Professional Documents
Culture Documents
ABSTRACT: The tremendous increase of the social networking sites has paved way to connect between people
and business organizations much faster than the previous era of Information Technology. Nowadays social
networking sites are the primary source of communication and on the other hand these sites are the peak targets for
misusing the information it contains. Privacy and security are major concerns to be taken care during online
activities. Cyber security is the practice of ensuring security to the user information and networks from
unauthorized access. This paper presents a simple survey on cyber security and also discusses about the security
issues in Social Networking Sites
KEYWORDS: Risk Management, process management etc.
I. INTRODUCTION
Social network sites are the platform for people to connect and share the required information. Social network sites
are online community where users can create individual public profiles, interact with friends, business clients and
connect with any people based on their interests. The functionality of each social networking site may vary but all
such site pushes user to provide personal information and then allows user to communicate through e-mails, instant
messaging and other mediums. The basic step in every social network is to create a public profile which may
include users private and sensitive information’s such as a photo, personal information (name, age, sex, dob) and
some more additional information’s like favorite shows, movies, places, hobbies and Web sites. Each social
network operates with different scenarios and communication methods also vary.
The most popular social network sites include Facebook, Twitter, LinkedIn, Instagram. Major online users
will have an account in the above mentioned social networking sites. Online activities in social network includes
simple chat and call, watch videos, listen to music, online gaming, publishing and posting contents and also for
educational and business purpose. During these activities tremendous amount of user sensitive related
informations are transmitted across different network sites and we can’t ensure full security for that information.
Security is reciprocation. The more user isolate from a social network account, limit content from appearing on
profile page, and restrict people from accessing photos and other sensitive content there is less chance of
vulnerabilities. The core objective of cyber security is to protect information from unauthorized access. Cyber
security provides confidentiality, integrity and availability of for authorized informations, business users. Cyber
security offers protection of system against viruses, spywares, hacking, cracking and offers privacy to the users.
The remainder of this paper is organized as follows. Section II briefly summarizes the various literatures
proposed by the researchers. Section III discusses the security issues in the social networking sites, followed by
Strategies to Enhance Security in Social Networking Sites discussed in Section IV and Section V concludes the
paper along with cited references.
II. LITERATURE SURVEY
Das et.al [1] presented a paper focusing on the issues of cyber security for Social Networking Sites (SNS).
And discussed about the risks and unawareness of users leading to cybercrimes and also examined about Social
Networking Sites applications like digital marketing, social e-commerce and branding. Jang and Julian[2]
presented an overview of the security threats in existing hardware, software, and network layers. And also, they
discussed new attack patterns in emerging technologies such as social media, cloud computing, smartphone
technology, and critical infrastructure. Jabee and Afshar [3] conducted a survey on users view on security and
privacy of popular social networking sites and privacy enhancement in Facebook is also discussed. Soumya and
Revathi [4] discussed network threats and proposed solutions to overcome these threats.
2573
JOURNAL OF CRITICAL REVIEWS
ElMrabet et. al[5] reviewed security requirements, issued descriptions of severe cyber-attacks and also, they
proposed cyber-security scheme to detect those cyber-attacks. Senthil Kumar and Sathish Kumar [6] presented a
study to examine the awareness of cyber security on students in Tamil Nadu colleges and also discussed about
different security threats in social networking sites. Kirichenko et.al [7] presented a short survey of methods for
detecting cyber threats. Graph theory and datamining relating to social network are also discussed. JEL
Classification: С38, С45, С55, С61, С63 is also presented. Kayes et.al [8] provided an overview of emerging
privacy and security issues in online social networks. Privacy and security attacks and its solutions are also briefly
presented. Fire et al [9] mentioned a deep review of various security and privacy risks and presented an overview
of existing solutions that can provide better protection, security, and privacy for online social networking users.
They also described few recommendations for users to improve security and privacy in social networking sites.
Albladiet.al[10] proposed a novel model to find user vulnerability based on different perspectives of online
user characteristics. The authors prove that major characteristics of user either directly or indirectly influence on
online user’s security threat. Senthil Kumar et.al [11] presented a comprehensive survey on privacy and security
concerns in social networking sites and discussed about the root cause for security issues also offered some
policies and guidelines for online users. Wajeb and Maha [12] investigated about the cyber threats in social
networking websites and the authors also suggested anti-threat strategies.
Kumar et.al[13]Presented history of online social sites, their types and discussed possible threats and
solutions to overcome these threats. Omar [14] different cyber threats are discussed and possible cyber security
policies to enhance the security and privacy are stated. Canongia et al [15] Introduced the theme of cyber security,
its importance in the actual scenario, and the challenges of the new Information Society, whose critical
development factors are the technological revolution and innovation. This article gives a broad overview about
national cyber security strategies of the developed countries, United States and United Kingdom, as well as
describing a study case, Brazil, is taking its first steps on the path towards cyber security and ends by proposing a
model, formulating a Brazilian cyber security strategy.
Hajli et al[16] examined the security of social networking site by taking a look at the influence of users’
information over their information-sharing behaviors. The author demonstrated the importance of identify control
in online users’ information-sharing behaviors. Discussed about impact of information-sharing behaviors. Also,
gender has been taken to be an important factor that moderates the influences of both control and privacy risk users’
intentions toward information sharing. Theoretical and practical inferences are discussed. Abdul Hameed et al[17]
authors looked at the structure and components of the user profile and the privacy issues faced by individuals users
and governments that participate in social networking. Author also examined how it can be used to distort national
security, how it became the new weapons of mass mobilization and also how social networks have become the
rallying forces for revolutions and social justice.
Beach et al [18] presented several privacy and security issues, along with design and implementation of
solutions for these issues. They proposed location-based services to query local mobile devices for users' social
network information, without disclosing user identity or compromising users' privacy and security. Ahn et al [19]
analyzed current trends in social networks in order users to become system and policy administrators to protect
their online contents. Since Social networks' security and privacy requirements still not well understood. The
author aimed to bring a depth of security experience from multiple security domains and technologies in social
networking, knowledge about online public networks users. Sadeghian et al[20] discussed common types of social
network threats and provided solutions to overcome the security risks of using social networks.
III. Typical Security Issues In Social Networking Sites
Online activities of user in any social network site will contain user generated information and user’s personal
information such as private data, photos and basic information such as (name, place, location). The challenging
task for any social network user is maintaining the social identity while risking the social privacy. It is estimated
that in 2020, number of social networking site users may reach 3 billion which is one third of entire population.
Malicious users gain access to the user’s private information and other useful information from social networking
sites via unauthorized access and initiate attacks. Unauthorized users with the information gained from social
networking sites may perform unwanted and criminal activities such as hacking, spoofing, phishing etc risks the
privacy and security of online social network users since user’s information are disclosed.
Social Networking sites security and privacy issues are basically not a technologically issue it is completely
due to user behavior. The more the user disclose the personal information the more the chance of security threat.
Posting sensitive and confidential content may encourage higher risk of vulnerabilities and those contents are
viewed by vast set of audience which may attract malicious users to loophole and gain access to the private account
or network. Threats keep changing, so security needs to evolve and overlook them. Even with rightly configured
2574
JOURNAL OF CRITICAL REVIEWS
user security settings, there's no surety that new settings may not be evolved. Changes may be on your computer or
other devices used to access the Internet, or on the sites itself.
Various Attacks in Social Networks
Identity Theft - Unauthorized users attack through the application in which they seek permission for accessing the
information provided in the profile of social networking sites. When a user allows to do so, they get all the
information and can misuse that without the user knowledge.
Phishing - This cyber-attack uses e-mails and websites to track the user information. Sensitive information’s like
credit card numbers and passwords are targeted by disgusting the e-mails. Phishing ends up in issues like
unauthorized purchases, identity theft, looting money. Phishing in business scenario may end in adverse effects
such as dropping market share, customers trust, and reputation
Hacking - It is an unauthorized access to control computer system, a network. Hacking is always not unethical.
Black hat hackers are computer experts perform hacking for personal gains. Grey hat hackers intimate the
loopholes in the network to the admin of that particular network.
Spoofing - Here malicious users get into users account or system by masquerading as trusted entity. This involves
email spoofing, IP spoofing. Email Spoofing involves requesting private sensitive data, financial information via
e-mails from trusted sender. These Spoofing e-mails may also carry trojan and other malwares. IP spoofing
predominantly targets the entire network. Malicious users pick the IP address and modify the packet headers
forwarded from their own system to disguise as original entity.
Spam - Spam nowadays utilize social networks and tend to spoil the network this includesadvertising or inserting
malicious code and collecting sensitive information’s in the social network sites, earlier spam targeted only e-mails.
Spams of today include Instant Messaging spam, Forum and comment spam, Mobile phone spam.
