SlideShare a Scribd company logo

Securing E-commerce networks in MIS and E-Commerce

Download as PPTX, PDF
H
hidivin652

Securing E-commerce networks in MIS and E-Commerce

Education
1 of 20
Securing E-commerce networks By Abhaya Basnet
• Firewalls Securing E-commerce networks • Virtual Private Networks • Intrusion Detection System (IDS) • Intrusion Prevention System (IPS)
E-Commerce Security E-commerce security is the guideline that ensures safe transactions through the internet. It consists of protocols that safeguard people who engage in online selling and buying goods and services. You need to gain your customers’ trust by putting in place eCommerce security basics.
Firewall • A firewall is defined as a cybersecurity tool(hardware, software or combination of both) that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of cybersecurity rules. • It is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer. • There are two types of Firewall system: One works by using filters at the network layer and the other works by using proxy servers at the user, application, or network layer.
Key Benefits of Firewalls 1. Block spyware: One of the most common ways unwanted people gain access is by employing spyware and malware. These are software programs designed to infiltrate systems, control computers, and steal sensitive or critical data. Firewalls serve as an important blockade against such malicious programs. 2. Direct virus attacks: One of the most visible benefits of firewalls is controlling the system’s entry points and stopping virus attacks. The cost of damage from a virus attack on any system could be immeasurably high, depending on the type of virus. 3. Maintain privacy: Another benefit of employing a firewall is the promotion of privacy. By proactively working to keep your data and your customer’s data safe, you build an environment of privacy that your clients can trust. No one likes their data stolen, especially when it is known that steps could have been taken to prevent the intrusion. 4. Network traffic monitoring: By monitoring and analyzing network traffic, firewalls leverage pre-established rules and filters to keep the systems protected. 5. Prevent hacking: With the rise of data theft and criminals holding systems hostage, firewalls have become even more important, as they prevent hackers from gaining unauthorized access to data, emails, systems, and more. A firewall can stop a hacker completely or deter them from choosing an easier target.
Key Applications of Firewall 1. Software-based applications: Software-based applications involve securing data by using any type of firewall installed on a local device rather than a separate piece of hardware (or a cloud server). The benefit of such a software-based firewall is that it’s highly useful for creating defense in depth by isolating individual network endpoints from one another. 2. Hardware-based applications: Hardware firewalls use a physical appliance that acts as a traffic router to intercept data packets and traffic requests before they’re connected to the network’s servers. Physical appliance-based firewalls like this excel at perimeter security by making sure malicious traffic from outside the network is intercepted before the company’s network endpoints are exposed to risk. 3. Cloud-based applications: Whenever a cloud solution is used to deliver a firewall, it can be called a cloud firewall or firewall-as-a-service (FaaS). Cloud firewalls are analogous to proxy firewalls, where a cloud server is often used in a proxy firewall setup.
Virtual Private Network (VPN) • A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet. • A VPN establishes a secure, encrypted connection between your computer and the internet, providing a private tunnel for your data and communications while you use public networks. • A Virtual Private Network is a way to extend a private network using a public network such as the internet. • VPNs can be used to hide a user's browser history, Internet Protocol (IP) address and geographical location, web activity or devices being used.
How does a VPN work? Connecting to a VPN is generally quite simple. After subscribing to a VPN provider, you download and install the VPN software. You then select a server you want to connect to and the VPN will do the rest. When the connection has been established, the following will happen to your data: • The VPN software on your computer encrypts your data traffic and sends it to the VPN server through a secure connection. The data also goes through your Internet Service Provider, but they can no longer snoop because of the encryption. • The encrypted data from your computer is decrypted by the VPN server. • The VPN server will send your data on to the internet and receive a reply, which is meant for you, the user. • The traffic is then encrypted again by the VPN-server and is sent back to you. • The VPN-software on your device will decrypt the data so you can actually understand and use it.
benefits of a VPN connection • You’ll be more anonymous on the internet: your real IP address and location will be hidden. • You’ll be safer on the internet: the encrypted tunnel will keep away hackers and cybercriminals and your device won’t be as vulnerable to attacks. • You’ll be freer on the internet: by using different IP addresses, you’ll be able to access websites and online services that would otherwise be blocked.
Intrusion Detection System (IDS) • An intrusion detection system (IDS) is an application that monitors network traffic and searches for known threats and suspicious or malicious activity. • The IDS sends alerts to IT and security teams when it detects any security risks and threats. • Most IDS solutions simply monitor and report suspicious activity and traffic when they detect an anomaly. However, some can go a step further by taking action when it detects anomalous activity, such as blocking malicious or suspicious traffic. • IDS tools typically are software applications that run on organizations’ hardware or as a network security solution. • There are also cloud-based IDS solutions that protect organizations’ data, resources, and systems in their cloud deployments and environments.
