Network Intrusion Detection on Poractive Mechanism

Question: Discuss about the Network Intrusion Detection on Poractive Mechanism. Answer: Introduction: Before a detailed discussion about the issue of social engineering on the context of cyber security is done, it is very important to understand what social engineering connotes. It is a skill of manoeuvring individuals in such a manner that they end up compromising upon the private and secret information they possess. The kind of data that these hackers try to take out of the people is different and circumstantial. Generally these criminals are trying to ploy to get hold of passwords and bank account details or get an access to the system so as to inject malware and thus get a hold over ones system. Therefore criminals and attackers usually take recourse into social engineering methods as they find it easy to take advantage of the trust people entrust on a person. The biggest problem that can be understood is the blind trust that a person puts upon another thereby ending up disclosing such information which are highly confidential in nature ((Kumar et.al. 2015). Thus without knowing the background of a person thoroughly, if a person is being trusted then there are high chances of facing vulnerable consequences. There are various ways and means through which social engineering attacks in context to cyber security are being made. First and one of the easiest ways is by sending emails. If the attacker gets hold of an email password of a person, then he can get an access to the entire contact list as well and many a times a way to even hack the bank accounts as well. Thus once the hacker has a particular email id under his control then he may end up sending mails from that id to the people stored in the contact list containing such malicious software or illegitimate data such as asking for donation for a charitable trust(Conteh Schmick 2016). The attacker may send a link to the contact list people and they trusting the fact that it has come from their friend, may end up opening the same which would lead to giving access to the criminal to the other persons system as well. Second technique is known as phishing wherein the attacker usually sends mails, comments or such text messages that seem to have been sent via a lawful and trustworthy source. Such messages may contain information about any incident, or requesting for help or even making a person feel that he has won a lottery (Rader, Rahman, 2013). These two are the most common ways of attacking the peoples trust. There are various ways corroborated to deal with such social engineering cyber attacks. One of the most common is education and awareness. People should be educated and trained from time to time not to disclose their confidential data to anyone but only for themselves. Further data should not be shared via messenger or chats or phone calls to person they do not know or whose activities create suspicion in our minds. If any mail is being received from a person who is unknown, such mails should be immediately deleted or if it has come from a known source but seems to be unusual evsoftware. en then the same should not be clicked as it may be a malware attack. One should not click on links which mentions incorrect spellings or is not from the official website of the companies. Further to his one of the recent techniques adopted by various companies to deal with the issue of baiting is blocking of insertion of USB devices as baiting is known to be the digital equivalent of an online Trojan Horse wherein the criminals prompt illegal messages luring the users to plug in their USB devices and in turn hack the system (Perlman 2014). Lastly, the future of data hacking is so strong and detrimental that a twin authentication factoring is a must so as to make it very difficult for the attackers to become a part of the organizations IT system. Prior to understanding the meaning and schemes of symmetric and asymmetric encryption it is crucial to know the meaning of encryption. The said term is being used since ancient times for security purposes during war times. It basically is a procedure of encoding messages so as to fool the other parties. Thus in terms of information system it is rightly said to be a method of converting normal text data into such a form with the help of varying algorithms so that it is not understandable by any layman. Thus it is a methodology basically used for safeguarding confidential data from being stolen or mishandled (Rouse, 2013). There are two ways of encryption i..e symmetric and asymmetric. The former method of encryption is an easy and a faster one wherein a common key is used for both encryption as well as decryption of information. The said key can be any numeric value, alphanumeric or a word which is used to alter the text of the message being sent in a specific manner. But since the sender and receiver of message are aware of the key they can easily decode the message. However the biggest drawback of the said method encryption is the fact that the key has to be exchanged between the two parties in a secret manner so that the same is not leaked (Bisht Singh, 2015). However an asymmetric method of encryption offers two different keys for encoding and decoding messages. A public key is used for encoding the text message whereas a private key is used for decoding the same at the other end. Thus unlike the symmetric cryptography, the said method is slow due to heavy computational load. The most widely used symmetric keys are DES,3DES, AES and RC4 and asymmetric keys ar e Diffie-Hellman and RSA. Due to the same, the symmetric method is used for transmitting huge volumes of information whereas the asymmetric methodology is applied for interchanging confidential keys (Higashi, 2013). The main strong point for using asymmetric method of encryption is that it has the potential to sustain a safe channel above the unsafe mode such as the internet. The same happens by sharing only the public keys which used only for encryption and the private keys used for decryption is not exchanged thus ensuring greater