Posted at 11.19.2018
Online users today are confronted with multitude of problems and issues. A typical online individual is vulnerable to virus, worms, bugs, Trojan horses etc. ; he/she is also exposed to sniffers, spoofing their private lessons; and they are also vulnerable to phishing of financial information. Not only this but users are also constantly put through invasion of personal privacy with the large number of spy ware available for monitoring their surfing behaviours. If this is not all, users are also subjected to malwares that stop or totally ruin their machines render them helpless. These cases only suggest that the Internet is not really a safe place for internet surfers. Users are constantly susceptible to hacked sessions, disorders and phishes that make them cautious with going online. However, the development does not stop at that. In fact corporations and federal government sector organizations are also faced with the same problems. Commercial information are being hacked; e-mail are read; government magic formula information are subject to security dangers and bankers are being hacked and hundreds of thousands stolen. Some of the reasons behind such attacks are the weaknesses inherent in the sites of the firms and authorities organizations; other reasons include carelessness of users. Whichever the situation internet security issues have become one of the major concerns for technologists and users similarly. There's a great dependence on understanding the nature of the attacks, the attackers, the networks, the loop holes and the actions taken up to counteract them. The following research identifies the various methods and techniques of episodes online and the way they expose the users to information robbery; corruption of systems; and lack of funds. The study also identifies the many methods that are being used to counteract these disorders and exactly how effective they are demonstrating for the users. Some recommendations are also given for future security procedures for networks and network users.
Chapter 1: Introduction
The Internet has revolutionized the way people live today. Activities which range from access to information to entertainment; financial services; product purchase and even socializing all appear to take place online. Because of its extensive coverage and pervasive information collection, hundreds of thousands of men and women are relying on the Internet for nearly all kind of activities. And with frequent usage, they have also come to trust the Internet to give a gateway for personal, home and office convenience. The essential simple composition of the web based on a bunch of backbones and host servers, however helps it be susceptible to many dangers. The hosts change from supercomputers to personal computers using different kinds of hardware and software. The common link in all of these hosts is the TCP/IP (Travel Control Process/Internet Protocol). This words again is dependant on simple efficiency that is if a bunch has TCP/IP then it can simply hook up to other pcs which may have same backbones and os's. This available technology not only expose the Internet to numerous security hazards and pitfalls but it also becomes the real issue because of its users. This is because attacks on IP is possible; IPs do not perform solid mechanisms for authentication for packets of data that come onto the Internet. With no authentication system any data packet may claim it originates from certain address but there is no sure way to check on the case of the info packet. The most important fact is that the bigger part on the ISO/OSI Guide Model lack sponsor authentication such as through cryptographic applications. Because of this it is easy for users to enter into any host and adjust/change the content of other users' systems. Since there is no check for such criminal activities, Internet criminal offense and security breaches continue steadily to rise along with the evolution of the web. The Internet continue steadily to grow at a tremendous speed, spreading far and wide pervading all degrees of real human activities from personal browsing to high definition business activity. Issues of security becomes significantly recognizable when a price is attached with Internet security breach. To name a few cases, companies have removed bankrupt; private information has been exposed to general public domains; national databases have been hacked, and businesses have lost significant amount caused by espionage etc. These are but some examples of the gravity of Internet Security concern. As the Internet becomes more technical the type of the condition inherent in internet security also progressed. This is due to the fact that security breakers also have become clever, anticipate and undermines the security methods taken. It is also one of why today many companies and open public sector units are considering internet security within their risk management ideas to avoid financial and business losses. Individuals on the other side spend large amount on safeguard software's and security obstacles such as security password security, authentication etc. Despite these actions, time and again one reads or hears of Internet security breach that has led to loss of millions of pounds.
1. 1 Purpose
The gravity of the problem of Internet security and its breaches have prompt the researcher to investigate on the various internet security problems that users are facing today. These may range between business explicit to personal in aspect. The goal of this research is to identify the different types of Internet security problems encountered by consumers, businesses, federal government and individuals. At the end of the study, the researcher aspires to resolve these problems by suggesting alternatives and by devising better procedures for safer Internet environment.
1. 2 Scope
Readers will see this research valuable for understanding the several approaches attackers to undermine Internet security. Because the nature of the challenge is technical in nature lay down persons may well not fully appreciate the problems and resolution layed out in this research. Instead pros in the field of Computer Technology as well as students and other experts will find the info more relevant. The research is also universal in the sense so it outlines different problems and solutions so future research workers can put it to use as a platform for their own projects which might perhaps become more specific in aspect. Due to restrictions of the dissertation, the researcher has focussed only on major issues while there could be other prevalent problems pertaining to Internet security which might be investigated by future researchers.
1. 3 Methodology
Internet security is a subjective concern that needs to be reviewed from all type of users' point of view. Furthermore, the condition with Internet security is the fact that it require identification of the victims before you can categorize the gravity of the situation. Because of this the researcher consider a literature review of the various problems widespread and experienced by Internet surfers at all levels such as specific, communities, businesses, government sectors and international users. This might permit the researcher to identify the most frequently faced problems. The usage of magazines, books and journal articles have been considered perfect for this investigation. In addition references from the Internet sources have also been found to significantly insightful.
Chapter 2: Literature Review
Any person utilising the web is put through Internet security and privateness risks. The chance becomes high as new technology are released with holes in programs. Even the anti-virus software that a person installs to counteract trojans, bugs and worms have a tendency to become outdated within hours. It is because when new solutions are introduced, software and programs for reducing them are devised and used to hack them.
A go through the following statistics will reveal the gravity of the problem:
"-- In 1999, 57% of large businesses and public firms reported computer episodes.
-- It is estimated that only 32% of serious hacker incidents are reported.
-- 62% of organizations had a computer security breach within the last 12 months.