Intrusion Detection Systems (IDS) Types IDS solutions come in a range of different types and varying capabilities. Common types of intrusion detection systems (IDS) include: 1. Network intrusion detection system (NIDS): A NIDS solution is deployed at strategic points within an organization’s network to monitor incoming and outgoing traffic. This IDS approach monitors and detects malicious and suspicious traffic coming to and going from all devices connected to the network. 2. Host intrusion detection system (HIDS): A HIDS system is installed on individual devices that are connected to the internet and an organization’s internal network. This solution can detect packets that come from inside the business and additional malicious traffic that a NIDS solution cannot. It can also discover malicious threats coming from the host, such as a host being infected with malware attempting to spread it across the organization’s system. 3. Protocol-based IDS (PIDS) : Organizations set up a Protocol-based Intrusion Detection System at the front end of the server. It interprets the protocols between the server and the user. PIDS monitors the HTTPS server regularly to secure the web. Similarly, it allows the HTTP server which is related to the protocol. 4. Application Protocol-based IDS (APIDS): As we have seen that PIDS is set up at the front end of the server. Similarly, APIDS is set up within a group of servers. It interprets communication with the applications within the server to detect the intrusion.
Intrusion Detection Systems (IDS) Types 5. Hybrid Intrusion Detection System: As the name says Hybrid Intrusion Detection system is a mixture of two different IDS. Hybrid System develops a network system by combining host agents with network information. In conclusion, Hybrid System is more responsive and effective as compared to other IDS.
IDS vs. Firewalls Firewalls and intrusion detection systems (IDS) are cybersecurity tools that can both safeguard a network or endpoint. Their objectives, however, are very different from one another. 1. IDS: Intrusion detection systems are passive monitoring tools that identify possible threats and send out notifications to analysts in security operations centers (SOCs). In this way, incident responders can promptly look into and address the potential event. 2. Firewall: A firewall, on the other hand, analyzes the metadata contained in network packets and decides whether to allow or prohibit traffic into or out of the network based on pre-established rules. A firewall essentially creates a barrier that stops certain traffic from crossing through it. An IDS is focused on detecting and generating alerts about threats, while a firewall inspects inbound and outbound traffic, keeping all unauthorized traffic at bay.
Intrusion Prevention System (IPS) • An intrusion prevention system (IPS) is a network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it occurs. • It is more advanced than an intrusion detection system (IDS), which simply detects malicious activity but cannot take action against it beyond alerting an administrator. • Intrusion prevention systems function by finding malicious activity, recording and reporting information about the malicious activity, and trying to block/stop the activity from occurring. • IPS are located in-line (directly in the path in which the source and destination communicate) and have the capability to prevent or block the malicious activity that is occurring.
Types of IPS There are several types of IPS, each with a slightly different purpose: 1. Network intrusion prevention system (NIPS): This type of IPS is installed only at strategic points to monitor all network traffic and proactively scan for threats. 2. Host intrusion prevention system (HIPS): In contrast to a NIPS, a HIPS is installed on an endpoint (such as a PC) and looks at inbound and outbound traffic from that machine only. It works best in combination with a NIPS, as it serves as a last line of defense for threats that have made it past the NIPS. 3. Network behavior analysis (NBA): This analyzes network traffic to detect unusual traffic flows, such as DDoS (Distributed Denial of Service) attacks. 4. Wireless intrusion prevention system (WIPS): This type of IPS simply scans a Wi-Fi network for unauthorized access and kicks unauthorized devices off the network.
How an IPS works Intrusion prevention systems are usually located behind a firewall to function as another filter for malicious activity. Since intrusion prevention systems are located in-line, IPS are capable of analyzing and taking automated actions on all network traffic flows. Those actions can include alerting administrators, dropping dangerous packets, halting traffic coming from the source address(es) of malicious activity, and restarting connections. It is important to note that an effective intrusion prevention system must be efficient to avoid hindering network performance. In addition, intrusion prevention systems must work quickly and accurately in order to catch malicious activity in real time and avoid false positives. Its action Includes : • Sending an alarm to the administrator (as would be seen in an IDS) • Dropping the malicious packets • Blocking traffic from the source address • Resetting the connection • Configuring firewalls to prevent future attacks
IPS and IDS - What is the Difference? The main difference between IPS and IDS is the action they take when a potential incident has been detected. • Intrusion prevention systems control the access to an IT network and protect it from abuse and attack. These systems are designed to monitor intrusion data and take the necessary action to prevent an attack from developing. • Intrusion detection systems are not designed to block attacks and will simply monitor the network and send alerts to systems administrators if a potential threat is detected.
Securing E-commerce networks in MIS and E-Commerce
Securing E-commerce networks in MIS and E-Commerce

