Beruflich Dokumente
Kultur Dokumente
Literature survey is the most important step in software development process. Before developing the tool it is necessary to determine the time factor, economy n company strength. Once these things r satisfied, ten next steps is to determine which operating system and language can be used for developing the tool. Once the programmers start building the tool the programmers need lot of external support. This support can be obtained from senior programmers, from book or from websites. Before building the system the above consideration are taken into account for developing the proposed system.We have to analysis the Secure computing
Data Location:
When user uses the cloud, user probably won$t know exactly where your data is hosted, what country it will be stored in% &ata should be stored and processed only in specific 'urisdictions as define by user. rovider should also make a contractual commitment to obey local privacy re(uirements on behalf of their customers,
&ata)centered policies that are generated when a user provides personal or sensitive information, that travels with that information throughout its lifetime to ensure that the information is used only in accordance with the policy
Policies Data
Backups of Data: &ata store in database of provider should be redundantly store in multiple physical locations. &ata that is generated during running of program on instances is all customer data and therefore provider should not perform backups. *ontrol of #dministrator on &atabases. Data Sanitization: !aniti"ation is the process of removing sensitive information from a storage device. What happens to data stored in a cloud computing environment once it has passed its user+s ,use by date What data saniti"ation practices does the cloud computing service provider propose to implement for redundant and retiring data storage devices as and when these devices are retired or taken out of service.
Network Security:
Denial of Service. where servers and networks are brought down by a huge amount of network traffic and users are denied the access to a certain /nternet based service.
Like DNS Hacking, 0outing Table , oisoning-,1&o! attacks QoS Violation. through congestion, delaying or dropping packets, or through resource hacking.
an in t!e
Solution. /nfrastructure will not permit an instance to send traffic with a source / or 3#* address other than its own.
$nformation Security:
!ecurity related to the information exchanged between different hosts or between hosts and users. This issues pertaining to secure communication, aut!entication, and issues concerning single sign on and "elegation. !ecure communication issues include those security concerns that arise during the communication between two entities.
These include confidentiality and integrity issues. *onfidentiality indicates that all data sent by users should be accessible to only ,legitimate- receivers, and integrity indicates that all data received should only be sent2modified by ,legitimate- senders. Solution: public key encryption, 1.567 certificates, and the !ecure !ockets Layer 8!!L9 enables secure authentication and communication over computer networks.
$ntro"uction
/ntruders on the /nternet often launch network intrusions indirectly, in order todecrease their chances of being discovered. One of the most common methodsused to evade surveillance is the construction of stepping stones. /n a stepping)stone attack, an attacker uses a se(uence of hosts on the /nternet as relay machines and constructs a chain of interactive connections using protocols such asTelnet or !!:. The attacker types commands on his local machine and then thecommands are relayed via the chain of <stepping stones= until they really reachthe victim. Because the victim only sees trace from the last hop of thechain of the stepping stones, it is difficult for the victim to learn any information about the true origin of the attack. The chaotic nature and sheer volume of the trace on the /nternet makes such attacks extremely difficult to record ortrace back.
&igital watermarking is the act of hiding a message related to a digital signal 8i.e. an image, song, video9 within the signal itself. /t is a concept closely related to steganography, in that they both hide a message inside a digital signal. :owever, what separates them is their goal. Watermarking tries to hide a message related to the actual content of the digital signal, while in steganography the digital signal has no relation to the message, and it is merely used as a cover to hide its existence. Watermarking has been around for several centuries, in the form of watermarks found initially in plain paper and subse(uently in paper bills. :owever, the field of digital watermarking was only developed during the last >5 years and it is now being used for many different applications.
/nternetworks
$ntro"uction
When simulating new congestion control, flow control, and adaptive routing algorithms one needs to model the overall pattern of traffic flowing through the network, from distribution of packet si"es and interarrival times, to characteristics such as distribution
of host reference patterns and direction of traffic flow. This paper presents an artificial workload model of widearea network traffic based upon application)level analysis of wide) area T* 2/ traces collected on two campus networks, the @niversity of !outhern *alifornia 8@!*9 and the @niversity of *alifornia at Berkeley 8@*B9, and one industrial research site, Bellcore.