Virus - Any malicious software designed to access the user system. Viruses replicate when the software or file is
shared across the network. Viruses can infect the system resources, software, change applications and primary
functions of the system,
Worm - Malicious code that replicates itself and dispatch to the entire network. These worms may come as
attachment in spam e-mails or instant messages. Worms can change and corrupt user files and may also inject
malicious code. Additionally, these worms overload the shared network and occupy the hard drive space.
Password Sniffing - The malicious code that explore network traffic to track the usernames and passwords. Many
encryption standards are set for the protocols to avoid these types of attacks.
Key logger - Key logger can be hardware or software which tracks and records the keystrokes and finds passwords,
banking, business and credit information. Operating system based keylogger is difficult to detect and more
harmful.
Iv. Strategies to enhance security in social networking sites
Use strong and unique password – A good password must include a combination of upper- and lower-case
letters, symbols and numbers. It necessary to change password for minimum duration of months and
essentially logging out from the social network profile is must when account is not in use.
Be aware on evolving social Network threats- Regular review of security ideas for social network sites by
updating privacy settings for either business or personal. Keep a check on access privileges. Social Network
policies must be kept evolving to safeguard from future threats.
Configure privacy settings-Every social networking site have a predefined privacy setting. The default
settings should be modified so that others cannot view your private information.Changing one's default
privacy settings allows the account user to block strangers and other people who are not friends with them
from viewing his or her private sensitive information. Privacy settings can be customized at any time however
login credentials are essential.
Ensure computer protection - The computer which is used to connect to a social networking site must be
under proper security measures. Manage and update anti-virus software, operating system and web browser
regularly. A spam filter may reduce number of useless emails. Anti-virus software and Anti-spyware software
helps the user from online identity theft. Be sure that auto updates are enabled. In a broadband connection of
network firewalls helps to prevent hackers and unauthorized communications.
2575
JOURNAL OF CRITICAL REVIEWS
Avoid linking personal and business accounts - Linked accounts makes the work of hacker much easier
that is if one account is accessed it will provide access to multiple accounts. Multiple accounts must use
distinct username and passwords. Provide only needed admin privileges and restrict additional
privileges which may be the cause for cyber attack.
Avoid clicking on unnecessary links - Those false links may contain viruses or spyware that could ruin user
system and access personal information – including online usernames, passwords and account numbers, credit
information. Clicking and downloading unexpected message from someone may end up in spoofing
Securing home network - The very first step is to maintain a problem free machine and ensure all of
internet-enabled devices have the latest operating system, web browsers and security software installed. This
also includes mobile devices that access your wireless network. Frequently review security option, use a
firewall, ensure protection to all devices connecting to internet, plug and scan before proceeding to work, keep
backups. Public wireless networks and hotspots are not secure, they may view user activity while you are
connected to them. Limit online activities in public Wi-Fi, and avoid logging in to accounts like email and
banking.
V. Conclusion
In today’s digital era disclosure of user private information, business information and other sensitive contents
are strikingly increasing in social networking websites. Though cyber security experts keeps on update and
evolve the security features for social media accounts and even with the technological advancement alarmingly
security threats and vulnerabilities remain increasing rapidly. Additionally, attacks towards social networking sites
usually extend faster than other types of online attacks. In this paper we reviewed the common threats in social
networking sites and some guidelines to overcome those threat is discussed. Other than use of automated tools for
monitoring security threats there are simple ways to reduce the social networking attacks i.e educating the online
users on how much to expose on public network and also how to make the best use of available privacy settings.
Cyber security policies guides to stay away from security threats in social networking sites.
REFERENCES
[1] Das, Rituparna, and Mayank Patel. "Cyber Security for Social Networking Sites: Issues, Challenges
And Solutions." International Journal for Research in Applied Science & Engineering Technology
(IJRASET) 5.4,833-838 (2017).
[2] Jang-Jaccard, Julian, and Surya Nepal. "A survey of emerging threats in cybersecurity." Journal of
Computer and System Sciences 80.5 (2014): 973-993.
[3] Jabee, Roshan, and M. Afshar Alam. "Issues and challenges of cyber security for social networking
sites (Facebook)." International Journal of Computer Applications 144.3 (2016): 36-40.
[4] Soumya, T. R., and S. Revathy. "Survey on threats in online social media." 2018 International
Conference on Communication and Signal Processing (ICCSP). IEEE, 2018.
[5] El Mrabet, Z., Kaabouch, N., El Ghazi, H., & El Ghazi, H. (2018). “Cyber-security in smart grid:
Survey and challenges.” Computers & Electrical Engineering, 67, 469-482.
[6] Senthilkumar, K., &Easwaramoorthy, S. (2017, November). “A Survey on Cyber Security awareness
among college students in Tamil Nadu.” In IOP Conference Series Materials Science and Engineering
(Vol. 263).
[7] Kirichenko, L., Radivilova, T., & Carlsson, A. (2018). “Detecting cyber threats through social network
analysis: short survey. “ arXiv preprint arXiv:1805.06680.
[8] Kayes, I., &Iamnitchi, A. (2017). “Privacy and security in online social networks: A survey.” Online
Social Networks and Media, 3, 1-21.
[9] Fire, M., Goldschmidt, R., &Elovici, Y. (2014). “Online social networks: threats and solutions.” IEEE
Communications Surveys & Tutorials, 16(4), 2019-2036.
[10] Albladi, S. M., & Weir, G. R. (2020). “Predicting individuals’ vulnerability to social engineering in
social networks.” Cybersecurity, 3(1), 1-19.
[11] Senthil Kumar, N., Saravanakumar, K., & Deepa, K. (2016).” On privacy and security in social
media–a comprehensive study.” Procedia Computer Science, 78, 114-119.
[12] Gharibi, Wajeb, and MahaShaabi. "Cyber threats in social networking websites." arXiv preprint
arXiv:1202.2420 (2012).
[13] Kumar, Sunil, and Vikash Somani. "Social Media Security Risks, Cyber Threats And Risks Prevention
And Mitigation Techniques." International Journal of Advance Research in Computer Science and
Management 4.4 (2018): 125-129.
[14] Al Mushayt, Omar Saeed. "Threats and anti-threats strategies for social networking websites."
International Journal of Computer Networks & Communications (IJCNC) Vol 5 (2013).
2576
JOURNAL OF CRITICAL REVIEWS
[15] Canongia, Claudia, and Raphael Mandarino. "Cyber security: The new challenge of the information
society." Handbook of Research on Business Social Networking: Organizational, Managerial, and
Technological Dimensions. IGI Global, 2012. 165-184.
[16] Hajli, Nick, and Xiaolin Lin. "Exploring the security of information sharing on social networking sites:
The role of perceived control of information." Journal of Business Ethics 133.1 (2016): 111-123.
[17] Abdulhamid, Shafii M., et al. "Privacy and national security issues in social networks: the challenges."
arXiv preprint arXiv:1402.3301 (2014).
[18] Beach, A., Gartrell, M., & Han, R. (2009, August). “Solutions to security and privacy issues in mobile
social networking”. In 2009 International Conference on Computational Science and Engineering
(Vol. 4, pp. 1036-1042). IEEE.
[19] Waters, Cheryl D. “Assessing the impact of organizational security policies and employee awareness on
the use of social media websites.” Diss. Capella University, 2016.
[20] Sadeghian, Amirmohammad, Mazdak Zamani, and Bharanidharan Shanmugam. "Security threats in
online social networks." 2013 International Conference on Informatics and Creative Multimedia. IEEE,
2013.
2577
Journal of Information and Computational Science ISSN: 1548-7741
Abstract
In present times, the study of security in computer networks is a quickly growing area of interest
due to the creation of networks and the scarcity of security measures in numerous existing
networks. Cryptography is the science of defense of confidential data from illegal access,
assuring data integrity, authentication, and other processes. For attaining this aim, a
cryptographic technique is applied to generate a cryptogram with extra information. The
quantum cryptography is a rising technology depending upon quantum mechanics, the
phenomenon of light and the characteristics of light. It enables a transmission of data between
two users without sharing any secret details. This paper presents a quantum three-pass protocol
(QTPP) authentication based on Genetic algorithm (GA) with Hill-cipher algorithm. The matrix
in Hill Cipher is developed to carry out the encryption and decryption processes. GA provides an
optimized manner of determining the key employed to encrypt and decrypt the data using Hill
Cipher. By computing the evaluation function in GA, the key which fits the composition will be
attained. An elaborate experimentation takes place to ensure the goodness of the presented
model. The attained simulation outcome strongly pointed out the better performance of the
presented model over the compared methods.
Keywords: Cryptography, Network Security, Hill Cipher, Quantum Three Pass Protocol,
Genetic Algorithm
1. Introduction
Cryptography is the discipline of defense of secret data from illegal access, ensure data integrity,
authentication, and other processes. For attaining this intention, a cryptographic technique is
utilized for producing a cryptogram with few extra details, known as key. The traditional
cryptographic technique can be classified into two major kinds based on the sender and receiver
namely symmetrical and asymmetric models. In the former one, both parties utilize same key and
the latter one employs different keys. The one time padding technique comes under the
traditional cryptography [1]. The quantum cryptography is a rising field developed using the
fundamentals of quantum mechanics, the phenomenon of light and the characteristics of light.
