Synopsis presentation uu Purna Chandra Sethi

An Effective method for Network Security and Improving the
Quality of Service
Submitted by : Purna Chandra Sethi
PhD Scholar
Dept. of CSA
Utkal University
Supervised by : Dr. P. K. Behera
Reader Dept CSA
Utkal University
Ph. D Synopsis Presentation
08/03/15 1/30Ph. D Synopsis Presentation (Dept. CSA), UU

Overview
• What is security?
• Why do we need security?
• What is QoS? Why QoS?
• Common security attacks
• Research Proposal
• Conclusion
08/03/15 2/30
Ph. D Synopsis Presentation (Dept. CSA), UU

What is Security?
1. Freedom from risk or danger; safety.
2. Freedom from doubt, anxiety, or fear; confidence.
3. Something that gives or assures safety, as:
• 1. A group or department of private guards: Call building
security if a visitor acts suspicious.
• 2. Measures adopted by a government to prevent interrupt or
attack.
• 3. Measures adopted, by a business or homeowner, to prevent
a crime such as theft or attack: Security was lax at the firm's
smaller plant.
08/03/15 3/30

Why do we need security?
• Protect vital information while still allowing
access to those who need it
– Trade secrets, medical records, etc.
• Provide authentication and access control for
resources
– Ex: AES
• Guarantee availability of resources
– Ex: 99.999% reliability
08/03/15 4/30

Data Security & Network Security
08/03/15 Ph. D Synopsis Presentation (Dept. CSA), UU 5/30

Common security attacks in IPv4
• Eavesdropping
• Virus
• Worms
• Trojans
• Phishing
• IP Spoofing
• Denial of Service
etc…
08/03/15 6/30

Eavesdropping
• Interception of communications by an unauthorized party is
called eavesdropping.
• Passive eavesdropping is when the person only secretly listens
to the networked messages.
• Active eavesdropping is when the intruder listens and inserts
something into the communication stream. This can lead to the
messages being distorted. Sensitive information can be stolen
this way.
• Protocols defend against Eavesdropping attacks by using
encryption for confidentiality.
• Eg: Man in the middle attack
08/03/15
7/30

VIRUS
• Computer virus refers to a program which
damages computer systems and/or destroys or
erases data files
• Virus are self-replicating programs that use
files to infect the information. Once a file is
opened, the virus will activate the system.
08/03/15
8/30

WORM
• Worm are self replicating replicating in nature.‐
• There are two main types of worms, mass mailing‐
worms and network-aware worms.
• Mass mailing worms use email as a means to
infect other computers.
• Network aware worm selects a target and once‐
the worm accesses the target host, it can infect it
by means of a Trojan or otherwise.

Trojan Horse
• Trojan Horse is a malicious program that
usually comes with monitoring tools and key
loggers.
• It enters into the system with general program
elements and then generates it replica.
• It can be used to control the total system by an
intruder present remotely.
08/03/15
10/30

Phishing
• Phishing is an attempt to obtain confidential
information from an individual, group, or
organization.
• Phishers trick users into disclosing personal
data, such as credit card numbers, online
banking credentials, and other sensitive
information.
08/03/15
11/30

IP Spoofing
• Spoofing means to have the address of the computer
mirror the address of a trusted computer in order to
gain access to other computers.
• The identity of the intruder is hidden by different
means making detection and prevention difficult.
With the current IP protocol technology, IPspoofed
packets cannot be eliminated.
08/03/15
12/30

Denial of Service
• Denial of Service is an attack when the system receiving too many
requests cannot return communication with the requestors. The main
purpose of DoS is to make network service unusable, usually by
overloading the server or network.
• Until the handshaking is complete, the system consumes resources.
Eventually, the system cannot respond to any more requests
rendering it without service.
• Many different kinds of DoS attacks
– SYN flooding
– SMURF
– Distributed attacks
etc …

Technologies for Internet Security
• Cryptographic Systems
• Firewall
• Intrusion Detection System
• Anti-Malware Software and scanners
• Secure Socket Layer
etc…

Cryptographic Systems
• It involved the use of codes and ciphers to transform
information into unintelligible data.