amount of safety in comparison to the symmetric mode of cryptography. However both methods can be attacked by criminals. Brute-force attack is one of the most common method of attacking and braking through a symmetric encryption system wherein all the possible combinations are tried using a trial and error method. Therefore to ensure that such an attack is prevented successfully, the key size should be adequately long thus presently the AES algorithm of 256- bit key is found to be one of the most secured amongst all. When it comes to attacking a symmetric cryptosystem, the most successful way to intervene into a RSA system is through the method of factoring of RSAs p ublic module which is a huge number string. Presently, for implementing a RSA system, 2048 bit key is said to be the most secured and more highly confidential data such as national security information, a 4096 bit key is said to be the safest although very expensive (Triparthi, Agarwal, 2014). Thus on comparing the two systems it can be construed that although both the methods are safe yet have their own usability and hence depending on the usage, the choice of cryptography should be made else it would turn out to be very expensive. Importance of the security of the network cannot be under estimated as presently this is the most crucial requirement. Various techniques have been used for ensuring that the data is being kept in safe and secure manner. One of the most talked about method is the Network Intrusion Detection System (NIDS). Various algorithms and techniques have been found out and developed which can discover and fight against the various security threats. However, NIDS has been the most success amongst many. A NIDSs main goal is to sense the potential invasions into the system such as through any unlawful acts or via viruses thus signalling the required people about such a mishap (Zuech et.al. 2015). It keeps vigilance over the data packets being exchanged via a particular network thus keeping a track of the suspicious data being sent. A bigger NIDS can be installed on the links of the backbone network so as to keep a check on all exchanges happening and also it can be setup on the centralised or the mains server which would scan all the data, find out any malicious acts and thus ensure data reliability is maintained (Kumar, 2007). However, the current trends show some issues in the NIDS. One of the major limitations is the problem of raising alarms when not needed. Many a times it raises an alarm for such traffic which is not harmful to the system. However the NIDS can be reconfigured so as to deal with the said problem to some extent but not in totality. Further to this, in order to keep a record of the TCP/IP connection, the main network must ensure to keep a track of all single TCP/IP envelopes (Lohiya et.al. 2015). But there may be a situation when a particular TCP envelop gets reordered or mingled wherein the receiver end may have to reorder the entire packet with the help of a packet sequence number. In such a case attacks such as tear drop try to confuse the procedure of reassembling the stream by forming a cushion spread out with the help of malicious packets or envelops. Unfortunately the main packet does not look any different from an ordinary one so much the system fails to find out the said attack. The current issues related to NIDS has made it a compulsion for the increased interference of the human communication for effective operations. Although NIDS has the potential of connecting the various attacks on various machines in a particular network system but at the same time it lacks in determination of the main procedures which is happening on the main system (Sharma Kaur 2014). Thus the said report highlighted in a very brief and crisp manner what a NIDS is and the current issues. Yet it would be incorrect to say that NIDS has no future since it offers an array of methods to protect the system from various vulnerabilities. However the successful futures without much glitches lies in the fact that the said system of detection should be standardised. References: Kumar,S. (2007). Survey of Current Network Intrusion Detection Techniques. Retrieved from https://www.cse.wustl.edu/~jain/cse571-07/ftp/ids/ Lohiya,R. Varma,P. Patel,Y. (2015). Current Trends in Network Intrusion Detection Techniques. International Journal of Computer Sciences Communication Networks. 5(2). 72-78 Sharma,M. Kaur,T. (2014). A Study on Network Intrusion Detection Based on Poractive Mechanism. International Journal of Emerging Research in Management Technology. 3(1). 9-15 Zuech,R. Khoshgoftaar,T.M. Wald,R. (2015). Intrusion detection ad Big Heterogeneous Data: a Survey. Journal of Big Data. 2(3). Retrieved from https://journalofbigdata.springeropen.com/articles/10.1186/s40537-015-0013-4 Bisht,N. Singh,S. (2015). A Comparative Study of Some Symmetric and Asymmetric Key Cryptography Algorithms. International Journal of Innovative Research in Science Engineering and Technology. 4(3). 1028-1031 Higashi,M. (2013). Symmetric vs Asymmetric Encryption Which Is Best?. Retrieved from https://www.ciphercloud.com/blog/cloud-information-protection-symmetric-vs-asymmetric-encryption/ Rouse,M. (2013). Encryption. Retrieved from https://searchsecurity.techtarget.com/definition/encryption Triparthi,R. Agarwal,S. (2014). Comparative Study of Symmetric and Asymmetric Cryptography Techniques. International Journal of Advance Foundation and Research in Computer. 1(6). 68-76 Conteh,N.Y. Schmick, P.J. (2016). Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research. 6(23). 31-38 Kumar,A., Chaudhary,M. Kumar, N. (2015). Social Engineering Threats And Awareness : A Survey. European Journal of Advances in Engineering and Technology. 2(11). 15-19 Perlman,M. (2014). 8 Tips to Prevent Social Engineering Attacks. Retrieved from https://lightcyber.com/8-tips-to-prevent-social-engineering-attacks/ Rader, M.A. Rahman, S.M. (2013). Exploring Historical And Emerging Phishing Techniques And Mitigating The Associated Security Risks. International Journal of Network Security Its Application. 5(4). 23-41