The quantum cryptography has begun in the year of 1984 by a physicist named Bennett where
unconditionally secure quantum key distribution protocol known as BB84 has been presented. It
enables two users to securely communication data with no use of secret data transmission [2].
With respect to the uncertainty principle, it is verified in a scientific way in 1992 [3]. Then, [4]
showed that the deterministic quantum key distribution is proposed where the quantum secure
direct communication has been developed through the communication of individual photons with
normal channel. The Ping-Pong quantum secure direct communication makes use of the
entanglement [5]. In [6, 7] the limitations of the PingPong model has been simultaneously
enhanced. A quantum secure direct communication model utilizing individual photons as
discussed in [8, 9].
Quantum dense key distribution utilizes quantum key distribution and quantum dense encoding
[10] to prove the key distribution improvement on the capacity of transmission [11–13]. A novel
type of quantum cryptography approach depending upon Shamir’s three-pass protocol (TPP) of
traditional cryptography has been presented [14], and then the quantum three-pass protocol
(QTPP) with respect to quantum superposition state has been devised [15] indicating that none of
the keys were communication between two parties in contrast to BB84 protocol.
At recent days, quantum encryption model has been presented and pointed out that the quantum
encryption models are found to be identical to the traditional encryption technique apart from
that the quantum approach which depends upon the quantum laws and the traditional
mathematical oriented concepts. The growth in the domain of quantum computation might poses
a threat to classical encryption models due to the Shor’s quantum factor, discrete and quantum
Grover’s searching approaches. Therefore, several studies have designed novel models for
protecting data with the progresses made in this field. Due to the essential features which are
defined by the quantum models which differentiate it from traditional models where the attacker
can be identified under quantum in an easier way, the nonorthogonal quantum states could not be
effectively differentiated. In addition, an unconditionally security model is very important on the
traditional way of protecting data. So, the quantum approaches are found to be the optimal ones
for accomplishing the present requirements.
The quantum cryptography is a rising technology depending upon quantum mechanics, the
phenomenon of light and the characteristics of light. It enables a transmission of data between
two users without sharing any secret details. This paper presents a QTPP authentication based on
Genetic algorithm (GA) with Hill-cipher algorithm. The matrix in Hill Cipher is developed to
carry out the encryption and decryption processes. GA provides an optimized manner of
determining the key employed to encrypt and decrypt the data using Hill Cipher. By computing
the evaluation function in GA, the key which fits the composition will be attained. An elaborate
experimentation takes place to ensure the goodness of the presented model. The attained
simulation outcome strongly pointed out the better performance of the presented model over the
compared methods.
The rest of the paper is formulated as follows. Section 2 describes an outline of QTTP. Section 3
explains the presented model in an elaborate way. Section 4 performs experimental validation
and section 5 provides conclusion.
cos𝜃𝑗 sin𝜃𝑗
𝑅(𝜃𝑗) = { }. (1)
−sin𝜃𝑗 cos𝜃𝑗
This function can be regarded as encryption with an angle 𝜃𝑗 signifies the encryption key,
although the rotation function can be regarded in decryption by angle−𝜃𝑗. In the QTPP there is
no distributed key among sender as well as receiver; the sender creates its own confidential
𝐾𝜃SEN where (𝐾𝜃SEN = {𝜃𝑆𝐸𝑁 |0 ≤ 𝜃𝑆𝐸𝑁 < 𝜋}) to every session. With the receiver creates its
own confidential key 𝐾𝜃𝑅𝐸𝐶 where (𝐾𝜃𝑅𝐸𝐶 = {𝜃𝑅𝐸𝐶 |0 ≤ 𝜃𝑅𝐸𝐶 < 𝜋}) for every session. Assured
the opponent never determined these keys. For 𝑛‐qubits, the key to sender as well as receiver
altered with every qubit and every key is utilized only twice with creator that maintained to other
𝑛‐qubits of the key. Thus, the new key will avoid several data connected to the key with data
from being infiltrated. At present, if supposed that the plaintext 𝑃 is single photon encryption to
the qubit as 𝑃 = |1⟩, the sender as well as receiver creates their own key, sender key = 𝐾𝜃SEN ,
and receiver key = 𝐾𝜃𝑅𝐸𝐶 . The sender encrypted the plaintext 𝑃 with its making of key as the
subsequent:
cos𝜃SEN sin𝜃SEN 0
𝐸K𝜃SEN [𝑃]: 𝑅𝐸𝐶(𝜃SEN )|1⟩ = [ ] [ ] = sin 𝜃SEN |0 ⟩ + cos 𝜃SEN |1⟩
−sin𝜃SEN cos𝜃SEN 1
= |∅1 ⟩ (2)
where 𝐸 is the encryption through sender key 𝐾𝜃SEN , and the resultant is the superposition state
|∅1 ⟩where the sender will transmit to receiver. The receiver receives the photon in |∅1 ⟩ and
encrypted it through its own key as the subsequent:
= sin (𝜃𝑅𝐸𝐶 + 𝜃SEN )|0 ⟩ + 𝑐𝑜𝑠 (𝜃𝑅𝐸𝐶 + 𝜃SEN )|1⟩ = |∅2 ⟩, (3)
where |∅2 ⟩ is the superposition state. The receiver transmits |∅2 ⟩back to the sender. The sender
obtains |∅2 ⟩and decryption it with utilizing the angle 𝜃𝑆𝐸𝑁 but through rotation of −𝜃𝑆𝐸𝑁 as there
is decrypted in this case; next the outcomes |∅3 ⟩ transmit back to the receiver as the subsequent:
= 𝐸K𝜃𝑅𝐸𝐶 [𝑃] : 𝑅𝐸𝐶(−𝜃𝑆𝐸𝑁 ) = sin 𝜃𝑅𝐸𝐶 |0⟩+ cos 𝜃𝑅𝐸𝐶 |1 ⟩= |∅3 ⟩, (4)
where 𝐷 is the decryption by sender key 𝐾𝜃SEN . The receiver receives |∅3 ⟩ and decrypted it with
utilizing angle 𝜃𝑅𝐸𝐶 although with rotation of −𝜃𝑅𝐸𝐶 as there is decrypts in this case; after that
the receiver obtains the plaintext 𝑃 that the sender sends it |1⟩ as the subsequent:
At last, the receiver has the plaintext𝑗1𝑖. The entire process of the protocol is in Fig. 1 and every
protocol is presented, proposed and increased.
crossover, selection and mutation. Selection is utilized to rejoin the population with the
maximum probability. The arbitrary number created is joined with the cumulative probability.
The nearby value is occupied to return the actual value of the population.
of byte. Because the ASCII value does not over 255, we do not obtain an integer as the modular
expression. There are 3 important phase in GA namely crossover, selection and mutation.
Selection is utilized to rejoin the population with the maximum probability. The arbitrary number
created is joined with the cumulative probability. The nearby value is occupied to return the
actual value of the population.
Fig. 3 illustrates the form of the Hill Cipher chromosome. The matrix is transformed into one-
dimension vector. Every cell is filled with an arbitrary integer number (x). The fitness function
estimates the determinant of the chromosome by this subsequent formula.
𝐹 = 𝐷 (1) (6)
Where F denotes Fitness and D denotes Determinant. The GA of this technique is rather
straightforward than the one of a usual technique to scheduling as we do not have to search till
the fitness value reaches no error. We just search the ideal fitness that does not contain equal
value. Because the determinant is in the odd number, it is optimal to Hill Cipher. However, we
still to find until the determinant reaches 1.
time-bins of arrival. Certainly, with choosing 2 orthogonal states spanning the Hilbert space, |0⟩
and |1⟩ now encoding the zero and one values of quantum bit (qubit), and quantum superposition
creates it probable to make states of the form:
|∅⟩ = 𝛼| 0⟩ + 𝛽| 1⟩ , (7)
where 𝛼, 𝛽 ∈ 𝐶 and |𝛼 2 | + |𝛽 2 | = 1.
Sender transmits the resultant state to receiver. Receiver obtains the photon and encrypted
through its key𝐾𝜃𝑅𝐸𝐶 . The resultant state is until a superposition state and the receiver transmits
it back to sender:
The sender obtains and decrypts it with rotating it reverse through angle 𝐾−𝜃SEN and transmits
the resultant superposition state to receiver another time:
Receiver obtains and decrypts it with rotating it reverse through the angle𝐾−𝜃𝑅𝐸𝐶 :
This method maintains through every qubit of the encoded plaintext qubit |E⟩ still the receiver
obtains entire encoding plaintext qubits |E⟩, afterwards alter every BC to letters that are then
decoding to the plaintext with utilizing the key inverse of Hill‐cipher algorithm (KIHCA) where
the sender and receiver agree on the key of Hill‐cipher algorithm (KHCA). Here, the receiver has
the actual plaintext.