-- 30% of companies have reported system penetration by outsiders.
-- 57% of companies reported the web was the idea of entry for problems.
-- 32% of companies reported denial of service attacks.
-- 55% of companies record happenings of unauthorized gain access to by company insiders.
-- Experts estimate 50-75% of companies linked to the Internet have 20 known security openings. " (Business Line 2000)
Given the above mentioned numbers one cannot actually understand the breadth and opportunity of Internet security. A study of the several kind of security breaches are listed below. The literature review will reveal how Internet security has become a major issue for internet surfers whether individual end user; corporate or administration user.
2. 1 IP Spoofing and Time Hijacking
One of the very most basic and common security breaches is whenever a host claims with an IP address of another sponsor. This sort of attack is named spoofing. Considering the several router access control lists of different systems are linked to the Internet, the only way for receiving personal computers to recognize its data packet is through the IP address. An attacker may devise and use ways to spoof IP address and send packets to a host that want certain actions which may be harmful. Furthermore some applications allow logins on Ip which open the server/coordinator to great dangers if the Ip is known to attackers.
On the other side there are IP session hacking that are much more serious than spoofing. It encompass damages at a more serious level when compared with mere breaking admittance barriers. Program hijacking refers to the utilization of toolkits to hijack an ongoing time. The attacker takes over the user's period and control the procedure without an individual being aware of it; the so called hijacker may change, alter, give directions as an individual does and may execute nasty directions. Steve Bellovin (1989) points out this idea as very dangerous if the attacker has usage of a host; he/she may login as an traditional end user and do anything as a customer will (see example in Physique).
Figure1: Time Hijacking
In this diagram the user is on sponsor A, hauling a period with a individual on sponsor G. The users are using a telnet procedure. An attacker is monitoring their improvement from variety H. He/she runs on the toolkit to impersonate A to G. A's procedure expires without him/her realizing the reason behind it. G on the other hands remains unaware and continue with the telnet activity. In the process of impersonate the hijacker may obtain private information so you can get in to the user's machine, a local area network or a commercial network.
This kind of problem can be resolved by using telnet-type applications with encrypted types, the users can prevent potential attackers from overtaking the procedure. He/she could see gibberish script rather than the whole period. He would desire a cryptographic key to be able to decrypt the data stream from A to G or vice versa before he/she can hack the treatment (Gertz 1999).
2. 2 Denial of service (DoS)
Between the years 2000 and 2002, 60 % of UK companies have suffered security breaches while eighty five percent of the united states companies suffered from network breach costing some $10 million in damages. This only shows that the amount of incidents of security breach is increasing as the Internet multiply far and wide, it would also bring with it more risks and hazards for breaches. In addition to the physical security, the web is also threatened by software breaches. Denial of Service or DoS is one of the cases of security breach. The idea can be explained the following.
Most companies have outdated firewalls and network perimeters that concentrate on specific security models that not properly cover all aspects of security. Hackers on the other hands are always on the look out for poor links or loop slots in corporate and business security system for attacks. A virus, bug, worm or a spyware is directed through packets of information to the victim's computer at a randomly decided on spoofed address. The victim's computer then delivers a response to each one of the spoofed addresses on his/her address reserve. The spoofed address sends out the same information to other addresses. The basis for DoS is that the attacks generate a reply from the victims as soon as the program has a response it is constantly on the distribute to other folks on the network creating a string reaction of responses. Some network takes it slow while others take less than one hour to generate the effect (PC Publication 2001). As a result of this, the traffic circulation of the network is blocked and the users of the network are refused access of the assistance available. A number of the recent DoS attacks that contain been recognized to shut down computer systems and networks are the Blaster worm and Welchia worm that contaminated hundreds of private sites by reproducing itself on the sites of companies. The Welchia and the SoBig. F both spread out by mailing itself to a random address in a user's directory site. Once the individual download the data files and accidentally opens it the process of regeneration starts as the record begins to deliver personal information or replicate emails to any address in the website directory. The worm is coded in such a manner that it starts available relays or slots in the e-mail system. As the pace of distribution raises, the network decreases therefore denying company users of services available for that network. The Welchia and SoBig havent only significantly slowed up and refused services to corporate and business users but scheduled to these activities they have got incurred great costs to the companies (Lemke 2003).
2. 3 Encryption
Encryption is a method of changing basic text messages from its original composition by exchanging or rearranging the characters and amounts and transforming the structure into an indecipherable format. This method uses a mathematical algorithm and a key for encryption. The distance of the main element is measured in parts which can determine the weakness of the encryption program. The encryption key may be 40 parts long but it'll create 1 billion possible tips or combination. For this reason encryption designers use long strings to increase security level (Voors 2003).
There are two types of encryption: the private and general public key. Encryption in private key systems use algorithms and a symmetric key to encrypt and decrypt information. Private keys are believed to be less secure because the same keys are used by both encryption originator and the individual who decrypts. Hence if an attacker even has usage of the encryption key he can decrypt the message. In any case it has been observed attackers can access the key from the 3rd party seller who provides encryption and decryption services, can match and open up the text messages easily (Voors 2003).
The technology is not really a new one and can be traced to enough time of Julius Caesar in 1900 B. C. However, recent development in encryption has come about through the World Wars and more recently with the arrival of computer time. "In the early to mid-1980s, Phil Zimmerman developed software that implemented the idea of public-key encryption and revolutionized the world's understanding of encryption. VERY GOOD Privacy ("PGP"), as the software is called, was released in the early 1990s. This program extended the use of encryption from major government authorities and militaries to normal businesses and private individuals. " (Voors 2003) There has been discord in the belief of Zimmerman and the government of the use of encryption PGP. The US government considered distribution of PGP to private users and Internet as violation of the Forearms Export Control Work whereas Zimmerman considered it as a good way of protecting against users from becoming victims of security attackers (Voors 2003).
