this report is about how network security and privacy security works on Wireless and Wired system.It is also contain encryption method for network security and privacy.
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
Role of artificial intelligence in cyber security | The Cyber Security ReviewFreelancing
Emerging technologies put cybersecurity at risk. Even the new advancements in defensive strategies of security professionals fail at some point. Let's see what the latest AI technology in cybersecurity is.
Cyber security threats and its solutionsmaryrowling
There are a lot of cyber threats in the cyber world, but some of them are really disastrous for your system and data. Cyber threats are increasing rapidly so it is important to know how to prevent them.
Looking to understand how hackers and other attackers use cyber technology to attack your network and your executives? This slide set provides an overview and details the anatomy of a cyber attack, and the strategies you can use to manage and mitigate risk.
FORE Solutions is the Chandigarh based best data security solutions provides an entire range of products for infrastructure security and keeping data protected from corruption and unauthorized access. For more details please visit our website www.foresolutions.net
I want you to Read intensively papers and give me a summary for ever.pdfamitkhanna2070
I want you to Read intensively papers and give me a summary for every paper and the linghth for
each paper is 2 pages or more. In the summary, you need to provide some of your own ideas.
Research Interests: Privacy-Aware Computing,Wireless and Mobile Security,Fog
Computing,Mobile Health and Safety, Cognitive Radio Networking,Algorithm Design and
Analysis.
You should select papers from the following conferences:
IEEE INFOCOM, IEEE Symposium on security and privacy, ACM CCS, USENIX Security.
Solution
PRIVACY AWARE COMPUTING
Introduction
With the increasing public concerns of security and personal data privacy worldwide, security
and privacy become an important research area. This research area is very broad and covers
many application domains.
The security and privacy aware computing research group actually focuses on
(1) privacy-preserved computing,
(2) Video surveillance, and
(3) secure biometric system.
Now let us briefly discuss the above three groups.
Privacy-preserved Computing
Concerns on the data privacy have been increasing worldwide. For example, Apple was
reportedly fined by South Korea’s telecommunications regulator for allegedly collecting and
storing private location data of iPhone users. The privacy concerns raised by both end-users and
government authorities have been hindering the deployment of many valuable IT services, such
as data mining and analysis, data outsourcing, and mobile location-aware computing.
soo, in response to the growing necessity of protecting data privacy, our research group has been
focusing on developing innovative solutions towards information services --- to support these
services while preserving users’ personal privacy.
Video Surveillance
With the growing installation of surveillance video cameras in both private and public areas, the
closed-circuit TV (CCTV) has been evolved from a single camera system to a multiple camera
system; and has recently been extended to a large-scale network of cameras.
One of the objectives of a camera network is to monitor and understand security issues in the
area under surveillance. While the camera network hardware is generally well-designed and
roundly installed, the development of intelligent video analysis software lags far behind. As
such, our group has been focusing on developing video surveillance algorithms such as face
tracking, person re-identification, human action recognition.
Our goal is to develop an intelligent video surveillance system.
Secure Biometric System
With the growing use of biometrics, there is a rising concern about the security and privacy of
the biometric data. Recent studies show that simple attacks on a biometric system, such as hill
climbing, are able to recover the raw biometric data from stolen biometric template. Moreover,
the attacker may be able to make use of the stolen face template to access the system or cross-
match across databases. Our group has been working on face template protection, multimodality
template protection, and .
Role of artificial intelligence in cyber security | The Cyber Security ReviewFreelancing
Emerging technologies put cybersecurity at risk. Even the new advancements in defensive strategies of security professionals fail at some point. Let's see what the latest AI technology in cybersecurity is.
Cyber security threats and its solutionsmaryrowling
There are a lot of cyber threats in the cyber world, but some of them are really disastrous for your system and data. Cyber threats are increasing rapidly so it is important to know how to prevent them.
Looking to understand how hackers and other attackers use cyber technology to attack your network and your executives? This slide set provides an overview and details the anatomy of a cyber attack, and the strategies you can use to manage and mitigate risk.