4. Experimental Validation
In this section, a detailed validation of the presented QTTP-GA-HC model takes place. The
QTTP-GA-HC has been simulated using OPNET simulator and the results are measured in terms
of throughput, end to end delay, jitter, latency, security strength and average power. The results
are calculated by executing the QTTP-GA-HC under a set of ten iterations.
Table 2 Comparison of different models under various simulations interms of security strength
Sim No. IPv4 Secured IPv4 IPv6 Secured IPv6 GABFOTPP PROPOSED
1 85 91 93 94 97 99
2 85 90 93 96 97 99
3 85 91 93 94 95 97
4 86 89 92 96 97 98
5 85 89 93 94 96 97
6 86 90 93 94 95 96
7 87 90 94 95 96 97
8 86 90 94 94 97 98
9 87 89 93 95 97 97
10 86 91 94 96 95 96
Next to that, the Secured IPv6 model gives moderate performance by offering a moderate
Security Strength of 94%. Though the IPv4 offers minimum Security Strength over the earlier
methods, it does not outperform the IPv6 and the GABFO-TPP models. The GABFO-TPP model
shows competitive performance by obtaining a Security Strength of 97%, which is lower than all
the compared methods except QTTP-GA-HC. At last, the QTTP-GA-HC offers least Security
Strength of 99% which is significantly higher than all the other existing models. These values
proved that the QTTP-GA-HC shows effective outcome interms of Security Strength.
Table 3 Comparison of different models under various simulations interms of ETE delay
Sim No. IPv4 Secured IPv4 IPv6 Secured IPv6 GABFO TPP PROPOSED
Though the IPv4 offers minimum ETE delay over the earlier methods, it does not outperform the
GABFO-TPP and the QTTP-GA-HC models. The GABFO-TPP model shows competitive
performance by obtaining a ETE delay of 688ms, which is lower than all the compared methods
except QTTP-GA-HC. At last, the QTTP-GA-HC offers least ETE delay of 640ms which is
significantly lower than all the other existing models. These values proved that the QTTP-GA-
HC shows effective outcome interms of ETE delay.
Sim No IPv4 Secured IPv4 IPv6 Secured IPv6 GABFO TPP PROPOSED
1 83 60 45 49 37 32
2 86 58 48 54 40 35
3 88 54 47 49 42 37
4 85 55 44 54 39 34
5 84 56 47 52 37 32
6 87 56 45 53 39 34
7 86 56 44 54 42 37
8 88 55 44 55 37 32
9 84 59 48 51 39 34
10 88 57 47 53 40 35
Sim No. IPv4 Secured IPv4 IPv6 Secured IPv6 GABFO TPP PROPOSED
Table 6 Comparison of different models under various simulations interms of average power
Sim No. IPv4 Secured IPv4 IPv6 Secured IPv6 GABFO TPP PROPOSED
The Secured IPv6 model shows competitive performance by obtaining an Average Power of
1052mW, which is lower than all the compared methods except QTTP-GA-HC. At last, the
QTTP-GA-HC offers least Average Power of 1031mW which is significantly lower than all the
other existing models. These values proved that the QTTP-GA-HC shows effective outcome
interms of Average Power.
From the observation of the values present in the above tables and figures, it can be easily
verified that the QTTP-GA-HC outperforms all the compared methods in a significant manner.
5. Conclusion
This paper has introduced a QTPP authentication based on GA with Hill-cipher called QTTP-
GA-HC algorithm has been presented. The matrix in Hill Cipher is developed to carry out the
encryption and decryption processes. GA provides an optimized manner of determining the key
employed to encrypt and decrypt the data using Hill Cipher. By computing the evaluation
function in GA, the key which fits the composition will be attained. The QTTP-GA-HC has been
simulated using OPNET simulator and the results are measured in terms of throughput, end to
end delay, jitter, latency, security strength and average power. The results are calculated by
executing the QTTP-GA-HC under a set of ten iterations. The experimental outcome verified
that the QTTP-GA-HC outperforms all the compared methods in a significant manner.
References
[1] W. Stallings, Cryptography and Network Security: Principles and Practice, Pearson
Custom Computer Science Series, Prentice Hall, 5th edition, 2010.
[2] C. H. Bennett and G. Brassard, “Quantum cryptography: public key distribution and
coin tossing,” in Proceedings of IEEE International Conference on Computers, Systems
and Signal Processing, vol. 175, New York, NY, USA, 1984.
[3] C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, and J. Smolin, “Experimental
quantum cryptography,” Journal of Cryptology, vol. 5, no. 1, pp. 3–28, 1992.
[4] A. Beige, B.-G. Englert, C. Kurtsiefer, and H. Weinfurter, “Secure communication with a
publicly known key,” Acta Physica Polonica A, vol. 101, no. 3, pp. 357–368, 2002.
[5] K. Bostrom and T. Felbinger, “Deterministic secure direct ¨ communication using
entanglement,” Physical Review Letters, vol. 89, no. 18, pp. 187902–187905, 2002.
[6] A. Wojcik, “Eavesdropping on the ‘ping-pong’ quantum com- ´ munication protocol,”
Physical Review Letters, vol. 90, no. 15, Article ID 157901, 2003.
[7] Q.-Y. Cai, “The ping-pong protocol can be attacked without eavesdropping,” Physical
Review Letters, vol. 91, 2003.
[8] F.-G. Deng and G. L. Long, “Secure direct communication with a quantum one-time
pad,” Physical Review A: Atomic, Molecular, and Optical Physics, vol. 69, no. 5, Article
ID 052319, 2004.
[9] H. Hoffmann, K. Bostroem, T. Felbinger, F.-G. Deng, and G. L. Long, “Comment on
‘Secure direct communication with a quantum one-time pad’,” Physical Review A—
Atomic, Molecular, and Optical Physics, vol. 72, no. 1, Article ID 016301, 2005.
ASurveyonNetworkSecurity
© 2017. C. Sridevi. This is a research/review paper, distributed under the terms of the Creative Commons Attribution-Noncommercial
3.0 Unported License http://creativecommons.org/licenses/by-nc/3.0/), permitting all non-commercial use, distribution, and
reproduction inany medium, provided the original work is properly cited.
A Survey on Network Security
C. Sridevi
Abstract- Computer security is one of the most expected factor between the two companies in VPN is encrypted and
in the current & future industry. Nowadays computers are forming a tunnel for the safe communication.
available in all places from home to big organization where
they are all connected to networks. Hence the risk of data II. Classification of Attackers
security is high whereas many algorithms are emerging
according to the needs of various categories of people. Still Hackers: He is a person who gains unauthorized access
we can see the security threats. In this paper I am going to
2017
to data classified into inside and outside attacks.
present the threat attacks and the mechanisms that were used
Year
to secure data. Cracker: Detects vulnerability and take advantage over it
Keywords: security attacks, intrusion detection, hackers. To develop a secure system we consider the following:
29
I. Introduction Hacker Types:
Black hats
Global Journal of Computer Science and Technology ( E ) Volume XVII Issue V Version I
here are many kinds of attacks in networking. White hats
Whereas we can classify into wired and wireless Grey hats
attacks. Here we are going to see about various
Blue hats
attacks and attackers and defenders in this paper.
A network is basically all of the components a) Various Types of Attacks
(hardware and software) involved in connecting Vulnerability – Weak point used as entry point
computers across small and large distances [2]. Threat -
Networks are used to provide easy access to Attacks
information, thus increasing productivity for users. There Controls
are following main types of networks:[1] 4 Types of Attacks
Personal area network (PAN): It is a network that is used 1) Interception : Watches packets
for the communication among the personal system ad 2) Interruption : Steals or disturbs the data
its connecting devices like printer, modem, telephone, 3) Modification : Changes the data
etc. in close proximity limited to one person only. 4) Fabrication : Sends another message apart from
Local area network (LAN): It is a network used for original but having the same sender name.
connecting two or more than two persons in a small
b) Attacks on Password
geographical area like campus, office building, etc.
Loose Lipped Systems: When System asks for
Wide area network (WAN): It is a network used for
password and username to typed in the system accepts
connecting people at large geographical area. Large
username before the password is typed in where
numbers of LAN are connected with each other creating
unrevealing the user name.
a WAN so as to connect almost whole world.
Exhaustive Attack: Tries all types of passwords
Metropolitan area network (MAN): It is a hybrid network
ranging between LAN and WAN where the connecting Probable likely for the user: Thinks of user familiarities
devices lies within the city. It is mainly used by the co- and guesses what the password the user could might
operate companies who want to share data from its one have choosen.
branch to another in the same city. Plain text system password list: Accesses the password
Global area network (GAN): This network is used for database directly.
supporting mobile across arbitrary number satellite c) Defending mechanisms
coverage areas and wireless LANs etc. The key
Password selection criteria: Carefully selecting password
challenge in mobile communications is handing off user
where one cannot guess so.
communications from one local coverage area to the
next. One time passwords: On every access changes
password by giving a function and the user solves.