The use of encryption systems has today multiply to various industries such as businesses, hospitals, resources and communication companies who know about the necessity for protection of information. For instance businesses use encryption to secure customer's personal information and bank card numbers. A large number of hospitals across the world today encrypt patients' details to ensure privacy. Therefore, it could be said that the utilization of encryption whatsoever levels of network users has become common. It is then unsurprising when attackers aim for the encryption method of coding and try to "break in" for decoding information. Despite alternative party regulation and police to secure encryption systems, nevertheless decryption tips tend to be leaked to the attackers through the back doors thereby diminishing the authenticity of security (Voors 2003).
2. 4 Web Trackers and Spyware
Spyware has already reached an epidemic level and relating to Brien Posey (2004) will only get worse. Around 95% of the world's Personal computers are infected with spy ware and the removal tools used are only effective for a few months. The types of new spyware are released with every new counteractive tool for taking away them. There are different kinds of spyware that are being used by attackers for various purposes.
For example specific software technology has been devised to keep tabs on the web browsing on behaviors of users. These softwares have been devised to observe individual behaviours for marketing purposes and to invade the user's privacy. Despite customer outcry of level of privacy issues, web trackers continue steadily to become common when users are online. Companies devise these web trackers to collect data minus the users being aware of it and sell it to marketing companies that focus on the same users. For example the WebHancer installs a program onto the user's computer when the user downloads the software. The program is bundled with a host of individual applications however in actuality the web tracker is being installed too. The net tracker then displays the user and directs out survey of information such as how long did an individual remain on a specific site, usage patterns, personal information etc. to the company that sponsor the programs. Others such as the NetGenesis tracks data from cookies and directs out studies to this program producer (Laptop or computer-3P Online 2004). There are others still which trick users into setting up spyware and adware. This happens when users are surfing the internet and see a pop-up screen that intimates House windows error message. Even though the Windows error note may look familiar but it vary greatly. Users in a rush to fix the condition go through the button thinking they may have fixed the challenge whereas in actuality they have initiated the spy ware.
Other forms of spyware that tend to get installed when users inadvertently or through trickery visit an afflicted website that trigger ActiveX control buttons. ActiveX controls focus on the weaknesses of IE and hence take control above the users surfing behavior.
There are other kinds of spyware which come in the form of emails. Mail programs such as Perspective Express have a tendency to open mail in virtually any of the formats especially in HTML form. A spyware and adware is usually coded in the e-mail message. when an individual opens the e-mail it initiates the destructive script to execute the spyware onto the user's system. To solve Posey (2004) recommends the use of spy ware removers such as Advertising Aware and Spybot. However, even after the installing these softwares the spy ware is not removed then it is strongly recommended that the user manually removes the spy ware by rebooting the machine in safe mode and go to Job Manager to remove the spy ware.
Furthermore, customer machines functioning on OR WINDOWS 7 have the option of downloading and installing Service Load up 2 which allow users to fix a number of IE security slots including pop up blockers. On the other hand, the users can go to IE area for help with step-by-step enhancing the security of IE internet browser.
2. 5 Sniffing
Not only this but specialists are also of the view that the tendency of "packet sniffers" has increased significantly recently. There is little the user can do to prevent hackers from "sniffing" or taking packet of data filled with clear word passwords. Among the reasons why this technique is becoming even simpler for the packet sniffers is that we now have tools designed for scanning classes on the Internet that vie for available sessions or available port to enter the user's system. Where systems maintain clear text message password, an individual is victimized the most easily. With new systems like one-time passwords such as S/Key, PGP, token founded authentication devices etc. users can prevent sniffing from taking place. They are able to devise key tokens and pins, and password-like strings to avoid decryption (Melber 2004).
However, one of the reasons why sniffers continue to have accesses to passwords and hidden knowledge tokens is usually that the password authentication protocols are fragile. The issue is inherent in the actual fact that Microsoft os's and sites still support legacy authentication protocols. Lan Manager and NT Lan Supervisor for example support old protocols which create slots in the security system. The decryption secrets for these old authentication protocols have features that allow access to the operating-system at different levels. Although, Microsoft has modified its authentication protocols for new Operating-system such as NTLMv2 and Kerberos however the integration of the old protocols in to the new ones power new OS to operate and obey orders when hackers enter the machine (Melber 2004).
Kerberos is considered to be an industry standardized and approved authentication standard protocol for Internet Anatomist Task Force's Request for Commentary 1510. Microsoft has added some features to the Kerberos but still the protocols that is behind this new process is based on the old model. Regarding to Derek Melber of Microsoft (2004):
"Kerberos enforces the mutual authentication process by using a ticketing system.
The authentication process is completed primarily by the client, reducing the load on the servers.
Domain controllers promote the authentication load by operating as Kerberos Syndication Centres (KDCs).
No part of the security password is ever transmitted on the network.
Attackers are averted from acquiring and replaying packets from the network because the packets are time very sensitive. " (Melber 2004). With these options it is expected that Microsoft based mostly products would have become more sensitive to sniffers and packet stealers.
