ISO: 9001Certified
STM Journals
ISSN 2395-6739 (Online) ISSN 2321-8517 (Print)
Empowering knowledge
Free Online Registration
22
September–December 2016 /
Ch
Energy /
/
/ Instrumentation /Science
GLOBAL READERSHIP STATISTICS
conducted
Over 500 Indian and International Subscribers. 30,000 Top Researchers, Scientists, Authors and Editors All Over the World Associated. Editorial/ Reviewer Board Members : 1000+. 1,00,000+ Visitors to STM Website From 140+ Countries Quarterly. 10,000 + Downloads from STM Website.
STM Journals invites the papers from the National Conferences, International Conferences, Seminars conducted by Colleges, Universities, Research Organizations etc. for Conference Proceedings and Special Issue. ŸSpecial Issues come in Online and Print versions. ŸSTM Journals offers schemes to publish such issues on payment and gratis (online) basis as well.
STM JOURNALS Scientific
To g e t m o r e i n f o r m a t i o n : stmconferences.com
Technical
Medical
www.stmjournals.com
STM Journals STM Journals, a strong initiative by Consortium E-Learning Network Private Ltd. (established 2006), was launched in the year 2010 under the support and guidance by our esteemed Editorial and Advisory Board Members from renowned institutes. Objectives:
Promotion of Scientific, Technical and Medical research.
Publication of Original Research/Review, Short Articles and Case Studies through Peer Review process.
Publishing Special Issues on Conferences.
Preparing online platform for print journals.
Empowering the libraries with online and print Journals in Scientific, Technical and Medical domains.
Publishing and distribution of books on various subjects in the category of Nanotechnology, Scientific and Technical Writing, and Environment, Health and Safety.
Salient Features:
A bouquet of 100+ Journals that fall under Science, Technical and Medical domains.
Employs Open Journals System (OJS)—a journal management and publishing system.
The first and one of the fastest growing publication website in India as well as in abroad for its quality and coverage.
Rapid online submission and publication of papers, soon after their formal acceptance/finalization.
Facilitates linking with the other authors or professionals.
Worldwide circulation and visibility.
Journal of Network Security ISSN: 2395-6739(online), ISSN: 2321-8517(print)
Focus and Scope Covers
Internet, Network and Wireless Network Security& Applications
Mobile, Sensor Network, Database and System Security
Virus, worms, Trojan Protection, E-mail security, Spam, Phishing and E-mail fraud
Security threats & countermeasures (DDoS, MiM, Session Hijacking, Replay attack etc,)
Cryptographic protocols
Intrusion Detection and Prevention
Journal of Network Security is published (frequency: three times a year) in India by STM Journals (division of Consortium e-Learning Network Private Ltd. Pvt.) The views expressed in the articles do not necessarily reflect of the Publisher. The publisher does not endorse the quality or value of the advertised/sponsored products described therein. Please consult full prescribing information before issuing a prescription for any products mentioned in this publication. No part of this publication may be reproduced, stored in retrieval system or transmitted in any from without written permission of the publisher. To cite any of the material contained in this Journal, in English or translation, please use the full English reference at the beginning of each article. To reuse any of the material, please contact STM Journals (info@stmjournals.com)
STM Journals (division of Consortium e-Learning Network Private Ltd. ) having its Marketing office located at Office No. 4, First Floor, CSC pocket E Market, Mayur Vihar Phase II, New Delhi-110091, India is the Publisher of Journal. Statements and opinions expressed in the Journal reflect the views of the author(s) and are not the opinion of STM Journals unless so stated. Subscription Information and Order: National Subscription: Print - Rs 3750/- per Journal ( includes 3 print issues), Single Issue copy purchase: Rs 1500. Online - Rs 3750/- per Journal inclusive Service Tax ( includes 3 online issues), Single Issue purchase: Rs 1500
inclusive Service Tax Print + Online - Rs 5000/- per Journal inclusive Service Tax ( includes 3 print & online issues). International Subscription: Online Only- $199, Print Only-$299 (includes 3 print issues) Online + Print-$399 (includes 3 print issues + online access of published back volumes )
To purchase print compilation of back issues please send your query at info@stmjournals.com Subscription must be prepaid. Rates outside of India includes delivery. Prices subject to change without notice. Mode of Payment: At par cheque, Demand draft, and RTGS (payment to be made in favor of Consortium E-Learning Network. Pvt. ltd., payable at Delhi/New Delhi. Online Access Policy A). For Authors: In order to provide maximum citation and wide publicity to the authors work, STM Journals also have Open Access Policy, authors who would like to get their work open access can opt for Optional Open Access publication at nominal cost as follows India, SARC and African Countries: INR 2500 or 100 USD including single hard copy of Author's Journal. Other Countries: USD 200 including single hard copy of Author's Journal. B). For Subscribers: Online access will be activated within 72 hours of receipt of the payment (working days), subject to receipt of
correct information on user details/Static IP address of the subscriber. The access will be blocked: If the user requests for the same and furnishes valid reasons for blocking. Due to technical issue. Misuse of the access rights as per the access policy.
