a positive way. They
work with companies in protecting their system by actually hacking their way in and providing
the information to the companies on how they compromised and find ways to protect their
system. Hackers for hire who protect and help companies do what is term as Ethical Hacking or
Penetration Testing [7] [8].
Following pre-determined rules and guideline Penetration Testing is an attempt to compromised a
system by finding its weakness and attacking those weakness using an exploit. The finding or
result from the process is used to help company to mitigate or find solution and protect the
company from cyber attacks
Pen Testing can be categorized in two types, White Box, where the Pen Tester is provided with
information on the target system (e.g. infrastructures, server, ip addresses etc.) and the other one
Black Box, also called as ‘blind’ testing, were no information whatsoever is provided to the Pen
Tester.
1.1 CONTRIBUTIONS OF THIS PAPER
The main contributions of this paper are as follows:
1. Demonstrate the hacking phases and used different hacking tools to do so.
2. Identify vulnerabilities and exploits in compromising system, at the same time recommend
solution to mitigate the problem
3. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
29
The remainder of the paper discusses the actual implementation of the hacking phases with the
virtual machines use in the process. The virtual machines specification is also listed.
2. RELATEDWORKANDTERMINOLOGY
On a paper presented by Teresa Guarda, Walter Orozco, Maria Fernanda Augusto and Filipe
Mota Pinto, they discussed the three areas which penetration testing acts on, these includes
application, network and system workflow. Each of these areas is inter-related. Vulnerability on
one area affects the security of the other two. Point in case is the network, identifying treats that
can create risk and weakness[9].
In “Ethical Hacking”, Ashar Ushmani points out the common process in compromising private
data or confidential information. He discusses the different types of hackers from White hat,
Black hat and Grey hat. He explained the difference between an ethical hacker and a hacker who
target system for financial gain. He discussed the impact of hacking on the business side, were
businesses suffered thru theft of valuable information [8] .
Pen Tester focuses on key area to investigate. He said that they have the network perimeter
where network defense is setup. The pen tester tests network device configuration such as routers
and firewall rules. Next is the application perimeter, where an application such as a web app is
tested to see any vulnerability which can be exploited. Last but the least the workflow, testing by
means of social engineering to identify individual in the workflow process of an organization
(Fig.2).
Figure 2: Acting Areas For Pen Testing
On the positive side ethical hacking as stated by Bhawana Sahare,Ankit Naik and Shashikala
Khandey they pointed out testing a system for vulnerability will help the network or system
administrator in patching up problems. They also cited the need to implement a mature security
program with a combination of procedures and policies the work together.
Their paper also discusses the limitation of ethical hacking that is the test is based on one simple
principle finding the securities vulnerabilities a hacker can used to attack a system. This can be
compared to a diagnostic test [10] .
4. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
30
David Hafele, stated on his paper the benefits of implementing penetration testing, finding
vulnerabilities before hackers can exploit them. Understanding false positive and false negative
alerts, to which remediation can be implemented [11].
3. HACKING PROCESS
A. Ethical Hacking Phase
Ethical hacking follows a pre-defined process to find vulnerabilities on a given system. Each
steps help the Pen Tester or hacker to achieved his goal in compromising a system (Fig. 3).
Figure 3: Hacking Process
1. Reconnaissance – gathering information on the target (e.g. network, domains) this will
help the attacker to better understand the target and any potential weakness.
2. Scanning and Enumeration – in this phase the attacker will implement passive scanning,
these includes using various scanning tools to determine open ports and services.
3. Identify Vulnerabilities’ – the attacker will use tools that can identify weaknesses on the
system. Such tool includes Nessus and OpenVAS.
4. Exploitation – Using the knowledge gain from phase three, the attacker will now
implement active attack by exploiting the weakness and gained access to the target.
5. Covering Tracks– Once the attacker gain access to the system. The attacker will try to
remove all evidence of his attack. One such activity is deleting the system log files.