2. 6 Information and Personality theft
Despite warnings and precautionary measures users surrounding the world are being victimized constantly. Among the latest tendencies is information fraud on the web. The web has managed to get easier for attackers to check private information such as Community Security and bank card numbers, and make use of it for their own gain. For example Kristina Stefanova from the Washington Times (2002) reviews of scam electronic mails sent to AOL users saying to be from AOL billing team. The meaning says:
"Our records reveal that the charge card information on file for your AOL consideration is not up-to-date. Therefore, you will need to displace it with another or newer credit-based card information, " it said. "Outdated information on your AOL consideration may cause invoice control problems which in some cases could lead to service interruptions and termination of your bank account. "
The biggest concern caused by information theft is the fact as increasingly more companies are moving online to enhance their services and ease the process of buying and selling, the dollars value of Internet hazards also have increased manifolds. For example Thomas Tribunella (2000) records that more products, trade ventures and banks 're going online and offer services that require customer authentication of private information. This sort of need not only expose the users and the company to online scams but also disrupt website stability. Hackers are determined by greed, monetary gain, ego, entertainment and politics causes. These factors initiate them to harm individual as well as corporate and business users by destroying information or stealing information which may prove destructive to the individual users. In such instances it is recommended that firewalls be installed for consumer authentication, access control lists and installing dynamic packet filters. Stealing of identity information and financial information may lower with these steps but will not assure its eradication once and for all (Tribunella 2000).
2. 7 Phishing
Related to information fraud there's a trend on the web whereby web internet pages are replicated using the same information and encryption as the original website. The user unaware of the fact they have arrived at an incorrect address wilfully go into personal and financial information. This is called phishing. Matching to Sandi Hardmeier (2004) phishing identifies "building a replica of a preexisting Web page so that they can fool a visitor into providing personal, financial, or security password information. " The hackers behind the phishing approach can distribute email to declare that they can be from reliable business or administration group, and require users to go into personal identification quantities, passwords, charge card information or social security numbers that would ultimately allow them to use the information to access funds from the user's bill (See Number 2: Phishing).
Shape 2: Phishing
A typical phishing email looks like an original email with images and message that identify them as authentic. They provide a link to which the customer will be transferred to the web site that also appear to be the initial website. The only real sign that one may detect a imitation from the original would be that the Link given as a web link would differ from the one that opens the browser window. To check on whether a contact is a potential phishing one can type the URL of the business into the internet browser address bar. When the icon on the webpage where the link is comparable to the one submitted the e-mail then it can be an authentic email, not really a phisher (Hardmeier 2004).
2. 8 Trojan, worms and Trojans
According to Michael Durkota (2005) of US-CERT "Trojan horses are one of the most malicious programs to infect any computer. Despite the fact that there will vary sorts of removal tools available on the internet, the probability of figuring out the right program for the specific Trojan is difficult and by that point the virus could have infected the whole computer. " (Durkota 2005) Internet users are exposed to the Trojans easily as it concentrate on online users who are connected to the Internet (network of sites). Your personal computer that does not produce an anti-virus program is likely to become infected with Trojans horses especially through e-mail and web browser. Some of the measures for stopping Trojans from joining by not opening unsolicited accessories in email messages; unsolicited links; using up to date anti-virus software; use an internet firewall and keeping the system patched.
Similarly malware like MyDoom, ILOVEYOU and Blaster worm all have been made to infect consumer machines by shutting down their systems. The most important aspect of these malwares is they are designed to particular program type such as Microsoft and therefore corrupt all executable data files related to it. The MyDoom Worm for example has "successfully contaminated enough victims in order to turn off SCO's internet site, accompanied by new variants that targeted Microsoft's site. " (Dancheve 2004). Malware authors know about the advanced computer users and also know how the Internet works. Although they don't cross the line of the law but still they can do great harm to the users by infecting the web with the Worms which multiply quickly through interface web browsers, instant messaging and emails. Email attachments, record transfers, browsing web pages which initiate ActiveX each is vulnerable to malware being attached to them (Danchev 2004)
2. 9 How to Prevent Internet Security breaches?
2. 9. 1 Data encryption software
The Internet as mentioned earlier goes on proxy servers and through web host machines. The proxy servers serve as the hub for program services that allow a number of protocols such as Telnet, SMTP, FTP, and HTTP etc. to transfer information. Host machines on the other hand uses these services but are not connected right to other servers. in case there is the proxy ip server application, your client attaches with the proxy ip server that initiates the connection to the external server. In some instances with regards to the type of proxy server used, the internal clients can perform redirection without the user being aware of it. The proxy server then initiates the connection through given format. This avoid the users from being attacked by external machines as proxy machines require authentication before gain access to is granted. The gain access to control list process needs to be updated before the customer or system is allowed to have access to the network. More advanced proxy servers, called Application Layer Gateways or ALGs can further improve security by configuring and preventing subsections of protocols. For example an ALG for FTP makes it possible for "get" order and disallow "put" control so the users cannot put any files on the remote server. This type of filtering of commands is effective as compared to the host machines that only has the capability of fully allow server to interact with other machines/users or totally deny the service (Fraser 1997).
Another method of safeguarding users from being attacked through servers is to safeguard hidden knowledge tokens and PINs. Experts in the technology field recommend users to work with higher and lower case characters with digits and special people when assigning passwords for gain access to on public domain name. That is important as it could prevent access through hardware devices and software as well. The secret Pretty Good Privacy key is another method of unauthorized gain access to. Cryptography products such as PGP ensure the user is not attacked by giving encrypted cable connections between two location tips on the web (Fraser 1997).
2. 9. 2 Anti pathogen softwares
From time to time one reads of destructive bugs and viruses like Melissa and Love Insect that run in email script and aim for the users by getting into their systems and destroy programs etc. One of the reasons why insects and trojans easily access users' system is due to the fact that these aim for Microsoft products such as Internet Explorer and Outlook Express The most common user interface among consumer IE isn't just vulnerable to problems but it is also being targeted by perpetrators. Perspective for example is a weakened tool as it automatically opens email as read whenever a user clicks on a fresh email. As a result the trojan is triggered even though the user tries to erase the unsolicited email by clicking on it (Aspinwall 2000). Aspinwall also writes (2000) "The probability of a trojan getting to your system may be significantly less than 1% or greater than 10% depending on where you browse, who supplies you with e-mail parts, etc. , but eventually a virus will get near you--if not actually damage data and therefore rob you of hours of effort. " Because of this there is certainly more reason behind taking precautionary measures for virus episodes.