Virtual private network (VPN): It is a network which is
maintained by companies who wants to do the private Encrypted password File: Even when the database is
communication over the public network. The path accessed the passwords cannot be accessed when it is
stored in an encrypted form.
Author: Assistant Professor, Department of SW, BCA, NPR Arts &
Science College, Natham. e-mail: c.sridevi1983@gmail.com
conversation.
was not secure because of advancement in computer
iv. Packet Spoofing
Year
Viruses spreads itself through networks and according to the key size. AES can be implemented on
through all medias. various platforms such as small device encryption of
Virus Types: AES is fast and flexible. AES has been tested for many
Parasitic Virus: Attach itself and spread security applications. The purpose of NIST was to define
a replacement for DES that can be used in non-military
Memory resident virus: Stored in main memory and then
information security applications by US government
spread to all executable files.
agencies.
Stealth Virus: Remains undetected from antivirus.
c) Blowfish
Boot sector viruses: Starts whenever the system gets
It is one of the most public domain encryption
booted.
algorithms. Blowfish was designed in 1993 by Bruce
Polymorphic Virus: Changes code every time it copies to Schneider as a fast alternative to existing encryption
other. algorithms. Blowfish is a symmetric key block cipher that
Metamorphic Virus: Keeps rewriting itself every time. uses a 64 bit block size and variable key length from 32
bits to 448 bits. Blowfish has 16 rounds or less. Blowfish
e) Other Attacks
is a very secure cipher and to use encryption free of
Packet Sniffing: In networks attacker observes packets patents and copyrights. No attack is successful against
between two conversation. Blowfish, although it suffers from weak key problem.
Packet Spoofing: Attacker receives the message of the
d) IDEA(International Data Encryption Algorithm)
sender and in turn sends another message with false
IDEA is a block cipher algorithm and it operates
address.
on 64-bit plaintext blocks. The key size is 128 bits long.
Phishing: Creates duplicate website with simple The design of algorithms is one of mixing operations
modification to the original website , if user access this from different algebraic groups. Three algebraic groups
page their secret data like online bank passwords and are mixed, and they are easily implemented in both
security questions and answers will be accessed hardware and software: XOR, Addition modulo 216,
through the website. This will be used to steal and Multiplication modulo 216 + 1. All these operations
transfer their money. operate on 16-bit subblocks. This algorithm is efficient
Pharming (DNS Spoofing): This will create a website on 16-bit processors. IDEA is symmetric key algorithm
duplicating the DNS address itself where whenever the based on the concept of Substitution- Permutation
website is tried to access this website will be loaded. Structure, is a block cipher that uses a 64 bit plain text
with 8 rounds and a Key Length of 128-bit permuted into
III. Various Algorithms 52 subkeys each of 128- bits. It does not contain
Sboxes and same algorithm is used in reversed for
a) Data Encryption Standard (DES)
decryption.
DES was the result of a research project set up
by International Business Machines (IBM) Corporation in e) RC4
the late 1960‟ s which resulted in a cipher known as RC4 is a stream cipher symmetric key
LUCIFER. DES is based on a cipher known as the algorithm. as the data stream is simply XOR with
Feistel block cipher. It consists of a number of rounds generated key sequence. It uses a variable length key
where each round contains bit-shuffling, nonlinear 256 bits to initialize a 256- bit state table. A state table is
© 2017
1 Global Journals Inc. (US)
A Survey on Network Security
used for generation of pseudo-random bits which is key can be found to have three equal keys, thus it can
XOR with the plaintext to generate the cipher text. be used as a hash function. David Wheeler and Roger
Needham have proposed extensions of TEA that
f) RC6
counter the above attacks.[4]
RC6 is a derivative of RC5. RC6 is designed by
Matt Robshaw, Ron Rivest Ray Sidney and is a j) CAST
symmetric key algorithm that is used to congregate the CAST is symmetric key algorithm based on the
requirements of AES contest. RC6 was also presented backbone concept of Feistel Structure. It is designed by
to the CRYPTREC and NESSIE projects. It is patented Stafford Taveres and Carlisle Adams, is considered to
by RSA Security . RC6 offers good performance in terms be a solid algorithm. The CAST is a block cipher that
of security and compatibility. RC6 is a Feistel Structured uses a 64 bit plain text with 12 or 16 rounds and a
private key algorithm that makes use a 128 bit plain text variable Key Length of 40 to128-bit. It also contains 4 S-
with 20 rounds and a variable Key Length of 128, 192,
2017
boxes and same algorithm is used in reversed for
and 256 bit. As RC6 works on the principle of RC that decryption. Bruce Schneier, John Kelsey, and David
Year
can sustain an extensive range of key sizes, word- Wagner have discovered a related-key attack on the 64
lengths and number of rounds, RC6 does not contain S- bit of CAST that requires 217 chosen plaintexts, one
boxes and same algorithm is used in reversed for related query, and 248offline computations. CAST is 31
decryption.[4] patented, which was generously released it for free
Global Journal of Computer Science and Technology ( E ) Volume XVII Issue V Version I
use.[4]
g) Serpent
Serpent is an Advanced Encryption Standard IV. Security Protocols
(AES) competition, stood 2nd to Rijndael, is a symmetric
key block cipher, designed by Eli Biham, Ross a) Secure Socket Layer
Anderson, and Lars Knudsen. Serpent is a symmetric It is used in secure exchange of information
key algorithm that is based on substitution permutation between web browser and web server. It gives 2 security
network Structure. It consists of a 128 bit plain text with services.
32 rounds and a variable Key Length of 128, 192 and 1. Authentication
256 bit. It also contains 8 S- boxes and same algorithm 2. Confidentiality
is used in reversed for decryption. Security presented by
It has five layers
Serpent was based on more conventional approaches
than the other AES finalists. The Serpent is open in the Application Layer
public sphere and not yet patented.[4] Secure Socket Layer
Transport Layer
h) Twofish Internet Layer
Twofish is also a symmetric key algorithm Data Link Layer
based on the Feistel Structure and was designed by Physical Layer
Bruce Schneier along with Doug Whiting, John Kelsey,
David Wagner, Niels Ferguson and Chris Hall,. The AES SSL layer perform encryption on the data
is a block cipher that uses a 128 bit plain text with 16 received and supports an algorithm called Fortezza.
rounds and a variable Key Length of 128, 192, 256 bit. It b) Transport Layer uses HMAC
makes use of 4 S-boxes (depending on Key) and same
algorithm is used in reversed for decryption. The SSL have 3 sub protocol
inventors extends the Blowfish team to enhance the Handshake protocol– Connection Establishment.
earlier block cipher Blowfish to its modified version Record protocol –Actual message protocol.
named Twofish to met the standards of AES for Alert Protocol - If client/ server detects error other party
algorithm designing. It was one of the finalists of the discloses the connection and the secret key is deleted.
AES, but was not selected for standardization. The
Twofish is an open to public sphere and not yet
patented. [4]
i) TEA
TEA is also a Feistel Structured symmetric key
algorithm. TEA is a block cipher that uses a 64 bit plain
text with 64 rounds and a Key Length of 128-bit with
variable rounds having 32 cycles. It does not contain S-
boxes and same algorithm is used in reversed for
decryption. TEA is designed to maximize speed and
minimize memory footprint. Cryptographers have
discovered three related-key attacks on TEA. Each TEA Fig.1
© 2017 Global Journals Inc. (US)
A Survey on Network Security
i. Transport Mode
The Transport mode provides host-to-host
Year
© 2017
1 Global Journals Inc. (US)
A Survey on Network Security
bank's public key. Both of these certificates are would request authorization for any normal
encrypted with the private key of a certifying payment-card transaction.
authority.
4. Bob uses the certifying authority's public key to
decrypt the two certificates. Bob now has Alice's
public key and the bank's public key.
5. Bob generates two packages of information: the
order information (OI) package and the purchase
instructions (PI) package. The OI, destined for Alice,
contains the transaction identifier and brand of card
being used; it does not include Bob's card number.
The PI, destined for Alice's bank, contains the
2017
transaction identifier, the card number and the
purchase amount agreed to Bob. The OI and PI are
Year
dual encrypted: the OI is encrypted with Alice's
public key; the PI is encrypted with Alice's bank's 33
public key. (We are bending the truth here in order Fig. 5
to see the big picture. In reality, the OI and PI are
Global Journal of Computer Science and Technology ( E ) Volume XVII Issue V Version I
One of the key features of SET is the non-
encrypted with a customer-merchant session key exposure of the credit number to the merchant. This
and a customer-bank session key.) Bob sends the feature is provided in Step 5, in which the customer
OI and the PI to Alice. encrypts the credit card number with the bank's key.