B. Testing Requirements
To test the given process, a cyber-laboratory was implemented to isolate attacks from the live
network. In this paper virtual machines that run two operating systems was used. Virtual
Machines is basically a software computer that runs actual operating system, it uses physical
resources such memory and CPU cycles[9]. It made use of security or hacking tool to locate the
target, find open ports thru scanning, find and exploit the target by means of its weakness. These
are as follows:
5. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
31
A. Operating System: Kali Linux (2019 Rolling) and Windows XP unpatched (32 bit)
B. Virtualization Software: Virtual Box, a free virtualization software for virtualizing PC
C. Software Tools:
a. Nmap – is an open source application use to scan a specific target and show
running or active ports and services.
b. Metasploit Framework – is a penetration testing framework that allows pen tester
to write, test, and run exploits. It contains a range of tools specifically designed
for finding security vulnerabilities, enumerations of target network or devices, by
compromising systems and avoid detection.
c. Nessus – is a vulnerability scanner design to find weakness on a target. It creates
a report by cross linking its results to the Common Vulnerabilities and Exposure
database (CVE).
d. Meterpreter – is an advanced payload DLL injection system and currently part of
the Metasploit Framework. It allows the attacker to run either bind or reverse
bind shell in compromising the target.
C. System and Hardware Requirements
To properly simulate the Cyber Security Laboratory, the following VM configuration are needed.
The host PC should have 8 to 16 gig of memory running Window 7 or Windows 10. Each of the
VM are configured as follows:
Table 1: Virtual Machine Specifications
3.1 IMPLEMENTING ATTACK THROUGH CYBER LAB
Implementation of hacking and compromising the system will use the ethical hacking process:
Step 1: Reconnaissance
For this phase, the attacker can use tools such Ping Sweeps, Packet Sniffing and Network
Discovery to identify live target.
Step 2: Scanning and Enumeration
Nmap can be used to search for open ports and services. The hacker can scan the target and list all
active ports and services. As shown on Fig.4, the nmap scan nmap –sT –p- -PN 192.168.10.100 is use
to implement a TCP connect scan and show all open ports with the running services. The
information provided by the nmap scan can be used by hacker to further investigate any
vulnerable services which can be exploited
Virtual
Machine
Memory Storage
Kali Linux 4 GIG 40 GIG
Windows
XP
256 MB 20 GIG
6. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
32
root@kali:# nmap –sT –p- -PN 192.168.10.100
Figure 4: Nmap scanning of target
Step 3: Identify Vulnerabilities
Vulnerability scanning of the target can be done by using Nessus, based on the port scan found by
nmap, the attacker can have rough idea of what the target is and what are the running services.
With Nessus the attacker can find the weakness of those services. Nessus categories the level of
vulnerability found on the target. Critical vulnerabilities are colored red. They are the priority
weakness that needs to mitigated or resolved. Orange is high, Yellow is medium and blue is
information (Fig.5).
Figure 5 : Nessus vulnerability scanning
7. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
33
Step 4: Exploitation
With the weakness identified the hacker can now proceed to exploit and gain access to
the target. One of the critical areas found is a security issue on Microsoft NetAPI service
(MS08-067).
The Nessus scan output (Fig. 6) MS08-067 vulnerability can allow a hacker to run remote code
execution, basically running a remote shell which the hacker can use to control and do anything
he wants on the target system.
Figure 6:MS08-067 Security Issue
The said issue can be exploited by using metasploit exploit/windows/smb/ms08_067_netapi,
allowing the hacker to gained SYSTEM access – highest user privilege in Windows (Fig. 7).
Figure 7: Using Metasploit on MS08-067 Vulnerability
Considered as one of the most popular exploit use to attack Microsoft Windows.
8. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
34
The exploit attacks the NetAPI32.dll library thru the Server Service[12]. The attacker gain access
to the system an implemented remote view to the target with the metasploit payload VNCInject
reverse bind connection (Fig.7).