FORE Solutions is the Chandigarh based best data security solutions provides an entire range of products for infrastructure security and keeping data protected from corruption and unauthorized access. For more details please visit our website www.foresolutions.net
I want you to Read intensively papers and give me a summary for ever.pdfamitkhanna2070
I want you to Read intensively papers and give me a summary for every paper and the linghth for
each paper is 2 pages or more. In the summary, you need to provide some of your own ideas.
Research Interests: Privacy-Aware Computing,Wireless and Mobile Security,Fog
Computing,Mobile Health and Safety, Cognitive Radio Networking,Algorithm Design and
Analysis.
You should select papers from the following conferences:
IEEE INFOCOM, IEEE Symposium on security and privacy, ACM CCS, USENIX Security.
Solution
PRIVACY AWARE COMPUTING
Introduction
With the increasing public concerns of security and personal data privacy worldwide, security
and privacy become an important research area. This research area is very broad and covers
many application domains.
The security and privacy aware computing research group actually focuses on
(1) privacy-preserved computing,
(2) Video surveillance, and
(3) secure biometric system.
Now let us briefly discuss the above three groups.
Privacy-preserved Computing
Concerns on the data privacy have been increasing worldwide. For example, Apple was
reportedly fined by South Korea’s telecommunications regulator for allegedly collecting and
storing private location data of iPhone users. The privacy concerns raised by both end-users and
government authorities have been hindering the deployment of many valuable IT services, such
as data mining and analysis, data outsourcing, and mobile location-aware computing.
soo, in response to the growing necessity of protecting data privacy, our research group has been
focusing on developing innovative solutions towards information services --- to support these
services while preserving users’ personal privacy.
Video Surveillance
With the growing installation of surveillance video cameras in both private and public areas, the
closed-circuit TV (CCTV) has been evolved from a single camera system to a multiple camera
system; and has recently been extended to a large-scale network of cameras.
One of the objectives of a camera network is to monitor and understand security issues in the
area under surveillance. While the camera network hardware is generally well-designed and
roundly installed, the development of intelligent video analysis software lags far behind. As
such, our group has been focusing on developing video surveillance algorithms such as face
tracking, person re-identification, human action recognition.
Our goal is to develop an intelligent video surveillance system.
Secure Biometric System
With the growing use of biometrics, there is a rising concern about the security and privacy of
the biometric data. Recent studies show that simple attacks on a biometric system, such as hill
climbing, are able to recover the raw biometric data from stolen biometric template. Moreover,
the attacker may be able to make use of the stolen face template to access the system or cross-
match across databases. Our group has been working on face template protection, multimodality
template protection, and .
Discuss how a successful organization should have the followin.docxcuddietheresa
Discuss how a successful organization should have the following layers of security in place for the protection of its operations: information security management, data security, and network security.
Multiple Layers of Security
Marlowe Rooks posted Mar 13, 2020 9:54 AM
Looking at Vacca”s book chapter 1, “Information security management as a field is ever increasing in demand and responsibility because most organizations spend increasingly larger percentages of their IT budgets in attempting to manage risk and mitigate intrusions, not to mention the trend in many enterprises of moving all IT operations to an Internet-connected infrastructure, known as enterprise cloud computing (John R. Vacca, 2014)”. It is the organization responsibility to protect its business and its client information at all times. With that said I’m going to break down why companies need to have multiple layers of security and what types they should implement below.
The first layer is Information security management which can be from Physical Security, or Personnel Security. Physical Security can range from physical items, objects, or areas from unauthorized access and misuse. Personnel Security is to protect the individual or group of individuals who are authorized to access the organization and its operations. Some of the reason to implement Information Security is as follow:
· Decrease in downtime of IT systems
· Decrease in security related incidents
· Increase in meeting an organization's compliance requirements and standards
· Increase in customer satisfaction, demonstrating that security issues are tackled in the most appropriate manner
· Increase in quality of service
· Process approach adoption, which helps account for all legal and regulatory requirements
· More easily identifiable and managed risks
· Also covers information security (IS) (in addition to IT information security)
· Provides a competitive edge to an organization with the help of tackling risks and managing resources/processes
The second layer would be Data Security which can be refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, tokenization, and key management practices that protect data across all applications and platforms. Some of the reason to implement Data Security is as follow:
· Cloud access security – Protection platform that allows you to move to the cloud securely while protecting data in cloud applications.