Encrypting the number with the bank's key
prevents the merchant from seeing the credit card. Note
that the SET protocol closely parallels the steps taken in
a standard payment-card transaction. To handle all the
SET tasks, the customer will have a so-called digital
wallet that runs the client-side of the SET protocol and
stores customer payment-card information (card
number, expiration date, etc.)
V. Conclusion
This papers dealt with various attacks on
networks and the defencing mechanisms present. Many
algorithms have been developed as an measure to
secure the system. All the algorithms are useful based
on the requirement as and when needed. Various
security mechanisms and security protocols are
available.
163-166.
Year
© 2017
1 Global Journals Inc. (US)
Asian Journal of Computer Science and Technology
ISSN: 2249-0701 Vol.8 No.1, 2019, pp. 7-12
© The Research Publication, www.trp.org.in
Abstract - Network security has become more important to II. IMPORTANCE OF NETWORK SECURITY
personal computer users, organizations, and the military. With
the advent of the internet, security became a major concern System and network technology is a key technology for a
and the history of security allows a better understanding of the wide variety of applications. Security is crucial to networks
emergence of security technology. The entire field of network
and applications. Although, network security is a critical
security is vast and in an evolutionary stage. The range of
study encompasses a brief history dating back to internet’s requirement in emerging networks, there is a significant
beginnings and the current development in network security. lack of security methods that can be easily implemented.
In order to understand the research being performed today,
background knowledge of the importance of security, types of There exists a “communication gap” between the developers
attacks in the networks. This paper elaborates the literature of security technology and developers of networks. Network
study on network security in various domains. Finally, it design is a well‐developed process that is based on the Open
summarizes the research directions by literature survey. Systems Interface (OSI) model. The OSI model has several
Keywords: Network Security, Cloud Computing, Sensor advantages when designing networks. It offers modularity,
Networks, Ad Hoc Networks, Internet of Things
flexibility, ease‐of‐use, and standardization of protocols.
The protocols of different layers can be easily combined to
I. INTRODUCTION
create stacks which allow modular development. The
implementation of individual layers can be changed later
The world is becoming more interconnected with the advent
without making other adjustments, allowing flexibility in
of the Internet and new networking technology. There is a
development. In contrast to network design, secure network
large amount of personal, commercial, military, and
design is not a well‐ developed process. There isn’t a
government information on networking infrastructures
methodology to manage the complexity of security
worldwide. Network security is becoming of great
requirements. Secure network design does not contain the
importance because of intellectual property that can be
same advantages as network design.
easily acquired through the internet.
When considering network security, it must be emphasized
Network security starts with authorization, commonly with
that the whole network is secure. Network security does not
a username and a password. Network security consists of
only concern the security in the computers at each end of
the provisions and policies adopted by a network
the communication chain. When transmitting data the
administrator to prevent and monitor unauthorized access,
communication channel should not be vulnerable to attack.
modification in system, misuse, or denial of a computer
A possible hacker could target the communication channel,
network and network-accessible resources. Basically
network security involves the authorization of access to data obtain the data, decrypt it and re‐insert a false message.
in a network, which is controlled by the network admin. It Securing the network is just as important as securing the
has become more important to personal computer users, and computers and encrypting the message.
organizations. If this authorized, a firewall forces to access
policies such as what services are allowed to be accessed for When developing a secure network, the following need to
network users. So that to prevent unauthorized access to be considered:
system, this component may fail to check potentially 1. Access: authorized users are provided the means to
harmful content such as computer worms or Trojans being communicate to and from a particular network.
transmitted over the network. Anti-virus software or an 2. Confidentiality: Information in the network remains
intrusion detection system (IDS) helps detect the malware. private.
Today anomaly may also monitor the network like wire 3. Authentication: Ensure the users of the network are
shark traffic and may be logged for audit purposes and for who they say they are.
later on high-level analysis in system. Communication 4. Integrity: Ensure the message has not been modified in
between two hosts using a network may be uses encryption transit.
to maintain privacy policy. 5. Non‐repudiation: Ensure the user does not refute that
he used the network.
An effective network security plan is developed with the 1. Traffic analysis: In the traffic analysis attack, an
understanding of security issues, potential attackers, needed attacker tries to sense the communication path between
level of security, and factors that make a network vulnerable the sender and receiver. An attacker can found the
to attack amount of data which is travel from the route of sender
and receiver. There is no modification in data by the
III. TYPES OF ATTACKS traffic analysis.
2. Eavesdropping: This is a passive attack, which
This section describes the basic class of attacks which can occurred in the mobile ad-hoc network. The main aim
be a cause for slow network performance, uncontrolled of this attack is to find out some secret or confidential
traffic, viruses etc. Attacks to network from malicious information from communication. This secrete
nodes. Attacks can be categories in two: "Passive" when a information may be privet or public key of sender or
network intruder intercepts data traveling through the receiver or any secrete data.
network, and "Active" in which an intruder initiates 3. Monitoring: In this attack in which attacker can read
commands to disrupt the network's normal operation. the confidential data, but he cannot edit the data or
A. Active Attacks cannot modify the data
Some active attacks are spoofing attack, Wormhole attack, IV. LITERATURE REVIEW
Modification, Denial of services, Sinkhole, and Sybil attack.
1. Spoofing: When a malicious node miss-present his Shi-Jinn Horng et al., in [1] designed a new flow for
identity, so that the sender change the topology. intrusion detection system using Support Vector Machine
2. Modification: When malicious node performs some (SVM) technique. The famous KDD Cup 1999 dataset was
modification in the routing route, so that sender sends used to evaluate the proposed system. Compared with other
the message through the long route. This attack cause intrusion detection systems that are based on the same
communication delay occurred between sender and dataset, this system exhibited better performance in the
receiver. detection of DoS and Probe attacks, and the best
3. Wormhole: This attack is also called the tunneling performance in overall accuracy.
attack. In this attack an attacker receives a packet at one
point and tunnels it to another malicious node in the Mohammad Wazid in [2] has used hybrid anomaly
network. So that a beginner assumes that he found the detection technique with the k-means clustering. WSN are
shortest path in the network. simulated using Optimized Network Engineering Tool
4. Fabrication: A malicious node generates the false (OPNET) simulator and the resultant dataset consists of
routing message. This means it generate the incorrect traffic data with end to end delay data which has been
information about the route between devices. clustered using WEKA 3.6. In this experiment, it has been
5. Denial of services: In denial of services attack, observed that two types of anomalies namely misdirection
malicious node sending the message to the node and and black hole attacks were activated in the network .
consume the bandwidth of the network. The main aim
of the malicious node is to be busy the network node. If Shun-Sheng Wang et al., [3][4] have designed an integrated
a message from unauthenticated node will come, then intrusion detection system using intrusion dataset from UCI
receiver will not receive that message because he is repository .The dataset trained well using Back Propagation
busy and beginner has to wait for the receiver response. Neural Network (BPNN) and the output is used as an
6. Sinkhole: Sinkhole is a service attack that prevents the important parameter in Adaptive Resonance Theory (ART)
base station from obtaining complete and correct model to cluster the data. Finally the outputs received from
information. In this attack, a node tries to attract the both techniques are compared and the ART model provided
data to it from his all neighbouring node. Selective the best accuracy rate and overall performance.
modification, forwarding or dropping of data can be
done by using this attack. Mohit Malik et al., [5] applied the rule based technique for
7. Sybil: This attack related to the multiple copies of detecting the security attack in WSN. They identified ten
malicious nodes. The Sybil attack can be happen due to important security attack types developed a fuzzy rule based
malicious node shares its secret key with other system for calculating the impact of security attacks on the
malicious nodes. In this way the number of malicious wireless sensor network.
node is increased in the network and the probability of
the attack is also increases. If we used the multipath Reda M. Elbasiony et al., [6] proposed a hybrid detection
routing, then the possibility of selecting a path framework using K-means clustering algorithm to detect
malicious node will be increased in the network. novel intrusions by clustering the network connections. In
this hybrid framework, the anomaly part was improved by
B. Passive Attacks replacing the k-means algorithm with the weighted k-means
algorithm.
The names of some passive attacks are traffic analysis,
Eavesdropping, and Monitoring.