Recommended

information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...Zara Nawaz
 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - IIITAMBEMAHENDRA1
 
CNIT 140: Perimeter Security
CNIT 140: Perimeter SecurityCNIT 140: Perimeter Security
CNIT 140: Perimeter SecuritySam Bowne
 
Describe firewalls
Describe firewallsDescribe firewalls
Describe firewallsВлад Панасенко
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfAschalewAyele2
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdf
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdfFALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdf
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdfthilakrajc
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 

Recommended

information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...Zara Nawaz
 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - IIITAMBEMAHENDRA1
 
CNIT 140: Perimeter Security
CNIT 140: Perimeter SecurityCNIT 140: Perimeter Security
CNIT 140: Perimeter SecuritySam Bowne
 
Describe firewalls
Describe firewallsDescribe firewalls
Describe firewallsВлад Панасенко
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfAschalewAyele2
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdf
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdfFALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdf
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdfthilakrajc
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.ppt
FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.pptFALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.ppt
FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.pptuseonlyfortech140
 
Unit-5.pptx
Unit-5.pptxUnit-5.pptx
Unit-5.pptxRoyBokhiriya
 
Aca presentation arm_
Aca presentation arm_Aca presentation arm_
Aca presentation arm_Mudassar Mehmud
 
Module 19 (evading ids, firewalls and honeypots)
Module 19 (evading ids, firewalls and honeypots)Module 19 (evading ids, firewalls and honeypots)
Module 19 (evading ids, firewalls and honeypots)Wail Hassan
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfANJUMOHANANU
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system securityGary Mendonca
 
Information Security.pptx
Information Security.pptxInformation Security.pptx
Information Security.pptxDrRajapraveen
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxAmardeepKumar621436
 
Firewall
FirewallFirewall
Firewallsajeena81
 
Lecture 5
Lecture 5Lecture 5
Lecture 5Education
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitynazar60
 
Network Security
Network SecurityNetwork Security
Network SecurityJitin Kollamkudy
 
Cours_4_IDS_IPS.pptx
Cours_4_IDS_IPS.pptxCours_4_IDS_IPS.pptx
Cours_4_IDS_IPS.pptxssuserc517ee1
 
The way of network intrusion and their detection and prevention
The way of network intrusion and their detection and prevention The way of network intrusion and their detection and prevention
The way of network intrusion and their detection and prevention MohammedAlmuhaimeed
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Presentation (3) cybersecurity wd imp.pptx
Presentation (3) cybersecurity wd imp.pptxPresentation (3) cybersecurity wd imp.pptx
Presentation (3) cybersecurity wd imp.pptxYash Sharma
 
VMI based malware detection in virtual environment
VMI based malware detection in virtual environmentVMI based malware detection in virtual environment
VMI based malware detection in virtual environmentAyush Gargya
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 

More Related Content

Similar to Securing E-commerce networks in MIS and E-Commerce

FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.ppt
FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.pptFALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.ppt
FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.pptuseonlyfortech140
 