'$'L(: .o&ust +orrelation of (ncrypte" #ttack 'raffic t!roug! Stepping Stones &y /low )atermarking #&stract
?etwork)based intruders seldom attack their victims directly from their own computer. Often, they stage their attacksthrough intermediate ,stepping stones- in order to conceal their identity and origin. To identify the source of the attack behind thestepping stone8s9, it is necessary to correlate the incoming and outgoing flows or connections of a stepping stone. To resist attempts atcorrelation, the attacker may encrypt or otherwise manipulate the connection traffic. Timing)based correlation approaches have been shown to be (uite effective in correlating encrypted connections. :owever, timing)based correlation approaches are sub'ect to timingperturbations that may be deliberately introduced by the attacker at stepping stones. /n this paper, we propose a novel watermark based correlation scheme that is designed specifically to be robust against timing perturbations. @nlike most previous timing)basedcorrelation approaches, our watermark)based approach is ,active- in that it embeds a uni(ue watermark into the encrypted flows byslightly ad'usting the timing of selected packets. The uni(ue watermark that is embedded in the encrypted flow gives us a number ofadvantages over passive timing)based correlation in resisting timing perturbations by the attacker. /n contrast to the existing passivecorrelation approaches, our active watermark)based correlation does not make any limiting assumptions about the distribution orrandom process of the original interpacket timing of the packet flow. /n theory, our
watermark)based correlation can achieve arbitrarilyclose to >66 percent correlation true positive rate 8T 09, and arbitrarily close to 6 percent false positive rate 8A 09 at the same time forsufficiently long flows, despite arbitrarily large 8but bounded9 timing perturbations of any distribution by the attacker. Our paper is thefirst that identifies >9 accurate (uantitative tradeoffs between the achievable correlation effectiveness and the defining characteristicsof the timing perturbationB and C9 a provable upper bound on the number of packets needed to achieve a desired correlationeffectiveness, given the amount of timing perturbation. 4xperimental results show that our active watermark)based correlationperforms better and re(uires fewer packets than existing, passive timing)based correlation methods in the presence of random timingperturbations./ndex TermsD?etwork)level security and protection, intrusion tracing, correlation, stepping stone.
$N'.0D1+'$0N
?4TWO0E)B#!4& attacks have become a serious threat tothe critical information infrastructure on which wedepend. To stop or repel network)based attacks, it is critical to be able to identify the source of the attack. #ttackers,however, go to some lengths to conceal their identities andorigin, using a variety of countermeasures. #s an example,they may spoof the / source address of the attack traffic.3ethods of tracing spoofed traffic, generally known as/ traceback have been developed toaddress this countermeasure. #nother common and effective countermeasure used bynetwork)based intruders to hide their identity is to connectthrough a se(uence of intermediate hosts, or stepping stones,before attacking the final target. Aor example, an attacker athost # may telnet or !!: into host B, and from there,launch an attack on host *. /n effect, the incoming packetsof an attack connection from # to B are forwarded by B, andbecome outgoing packets of a connection from B to *. Thetwo connections or flows are related in such a case. Thevictim host * can use / traceback to determine the secondflow originated from host B, but traceback will not be ableto correlate this with the attack flow originating fromhost #. To trace attacks through a stepping stone, it isnecessary to correlate the incoming traffic with the outgoingtraffic at the stepping stone. This would allow the attack tobe traced back to host # in the example.The earliest work on connection correlation was based ontracking user+s login activities at different hosts.Later work relied on comparing the packet contents, orpayloads of the connections to be correlated. 3ostrecent work has focused on the timing characteristics, of
connections, in order to correlateencrypted connections 8i.e., traffic encrypted using / !4* or !!:. Timing)based correlation approaches, however, aresensitive to the use of countermeasures by the attacker, oradversary. /n particular, the attacker can perturb the timingcharacteristics of a connection by selectively or randomlyintroducing extra delays when forwarding packets at thestepping stones. This kind of timing perturbation willadversely affect the effectiveness of any timing)basedcorrelation. Timing perturbation can either make unrelatedflows have similar timing characteristics, or make relatedflows exhibit different timing characteristics.