LeventKoc et al., [7] proposed a new technique Hybrid Vaishali Kosamkar in [14] developed technique of
Naïve Bayes (HNB) and excelled in a superior performance combining C4.5 Decision Tree and Support Vector Machine
in terms of accuracy, error rate and misclassification cost. In (SVM) algorithm in order to achieve high accuracy and
early stages the traditional Naïve Bayes model are used but diminish the false alarm rate. For feature selection stage, the
the result produced by HNB is better than traditional Naïve Correlation- Based Feature Selection (CFS) algorithm was
Bayes. The results they have produced indicate that this used for better accuracy result.
model significantly improves the accuracy for detecting the
denial-of-services (DoS) attacks. Harmeet Kaurl in [15] designed a model to reduce the delay
in the network and to produce an end to end data in good
Wenying Fenga et al., [8] introduced a new way of speed. A simulated WSN using SPEED protocol was used.
combining algorithm for the better result in detecting It was concentrating on two different performance
intrusions and classified the network activities into normal parameters throughput and energy consumption for analysis.
or abnormal by reducing the misclassification rate. It BCO (Bee Colony Optimization) algorithm was used to
combined Support Vector Machine method and the give better results with high throughput and low energy
Clustering based on Self-Organized Ant Colony Network to consumption.
take the advantages by avoiding their weaknesses. This
Experiments show that CSVAC (Combining Support H. Oh, I. Doh and K. Chae in [16], the authors proposed a
Vectors with Ant Colony) outperforms better the SVM or real-time intrusion detection system based on the Self-
CSOACN in terms of both classification rate and run-time Organizing Map (SOM); an unsupervised learning
efficiency. technique that is appropriate for anomaly detection in
wireless sensor networks. The proposed system was tested
Megha Bandgar et al., [9] described a novel approach using using KDD’99 Intrusion Detection Evaluation dataset. The
Hidden Markov Models (HMM) to detect Internet attacks system groups similar connections together based on
and described an intrusion detection system for detecting a correlations between features. A connection may be
signature based attack. They have performed single and classified as normal or attack. Attacks are classified again
multiple HMM model for source separation both on IP and based on the type of attack. It took the system 0.5 seconds
port information of source and destination. to decide whether a given input represents a normal
behavior or an attack.
Dat Tran et al., [10] proposed Fuzzy Gaussian mixture
modeling method for network anomaly detection. It was a N. Ye and X. Li in [17], A data mining algorithm called
mixture of Gaussian distributions used to represent the Clustering and Classification Algorithm Supervised (CCA-
network data in multi-dimensional feature space. Using S) was developed for intrusion detection in computer
fuzzy C-means estimation, Gaussian parameters were networks. The algorithm is used to learn signature patterns
estimated and the whole work is carried out with the KDD of both normal behaviors and attacks. Compared to anomaly
Cup data set. The proposed method produced here is more detection techniques, the signature recognition techniques
effective than the vector quantization method. always produce true alarms, but not being the capability to
detect unknown attacks. The algorithm’s scalability and
Vahid Golmah in [11] developed a hybrid technique using incremental learning were improved performance the
C5.0 and SVM algorithm to evaluate the performance of the decision tree algorithms.
hybrid technique with DARPA dataset. The motivation
behind this hybrid approach was to improve the accuracy of G. Singh, F. Masseglia, C. Fiot, A. Marascu and P. Poncelet
the intrusion detection system when compared to using in [18], the authors addressed the main drawback of
individual SVM and C5.0. Due to the mixture of SVM and detecting intrusions by means of anomaly (outliers)
C5.0, it took less execution time. detection. In their work, they added a new feature to the
unknown behaviors before they are considered as attacks,
Punam Mulak in [12] has used hybrid technique by and they claim that the proposed system guarantees a very
combining Boundary cutting algorithm and clustering low ratio of false alarms, making unsupervised clustering
algorithm. The motivation for using this hybrid approach is for intrusion detection more effective, realistic and feasible.
to improve the accuracy of the intrusion detection system
and to provide better result than other clustering.
K. Faraoun and A. Boukelif in [19], a genetic programming
approach for multi-category pattern classification applied to
Venkata Suneetha Takkellapati in [13] proposed a new
network intrusion detection, proposed to reduce the input
system with Information Gain (IG) and Triangle Area based
patterns dimension towards a better inter-classes
KNN algorithm is for selecting more discriminative
discrimination, and achieved through non-linear
features. Then the Greedy k-means clustering algorithm was
transformations on the original datasets.
combined with SVM classifier to detect Network attacks.
This system achieved a accuracy detection rate and less
error rate .All these experiments were conducted in KDD W. Lee, S. Stolfo, P. Chan, E. Eskin, W. Fan, M. Miller, S.
CUP 1999 training data set. Hershkop and J. Zhang in [20], a real time data mining
based intrusion detection like accuracy, efficiency and conducted on KDD CUP 99 to enlist the effects of features
usability in intrusion detection in real time environments. It in detecting the intrusion in systems.
used the artificial anomalies, multiple model and adaptive
learning algorithms to address the above issues respectively. Amini et al., in [28] introduced an intrusion detection
approach based on Adaptive Resonance Theory (ART) and
K. Ioannis, T. Dimitriou and F. C. Freiling in [21], a light Principal Component Analysis (PCA). The PCA is used for
weight intrusion detection scheme was proposed to identify feature selection to reduce the computational complexity
or detect the effect of attack in WSN by utilizing the and training time of ART. Experimental results show that
concept of collaborative communication methodology. They modifications proposed in this approach improved the speed
also formulated the general rules for the WSN too. and accuracy of detection
D. Farid, J. Darmont, N. Harbi, N. Hoa and M. Rahman in J. Xiao and H. Song in [29], an intrusion detection system
[22], the authors addressed the complexity of the intrusion called Unsupervised Neural Net based Intrusion Detector
detection datasets, as most of them are complex and contain (UNNID) was introduced to provide the facilities for
large number of attributes. Some of these attributes may be training, testing, and tuning of unsupervised Adaptive
redundant or do not have significant contribution for Resonance Theory (ART) with neural networks used for
intrusion detection. The aim of this work was to specify intrusion detection.
effective attributes from the training dataset to build a
classifier using data mining algorithms. Experimental E. Skoudis in [30], to mention a few of the attacks Smurf
results on KDD’99 intrusion detection dataset show that the attacks, also known as directed broadcast attacks, and are
proposed approach achieves high classification rates and popular form of DoS packet floods. Smurf attacks rely on
reduces false positives in such environment with limited directed broadcast to create a flood of traffic for a victim.
computational resources. The attacker sends a ping packet to the broadcast address
for some network on the Internet that will accept and
J. Zhang and M. Zulkernine in [23], the authors focused on respond to directed broadcast messages, known as the
the high rate of false positive in intrusion detection Smurf amplifier. The attacker uses a spoofed source address
associated with an intent of achieving a high rate of false of the victim. If there are 30 hosts connected to the Smurf
positives in intrusion detection, a modified random forest amplifier, the attacker can cause 30 packets to be sent to the
algorithm was developed, and tested using WEKA tool, victim by sending a single packet to the Smurf amplifier.
testing was conducted on KDD CUP 99 dataset for the
above said claim. K. Labib and V. Rao Vemuri in [31], Neptune attacks can
make memory resources too full for a victim by sending a
M. Tavallaee, E. Bagheri, W. Lu and A. Ghorbani in [24], TCP packet requesting to initiate a TCP session. This packet
to overcome the short coming of KDD CUP 99 dataset, a is part of a three-way handshake that is needed to establish a
new dataset called NSL-KDD [24] was proposed and TCP connection between two hosts. The SYN flag on this
presented a detailed statistical analysis model to evaluate packet is set to indicate that a new connection is to be
the intrusion detection systems. established. This packet includes a spoofed source address,
such that the victim is not able to finish the handshake but
Campose et al., [25] proposed a Database Centric had allocated an amount of system memory for this
Architecture for Intrusion Detection (DAID) system in connection. After sending many of these packets, the victim
Oracle 10g to address the challenges in designing and eventually runs out of memory resources. IPsweep and
implementing data mining based intrusion detection Portsweep, as their names suggest, sweep through IP
systems. DAID offered numerous advantages in terms of addresses and port numbers for a victim network and host
scheduling capabilities, alert infrastructure, data analysis respectively looking for open ports that could potentially be
tools, security, scalability, and reliability. used later in an attack.
K. Prothives and S. Srinoy in [26], an intrusion detection T. Eldos, M. Khubeb Siddiqui and A. Kanan in [32], author
system based on Adaptive Resonance Theory (ART) and presented a contribution to the network intrusion detection
Rough Set Theory [38] to detect the known attacks and also process using Adaptive Resonance Theory (ART1), a type
new unknown attacks by creating new clusters using ART of Artificial Neural Networks (ANN) with binary input
and RT. unsupervised training. they presented the feature selection
using data mining techniques, towards two dimensional
H. Güneş Kayacık, A. Nur Zincir-Heywood and M. I. dataset reduction that is efficient for the initial and on-going
Heywood in [27], a feature relevance analysis [27] was training, and reduce the dataset both vertically and
horizontally, numbers of vectors and number of features.
V. CONCLUSION [11] Vahid Golmah, “An Efficient Hybrid Intrusion Detection System
based on C5.0 and SVM”, International Journal of Database Theory
and Application Vol.7, No.2, pp. 59-70, 2014.
In this paper, we have evaluated many researchers approach [12] Punam Mulak, Nitin R. Talhar, “Novel Intrusion Detection System
for network security in WSN, IoT, Cloud Computing, Using Hybrid Approach”, International Journal of Advanced
WBAN, and Big Data. This article suggests a research area Research in Computer Science and Software Engineering, Vol. 4, No.