Firewalls
• Firewall is a typical border control mechanism or perimeter
defense.
• The purpose of a firewall is to block traffic from the outside,
but it could also be used to block traffic from the inside.
• A firewall is the front line defense mechanism against
intruders.
• It is a system designed to prevent unauthorized access to or
from a private network.
• Firewalls can be implemented in both hardware and software,
or a combination of both
08/03/15 16/30

Intrusion Detection System
• Used to monitor for “suspicious activity” on a network and
Can protect against known software exploits, like buffer
overflows.
• IDS systems can be software and hardware devices used to
detect an attack.
• IDS products are used to monitor connection in determining
whether attacks are been launched.
• Some IDS systems just monitor and alert of an attack, whereas
others try to block the attack.
• Open Source IDS: Snort, www.snort.org
08/03/15 17/30

Anti Malware Software and scanners‐
• Viruses, worms and Trojan horses are all
examples of malicious software, or Malware.
• Anti Malware tools are used to detect them‐
and cure an infected system.
• Eg: Anti- virus softwares
08/03/15 18/30

Secure Socket Layer (SSL)
• The Secure Socket Layer (SSL) is a suite of protocols that
is a standard way to achieve a good level of security
between a web browser and a website.
• SSL is designed to create a secure channel, between a
web browser and the web server, so that any information
exchanged is protected within the secured channel.
• SSL provides authentication of clients to server through
the use of certificates. Clients present a certificate to the
server to prove their identity.
08/03/15 19/30

Security Issues of IP Protocol IPv6
1. Header manipulation issues
2. Flooding issues
3. Mobility issues
08/03/15 20/30

Security in different Networks
1. Firewalls that detect and report intrusion attempts
2. Sophisticated virus checking at the firewall
3. Enforced rules for employee opening of email
attachments
4. Encryption for all connections and data transfers
5. Authentication by synchronized, timed passwords
or security certificates
08/03/15 21/30

PROPOSED STATEMENT
The research proposal is based on two types of
issues:
•Enhancement of Data Security by increasing the
level of confidentiality.
•Improving the Quality of Service for faster and
accurate data transmission.
08/03/15 22/30

PROPOSED STATEMENT contd…
• RSA, AES, IDEA uses single key value for encryption.
Though RSA provides a good level of security, still it can be
cracked.
• Multi signer key implementation by means of ring signature
so that multiple keys can be generated using s single prime
number shared by the group members but the identity of the
key generator can be secure and it will be convertible i.e. only
the actual message signer will be capable of generating the
signature.
• Cross- organizational key assignment by mean of multiple key
implementation at a time, so that using both the keys at a time
the information can be accessed. It will work like a locker
system.
08/03/15
23/30
Enhancement of Data Security

Improving the Quality of Service
• The quality of service for streaming image,
audio and videos are much difficult than the
standard text.
• Dynamic assignment of bandwidth for proper
utilization of resources.
• The protocols does not have the functionality
of dynamic QoS that changes based on the
type of data being communicated.
PROPOSED STATEMENT contd…

RESEARCH PERSUED
• In paper [10], I have proposed a group
communication technique based on clustering
approach called incremental clustering.
• It guarantees the transmission of information
to the destination.
• It was implemented using the different ARQ
protocols .
High Impact Event Processing using Incremetal Clustering in Unsupervised Feature Space through Genetic
algorithm by Selective Repeat ARQ protocol [ICCCT – 2011 (IEEE International Conference) pp – 310 –
315]
08/03/15 25/30

RESEARCH PERSUED Contd…
• In paper [12], I had proposed a dynamic mechanism
called UPnP (Universal Plug and Play) mechanism.
• Here, each user has to register in the group before any
type of operation. After that it can be released such
that unnecessarily the candidate has to participate in
each type of activities. This provides well utilization
of resources of a group connected in the network.
UPnP and Secure Group communication Technique for Zero-configuration Environment construction using
Incremental Clustering [International Journal of Engineering & Technology (IJERT) – ISSN : 2278 –
0181, Vol -02, Issue -12, December – 2013 ]
08/03/15 26/30