· Data encryption – Data-centric and tokenization security solutions that protect data across enterprise, cloud, mobile and big data environments.
· Web Browser Security - Protects sensitive data captured at the browser, from the point the customer enters cardholder or personal data, and keeps it protected through the ecosystem to the trusted host destination.
· Mobile App Security - Protecting sensitive data in native mobile apps while safeguarding the data end-to-end.
· eMai ...
Discuss how a successful organization should have the followin.docxsalmonpybus
Discuss how a successful organization should have the following layers of security in place for the protection of its operations: information security management, data security, and network security.
Multiple Layers of Security
Marlowe Rooks posted Mar 13, 2020 9:54 AM
Looking at Vacca”s book chapter 1, “Information security management as a field is ever increasing in demand and responsibility because most organizations spend increasingly larger percentages of their IT budgets in attempting to manage risk and mitigate intrusions, not to mention the trend in many enterprises of moving all IT operations to an Internet-connected infrastructure, known as enterprise cloud computing (John R. Vacca, 2014)”. It is the organization responsibility to protect its business and its client information at all times. With that said I’m going to break down why companies need to have multiple layers of security and what types they should implement below.
The first layer is Information security management which can be from Physical Security, or Personnel Security. Physical Security can range from physical items, objects, or areas from unauthorized access and misuse. Personnel Security is to protect the individual or group of individuals who are authorized to access the organization and its operations. Some of the reason to implement Information Security is as follow:
· Decrease in downtime of IT systems
· Decrease in security related incidents
· Increase in meeting an organization's compliance requirements and standards
· Increase in customer satisfaction, demonstrating that security issues are tackled in the most appropriate manner
· Increase in quality of service
· Process approach adoption, which helps account for all legal and regulatory requirements
· More easily identifiable and managed risks
· Also covers information security (IS) (in addition to IT information security)
· Provides a competitive edge to an organization with the help of tackling risks and managing resources/processes
The second layer would be Data Security which can be refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, tokenization, and key management practices that protect data across all applications and platforms. Some of the reason to implement Data Security is as follow:
· Cloud access security – Protection platform that allows you to move to the cloud securely while protecting data in cloud applications.
· Data encryption – Data-centric and tokenization security solutions that protect data across enterprise, cloud, mobile and big data environments.
· Web Browser Security - Protects sensitive data captured at the browser, from the point the customer enters cardholder or personal data, and keeps it protected through the ecosystem to the trusted host destination.
· Mobile App Security - Protecting sensitive data in native mobile apps while safeguarding the data end-to-end.
· eMai.
The possibilities provided by the internet in this day and times is almost limitless, fueled by
presence of global networks and larger operations being performed on a daily basis coupled with
people around the world who enjoy these benefits. However, the internet space is not used for
peaceful reasons as it should be assumed. The growing development in technologies and
substantive upgrade of programming systems has led to frequent cases of attacks by threat actors,
becoming a real problem for large companies.
Hence, therefore, one of the most famous cases in relation to hacking in the world was the
hacking of important information on the eBay database, an online shopping store. The case study
will focus on this attack.
3
Running Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docxtoltonkendal
Running Head: NETWORK INFRASTRUCTURE VULNERABILITIES1
NETWORK INFRASTRUCTURE VULNERABILITIES3
Project Paper: Network Infrastructure vulnerabilities
Name
Institutional Affiliations
Section 1: Infrastructure Document
Computer networks have increasingly become ubiquitous and synonymous especially with the organizations that thrive on excellence, as well as, those who would want to adopt cloud technology and virtualization within their companies. Today, most organizations that set up their businesses ensure that they have incorporated an efficient computer network infrastructure that will connect the business to the outside world through Internets. This is because, research has shown that the present business depend heavily on network infrastructure platforms that make communication easy, efficient, available, as well as, accessible. Consequently, despite the fact that robust computers networks have made it easier by providing a basis of interactivity and bringing a whole lot of people and businesses together, all these at one point have amounted to growing security concerns over the past years across various sectors and industries. This paper will therefore identify some of the possible network infrastructure vulnerabilities, as well as, describing a comprehensive security policy that helps in protecting the company infrastructure and assets by applying the principle of CIA.
