Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Considering Statistical Reports of Populations Penetration in Attack to Networks

Considering Statistical Reports of Populations Penetration in Attack to Networks

Ratings: (0)|Views: 6 |Likes:
Published by ijcsis
Because the internet traffic is increasing continuously, analyzing internet events and the penetration of countries is more important from previous years. In this article, we study the population of countries with most network traffics and consider the attacks rate that accurate in them. Also we study countries subject to attack and the rate of their attacks. These results can be used in future research to place coordinators in gorge locations of world to manage information that are passed between countries. Also these results can be used in collaborative intrusion detection systems (IDSs) for inform new attack methods to all IDSs in other location of worlds.
Because the internet traffic is increasing continuously, analyzing internet events and the penetration of countries is more important from previous years. In this article, we study the population of countries with most network traffics and consider the attacks rate that accurate in them. Also we study countries subject to attack and the rate of their attacks. These results can be used in future research to place coordinators in gorge locations of world to manage information that are passed between countries. Also these results can be used in collaborative intrusion detection systems (IDSs) for inform new attack methods to all IDSs in other location of worlds.

More info:

Published by: ijcsis on Feb 19, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

02/19/2012

pdf

text

original

 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9, No. 11, November 2011
Considering Statistical Reports of PopulationsPenetration in Attack to Networks
Afshin Rezakhani Roozbahani
Department of Computer EngineeringThe University of Ayatollah Alozma
 
Boroujerdi, Boroujerd
, Iran
Af.rezakhani@gmail.com
Nasser Modiri
Department of Computer Engineering
 
Zanjan Azad UniversityZanjan, Iran
NasserModiri@yahoo.com
Nasibe Mohammadi
Department of Computer EngineeringThe University of Ayatollah AlozmaBoroujerdi, Boroujerd, Irann.mohammadi07@gmail.com 
 Abstract 
—because the internet traffic is increasing continuously,analyzing internet events and the penetration of countries is moreimportant from previous years. In this article, we study thepopulation of countries with most network traffics and considerthe attacks rate that accurate in them. Also we study countriessubject to attack and the rate of their attacks. These results canbe used in future research to place coordinators in gorgelocations of world to manage information that are passedbetween countries. Also these results can be used in collaborativeintrusion detection systems (IDSs) for inform new attack methodsto all IDSs in other location of worlds.Keywords-internet traffic; attacks rate; IDSs;
I.
 
I
NTRODUCTION
 The Internet is a global system of interconnected computernetworks that use the standard Internet Protocol Suite (TCP/IP)to serve billions of users worldwide [1]. The Internet,sometimes called simply "the Net," is a worldwide system of computer networks - a network of networks in which users atany one computer can, if they have permission, get informationfrom any other computer (and sometimes talk directly to usersat other computers). It was conceived by the AdvancedResearch Projects Agency (ARPA) of the U.S. government in1969 and was first known as the ARPANet. The original aimwas to create a network that would allow users of a researchcomputer at one university to be able to "talk to" researchcomputers at other universities. A side benefit of ARPANet'sdesign was that, because messages could be routed or reroutedin more than one direction, the network could continue tofunction even if parts of it were destroyed in the event of amilitary attack or other disaster [2]. The security disciplines of computer networks are classified into three main classes:Detection, prevention, and protection [16]. The detectionmethods are in charge of detecting any intrusion in networks.Prevention methods aim to deploy secure policies forunderlying network(s) and finally the protection methods try toexert manager’s views for protecting the networks.II.
 
I
NTERNET
A
TTACK
M
ETHODS
 Without security measures and controls in place, our datamight be subjected to an attack. Some attacks are passive,meaning information is monitored; others are active, meaningthe information is altered with intent to corrupt or destroy thedata or the network itself. In this section we seek the overviewon the methods that are used by hackers to attack in thenetworks. These methods explain in below subsections [17].
 A.
 
 Eavesdropping
In general, the majority of network communications occur inan unsecured or "cleartext" format, which allows an attackerwho has gained access to data paths in your network to "listenin" or interpret (read) the traffic. When an attacker iseavesdropping on your communications, it is referred to assniffing or snooping. The ability of an eavesdropper tomonitor the network is generally the biggest security problemthat administrators face in an enterprise. Without strongencryption services that are based on cryptography, your datacan be read by others as it traverses the network.
 B.
 
 Data Modification
After an attacker has read your data, the next logical step is toalter it. An attacker can modify the data in the packet withoutthe knowledge of the sender or receiver. Even if you do notrequire confidentiality for all communications, you do notwant any of your messages to be modified in transit. Forexample, if you are exchanging purchase requisitions, you donot want the items, amounts, or billing information to bemodified.
C.
 
 Identity Spoofing (IP Address Spoofing)
Most networks and operating systems use the IP address of acomputer to identify a valid entity. In certain cases, it ispossible for an IP address to be falsely assumed— identityspoofing. An attacker might also use special programs toconstruct IP packets that appear to originate from validaddresses inside the corporate intranet.
132http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9, No. 11, November 2011
After gaining access to the network with a valid IP address,the attacker can modify, reroute, or delete your data. Theattacker can also conduct other types of attacks, as describedin the following sections.
 D.
 