CONCLUSION
• Network security and QoS is an important field that is
increasingly getting attention as the Internet expands.
• Due to the complex set of applications being executed over
Internet, the security issues such that information can’t be
leaked.
• QoS has to be enhanced for smarter and faster application
processing.
08/03/15
27/30

Reference
[1] Kartalopoulos, S. V., "Differentiating Data Security and Network Security,"
Communications, 2008. ICC '08. IEEE International Conference on, pp.1469 1473, 19‐ ‐
23 May 2008
[2] Molva, R., Institut Eurecom, “ Internet Security Architecture”, in Computer Networks
& ISDN Systems Journal, vol. 31, pp. 787 804, April 1999‐
[3] Sotillo S., East Carolina University, “ IPv6 security issues ”, August 2006,
www.infosecwriters.com/text_resources/pdf/IPv6_SSot illo.pdf.
[4] “Improving Security,” http://www.cert.org/tech_tips, 2006.
[5] Andress J., “IPv6: the next internet protocol”, April 2005, www.usenix.com
/publications /login / 2005 04/pdfs/andress0504.pdf.‐
[6] Adeyinka, O., "Internet Attack Methods and Internet Security Technology," Modeling &
Simulation, 2008. AICMS 08. Second Asia International Conference on, vol., no.,
pp.77 82, 13 15 May 2008‐ ‐
[7] Marin, G.A., "Network security basics," Security & Privacy, IEEE , vol.3, no.6, pp. 68‐
72, Nov. Dec. 2005‐
[8] Tyson, J., ”How Virtual private networks work,” ttp://www.howstuffworks.com/vpn.htm
.

Reference Contd…
• [9] Jian Ren, Member, IEEE, and Lein Harn: Generalized Ring Signatures, IEEE
TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 5, NO. 3,
JULY-SEPTEMBER 2008.
• [10] P. C. Sethi, C. Dash: High Impact Event Processing using Incremental Clustering in
Unsupervised Feature Space through Genetic algorithm by Selective Repeat ARQ protocol:
ICCCT- 2nd IEEE Conference – 2011, pp. 310-315.
• [11] Atul Kamble, Incremental Clustering in Data Miningusing Genetic Algorithm,
International Journal of Computer Theory and Engineering, Vol. 2, No. 3, June, 2010. 1793-
8201.
• [12] P. C. Sethi: “UPnP and Secure Group communication Technique for Zero-configuration
Environment construction using Incremental Clustering”, International Journal of Engineering
Research & Technology (IJERT), ISSN: 2278 – 0181, Vol. 02 Issue 12, December – 2013.
• [13] Tzu-Fang Sheu, Nen-Fu Huang, and Hsiao-Ping Lee, “In-Depth Packet Inspection Using
a Hierarchical Pattern Matching Algorithm”, IEEE TRANSACTIONS ON DEPENDABLE
AND SECURE COMPUTING, VOL. 7, NO. 2, APRIL-JUNE 2010, Page175-188
• [14] Kaoru Kurosawa, Member, IEEE, and Tsuyoshi Takagi, “One-Wayness Equivalent to
General Factoring”, IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 55, NO.
9, SEPTEMBER 2009, Page 4249 - 4262
• [15] R.L. Rivest, A. Shamir, and Y. Tauman, “How to Leak a Secret, Advances in
Cryptology”, ASIACRYPT, 2001

Synopsis presentation uu Purna Chandra Sethi

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Viewers also liked

Viewers also liked (20)

Similar to Synopsis presentation uu Purna Chandra Sethi

Similar to Synopsis presentation uu Purna Chandra Sethi (20)

Recently uploaded

Recently uploaded (20)

Synopsis presentation uu Purna Chandra Sethi