A network consists of devices such as routers, firewalls, generic and hosts which include servers and workstations. Equally, there are thousands of network vulnerabilities; therefore, organizations should ensure that they focus on tests that will produce a good overall assessment of the network especially when they store their data in the cloud, however, there may be risk of non-compliance and regulation, due to lack of control over where data is stored. The possible network infrastructure vulnerabilities include; improper system configuration, poor firewall deployment, poor anti-virus implementation, weak password implementation, lack of efficient physical security, lack of appropriate security policies and many others. Vulnerabilities can be successfully contained by putting measure in place, for example, the Network Administrator should be in position to gather information about viruses and worms, as well as, identifying network vulnerabilities by getting information that helps in preventing security problems. Security measures for Network vulnerabilities can be accessed through three main stages which involve planning, conducting and inference (Markluec, 2010). In planning stage, there is an official agreement that is signed between the concerned parties. The document signed is important because it will contain both legal and non-disclosure causes that serve to protect the ethical hacker against possible law suit. Conducting stage involves the evaluation of technical reports prepared based on testing potential vulnerabilities. Lastly, in inference stage, the ...
As more business activities are being automated and an increasing number of computers are being used to store sensitive information, the need for secure computer systems becomes more apparent. This need is even more apparent as systems and applications are being distributed and accessed via an insecure network, such as the internet. The internet itself has become critical for governments, companies, financial institutions, and millions of everyday users. Networks of computers support a multitude of activities whose loss would all cripple these organizations. As a consequences Cyber Security issues have become national security issues. Protecting the internet is a very difficult task. Cyber Security can be obtained only through systematic development. P. H. Gopi Kannan | A. Karthik | M. Karthikeyan "Cyber Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-6 , October 2020, URL: https://www.ijtsrd.com/papers/ijtsrd33483.pdf Paper Url: https://www.ijtsrd.com/computer-science/computer-security/33483/cyber-security/p-h-gopi-kannan
The biggest threat to network security is underestimating the threat to network security. And as IP networks become the defector standard, ignoring this reality can extract a heavy price down the road.
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
Cyber security positions have considerably taken the top list in the job market. Candidates vying for elite positions in the field of cyber security certainly need a clear-cut and detailed guide to channeling their preparation for smooth career growth, beginning with getting a job. We have curated the top cyber security interview questions that will help candidates focus on the key areas. We have classified the regularly asked cyber security interview questions here, in this article into different levels starting from basic general questions to advanced technical ones.
Before we move on to the top cyber security interview questions, it is critical to reflect on the vitality of cyber security in our modern times and how cyber security professionals are catering to the needs of securing a safe cyber ecosystem.
The times we live in is defined by the digital transition, in which the internet, electronic devices, and computers have become an integral part of our daily life. Institutions that serve our daily needs, such as banks and hospitals, now rely on internet-connected equipment to give the best possible service. A portion of their data, such as financial and personal information, has become vulnerable to illegal access, posing serious risks. Intruders utilize this information to carry out immoral and criminal goals.
Cyber-attacks have jeopardized the computer system and its arrangements, which has now become a global concern. To safeguard data from security breaches, a comprehensive cyber security policy is needed now more than ever. The rising frequency of cyber-attacks has compelled corporations and organizations working with national security and sensitive data to implement stringent security procedures and restrictions.
Computers, mobile devices, servers, data, electronic systems, networks, and other systems connected to the internet must be protected from harmful attacks. Cybersecurity, which is a combination of the words "cyber" and "security," provides this protection. 'Cyber' imbibes the vast-ranging technology with systems, networks, programs, and data in the aforementioned procedure. The phrase "security" refers to the process of protecting data, networks, applications, and systems. In a nutshell,
cyber security is a combination of principles and approaches that assist prevent unwanted access to data, networks, programs, and devices by meeting the security needs of technological resources (computer-based) and online databases.
- Security is a concept similar to being cautious
or alert against any danger. Network security is the condition of
being protected against any danger or loss. Thus safety plays a
important role in bank transactions where disclosure of any data
results in big loss. We can define networking as the combination
of two or more computers for the purpose of resource sharing.
