Professional Documents
Culture Documents
net/publication/343064340
CITATIONS READS
0 4,345
2 authors:
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Zoya Ahmad on 20 July 2020.
Abstract—Despite all security measure taken, the systems company or organization‟s reputation and credibility and
of banking firms fall prey to malicious attacks. This paper heavy monetary losses. These attacks also compromise
talks about the practice of ethical hacking, its working, the highly classified information of the companies as well as
algorithms used, its advantages, disadvantages, needs and their employees.
current risks in the banking sector.
Despite all the security measures taken up by the banks,
Keywords—ethical hacking, network security, cyber security, individuals and often the bank themselves fall prey to cyber-
threats, risks, dangers, vulnerabilities, security, algorithms, attacks. These cyber-attacks are ubiquitous in technology
SHA, DES, AES, MD5 companies and people. They are unavoidable and inevitable.
Nevertheless, if preventive measures are taken, the banks
can be saved from the risks present in technology. The most
I. INTRODUCTION prevalent risk in technology is the issue of security.
In recent years, with the rapid development in network The banking sector is affected either by clients becoming
technology, the financial sector has started using computer victims of social engineering or by professional „hackers‟.
networks extensively. But they are constantly being Social engineering is a form of cyber-attack which is done
confronted with cyber-attacks. These financial sectors, to harvest data and information from victims. It usually
especially the banking sectors mainly take the assistance of comprises of playing with the minds of the people or
two types of security: computer security and network victims. Social engineers can be found everywhere. There is
security. no certification for social engineering, so there is no way to
detect a social engineer. There are many mediums to
Computer Security is deemed to be an autonomous implement social engineering. Some of the mediums are
system offered with the help of Operating Systems (OS) and email, web, phone, USB drives, etc. Few of the social
in-built hardware and software. Network Security is a engineering techniques are: Phishing, Spear Phishing,
broad term covering a multitude of technologies, devices Vishing, Pretexting, Baiting, etc.
and processes. In simple words, it is a set of rules and
configurations that are designed in order to protect the
integrity, confidentiality and accessibility of computer
networks and data. This is achieved using both software and
hardware technologies. Every company or organization,
regardless of its size, industry or infrastructure, requires
some amount of network security solutions in their systems
to protect it from the ever-increasing cyber threats prevalent
across the world today.
Another possible way the hackers take up is by setting 2. Vulnerability Scanner—this tool helps
up a skimmer in an ATM booth. This device is similar to a in classifying and detecting numerous system
mini camera that records the hand movement and the weaknesses in networks, computers,
hacker can easily decipher the PIN despite you covering it communication systems, etc. This is used by
with hand since it logs in the input. ethical hackers in order to find potential
loopholes and to fix them on an immediate basis.
4. Maintaining Access—the main aim of this phase This helps when an attacker hacks the database
is to maintain access to the target system until the only to find the hashed functions and not the actual
ethical hacker can finish the tasks he/she has passwords. Additionally, if they try inputting those
planned to accomplish. Along with this the hacker hashed values as a password, the hash function
also has to build a shield against malicious will convert it into another string and
consequently, access will be denied. Also, the
modification of just a few letters that are being 4. MD5—MD5 or message-digest hashing
encrypted can cause an immense change in the algorithm is a one-way cryptographic function.
output. This is known as the Avalanche Effect. They help in comparing and storing smaller hashes
Contrariwise, different strings can produce similar than storing a large text of variable length. This
hash values. This causes the hash values to not algorithm is used by the Unix Systems for storing
divulge any information regarding the input string user passwords in a 128-bit encrypted format.
like the original length. SHAs also find their use in MD5 also helps in checking the integrity of the
the detection of data tampering by attackers. files. It is very easy to generate message-digests of
the original messages by using MD5. Despite all
2. DES—Data Encryption Standard (DES) is this, the MD5 algorithm is relatively slower than
a block cipher algorithm. It was published by the the SHA algorithm. Moreover, MD5 is more prone
National Institute of Standards and Technology to collision attacks.
(NIST). It is an implementation of a Feistel
Cipher, i. e., it uses plain text in the form
of blocks, each of 64 bits and converts them into
ciphertext using keys of 48 bits. It uses the same
key for encryption and decryption of data. Thus it
practices the symmetric key algorithm.