Password-Based Attacks
A common denominator of most operating system andnetwork security plans is password-based access control. Thismeans your access rights to a computer and network resourcesare determined by who you are, that is, your user name andyour password.Older applications do not always protect identity informationas it is passed through the network for validation. This mightallow an eavesdropper to gain access to the network by posingas a valid user.When an attacker finds a valid user account, the attacker hasthe same rights as the real user. Therefore, if the user hasadministrator-level rights, the attacker also can create accountsfor subsequent access at a later time.After gaining access to your network with a valid account, anattacker can do any of the following:Obtain lists of valid user and computer names and network information.Modify server and network configurations, including accesscontrols and routing tables.Modify, reroute, or delete your data.III.
 
C
ONSIDERING THE
P
OPULATION
O
F
C
ONTRIES
W
ITH
M
ORE
I
NTERNET
T
RAFFICS
 A.
 
Considering the Population of Contries
First, we study the population of some countries that playimportant role in internet traffics and network attacks producer.The below table is based on most network attacks producercountries. These report showing in table1 [3, 4, 5, 6, 7, 8, 9,10].Table 1. Population and Percentage of countries in the world
Country Population Percentage inworld 
China
1,330,141,295 19%
USA
310,232,863 4%
Netherlands
16,783,092 0.2%
Germany
82,282,988 1%
Russia
142,012,121 2%
Great Britain
62,348,447 0.9%
Canada
34019000 0.4%
Ukraine
45,415,596 0.6%
Latvia
2,231,503 0.03%
France
64,768,389 0.9%
 B.
 
Considering the Rate of Attack Producers
In this section, we study the rate of attacks that areoccurred at internet. Of course our study is depended on topten countries hosting malware [11].Table2. Compare percentage of Contries Population with theirattackers
Country Percentage of allattacks(hosting malware)Percentagein world 
China 52.7% 19%USA 19.02% 4%Netherlands 5.86% 0.2%Germany 5.07% 1%Russia 2.58% 2%Great Britain 2.54% 0.9%Canada 2.22% 0.4%Ukraine 2.17% 0.6%Latvia 1.53% 0.03%France 0.6% 0.9%Of course countries with next rates are according below:
11. Spain 12. North Korea 13. Brazil 14. Cyprus15. Sweden16. Taiwan 17. Norway 18. Israel 19. Luxemburg 20. Estonia
 Table2 compares the Percentage of all attacks (hostingmalware) with Percentage of their population penetrations inworld. For example, the penetration of China population inworld is: 19%. Meanwhile, the hosting malware in this countryis: 52.7%. This means about of 52% of world attackers, ismanaging their attacks in China.
C.
 
Considering the Statistical Report of Internet Users in Above Countries
In two previous sections, we considered percentage of population and attackers. But in this section, we study theinternet users at exist in these countries. This statistical reportis showing as below [3].Table 3. Considering the penetration (% population) in tencountries
Country Population Internet Penetration
133http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9, No. 11, November 2011
Users (%Population)
China 1,330,141,295 420,000,000 32 %USA 310,232,863 239,232,863 77 %Netherlands 16,783,092 14,872,200 89%Germany 82,282,988 65,123,800 79%Russia 142,012,121 59,700,000 43%Great Britain 62,348,447 51,442,100 82%Canada 34019000 26,224,900 78%Ukraine 45,415,596 15,300,000 33%Latvia 2,231,503 1,503,400 67%France 64,768,389 44,625,300 69%This table show the penetration (% population) in abovecountries. For example 77% of population is USA use internetin their works.
 D.
 
Comparing above Reports
According to internet world stats [3], total population of world is 6,845,609,960. Also according the reports of this site,total internet users in world is 1,966,514,816. Thus, theaverage rate of internet users in world is:Average rate = Internet users in world / world populationThen:Average rate = 1,966,514,816 / 6,845,609,960 = 28%This means that from each hundred people in world, onlyabout twenty eight of peoples work via internet to do theirworks. Now we consider this rate in top ten countries hostingmalware. This compare is showing in table4.Table 4. Compare population penetration factor in attacks
Country Percent age inworld  Internet Users (%Population)Total Internet Users in world (% Population)Percentageof allattacks(hosting malware)
China 19% 32 % 6% 52.7%USA 4% 77 % 3% 19.02%Netherlands0.2% 89% 0.2% 5.86%Germany1% 79% 0.8% 5.07%Russia 2% 43% 0.9% 2.58%GreatBritain0.9% 82% 0.7% 2.54%Canada 0.4% 78% 0.3% 2.22%Ukraine 0.6% 33% 0.2% 2.17%Latvia 0.03% 67% 0.02% 1.53%France 0.9% 69% 0.6% 0.6%
This table shows the penetration of total internet users inten countries hosting malware that are playing important rolein Internet Attacks. For example, the percentage of populationof China is 19% of total world population. On the other hand,32% of the populations of this country are Internet users.Thus, about 19% * 32% = 6% of the population China ispercentage of people who use Internet in all of world InternetUsers. This means column4 (
Total Internet Users in world (%Population)
) is obtained as below:Column4 = column2 * column3;Figure1 show the role of penetration of populations inthese countries in world attacks (hosting malware) thatoccurred in them.Figure 1. Relation between population and rate of malwarehosting[12]
 E.
 
Study the Internet Users in Regions
Three below figures that are obtained by Internet WorldStats [3], compare different regions by Internet Users in theworld by geographic regions, world Internet penetration ratesand Internet Users in the world by distribution by worldregions.
134http://sites.google.com/site/ijcsis/ISSN 1947-5500

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->