Resources here include files, database, emails etc. It is the
protection of these resources from unauthorized users that
brought the development of network security. It is a measure
incorporated to protect data during their transmission and also
to ensure the transmitted is protected and authentic.
Security of online bank transactions here has been
improved by increasing the number of bits while establishing the
SSL connection as well as in RSA asymmetric key encryption
along with SHA1 used for digital signature to authenticate the
user
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
2. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 2
Abstract
We live in an age of information. Businesses these days are more digitally advanced than ever,
and as technology improves, organizations security measures must be enhanced as well. Now,
with many devices communicating with each other over wired, wireless, or cellular networks,
network security is an important concept. Software system are increasingly assembled from
components that are buy from or purchase from third parties for technical and economic
gains. Therefore issues in privacy of network security occurred. Network security is becoming of
great importance because of intellectual property that can be easily acquired through the internet.
There are different kinds of attack that can be when sent across the network. By knowing the
attack methods, allows for the appropriate security to emerge. Many businesses secure
themselves from the internet by means of firewalls and encryption mechanisms. There is a large
amount of personal, commercial, military, and government information on networking
infrastructures worldwide and all of these required different security mechanisms. In this report,
we have discussed about network security, its aspects , types of attacks ,etc .
3. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 3
Introduction
Network security consists of the policies and practices adopted to forestall and monitor
unauthorized access, misuse, modification, or denial of a network and network-accessible
resources. Network security involves the authorization of access to information in an
exceedingly} terribly very network, that is controlled by the network administrator. Users select
or ar allotted associate ID and parole or different authenticating info that allows them access to
info and programs inside their authority. Network security covers a selection of pc networks,
each public and personal, that ar utilised in everyday jobs; conducting transactions and
communications among businesses, government agencies and people. Networks may even be
non-public, like inside an organization, et al. which can be receptive public access. Network
security is concerned in organizations, enterprises, and different forms of establishments. It will
as its title explains: it secures the network, still as protective and overseeing operations being
done. the foremost common and straightforward method of protective a network resource is by
distribution it a novel name and a corresponding parole.
Internet privacy involves the proper or mandate of non-public privacy regarding the storing,
repurposing, provision to 3rd parties, and displaying of knowledge referring to oneself via the
net. net privacy may be a set of information privacy. Privacy issues are articulated from the
beginnings of large-scale pc sharing. Privacy will entail either in person acknowledgeable info
(PII) or non-PII info like a website visitor's behavior on a web site. PII refers to any info that
may be wont to determine a personal. for instance, age and physical address alone may
determine UN agency a personal is while not expressly revealing their name, as these 2 factors ar
distinctive enough to spot a particular person generally. different types of PII might presently
embody GPS pursuit information utilized by apps, because the daily commute and routine info
will be enough to spot a personal.Some specialists like Steve Rambam, a personal investigator
specializing in net privacy cases, believe that privacy not exists; spoken language, "Privacy is
dead – live through it". indeed, it's been advised that the "appeal of on-line services is to
broadcast personal info designedly." On the opposite hand, in his essay "The price of Privacy",
security skilled Bruce Schneier says, "Privacy protects North American nation from abuses by
those in power, though we're doing nothing wrong at the time of police investigation."
4. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 4
Computer Network Security
Computer network security consists of measures taken by business or some organizations to
observe and stop unauthorized access from the skin attackers.
Different approaches to electronic network security management have completely
different necessities counting on the dimensions of the pc network. as an example, a home
base needs basic network security whereas massive businesses need high maintenance to
forestall the network from malicious attacks.
Network Administrator controls access to the information and software package on the network.
A network administrator assigns the user ID and positive identification to the approved person.