Advertising and Commercial Reprint Inquiries: STM Journals with wide circulation and visibility offer an excellent media for showcasing/promotion of your products/services and the events-namely, Conferences, Symposia/Seminars etc. These journals have very high potential to deliver the message across the targeted audience regularly with each published issue. The advertisements on bulk subscriptions, gift subscriptions or reprint purchases for distribution etc. are also very welcome. Lost Issue Claims: Please note the following when applying for lost or missing issues: Claims for print copies lost will be honored only after 45 days of the dispatch date and before publication of the
next issue as per the frequency. Tracking id for the speed post will be provided to all our subscribers and the claims for the missing Journals will
be entertained only with the proofs which will be verified at both the ends. Claims filed due to insufficient (or no notice) of change of address will not be honored. Change of Address of Dispatch should be intimated to STM Journals at least 2 months prior to the dispatch
schedule as per the frequency by mentioning subscriber id and the subscription id. Refund requests will not be entertained.
Legal Disputes All the legal disputes are subjected to Delhi Jurisdiction only. If you have any questions, please contact the Publication Management Team: info@stmjournals.com; Tel : +91 0120-4781211.
PUBLICATION MANAGEMENT TEAM Chairman Mr. Puneet Mehrotra Director
Group Managing Editor Dr. Archana Mehrotra Managing Director CELNET, Delhi, India
Internal Members Gargi Asha Jha Manager (Publications)
Quaisher J Hossain Senior Editor Senior Associate Editors
Himani Pandey Isha Chandra
Meenakshi Tripathi Shivani Sharma
Associate Editors Shambhavi Mishra
Sugandha Mishra
External Members Bimlesh Lochab Assistant Professor Department of Chemistry School of Natural Sciences, Shiv Nadar University Gautam Buddha Nagar, Uttar Pradesh, India
Dr. Rajiv Prakash Professor and Coordinator School of Materials Science and Technology Indian Institute of Technology (BHU), Varanasi Uttar Pradesh, India
Prof. S. Ramaprabhu Alternative Energy and Nanotechnology Technology Laboratory, Department of Physics Indian Institute of Technology, Chennai Tamil Nadu, India
Dr. Khaiser Nikam Professor, Library and Information Science Department of Library and Information Science University of Mysore Mysore, India
Dr. Yog Raj Sood Dean (Planning and Development) Professor, Department of Electrical Engineering National Institute of Technology, Hamirpur Himachal Pradesh, India
Prof. Chris Cannings Professor, School of Mathematics and Statistics University of Sheffield, Sheffield United Kingdom
Dr. Rakesh Kumar Assistant Professor Department of Applied Chemistry BIT Mesra, Patna, Bihar, India
Dr. Durgadas Naik Associate Professor (Microbiology) Management and Science University, University Drive, Seksyen13 Selangor, Malaysia
Prof. José María Luna Ariza Department of Computer Sciences and Numerical Analysis Campus of Rabanales University of Córdoba, Spain
Dr. D. K. Vijaykumar MS, MCh (Surgical Oncology), Professor and Head Department of Surgical Oncology Amrita Institute of Medical Sciences and Research Centre Ponekkara, Cochin, Kerala, India
STM JOURNALS
ADVISORY BOARD Dr Baldev Raj
Dr. Hardev Singh Virk
Director, National Institute of Advanced Studies Indian Institute of Science campus Bangalore Karnataka, India Former Director Indira Gandhi Centre for Atomic Research, Kalpakkam, Tamil Nadu, India
Visiting Professor, Department of Physics University of SGGS World University Fatehgarh Sahib, Punjab, India Former Director Research DAV Institute of Engineering and Technology Jallandhar, India
Dr. Bankim Chandra Ray Professor and Ex-Head of the Department Department of Metallurgical and Materials Engineering National Institute of Technology, Rourkela Odisha, India