To take care of Aspinwall recommends users to set up anti pathogen softwares such as McAfee, Computer virus Check out, Virex, Norton AntiVirus, Development Microsoft pcCillin etc. or any other products that provide the same goal. Furthermore, an individual also has the decision of using Netscape as an software and Eudora for email browsing. The products though might not support all of the services that Microsoft has to offer however they do prevent trojans from attacking the complete system. Eudora for example is a safe email web browser and may be used to control unsolicited emails as well.
2. 9. 3 Digital signatures
One of the most important and critical aspect of digital communication is the fact the Internet does not offer secure transmitting. Online email trainings especially are being hacked and messages read o a regular basis. Hackers can sniff available sessions and find passwords in content material form; they could hack into corporate and business accounts through scanning tools for producing passwords protected email accounts etc. To counteract these instances of security breach, digital signatures have been created through Public Key Infrastructure or PKI (Kolodzinski 2002). The PKI is basically an electronic data transmission tool for secure Internet interaction. The PKI depends on encryption comprising of secrets to safeguard the digital information. The integrity and confidentiality of the digital information is ensured as it is merely accessible by the planned device. The sender has a open public key that can use to encrypt a note; the note is then delivered to the recipient. The device as an exclusive key which he can use to decrypt the information. The PKI is qualified, issued and supervised by local qualification authority. This way only the sender, device and the recognition authority can have access to the information being directed. Today there are numerous sorts of PKI and supervised by a host of certification houses. Relating to Oscar Kolodzinski (2002) regardless of the positive area of PKI, the technology is not without pitfalls of its own. Is that the PKI qualification is not really a warranty that information will not be accessed by alternative party users. Instead it just guarantees that the business that issues the PKI will protect the tips released to the users. A host of PKI companies such as RSA Security, Entrust, and Verisign have grown to be and announce themselves as digital certification authorities whereas this simple fact is not acknowledged by the government or any official entity. Because of this there are number of corporations that not fully accept PKI as they know that the freeware version of the tools are available to everyone which is difficult to stop attackers from devising ways to enter the recognition hub and access keys data.
2. 9. 4 Digital Certificates
Digital certificates are one of the most widely used security techniques. They are provided by third party certification authority that verifies the applicant's identification and generates certificate for legal ventures. The certificates ensure that the electronic digital subject matter such as mastercard information and other personal details aren't tampered during transmission on the Internet. The digital signatures rely on encryption algorithm for scrambling and unscrambling of the same. The two most common security protocols in digital documentation is SSL (secure sockets covering) by Netscape and Collection (secure electronic deal) by Visa International. These have been developed to ensure that bank card users' security when they are trading online. the Place uses digital certificates to recognize the buyer, server and product owner bank. In this respect the Collection employee's general public key cryptography to secure the emails (Tribunella 2002). A typical digital qualification would contain:
* "Serial quantity
* Information regarding the certificate holder
* The certificate holder's general population key and corresponding private key
* Information regarding the certifying authority
* The certifying authority's digital personal
* An expiration night out. " (Tribunella 2002)
2. 9. 5 Firewalls
One of the very most commonly used methods of security measures online is firewall. Firewalls have maligned with bad reputation for not utilizing security coverage at the network level. The truth is firewalls do provide certain degree of cover and help organizations to improve specific machine security. In addition but firewalls are easy to use, cost efficient and not complex to set up (Aspinwall 2000).
A firewall essentially runs on multilevel security by first erecting a wall structure between your network that is the private network and the Internet. The firewall then displays the traffic with specific characteristics and invite it to feed gateways to an individual machine. When digital traffic does not comply with the firewall criteria, then your information cannot go through the gateways thus stopping unauthorized traffic such as infections and bugs from entering into the computer. the most important part in creating a firewall is setting conditions for packets to have admission or rejected at the gateways. Depending on the character of the traffic network administrators can establish the varieties firewalls (Aspinwall 2000).
Another aspect is that firewalls aren't always specific to 1 machine if they're created for a network. Hence the construction of routers, network sections and host computer systems to develop effective firewalls is essential. The usage of different components, filtration system routers and proxy machines further limit the administrator's range for determining firewalls for a particular network. Including the router may move data backwards and forwards depending on the categorization directed at it. Suppose packets are made to move to A and B machines but sometimes are also required by C machine. Then adding a firewall to stop C altogether will certainly reduce the firewall's features and usability to the network consumer C. For this reason, firewalls are not considered a great tool for internet security but it is nevertheless one of the most secure (Aspinwall 2000).
2. 9. 6 Security Tools
Apart from the above, there are bundles of programs that users on the Internet can prevent, block and control unwanted interconnection activity. Examples include ZoneAlarm, Norton Internet Security, BlackICE Defender, Sybergen Secure Desktop and McAfee Personal Firewall. These products are ready made products that have been vouched for by experts (Fraser 1997; Aspinwall 2000). The products are simple and effective and save time for the users without going to the trouble of configuration etc. For DSL users, Watchguard SOHO has been considered to be a highly effective hardware firewall which allows the user to share one DSL or cable connection lines with multiple Computers while choosing degrees of filters based on the user need. It filter systems by blocking undesirable sites and tells the user that the site has been clogged and a log of the incident is directed for review. The merchandise comes under a one year registration and allows high level of internet privateness without compromising the integrity and confidentiality of the users.
Apart from that we now have privacy security issues at work such as harassment of information, discriminatory, email personal privacy issues etc. that may be tackled by the network administrator and IT in-charge of the business by construction it with a private program or firewall (Fraser 1997).