Module 19 (evading ids, firewalls and honeypots)
Module 19 (evading ids, firewalls and honeypots)Module 19 (evading ids, firewalls and honeypots)
Module 19 (evading ids, firewalls and honeypots)Wail Hassan
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfANJUMOHANANU
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system securityGary Mendonca
 
Information Security.pptx
Information Security.pptxInformation Security.pptx
Information Security.pptxDrRajapraveen
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxAmardeepKumar621436
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitynazar60
 
Cours_4_IDS_IPS.pptx
Cours_4_IDS_IPS.pptxCours_4_IDS_IPS.pptx
Cours_4_IDS_IPS.pptxssuserc517ee1
 
The way of network intrusion and their detection and prevention
The way of network intrusion and their detection and prevention The way of network intrusion and their detection and prevention
The way of network intrusion and their detection and prevention MohammedAlmuhaimeed
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Presentation (3) cybersecurity wd imp.pptx
Presentation (3) cybersecurity wd imp.pptxPresentation (3) cybersecurity wd imp.pptx
Presentation (3) cybersecurity wd imp.pptxYash Sharma
 
VMI based malware detection in virtual environment
VMI based malware detection in virtual environmentVMI based malware detection in virtual environment
VMI based malware detection in virtual environmentAyush Gargya
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 

Similar to Securing E-commerce networks in MIS and E-Commerce (20)

FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.ppt
FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.pptFALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.ppt
FALLSEM2023-24_BCSE353E_ETH_VL2023240100871_2023-05-25_Reference-Material-I.ppt
 
Unit-5.pptx
Unit-5.pptxUnit-5.pptx
Unit-5.pptx
 
Aca presentation arm_
Aca presentation arm_Aca presentation arm_
Aca presentation arm_
 
Module 19 (evading ids, firewalls and honeypots)
Module 19 (evading ids, firewalls and honeypots)Module 19 (evading ids, firewalls and honeypots)
Module 19 (evading ids, firewalls and honeypots)
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system security
 
Information Security.pptx
Information Security.pptxInformation Security.pptx
Information Security.pptx
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
 
Firewall
FirewallFirewall
Firewall
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Cours_4_IDS_IPS.pptx
Cours_4_IDS_IPS.pptxCours_4_IDS_IPS.pptx
Cours_4_IDS_IPS.pptx
 
The way of network intrusion and their detection and prevention
The way of network intrusion and their detection and prevention The way of network intrusion and their detection and prevention
The way of network intrusion and their detection and prevention
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
 
Presentation (3) cybersecurity wd imp.pptx
Presentation (3) cybersecurity wd imp.pptxPresentation (3) cybersecurity wd imp.pptx
Presentation (3) cybersecurity wd imp.pptx
 
VMI based malware detection in virtual environment
VMI based malware detection in virtual environmentVMI based malware detection in virtual environment
VMI based malware detection in virtual environment
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 

Recently uploaded

internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonJericReyAuditor
 

Recently uploaded (20)

internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lesson
 

Securing E-commerce networks in MIS and E-Commerce

  • 2. • Firewalls Securing E-commerce networks • Virtual Private Networks • Intrusion Detection System (IDS) • Intrusion Prevention System (IPS)
  • 3. E-Commerce Security E-commerce security is the guideline that ensures safe transactions through the internet. It consists of protocols that safeguard people who engage in online selling and buying goods and services. You need to gain your customers’ trust by putting in place eCommerce security basics.
  • 4. Firewall • A firewall is defined as a cybersecurity tool(hardware, software or combination of both) that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of cybersecurity rules. • It is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer. • There are two types of Firewall system: One works by using filters at the network layer and the other works by using proxy servers at the user, application, or network layer.
  • 5.
  • 6. Key Benefits of Firewalls 1. Block spyware: One of the most common ways unwanted people gain access is by employing spyware and malware. These are software programs designed to infiltrate systems, control computers, and steal sensitive or critical data. Firewalls serve as an important blockade against such malicious programs. 2. Direct virus attacks: One of the most visible benefits of firewalls is controlling the system’s entry points and stopping virus attacks. The cost of damage from a virus attack on any system could be immeasurably high, depending on the type of virus. 3. Maintain privacy: Another benefit of employing a firewall is the promotion of privacy. By proactively working to keep your data and your customer’s data safe, you build an environment of privacy that your clients can trust. No one likes their data stolen, especially when it is known that steps could have been taken to prevent the intrusion. 4. Network traffic monitoring: By monitoring and analyzing network traffic, firewalls leverage pre-established rules and filters to keep the systems protected. 5. Prevent hacking: With the rise of data theft and criminals holding systems hostage, firewalls have become even more important, as they prevent hackers from gaining unauthorized access to data, emails, systems, and more. A firewall can stop a hacker completely or deter them from choosing an easier target.
  • 7. Key Applications of Firewall 1. Software-based applications: Software-based applications involve securing data by using any type of firewall installed on a local device rather than a separate piece of hardware (or a cloud server). The benefit of such a software-based firewall is that it’s highly useful for creating defense in depth by isolating individual network endpoints from one another. 2. Hardware-based applications: Hardware firewalls use a physical appliance that acts as a traffic router to intercept data packets and traffic requests before they’re connected to the network’s servers. Physical appliance-based firewalls like this excel at perimeter security by making sure malicious traffic from outside the network is intercepted before the company’s network endpoints are exposed to risk. 3. Cloud-based applications: Whenever a cloud solution is used to deliver a firewall, it can be called a cloud firewall or firewall-as-a-service (FaaS). Cloud firewalls are analogous to proxy firewalls, where a cloud server is often used in a proxy firewall setup.
  • 8. Virtual Private Network (VPN) • A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet. • A VPN establishes a secure, encrypted connection between your computer and the internet, providing a private tunnel for your data and communications while you use public networks. • A Virtual Private Network is a way to extend a private network using a public network such as the internet. • VPNs can be used to hide a user's browser history, Internet Protocol (IP) address and geographical location, web activity or devices being used.
  • 9. How does a VPN work? Connecting to a VPN is generally quite simple. After subscribing to a VPN provider, you download and install the VPN software. You then select a server you want to connect to and the VPN will do the rest. When the connection has been established, the following will happen to your data: • The VPN software on your computer encrypts your data traffic and sends it to the VPN server through a secure connection. The data also goes through your Internet Service Provider, but they can no longer snoop because of the encryption. • The encrypted data from your computer is decrypted by the VPN server. • The VPN server will send your data on to the internet and receive a reply, which is meant for you, the user. • The traffic is then encrypted again by the VPN-server and is sent back to you. • The VPN-software on your device will decrypt the data so you can actually understand and use it.
  • 10. benefits of a VPN connection • You’ll be more anonymous on the internet: your real IP address and location will be hidden. • You’ll be safer on the internet: the encrypted tunnel will keep away hackers and cybercriminals and your device won’t be as vulnerable to attacks. • You’ll be freer on the internet: by using different IP addresses, you’ll be able to access websites and online services that would otherwise be blocked.
  • 11. Intrusion Detection System (IDS) • An intrusion detection system (IDS) is an application that monitors network traffic and searches for known threats and suspicious or malicious activity. • The IDS sends alerts to IT and security teams when it detects any security risks and threats. • Most IDS solutions simply monitor and report suspicious activity and traffic when they detect an anomaly. However, some can go a step further by taking action when it detects anomalous activity, such as blocking malicious or suspicious traffic. • IDS tools typically are software applications that run on organizations’ hardware or as a network security solution. • There are also cloud-based IDS solutions that protect organizations’ data, resources, and systems in their cloud deployments and environments.