11, ISSN: 2277 128X, November 2014.
in the domain of security threats for WSN, WBAN, Cloud
[13] Venkata Suneetha Takkellapati1, G.V.S.N.R.V Prasad, “Network
computing, IoT. In future smart home conditions, there will Intrusion Detection system based on Feature Selection and Triangle
be multi-modal sensor explications that include the area Support Vector Machine”, International Journal of Engineering
advantages reported. Table I depicts the research direction Trends and Technology, Vol. 3, No. 2012.
[14] Vaishali Kosamkar, Sangita S Chaudhari, “Improved Intrusion
in network security.
Detection System using C4.5Decision Tree and Support Vector
Machine”, International Journal of Computer Science and
REFERENCES Information Technologies, Vol. 5, No. 2, pp. 1463- 1467, 2014.
[15] Harmeet Kaur, Ravneet Kaur, “Crossbreed Routing Protocol for
[1] Shi-Jinn Horng, Ming-Yang Su, Yuan-Hsin Chen, Tzong-Wann Kao, SPEED Terminology in Wireless Sensor Networks”, International
Rong-Jian Chen, Jui- Lin Lai, Citra Dwi Perkasa, “A novel intrusion Journal of Advance Research in Computer Science and management
detection system based on hierarchical clustering and support vector Studies, Vol. 2, No. 7, ISSN: 2321-7782, July 2014..
machines”, Elsevier Computer Network, pp.306–313, 2010. [16] H. Oh, I. Doh and K. Chae, “Attack classification based on data
[2] Mohammad Wazid, “Hybrid Anomaly Detection using K-Means mining technique and its application for reliable medical sensor
Clustering in Wireless Sensor Networks”, Center for Security, Theory communication”, International Journal of Computer Science and
and Algorithmic Research, pp. 1-17, 2014. Applications, Vol. 6, No. 3, pp. 20-32, 2009.
[3] Y.-J. Shen and M.-S. Wang, “Broadcast scheduling in wireless sensor [17] [17] N. Ye and X. Li, “A Scalable Clustering Technique for Intrusion
networks using fuzzy hopfield neural network,” Expert Systems with Signature Recognition”, Proceedings of 2001 IEEE Workshop on
Applications, Vol. 34, No. 2, pp. 900-907, 2008 Information Assurance and Security, 2001.
[4] Y. Wang, M. Martonosi, and L.-S. Peh, “Predicting link quality using [18] G. Singh, F. Masseglia, C. Fiot, A. Marascu and P. Poncelet, “Data
supervised learning in wireless sensor networks,” ACM SIGMOBILE Mining for Intrusion Detection: from Outliers to True Intrusions”,
Mobile Computing and Communications Review, Vol. 11, No. 3, pp. The 13th Pacific-Asia Conference on Knowledge Discovery and Data
71–83, 2007 Mining (PAKDD’09), Thailand, 2009.
[5] Mohit Malik, Namarta kapoor, Esh naryan, Aman Preet Singh, “Rule [19] K. Faraoun and A. Boukelif, “Genetic Programming Approach for
Based Technique detecting Security attack for Wireless Sensor Multi-Category Pattern Classification Applied to Network Intrusions
network using fuzzy logic”, International Journal of Advanced Detection”, The International Arab Journal of Information
Research in Computer Engineering & Technology, Vol. 1, No. 4,, Technology, Vol. 4, No. 3, 2007.
ISSN: 2278–1323, June 2012. [20] W. Lee, S. Stolfo, P. Chan, E. Eskin, W. Fan, M. Miller, S. Hershkop
[6] Reda M. Elbasiony, Elsayed A. Sallam, Tarek E. Eltobely,Mahmoud and J. Zhang, “Real Time Data Mining-based Intrusion Detection”,
M. Fahmy, “A hybrid network intrusion detection framework based Proceedings of DISCEX II, June 2001.
on random forests and weighted k-means” Ain Shams Engineering [21] K. Ioannis, T. Dimitriou and F. C. Freiling, “Towards Intrusion
Journal, vol 4, pp.753–762,2013. Detection in Wireless Sensor Networks”, 13th European Wireless
[7] Levent Koc, Thomas A. Mazzuchi, Shahram Sarkani, “A network Conference, Paris, April 2007.
intrusion detection system based on a Hidden Naïve Bayes multiclass [22] D. Farid, J. Darmont, N. Harbi, N. Hoa and M. Rahman, “Adaptive
classifier”, Elsevier, pp.13492–13500, 2012. Network Intrusion Detection Learning: Attribute Selection and
[8] Wenying Fenga, Qinglei Zhangc, Gongzhu Hud, Jimmy Xiangji Classification”, International Conference on Computer Systems
Huange, “Mining network data for intrusion detection through Engineering (ICCSE 09), Bangkok, Thailand, December 2009.
combining SVMs with ant colony networks”, Elsevier, pp. 127-140, [23] J. Zhang and M. Zulkernine, “Anomaly Based Network Intrusion
2013. Detection with Unsupervised Outlier Detection”, Symposium on
[9] Megha Bandgar, Komal dhurve, Sneha Jadhav,Vicky Kayastha,Prof. Network Security and Information Assuranc-Proc. of the IEEE
T.J Parvat, “Intrusion Detection System using Hidden Markov Model International Conference on Communications (ICC), Istanbul,
(HMM)”, IOSR Journal of Computer Engineering (IOSRJCE) e- Turkey, June, 2006.
ISSN: 2278-0661, p- ISSN: 2278- 8727Vol. 10, No. 3, pp. 66-70, [24] M. Tavallaee, E. Bagheri, W. Lu and A. Ghorbani, “A Detailed
Mar. - Apr. 2013. Analysis of the KDD’99 CUP Data Set”, The 2nd IEEE Symposium
[10] Dat Tran, Wanli Ma, and Dharmendra Sharma, “Network Anomaly on Computational Intelligence Conference for Security and Defense
Detection using Fuzzy Gaussian Mixture Models”, International Applications (CISDA), 2009.
Journal of Future Generation Communication and Networking, [25] M. Campos and B. Milenova, “Creation and Deployment of Data
pp.37- 42, 2012. Mining-Based Intrusion Detection Systems in Oracle Database 10g”,
an online document at http://www.oracle.com/technology/ products/ [29] J. Xiao and H. Song, “A Novel Intrusion Detection Method Based on
bi/odm/pdf/odm_based_intrusion_detection_paper_1205.pdf. Adaptive Resonance Theory and Principal Component Analysis”,
[26] Prothives and S. Srinoy, “Integrating ART and Rough Set Approach Proceedings of the 2009 International Conference on
for Computer Security”, Proceedings of the International Multi Communications and Mobile Computing, Vol. 3, 2009.
Conference of Engineers and Computer Scientists, Vol. 1, 2009. [30] [30] Skoudis, Ed, and Tom Liston, “Counter hack reloaded: a step-
[27] H. Güneş Kayacık, A. Nur Zincir-Heywood and M. I. Heywood, by-step guide to computer attacks and effective defenses”, Prentice
“Selecting features for intrusion detection: a feature relevance Hall Press, 2005.
analysis on KDD’99 intrusion detection datasets”, Third Annual [31] K. Labib and V. Rao Vemuri, “Detecting Denial-of-Service And
Conference on Privacy, Security and Trust, October 2005. Network Probe Attacks Using Principal Component Analysis”, In
[28] M. Amini and R. Jalili, “Network-based intrusion detection using Third Conference on Security and Network Architectures, La Londe,
unsupervised adaptive resonance theory (ART)”, Proceedings of the (France), 2004.
fourth conference on engineering of intelligent systems (EIS 2004), [32] T. Eldos, M. Khubeb Siddiqui and A. Kanan “On the KDD'99
Madeira, Portugal, 2004. Dataset: Statistical Analysis for Feature Selection”, Journal of Data
Mining and Knowledge Discovery, 2012.
CITATION READS
1 3,451
1 author:
Francis Ruambo
Mbeya University of Science and Technology
7 PUBLICATIONS 2 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Francis Ruambo on 08 July 2019.
Abstract: Network Security strategies evolve parallel with the advancement and development of computer systems and services. The
ubiquity of ICT devices and services offers undeniable efficiency in executing our daily routine activities. Challenges in the aspects of
security and continuous availability of the ICT resources and services, trigger the evolution of network security strategies. In this review
paper, a brief overview of evolving strategies adopted within the dynamic paradigm of network security is highlighted and challenges are
reviewed. Additionally, interesting areas for future research in securing the computer network ecosystem are suggested. The review finds
that, as long as computer systems and services are dynamically evolving, then the network security strategies will also continue to be an
evolving and volatile paradigm. In order to enhance network security, there is a need for incorporating new innovative strategies
whilst embracing network security best practices and principles to mitigate appropriately the evolving threats within the computer
network ecosystem.