Prof. D. N. Rao Professor and Head Department of Biochemistry All India Institute of Medical Sciences New Delhi, India
Dr. Pankaj Poddar
Dr. Nandini Chatterjee Singh
Senior Scientist Physical and Materials Chemistry Division, National Chemical Laboratory Pune, Maharastra India
Additional Professor National Brain Research Centre Manesar, Gurgaon Haryana, India
Prof. Priyavrat Thareja
Dr. Ashish Runthala
Director Principal Rayat Institute of Engineering and Information Technology Punjab, India
Lecturer, Biological Sciences Group Birla Institute of Technology and Science Pilani, Rajasthan, India
Dr. Shrikant Balkisan Dhoot
Prof. Yuwaraj Marotrao Ghugal
Senior Research Scientist, Reliance Industries Limited, Mumbai, India Former Head (Research and Development) Nurture Earth R&D Pvt Ltd., MIT Campus Beed Bypass Road, Aurangabad Maharashtra, India
Professor and Head Department of Applied Mechanics Government College of Engineering Vidyanagar, Karad Maharashtra, India
STM JOURNALS
ADVISORY BOARD Dr. Baskar Kaliyamoorthy
Dr. Shankargouda Patil
Associate Professor Department of Civil Engineering National Institute of Technology, Trichy Tiruchirappalli, Tamil Nadu, India
Assistant Professor Department of Oral Pathology KLE Society's Institute of Dental Sciences Bangalore, Karnataka, India
Prof. Subash Chandra Mishra
Prof. Sundara Ramaprabhu
Professor Department of Metallurgical and Materials Engineering National Institute of Technology, Rourkela Odisha, India
Professor Department of Physics Indian Institute of Technology Madras Chennai, Tamil Nadu India
Dr. Rakesh Kumar Assistant Professor Department of Applied Chemistry Birla Institute of Technology Patna, Bihar, India
Editorial Board
Dr. Gunamani Jena
Dr. Divakar Singh Yadav Dept. of Computer Science & Engineering, Institute of Engineering and Technology UP Technical University, Lucknow, India
ME CSE, PhD, FIE, MIEEE, LMISTE, MCSI, India
Maj. Gen Anil kumar Jain Amity University, India
Department of Electrical and Instrumentation Engineering, Thapar University, Patiala Punjab, India
Senthil Kumar A.V.
Dept. of Mathematics, UCLA, Los Angeles, CA 90095, USA, United States
Yaduvir Singh
Dr. Mark Burgin Hindusthan College of Arts and Science, Coimbatore, India
Prof. Prasanta K. Jana Indian School of Mines, Dhanbad
Dr. Adesh Kumar Sharma National Dairy Research Institute (Deemed University), Indian Council of Agriculture, Haryana, India
Dr. B.L. Shivakumar Assoc. Prof., Dept. of Computer Applications, Sri Ramakrishna Engineering College, NGGO Colony Post, Coimbatore, India
Director's Desk
STM JOURNALS
It is my privilege to present the print version of the [Volume 4 Issue 3] of our Journal of Network Security, 2016. The intension of JoNS is to create an atmosphere that stimulates vision, research and growth in the area of Network security. Timely publication, honest communication, comprehensive editing and trust with authors and readers have been the hallmark of our journals. STM Journals provide a platform for scholarly research articles to be published in journals of international standards. STM journals strive to publish quality paper in record time, making it a leader in service and business offerings. The aim and scope of STM Journals is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high level learning, teaching and research in all the Scientific, Technical and Medical domains. Finally, I express my sincere gratitude to our Editorial/ Reviewer board, Authors and publication team for their continued support and invaluable contributions and suggestions in the form of authoring writeups/reviewing and providing constructive comments for the advancement of the journals. With regards to their due continuous support and co-operation, we have been able to publish quality Research/Reviews findings for our customers base. I hope you will enjoy reading this issue and we welcome your feedback on any aspect of the Journal.