  • 12. Intrusion Detection Systems (IDS) Types IDS solutions come in a range of different types and varying capabilities. Common types of intrusion detection systems (IDS) include: 1. Network intrusion detection system (NIDS): A NIDS solution is deployed at strategic points within an organization’s network to monitor incoming and outgoing traffic. This IDS approach monitors and detects malicious and suspicious traffic coming to and going from all devices connected to the network. 2. Host intrusion detection system (HIDS): A HIDS system is installed on individual devices that are connected to the internet and an organization’s internal network. This solution can detect packets that come from inside the business and additional malicious traffic that a NIDS solution cannot. It can also discover malicious threats coming from the host, such as a host being infected with malware attempting to spread it across the organization’s system. 3. Protocol-based IDS (PIDS) : Organizations set up a Protocol-based Intrusion Detection System at the front end of the server. It interprets the protocols between the server and the user. PIDS monitors the HTTPS server regularly to secure the web. Similarly, it allows the HTTP server which is related to the protocol. 4. Application Protocol-based IDS (APIDS): As we have seen that PIDS is set up at the front end of the server. Similarly, APIDS is set up within a group of servers. It interprets communication with the applications within the server to detect the intrusion.
  • 13. Intrusion Detection Systems (IDS) Types 5. Hybrid Intrusion Detection System: As the name says Hybrid Intrusion Detection system is a mixture of two different IDS. Hybrid System develops a network system by combining host agents with network information. In conclusion, Hybrid System is more responsive and effective as compared to other IDS.
  • 14. IDS vs. Firewalls Firewalls and intrusion detection systems (IDS) are cybersecurity tools that can both safeguard a network or endpoint. Their objectives, however, are very different from one another. 1. IDS: Intrusion detection systems are passive monitoring tools that identify possible threats and send out notifications to analysts in security operations centers (SOCs). In this way, incident responders can promptly look into and address the potential event. 2. Firewall: A firewall, on the other hand, analyzes the metadata contained in network packets and decides whether to allow or prohibit traffic into or out of the network based on pre-established rules. A firewall essentially creates a barrier that stops certain traffic from crossing through it. An IDS is focused on detecting and generating alerts about threats, while a firewall inspects inbound and outbound traffic, keeping all unauthorized traffic at bay.
  • 15. Intrusion Prevention System (IPS) • An intrusion prevention system (IPS) is a network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it occurs. • It is more advanced than an intrusion detection system (IDS), which simply detects malicious activity but cannot take action against it beyond alerting an administrator. • Intrusion prevention systems function by finding malicious activity, recording and reporting information about the malicious activity, and trying to block/stop the activity from occurring. • IPS are located in-line (directly in the path in which the source and destination communicate) and have the capability to prevent or block the malicious activity that is occurring.
  • 16. Types of IPS There are several types of IPS, each with a slightly different purpose: 1. Network intrusion prevention system (NIPS): This type of IPS is installed only at strategic points to monitor all network traffic and proactively scan for threats. 2. Host intrusion prevention system (HIPS): In contrast to a NIPS, a HIPS is installed on an endpoint (such as a PC) and looks at inbound and outbound traffic from that machine only. It works best in combination with a NIPS, as it serves as a last line of defense for threats that have made it past the NIPS. 3. Network behavior analysis (NBA): This analyzes network traffic to detect unusual traffic flows, such as DDoS (Distributed Denial of Service) attacks. 4. Wireless intrusion prevention system (WIPS): This type of IPS simply scans a Wi-Fi network for unauthorized access and kicks unauthorized devices off the network.
  • 17. How an IPS works Intrusion prevention systems are usually located behind a firewall to function as another filter for malicious activity. Since intrusion prevention systems are located in-line, IPS are capable of analyzing and taking automated actions on all network traffic flows. Those actions can include alerting administrators, dropping dangerous packets, halting traffic coming from the source address(es) of malicious activity, and restarting connections. It is important to note that an effective intrusion prevention system must be efficient to avoid hindering network performance. In addition, intrusion prevention systems must work quickly and accurately in order to catch malicious activity in real time and avoid false positives. Its action Includes : • Sending an alarm to the administrator (as would be seen in an IDS) • Dropping the malicious packets • Blocking traffic from the source address • Resetting the connection • Configuring firewalls to prevent future attacks
  • 18. IPS and IDS - What is the Difference? The main difference between IPS and IDS is the action they take when a potential incident has been detected. • Intrusion prevention systems control the access to an IT network and protect it from abuse and attack. These systems are designed to monitor intrusion data and take the necessary action to prevent an attack from developing. • Intrusion detection systems are not designed to block attacks and will simply monitor the network and send alerts to systems administrators if a potential threat is detected.