Aspects of Network Security:
Following are the desirable properties to achieve secure communication:
o Privacy: Privacy suggests that each the sender and therefore the receiver expects
confidentiality. The transmitted message ought to be sent solely to
the supposed receiver whereas the message ought to be opaque for alternative users. solely the
sender and receiver ought to be able to perceive the transmitted message as
eavesdroppers will intercept the message. Therefore, there's a demand to cypher the
message so the message can not be intercepted. This side of confidentiality is
often accustomed deliver the goods secure communication.
o Message Integrity: information integrity implies that the information should reach the
receiver specifically because it was sent. There should be no changes within
the information content throughout transmission, either maliciously or accident, in an
exceedingly transit. As there square measure additional and additional financial exchanges
over the web, information integrity is additional crucial. the information integrity should be
preserved for secure communication.
o End-point authentication: Authentication implies that the receiver is certain of the sender?s
identity, i.e., no slicker has sent the message.
5. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 5
o Non-Repudiation: Non-Repudiation implies that the receiver should be able to prove that the
received message has return from a selected sender. The sender should not deny causing a
message that he or she send. The burden of proving the identity comes on the receiver. for
instance, if a client sends asking to transfer the money from one account to a different account,
then the bank should have an indication that the client has requested for the group action.
How does network security work?
There are many layers to think about when addressing network security across a corporation .
Attacks can happen at any layer within the network security layers model, so your network
security hardware, software and policies must be designed to deal with each area.
Network security typically consists of three different controls: physical, technical and
administrative. Here may be a brief description of the various sorts of network security and the
way each control works.
Physical Network Security
Physical security controls are designed to stop unauthorized personnel from gaining physical
access to network components like routers, cabling cupboards then on. Controlled access, like
locks, biometric identification and other devices, is important in any organization.
Technical Network Security
Technical security controls protect data that's stored on the network or which is in transit across,
into or out of the network. Protection is twofold; it must protect data and systems from
unauthorized personnel, and it also must protect against malicious activities from employees.
Administrative Network Security
Administrative security controls contains security policies and processes that control user
behavior, including how users are authenticated, their level of access and also how IT staff
members implement changes to the infrastructure.
6. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 6
Wireless sensor network
The security in wireless sensor networks (WSNs) is a critical issue due to the inherent
limitations of computational capacity and power usage. While a variety of security
techniques are being developed and a lot of research is going on in security field at a
brisk pace but the field lacks a common integrated platform which provides a
comprehensive comparison of the seemingly unconnected but linked issues. In this paper
we attempt to comparatively analyse the various available security approaches
highlighting their advantages and weaknesses. This will surely ease the implementers’
burden of choosing between various available modes of defence
The security in wireless sensor networks (WSNs) is a critical issue due to the inherent
limitations of computational capacity and power usage. While a variety of security
techniques are being developed and a lot of research is going on in security field at a
brisk pace but the field lacks a common integrated platform which provides a
comprehensive comparison of the seemingly unconnected but linked issues. In this paper
we attempt to comparatively analyse the various available security approaches
highlighting their advantages and weaknesses. This will surely ease the implementers’
burden of choosing between various available modes of defence.
The security in wireless networks (WSNs) may be a vital issue due to the inherent limitations
of process capability and power usage. whereas a selection of security techniques area unit being
developed and a ton of analysis is going on in security field at a brisk pace however the field
lacks a common integrated platform that provides a comprehensive comparison of
the apparently unconnected however connected problems. In this paper we tend
to try to relatively analyse the varied out there security approaches lightness their blessings and
weaknesses. This can sure enough ease the implementers’ burden of selecting between varied out
there modes of defence.
Issues in WSN security
Security mechanisms in WSN are developed in view of certain constraints. Among
these, some are pre-defined security strategies; whereas some are direct consequences of
the hardware limitations of sensor nodes. Some of the issues described here pave way for
7. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 7
the guidelines in the next section:
1) Energy efficiency: The requirement for energy efficiency suggests that in most cases
computation is favoured over communication, as communication is three orders of
magnitude more expensive than computation . The requirement also suggests that
security should never be overdone - on the contrary, tolerance is generally preferred to
overaggressive prevention . More computationally intensive algorithms can not be used
to incorporate security due to energy considerations.
2) No public-key cryptography: Public-key algorithms remain prohibitively expensive
on sensor nodes both in terms of storage and energy . No security schemes should rely
on public-key cryptography. However it has been shown that authentication and key
exchange protocols using optimized software implementations of public-key-
cryptography is very much viable for smaller networks .