Dr. Archana Mehrotra Managing Director STM Journals
Journal of Network Security
Contents
1. Mobile Ad Hoc Network Gray Hole and Black Hole Attack Detection and Defences: Review Ashish Jain, Shashank Gahoi
1
2. Selfish Node Detection in Opportunistic Networks Vikram, Sandeep Kumar
7
3. Examining the Effects of MIST in RSA and CRT-RSA to Resist Power Analysis Attacks Ajoy Kumar Khan, Hridoy Jyoti Mahanta
11
4. An Innovative Methodology to Detect and Prevent Black Hole Attacks in Wireless Sensor Networks Avneet Kaur, Mandeep Kaur
23
5. Design and Performance Comparison of Secure Routing Protocol in Integrated UMTS and WLAN Ad Hoc Networks Shashank Tripathi, A.K. Jain
28
6. Secure and Parallel Access Mechanism for Network File System Raju Dara, T. Sowjanya
42
7. Vulnerability Assessment and Management Using Qualys Guard Shashank Gahoi, Ashish Jain
49
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print) Volume 4, Issue 3 www.stmjournals.com
Mobile Ad Hoc Network Gray Hole and Black Hole Attack Detection and Defences: Review Ashish Jain1, Shashank Gahoi2,*
1
Department of Computer Engineering, Institute of Engineering and Technology, Devi Ahilya University, Indore, Madhya Pradesh, India 2 Department of Information Technology, Institute of Engineering and Technology, Devi Ahilya University, Indore, Madhya Pradesh, India
Abstract Mobile ad hoc network (MANET) is an infrastructure less dynamic network which is created on demand. MANET is an assembly of mobile nodes which is a temporary network. Mobile nodes frequently come and go out of the network. Because of self-motivated or mobility in nature, nodes are very important factor for the security perspective. In this paper, a review on a various type of network attacks, such as black hole attack, gray hole attack, worm hole attack an many other attacks, which are most dangerous threats for MANET. In this paper, we have presented a review on eliminating and defensive techniques for such kind of attacks in the MANET. Keywords: Mobile ad hoc network (MANET), gray hole attack , black hole attack, AODV (ad hoc on demand distance vector) routing protocol
INTRODUCTION
Mobile ad hoc network (MANET) is distinguishable from the cellular network (Figure 1). Since it is not depended on infrastructure and it is not static network. It is a gathering of autonomous hubs that speak with one another through radio waves. Ad hoc network system needs a particular security system but there is no single approach as the nodes can be any device. Each node in the network behaves like a station or router. Nodes can communicate directly to other node if they are in the radio coverage range of each other otherwise uses the multihop concept. Each node participates in the routing and the performance depends upon the cooperation between the mobile nodes [1].
been done to provide security to the routing but none of them provides the security at a good level. So, these protocols are more concerned of being attacked by various kind of network attack. Malicious selfish nodes affect the mobile ad hoc network. There are some dangerous kind of attack such as DOS (denial of service) attack, gray hole (selective forwarding) attack, black hole (packet dropping) attack, worm hole attack, flooding (RERP) attack, Byzantine attack, Sybil attack, etc. MANET has disadvantages also, such as dynamic changing topologies, limited battery power and limited bandwidth. So, these make the routing more difficult in MANET. In this paper, we have deliberated common network attacks such as black hole attack, gray hole attack in mobile ad hoc network and given a countermeasures and techniques to detect and prevent these kind of attack [2]. This paper is arranged as the gray hole and black hole attack is explained in the upcoming heading, and the defences along with techniques to prevent these attacks is discussed later in the paper.
Fig. 1: Mobile Ad hoc Network. Routing has been more critical part of this network. Sophisticated amount of work has
JoNS (2016) 1-6 Š STM Journals 2016. All Rights Reserved
Page 1
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print) Volume 4, Issue 3 www.stmjournals.com
Selfish Node Detection in Opportunistic Networks Vikram, Sandeep Kumar
Department of Computer Science, Ganpati Institute of Technology and Management, Kurukshetra University, Kurukshetra, Haryana, India
Abstract In recent years, Opportunistic Networks (OPPNET) are grown at very fast rate. These networks are designed for the areas in which no end-to-end connectivity is available for communication. OPPNET works on the principle of store carry and forward mechanism. Transmission of messages takes place through intermediate nodes in OPPNET. It means that OPPNET depends on intermediate nodes. If any intermediate nod behaves maliciously then data transmission may cause. This paper presents selfish node attack and impact of this attack. Next, we discussed various existing techniques that are designed to deal with selfish node. Keywords: OPPNET (Opportunistic Networks), Selfish node, Selfishness, Reputation and Credit
INTRODUCTION
Opportunistic Networks (OPPNET) is an intermittently linked Network where the endto-end ways may not exist and correspondence routes might just be accessible through time and versatility. Because of absence of reliable availability, OPPNET uses store carry and forward mechanism, i.e., in the wake of accepting a few bundles, a node carried them until it contacts another node and afterward advances the messages. Since OPPNET routing depends on portable nodes to forward bundles for one another, the directing execution (e.g., the quantity of messages conveyed to their destinations) relies on upon whether the nodes interact with one another or not [1]. If these intermediate nodes behave maliciously then security of network may be caused by malicious node. There are number of malicious attacks occurred in network it may be black hole attack worm hole attack and selfish node attack. In this paper, we only deal with selfish node attack. Selfish nodes are nodes whose aim is to drop every packets received from neighbour node because to send their packets they consumed there battery and to save their energy they drops the packets. Node selfishness may be called when a node does not perform its required task. Selfishness may be of two types.