2. 9. 7 Updates
The most popular threats to an individual on the web is through the most regularly used programs. Including the use of IE for browsing and Outlook Exhibit for email are two of the most targeted software because these programs can implement ActiveX programs in Web pages. Hackers have anticipated the way IE and Prospect operate by devising ways to induce users to download and execute harmful programs to the user's machine. Because of this Microsoft has devised security areas and updates for its programs and operating-system such as Glass windows 98 and SE, House windows 2000 and XP etc.
2. 9. 8 Browse Anonymously
According to Aspinwall (2000) users can avoid attackers by surfing anonymously. Surfers tend to user either IE or Netscape for his or her browsing purpose. These browsers not only are mostly used they are also susceptible to online attackers. For example they may give out information that are stored as Cookies or become lodged in the machine's cache. Private information such as passwords, data shared, e-mail lists or charge card information etc. remains open to the attackers as long as the user is online rather than logged from the website. Likewise, there are websites that introduction secret programs to advertise or spy on individual activities called Fries that become lodged in to the browser. They are designed to read keystrokes and logged for advertising uses. In order to avoid Fries and other spyware from being lodged in to the system Aspinwall suggests:
Elizabeth Amberg (2000) in her article on Software Concentrate on Security outlines the utilization of Window Washer from WebRoot that assist to aid the up-to-date variations of Web browsers such that it help remove unneeded system data and temporary documents from programs which help protect user's personal privacy. The use of Windows Washer help erase documents and Internet paths from overwriting of data up to 10 times with random characters. Similarly DiskLock from Electric power On Software also help lock data and encrypt programs that offers numerous kinds of encryption of various types including DES, SCSI devices and IDE drives. This is especially suitable for public computers where in fact the network has centralized workstations and multiple users but still it still require high level of security system to prevent unauthorized user usage of the mainframe. The intuitive program makes the encryption and decryption process possible for data protection with the use of hot key display locking options. For instance:
"Institution network administrators require security at the network, program, and application levels of their systems. For all those using the Glass windows NT platform, Novell offers FireWALL for NT, a directory-enabled security product that combines Internet security features with network bandwidth management operation. The easy-to-use solution means that critical traffic gets goal during peak network utilization, as the school's Internet presence remains secure. " (Amberg 2000).
Other software security programs include FireWALL for NT; NetWare server; LabExpert; Cyber Patrol; and eSafe Enterprise filter systems etc. help ensure Internet security for users and servers alike.
2. 9. 9 Family Security
Apart from the above complex aspects of Internet security, users nowadays have also been complaining of the increasing pornographic sites, betting sites and the like which are not well suited for young surfers. These internet sites, according to parents and educators corrupt the new technology as youngsters face adult content at an early age and become influenced by them easily. To solve parents can protect children from becoming exposed to explicit content by using filtering software that does not allow children to enter web sites restricted for individuals only. Programs like ChatNanny, NetNanny and CyberSitter all spy on the user's activities to help parents to block out unwanted websites.
Alternatively, parents can use family ISPs that already devote filter systems for family related websites and help parents in monitoring children's internet activities.
2. 9. 10 Intrusion Detection Systems (IDS)
As hackers follow prevention technologies, sophisticated recognition tools must be devised in order to counteract security breaches. The use of IDS is one of the latest technique of diagnosis of unauthorized access. The classification of intrusion diagnosis systems fall under two broad techniques. The first one detects anomalies and explores intrusion associated with deviation from normal system or user behaviour. The second method uses personal diagnosis to discriminate unnatural patterns or signatures. The techniques have advantages as well as disadvantages as software software for detecting online security breach (Kazienko & Dorosz 2004). (See Body 3: Classification of Intrusion Recognition Systems)
Figure 3: Classification of Intrusion Recognition Systems
Firstly when one considers the intrusion detection issue, the systems need to be categorized whether will need IDS (individual established) or HIDS (number based). Once it has been established, then your whole section of the local area network can be configured appropriately. For instance systems that screens incoming connection attempts such as RealSecure Agent, PortSentry help find unauthorized connection makes an attempt to TCP or UDP ports using port check tools.
Other kind of HIDS help monitor network traffic (packets) that attempts to access the host. The systems can be covered by intercepting the suspicious packets and find the packet. (Kazienko & Dorosz 2004).
Apart from these the IDS is also help systems to monitor record system integrity; check privileges through LogCheck; monitor register status for Windows system etc. Likewise, the network based mostly type of IDS called NIDS tend to be used for local network detection. They have similar features that find suspicious packets that reach the network through program browsers or os's. (Kazienko & Dorosz 2004).
Similarly, there are Computer Misuse Diagnosis System (CMDS) that are built-in system for examining logs to detect abnormal user behaviour. The ACID (Analysis Unit for Intrusion Directories) is a PHP established analysis engine unit that search directories for activities that deviate from the most common traffic behavior. Packets are examined right down to their payload to identify similar or matching packets. Alerts will be the delivered to the administrator who would perform a confirmation of the system occurrences. Although this is a wearisome and long evaluation of the network traffic coming in or venturing out nevertheless it ensures increased security even if the packets are encrypted using algorithm (Kazienko & Dorosz 2004).
Chapter 3: Analysis and Conclusions
3. 1 Analysis
Computer security is a significant concern and has grave implications such as unauthorized access to the system, devastation of information and damage in monetary terms. Security vulnerability is subject to how vulnerable the network is and exactly how very sensitive it is to security needs. A corporate intranet is susceptible to the external environment as it should be connected to partner or customers to complete deals. Security vulnerabilities arises when the fragile link cause problems and intensive damages to the users.