3) Physically tamperable: Since sensor nodes are low-cost hardware that are not built
with tamper-resistance in mind, their strength has to lie in their number. Even if a few
nodes go down, the network survives. The network should instead be resilient to attacks.
The concept of resilience, or equivalently, redundancy-based defence is widely
demonstrated .
4) Multiple layers of defence: Security becomes an important concern because attacks
can occur on different layers of a networking stack (as defined in the Open System
Interconnect model). Naturally it is evident that a multiple layer of defence is required,
i.e. a separate defence for each layer . The issues mentioned here are in general
applicable to almost all sorts of domain irrespective of their traits.
10. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 10
Internet privacy
Internet privacy is cause for concern for any user attending to build an internet purchase, visit a
social networking web site, participate in on-line games or attend forums. If a countersign is
compromised and disclosed, a victim's identity is also fraudulently used or purloined.
Internet privacy risks include:
• Phishing: an online hacking activity accustomed steal secure user information, as well
as username, password, checking account range, security PIN or mastercard range.
11. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 11
• Pharming: an online hacking activity accustomed send a legitimate web site visitant to a
special science address.
• Spyware: associate degree offline application that obtains information while not a user's
consent. once the pc is on-line, antecedently nonheritable information is shipped to the
spyware supply.
• Malware: associate degree application accustomed lawlessly harm on-line and
offline laptop users through Trojans, viruses and spyware.
Internet privacy violation risks is also reduced, as follows:
• Always use preventative package applications, like anti-virus, anti-malware, anti-spam and
firewalls
• Avoid looking on unreliable websites
• Avoid exposing personal information on websites with lower security levels
• Clear the browser's cache and browsing history on a regular basis
• Always use terribly sturdy passwords consisting of letters, numerals and special characters
12. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 12
Encryption/Decryption
Encryption: cryptography implies that the sender converts the initial data into another kind and
sends the unintelligible message over the network.
Decryption: coding reverses the cryptography method so as to rework the message back to the
initial kind.
The data that is to be encrypted at the sender website is understood as plaintext, and therefore
the encrypted information is understood as ciphertext. the info is decrypted at the
receiver website.
There are two types of Encryption/Decryption techniques:
Privacy with secret key Encryption/Decryption
Privacy with public key Encryption/Decryption
13. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 13
Secret Key Encryption/Decryption technique
o In Secret Key Encryption/Decryption technique, a similar secret's utilized by each the parties,
i.e., the sender and receiver.
o The sender uses the key key and coding algorithmic program to cipher knowledge|the info|the
information}; the receiver uses this key and decoding algorithmic program to decipher the data.
o In Secret Key Encryption/Decryption technique, the algorithmic program used for coding is
that the inverse of the algorithmic program used for decoding. It means if the coding algorithmic
program uses a mixture of addition and multiplication, then the decoding algorithmic
program uses a mixture of subtraction and division.
o The secret key coding algorithmic program is additionally referred to
as stellate coding algorithmic program as a result of a similar secret secret's employed in two-
way communication.
o In secret key encryption/decryption algorithmic program, the key code is
employed by laptop|the pc} to cipher the knowledge before it's sent over the network to a
different computer.
o The secret key needs that we should always recognize that pcs ar speech one another in order
that we are able to install the key on every computer.
Data Encryption normal (DES)
o The encryption normal (DES) was designed by IBM and adopted by the U.S.
government because the normal coding methodology for unsoldierly and nonclassified use.
o Standard is a standard used for encryption, and it is a form of Secret Key Cryptography.
14. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 14
Public Key Encryption/Decryption technique
o There square measure 2 keys publicly key encryption: a personal key and a public key.
o The non-public secret is given to the receiver whereas the general public secret is provided
to the general public.
In the on top of figure, we tend to see that A is causation the message to user B. 'A' uses the
general public key to inscribe the information whereas 'B' uses the non-public key to rewrite the
information.
o In public key Encryption/Decryption, the general public key utilized by the sender
is completely different from the non-public key utilized by the receiver.
o The public secret is offered to the general public whereas the non-public secret
is unbroken by every individual.
o The most ordinarily used public key formula is thought as RSA.