In first type, selfish node cannot forward the packet and store packet into its own buffer. In second type, selfish node drops all the packets received from previous nodes. A selfish node may become selfish because of strategic conditions of network, limited storage space and limited battery life [2]. Types of Selfishness Social Selfishness: In social selfishness, nodes forward the packets of those nodes having good interaction with each other. We can say that a group of nodes known each other can communicate and transmit messages within their particular group. Individual Selfishness: In individual selfishness nodes cannot send packet to any node except its own packets [3, 4]. The Classification of Selfish Behavior is given in Figure 1. Non-forwarding of messages and dropping of messages: Non-forwarding of messages means that a selfish nodes that refuses to transmit messages are come in the category of nonforwarding of messages. Dropping of messages means nodes drops the messages after receiving messages from previous nodes [4].
JoNS (2016) 7-10 Š STM Journals 2016. All Rights Reserved
Page 7
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print) Volume 4, Issue 3 www.stmjournals.com
Examining the Effects of MIST in RSA and CRT-RSA to Resist Power Analysis Attacks Ajoy Kumar Khan,* Hridoy Jyoti Mahanta Department of Computer Science and Engineering, Assam University, Silchar, Assam, India Abstract The need of security has turned into a vital area of research in domain of computer science. The evolution of side channel attacks has challenged the vulnerability of almost all the symmetric and asymmetric cryptographic techniques available worldwide. This has raised the urgency in designing mitigation techniques against such volatile attacks. Power analysis attacks, which is the most popular side channel attacks has proved to be a challenge for most of the common cryptosystems like AES, DES, RSA, ECC, etc. MIST is an algorithm which was designed for computing exponentiation. As the most important operation of RSA is the modular exponentiation for encryption and decryption, MIST can play an important role in designing modified RSA to resist power analysis attacks. We have extended our work CRTRSA, which is more widely used in computation. The analysis results shows that modified RSA can perform better in computing RSA specially when CRT is has been used. Keywords: Power analysis attacks, cryptosystems, RSA, RSA-CRT, MIST, performance
INTRODUCTION
Security has been the most important component in technological scenario as it is responsible for securing all information passed through networked computers. Cryptographic algorithm has been widely used in network computers for secure transactions of secret information. But despite of these various security schemes provided by different cryptosystems, attackers have been successful to find a loophole to break the security of these systems. Side-channel attacks (SCA) are closely related to the existence of physically observable phenomenon caused by the execution of computing tasks in present microelectronic devices. Side channel attacks are those attacks that are based on Side Channel Information. Side channel information is that information that can be retrieved from the microelectronic devices without any temperament in the device. Presently the Cryptographic devices are under the potential threat of side channel attacks. Side channel attacks are powerful methods to recover sensitive data of cryptographic devices. In cryptography, a side-channel attack is a kind of attack that based on information gained from the physical implementation of a cryptosystem, rather than brute force or
theoretical weaknesses in the algorithms. For example, timing information, power consumption, electromagnetic leaks or even sound can provide an extra-source of information, which can be exploited to break the system some side channel attacks require technical knowledge of the internal operation of the system. Attackers use some or all of these side channel information along with other cryptanalytic techniques to reveal the secret key that using by the device. Side channel analysis techniques are of high concern because these attacks can be mounted quickly. Power analysis attacks have been demonstrated as one of the most powerful attacks for most straightforward implementation of symmetric and asymmetric cipher. Power analysis attacks are based on the analysis of power consumption of a cryptographic device. Execution of cryptographic algorithms consumes power, these power consumption acts as side channel information. Power consumption of a device depends on data it processes and operations it performs. Cryptographic algorithms such as Advanced Encryption Standard (AES), Data Encryption Standard (DES), Rivest-ShamirAdleman (RSA), etc. are implemented in
JoNS (2016) 11-22 Š STM Journals 2016. All Rights Reserved
Page 11
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print) Volume 4, Issue 3 www.stmjournals.com
An Innovative Methodology to Detect and Prevent Black Hole Attacks in Wireless Sensor Networks Avneet Kaur*, Mandeep Kaur
Department of Computer Science and Engineering, Chandigarh Group of Colleges, Landran, Punjab, India