Security vulnerabilities is basically a flaw in the computer system that can bring about security breaches. Vulnerabilities can happen from encryption, insurance policy oversight, logic problem and internal spying etc. Others include lacking passwords, sabotage, theft, network standard protocol design and eavesdropping (Grippo and Siegel 2001). Unauthorized gain access to may result from application or operating-system code theft. This is usually the case when there can be an architectural problem or deficient security design. Specified action must be developed for each and every vulnerability and security features to ensure that it's not transformed by attackers.
Proper and effective network security supplies the following:
* "Accountability--proof that an intended purchase indeed occurred.
* Confidentiality--protection of confidential information from an eavesdropper.
* Integrity--assurance that the information sent is the same as the info received.
* Authority--assurance that those who obtain data or information are certified to take action.
* Authenticity--assurance that all party is who they state they are. " (Grippo and Siegel 2001)
In the above the writer has mentioned a variety of attack techniques utilized by hackers. These include:
Denial of Service
Information theft etc.
In any case, Internet security lead to financial and individual liability. Measures for counteracting the computer security must be determined in advance so that effective security methods can be studied. Included in these are:
Physical security include restricting users usage of specific data; restricting general public information about the network; enforcing end user policies; creating understanding; locking access to network when there is a problem in the software and locking critical tools from episodes.
Systems must be logged and supervised constantly for any type of suspicious habits or IP addresses that could help identify hackers.
Security software as stated earlier manages filtering infections as well as prevent the systems from unauthorized gain access to.
Firewalls matching to experts can actually reduce the level of security breach by examining IP addresses. This method of filtering and monitoring data packets assist in restricting intruders from accessing the neighborhood area network and servers from the web (Grippo and Siegel 2001).
3. 2 Conclusions
From these literature it's been detected that hackers tend to assault users and corporations predicated on the weakened infrastructure rather than the software and tools they use. Infrastructure manufacturers like Microsoft often rely on similar programs and typologies. Even the security steps used to identify malware, viruses, pests and spyware derive from the same logic of seek and destroy. It generally does not actually address the challenge of technological platform. In the same way, most hackers concentrate on Microsoft products and applications and therefore devise programs to eliminate the application software and users consequently. As Microsoft improves its products and services, newer methods and techniques are also being created to seek and access into these services. Users on the other palm don't realize your brain and technological games that hackers and manufacturers are participating in, continue to acquire and use the same products all over again. This place them in a highly prone position.
Furthermore, with the proliferation of new techniques for tampering and breaching security hackers are also learning of consumer behaviour and exactly how they react or respond to certain online activity. Because of this hackers are becoming smarter in devising new techniques to initiate their malware and viruses. The use of trickery to initiate ActiveX structured programs as well as email to cause the chain reaction of infections not only boost the vulnerability of the Internet but it also increases the dangers to the users. Anyone heading online is most prone unless he/she adopts measures like firewalls, encryption of information, anti-virus programs to safeguard them from these episodes. Yet despite these measures, as you observe there is absolutely no assurance that the users are covered from the harmful activities of hackers.
The problem is not only inherent information theft or invasion of level of privacy. The implication of Internet security breach grave as it encompass the hacking of financial information that may result in loss in billions of pounds. In cases where hackers enter corporate or national systems through the Internet, it can render the nation crippled by destroying the network or shutting it down. These situations although never have been so widespread in the UK when compared with in the US nevertheless the potential of its proliferation is great. Because of this it is critical that users whether administration, corporate or specific take precautionary measures. To resolve there are a variety of tools, techniques and methods available, not forgetting the technology available.
However, the major concern is never to increase the variety of tools, techniques or methods but instead to design an efficient infrastructure that discourage potential attackers. Even with the latest systems companies are being victimized frequently after various reasons including espionage; greed; monetary gain; or revenge etc. At a specific level, users are being victimized because hackers are thinking about studying user behaviour, invade level of privacy, mischief or simply to beat the task of experiencing control over the online user. These occasions only reveal that with the introduction of new technology, even newer technology will be devised to counteract the security actions. This is facts in the article by Brent Wible (2003) who records that hackers are positioning contests to compete keenly against security actions. These contests fundamentally encourage hackers to devise better ways and actions for detecting slots in programs and email programs to strike the users. With all this scenario it is therefore crucial that security designers note the development and routine of hackers' behaviours and behaviour.
Not only users should take heed in understanding the necessity for enhancing security steps when going online but also to promote it by creating consciousness and implementing security programs and infrastructure that deter perpetrators from getting into their systems. This however will not so useful for the corporate or federal users due to fact that federal government and corporate sites operate on an alternative level; their security actions are also different and require considerable investigation of holes before they can create security methods for connecting with other networks or the internet. For instance corporations cannot basically ask users to set up anti-virus for guarding itself from potential malware. Instead it would have to evaluate its network infrastructure, the amount of connection to the Internet and the amount of users involved; it could have to also consider of the user's convenience, information transmission, time durations and the sort of information allowed to be sent. For almost all of the organization users experts recommend encryption of directories as well as its transmitting.
The selection of encryption depends on the amount of security needed and the flexibility requirement. Once these parameters have been founded, the organization network administrators can then devise an idea for the kinds of software, spy bots and antivirus for its networks. However, the process will not stop here. Firms are also susceptible to new technologies. Attackers use new solutions and sometimes take it from the corporation itself (espionage). For this reason the task of protecting a commercial network is ongoing and can't be stopped totally.
Similarly at the government sites too is susceptible to the above disorders apart from episodes from opponent countries. Among the reasons that has been revealed from the literature review is that almost all of the networks derive from known platforms. Hackers find and learn how to enter these systems which make the average person systems even more susceptible to attacks. Inside the researcher's point of view, technologist should be looking out for new programs that is encrypted and not open to hackers alternatively than take part in devising new methods or systems for addressing individual problems.