Figure 8: Gaining Access To The Target
C. Implementing Mitigation
MS08-067 vulnerability is just one of the vulnerabilities that may affect an operating system, that
is, it is a windows operating system. With that in mind the best way to patch-up the operating
system is to do a security update.
Microsoft on their Security Bulletin provides a security update of the said security vulnerability.
Keep in mind that if not patch the attacked can implement a Remote Code Execution[13].
4. CONCLUSION
Cyber Security is an area that will have a huge impact on how we protect our personal data and
enterprise information. With the proliferation of ready to used tools on the internet anyone can
become a hacker. Hacker can be either a white hat, grey hat or a black hat hacker who uses his
skill to do harm to people by stealing their information.
Implementing Penetration Testing internally or hiring Pen Testing Team from outside can help an
organization to find critical security issues. The concept of a contain network is long gone.
Currently, networks are also connected to the Internet which provides a huge opportunity for
hackers to infiltrate internal organization network. With the advent of the Internet of Things
devices such as network printer improperly configured are a ticking bomb. Ethical Hacking or
Penetration testing is a useful tool along with basic computer security knowledge are essential
part of the securing the organization.
As demonstrated, improper updates on system such Windows OS can lead to a hacker
compromising the organization system. Learning to protect ourselves, knowing the proper cyber
etiquette is a must.
REFERENCES
[1] S. Begum and S. Kumar, “IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES
& RESEARCH TECHNOLOGY A COMPREHENSIVE STUDY ON ETHICAL HACKING,”
vol. 5, no. 8, pp. 214–219, 2016.
[2] “Role of Ethical Hacking in System,” no. May, 2018.
9. International Journal of Computer Science & Information Technology (IJCSIT) Vol 11, No 2, April 2019
35
[3] “What is white hat? - Definition from WhatIs.com.” [Online]. Available:
https://searchsecurity.techtarget.com/definition/white-hat. [Accessed: 14-Mar-2019].
[4] “What is ethical hacker? - Definition from WhatIs.com.” [Online]. Available:
https://searchsecurity.techtarget.com/definition/ethical-hacker. [Accessed: 14-Apr-2019].
[5] “Types of Hackers and What They Do: White, Black, and Grey | EC-Council Official Blog.” [Online].
Available: https://blog.eccouncil.org/types-of-hackers-and-what-they-do-white-black-and-grey/.
[Accessed: 14-Mar-2019].
[6] “What is the Difference Between Black, White and Grey Hat Hackers?” [Online]. Available:
https://us.norton.com/internetsecurity-emerging-threats-what-is-the-difference-between-black-white-
and-grey-hat-hackers.html. [Accessed: 14-Mar-2019].
[7] S. Satapathy and D. Ranjan Patra, “Ethical Hacking,” Int. J. Sci. Res. Publ., vol. 5, no. 6, pp. 2250–
3153, 2015.
[8] C. C. Palmer, “Ethical hacking,” vol. 40, no. 3, pp. 769–780, 2001.
[9] I.-C. MIHAI, “Penetration Tests on Virtual Environment,” Int. J. Inf. Secur. Cybercrime, vol. 1, no.
1, pp. 37–45, 2016.
[10] B. Sahare, A. Naik, and S. Khandey, “Study Of Ethical Hacking,” vol. 2, no. 4, pp. 6–10, 2014.
[11] D. Hafele, “Information Security Reading Room Three Different Shades of Ethical Hacking :
Black , White and Gray In tu ll r igh,” 2019.
[12] “Exploitable vulnerabilities #1 (MS08-067).” [Online]. Available:
https://blog.rapid7.com/2014/02/03/new-ms08-067/. [Accessed: 14-Mar-2019].
[13] “ Microsoft Security Bulletin MS08-067 - Critical | Microsoft Docs.” [Online]. Available:
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067. [Accessed: 21-
Mar-2019].