2nd Reviewed
-
Upload
vinay-patil -
Category
Documents
-
view
217 -
download
0
Transcript of 2nd Reviewed
-
7/31/2019 2nd Reviewed
1/24
A New Data Sharing Environment for
a Secured Enterprise
Under the guidance of
Mrs. Chethana R MurthyAssistant Prof, Dept of ISE
RV College of EngineeringBy
USN NAME EMAIL MOB NO
1RV08IS006 Anjani Deekshitha A [email protected] 9980815287
1RV08IS038 Ravindra Patil [email protected] 9538667246
1RV08IS059 Vinay Hiremath [email protected] 9535535448
1RV09IS401 Ashwini D [email protected] 9731871968
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected] -
7/31/2019 2nd Reviewed
2/24
Introduction
Information security has been purely defensive.
Firewalls, Intrusion Detection Systems, encryption
Detect any failures in the defense, and then react to
those failures.
Limitation: Is purely defensive, the enemy has the
initiative.
Solution: Honey nets
Honey net gather information about threats that exist.
2
-
7/31/2019 2nd Reviewed
3/24
Honeynet
Is a type of honey pot
Is a high-interaction honey pot designed to capture
extensive information on threats.
It provides real systems, applications, and services for
attackers to interact with.
Gains information about both external and internal
threats of an organization.
3
-
7/31/2019 2nd Reviewed
4/24
Problemdefinition
Hybrid peer to peer architecture to performattacks. Honeypot technique to defend such
kind of malware attacks and avoid the
malware attacks like.
4
-
7/31/2019 2nd Reviewed
5/24
Existing scheme
Dos attacks
Botmasters used botnet.
Many disadvantages
Solution: use hybrid peer to peer architecture.
5
-
7/31/2019 2nd Reviewed
6/24
Proposed system:
honey pot technique to defend the attacks.
honey pot to block the packets travelling
honey pot to defend malware attacks
hybrid peer to peer architecture
6
-
7/31/2019 2nd Reviewed
7/24
Objective
To know about the Hackers Activities andMotivation.
To allow the Hackers to hack the network andmonitoring the hackers activities.
To store the motivation of the hackers in the IDSdatabase.
Update the Security using the IDS information.
7
-
7/31/2019 2nd Reviewed
8/24
Data flow Diagrams
-
7/31/2019 2nd Reviewed
9/24
Data control
Data
control
Authorized
user
Unauthorized
user
Access
operation
Access
operation
Original Files
Firewall &
honey pot
Duplicate File
-
7/31/2019 2nd Reviewed
10/24
Store user
activity &motivation
10
Data Capture & Data Collection
Datacontrol
Data
Capture
&
DataCollectio
n
Authorized
user
Unauthorized
user
Various
analysis
methods
IDS to capture
host activities
-
7/31/2019 2nd Reviewed
11/24
11
Data Analysis
Data
control
Data
Capture
& Data
Collecti
on
Data
Analysis
Read
collected
data
Analyze
weakness in
existing
security
Analyze
hackers
action &
activity
Update toperformance
-
7/31/2019 2nd Reviewed
12/24
12
Data Encryption & Decryption
Datacontrol
Data
Capture
& Data
Collectio
n
Data
Analysis
Encryp
tion &
decrypt
ion
Authorized
user
Unauthorized
user
Access
resource file
Access
resource file
Encrypt &
decrypt a file
Encrypt &
decrypt a file
Original file
Duplicate file
IDS
-
7/31/2019 2nd Reviewed
13/24
13
Data
Analysis
Log & Alert System
Data
Capture
& Data
Collecti
on
Data
control
Encrypt
ion &
decrypti
on
Log &
alert
System
IDS to
generate
future
security
Log system
Alert system
Store hackers
motivation
Provide alert
message to
admin
-
7/31/2019 2nd Reviewed
14/24
Data Construct Specification
S. No FIELD NAME DATA TYPE1. User_id Number2. User_Name Text3. Password Text
S. No FIELD NAME DATA TYPE1. ID, key Number2. Source File Text3. Duplicate File Text
S. No FIELD NAME DATA TYPE1. User ID Number2. IP Address Number
SIZE
SIZE
40
50
30
20
250
250
40
32
SIZE
Name of the table: Login
Name of the table: Resources
Name of the table: IPadress
-
7/31/2019 2nd Reviewed
15/24
Modules
DATA CONTROL
DATA CAPTURE
DATA COLLECTION
DATA ANALYSIS
DATA ENCRYPTION / DECRYPTION
LOGS AND ALERT SYSTEM
-
7/31/2019 2nd Reviewed
16/24
DATA CONTROL:
This module provides control from unauthorized Access .
It allows authorized user to access the original file system.
The Firewall identifies the hackers and divert them to theduplicate File System.
Immediately, an alert is send to Honey Pot & to the
Log / Alert system, about the Hacker.
-
7/31/2019 2nd Reviewed
17/24
DATA CAPTURE:
This module allows to collect the data about the user
activities and motivation.
It stores the various methods used by the hacker and howis he breaking the security.
The data are all stored in the IDS to analyze Hackers
activities.
-
7/31/2019 2nd Reviewed
18/24
DATA COLLECTION:
Data from Various HoneyPot are colleted in a centralized
HoneyPot server.
The data are analyzed to know the attacks and hacker
motivation.
-
7/31/2019 2nd Reviewed
19/24
DATA ANALYSIS:
Read the collected data stored in the IDS.
Analyze the data to know about the hackers action andhow they are succeeded in their activities.
Analyze the Weakness of the Existing security.
Update the Security to improve performance of the presentsecurity.
-
7/31/2019 2nd Reviewed
20/24
DATA ENCRYPTION AND DESCRIPTION:
Blow Fish involves replacing each letter of the alphabetwith the letter standing k places further down the alphabet.
Encryption:
C = E (p) = (p +k) mod (26).
Decryption:
P = D(C) =(C-k) mod (26).
Where,
C = Cipher Text.
P = Plain Text.
K= Key
-
7/31/2019 2nd Reviewed
21/24
LOGS AND ALERT SYSTEM
The IDS system collect Hackers motivation for
future generation of security.
Log system stores all motivation of the hackers in the
IDS.
Alert provides alert message to administrator
regarding attack of the Hacker.
-
7/31/2019 2nd Reviewed
22/24
Conclusion
Botnets - potential for illicit financial gain, More honeypot-based detection and defense systems
to find ways to avoid honeypot traps in their botnets.
Software or hardware specific codes can be used todetect the honeypot virtual environment,
Rely on a more general principle to detect botnet
This project implements various means by which
attackers could detect botnet in their constructedbotnet based on this principle.
-
7/31/2019 2nd Reviewed
23/24
Bibliography
23
S. Kandula, D. Katabi, M. Jacob, and A. Berger, Botz-4-sale: Survivingorganized ddos attacks that mimic flash crowds, in 2nd Symposium on Networked
Systems Design and Implementation (NSDI), May 2005.
C. T. News, Expert: Botnets No. 1 emerging Internet threat, 2006,
http://www.cnn.com/2006/TECH/internet/01/31/furst/.
F. Freiling, T. Holz, and G. Wicherski, Botnet tracking: Exploring a root-cause
methodology to prevent distributed denial-of-service attacks, CS Dept. of RWTH
Aachen University, Tech. Rep. AIB-2005-07, April 2005.
D. Dagon, C. Zou, and W. Lee, Modeling botnet propagation using time zones,
in Proceedings of 13th Annual Network and Distributed System Security
Symposium (NDSS), Feburary 2006, pp. 235249.
-
7/31/2019 2nd Reviewed
24/24
Thank You