Chapter 4: Recommendations
4. 1 Rationale and Considerations
Looking within the trend in the past years on Internet security one observe there has been a rise in increasing complexity and vulnerabilities; changing environment which includes brought with it new dangers; greater connection and contact with the mainframe environment; growth in internet abusers and laws violators; democratization of internet empower abusers etc. These occasions have rendered traditional security methods less useful to the subjects as the complex and fast changing security environment has become subjected to the attackers as soon as new solutions are carried out. Effective security will involve the obtainment of technology and apply risk decrease procedures that foresees the attackers' perspectives as well as the application users. Matching to David T. O'Neill and Peter S. Tippett (2001) Internet security should not only meet up with the problem of organizational needs but also to foresee the continuing future of internet overall economy. Information integrity and confidentiality is therefore natural in the adopting security programs that is risk-based, alternative, active and pragmatic. By this the creators mean:
1. Risk based mostly: Avoiding every known threat that is physical or software related so that it is impossible for attackers to use the same resources as the organization to attack. Organizations must acknowledge that dangers are prone to come in some form or the other and therefore must transfer the chance to mechanisms for covering it such as insurance.
2. Holistic: Organizations must recognize that they can be always confronted with multi faceted. Critical data and systems must addresses risks by any means levels such as electric threats, harmful coding; physical security; real human threats, privacy hazards; and downtime. To counteract security programs must solve the need of disciplinary tools for dealing with these aspects as well as others besides.
3. Active: Good security means it must be active in process to handle the changing scientific and physical environment. One must recognize that information flow needs to be steady and yet be protected from perpetrators and risks. And because of this, security programs must treat the ever changing mother nature of threats and dangers.
4. Pragmatic: Last but not least all security endeavours should be with the view to support users without imposing high costs. Furthermore security shouldn't be implemented at the expense of production or time of users. Excessively restrictive handles or unnecessarily stringent control have a tendency to increase cost of technical support for addressing hazards (O'Neill and Tippett 2001).
Apart from the above awareness should not only concentrate on the types of systems that would avoid the attackers from repeating the hacking activities but it must address the problem of deterrence. Brent Wible (2003) in his article on hackers writes:
"Computer crime comes in many varieties, including online theft and scam, vandalism, and politically motivated activities. Other hackers simply try to break code, seeking challenge, competition, and bragging privileges. Whatever the desire, intrusions have serious costs. At the minimum, a violated site must patch the security gap. A good non-malicious trespass disrupts the victim's online services as the breach is fixed. Not knowing if a breach was malicious, companies generally expend resources investigating the problem, often selecting private investigators in order that they do not suffer reputational loss. If other hackers become aware of the site's vulnerability, a non-malicious hack may be the precursor to more malicious attacks. Finally, considering the gravity of the risk, attack patients may change their behaviour, becoming reluctant to place valuable information online. "
4. 2 Resolutions
To solve private users, companies as well as administration should take methods to deter unlawful activities on the internet to make it a safer and secure place for folks to come online. Wible propose the adoption of the Beckerian platform in which the policy manufacturers should take concrete steps in formulating techniques and disciplinary options for responding to deterrence. Keeping in view of the cultural norms, the financial costs, the social structures and the widespread crimes, the government should take legal activities to define legal activities and deterrence, and devise procedures for disciplining them appropriately.
Alternately, civil actions should be taken. Before that the varieties of liabilities must be address to be able to track the source of responsibility. Wible notes there are four varieties of tort responsibility:
a. hacker liability
b. ISP liability
c. Security company liability
d. liability for victims who fail to take private precautions (Wible 2003)
For each of these tort liabilities, the law should make provisions for giving an answer to computer crimes and deal with the programs that most the populace is facing. Security software is not the only path to resolve the problem. Behavioural as well as legal constraints must be taken into account to handle the alternatives for virtual offences. Dorothy and Peter Denning (1997) have argued that "the solutions. . . cannot be achieved entirely by technical means. The answers calls for a sophisticated interplay among legislations, policy, and technology. " And "Because advanced hackers aren't susceptible to regulation through code, code must be supplemented to deter computer criminal offense. Even in Lessig's own terms, code must be complementary to the other "modalit[ies] of regulation"--law, sociable norms, and the market. Yet it is accurately these mechanisms which have proved struggling to constrain against the law hacking effectively. " (Wible 2003)
Apart from the civil activities, individual, corporate and federal users must consider of devising new infrastructure that is better. The focus shouldn't be on how to eradicate hackers but instead on how secure it should be. This would leave the architect to devise infrastructure that minimize openings in the new infrastructure somewhat than on devising security procedures. After the infrastructure has been created, the users can then detect the slots and create ways to prevent unauthorized access. This is done by using the different software available or by devising new ones based on the new composition. Without doubt this suggestion does not promise ultimate security but it could minimize the chances of security breach when the entity runs online.
The biggest menace online is unauthorized gain access to of information that if used would lead to financial deficits. As more organizations go online the implication of such information damage is grave. the result is that users will become internet shy and can not transact online whether for purchasing purposes or doing online banking etc. The web result is the fact trade and businesses would not flourish; and loss of user confidentiality. To solve security policy producers as well as technologists should devise options that would solve the value and use of secure transmission such as through encryption of information even in standard online session. This would help prevent the hackers from decrypting information as and when he/she feels as though. In addition but policy producers should also ensure that encryption companies abide regulations and not leak out encryption keys or information to other "buyers". Documentation expert must be setup to deal with this problem so that users gain confidence in the Internet's integrity and security.
Aspinwall, J. 2000, The Complete Guide to Internet Privateness. Mother Earth Reports. October 2000. p. 32.
Author not available, 2001 "Internet Security and Computer Security Problems" Personal computer-3P Onl