Abstract Due to the particular characteristics, wireless sensor network (WSN) is severely unsafe and are receptive malicious attacks. One amongst the foremost malicious threats to WSN is within the sort of part attack that focuses on the routing protocols. This genre of attacks will have an awfully serious impact on ranked routing protocols. A range of security solutions is place forth to safeguard WSNs from part attacks. However, a majority of the solutions are cumbersome and vitality inefficient. During this paper, an jury-rigged classified energy efficient black hole detection & interference model is planned to guard device network from part attacks. Our planned approach is straightforward and relies on reserve path choice between device node and base station. The results show that our planned algorithmic program is effective in detection and preventing with efficiency the part attacks. Keywords: WSN, black hole attack, networking, attack detection, routing
INTRODUCTION
In latest analysis on wireless sensor network (WSN), the researchers arrange to conclude and overcome limitations of the wireless device networks such as restricted energy resources, varied energy consumption supported location, high value of transmission, and restricted process capabilities. All of those characteristics of wireless device networks area unit complete opposites of their wired network counterparts, within which energy consumption is not a problem, transmission value is comparatively low cost, and therefore the network nodes have lots of process capabilities [1]. Routing approaches that have worked thus well in ancient networks for over twenty years would not do for this new generation of networks. Besides increasing the time period of the device nodes, it is preferred to distribute the energy dissipated throughout the wireless device network so as to attenuate maintenance and maximize overall system performance. Any communication protocol that involves synchronization between peer nodes incurs some overhead of fixing the communication. WSN routing or agglomeration protocols confirm whether or not the advantages of additional complicated routing algorithms overshadow the additional management messages every node must
communicate. Every node may create the foremost hip to call concerning its communication choices if they had complete information of the complete constellation and power levels of all the nodes within the network [2]. This so proves to yield the most effective performance if the synchronization messages do not seem to be taken into consideration. However, since all the nodes would continually have to be compelled to have world information, the price of the synchronization messages would ultimately be terribly high-priced [3]. For each the diffusion and agglomeration algorithms, we are going to analyze each realistic and optimum scheme so as to realize additional insight within the properties of each approach. The standard topology of wireless device networks involves having several network nodes distributed throughout a particular physical space. There are sometimes no specific design or hierarchy in situ and thus, the wireless device networks are thought of to be impromptu networks. A commercial ad hoc wireless device network might operate in a very standalone fashion, or it is going to be connected to alternative networks, akin to the larger net through a base station [4]. Base stations are sometimes additional complicated
JoNS (2016) 23-27 Š STM Journals 2016. All Rights Reserved
Page 23
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print) Volume 4, Issue 3 www.stmjournals.com
Design and Performance Comparison of Secure Routing Protocol in Integrated UMTS and WLAN Ad Hoc Networks Shashank Tripathi*, A.K. Jain
Department of Instrumentation and Control Engineering, Dr. B. R. Ambedkar National Institute of Technology Jalandhar, Punjab, India
Abstract The impact of routing attack on the Integrated Universal Mobile Telecommunications System (UMTS) and Wireless Local Area Network (WLAN) ad hoc network can be minimized by choosing a suitable secure routing protocol. This paper introduces a new secure inter-domain routing protocol SNAuth_SPERIPv2 and its performance comparison with other secure routing protocols for Constant Bit-Rate (CBR) voice conversational traffic. Keywords: Integrated UMTS and WLAN Ad Hoc network, Scalability, QoS, Routing, Security, WHA
INTRODUCTION
The choice of security schemes against WHA in next generation heterogeneous networks is based on major factors: authentication, confidentiality, and integrity and data availability. The impact of routing attack on QoS on the Integrated UMTS and WLAN Ad Hoc network can be minimized by choosing a suitable secure inter-domain routing protocol. The inter-domain routing protocols of multihop integrated network are particularly vulnerable to various routing attacks. The design of secure and robust routing protocols can tackle the security issues in the integrated networks. The integrated network is mainly useful to connect both healthy infrastructured area and remote natural disaster prone area for regular communication. A severe wormhole may attack on the integrated multi-hop network routing protocol. The effect of this active threat on QoS of the Integrated Universal Mobile Telecommunications System (UMTS) and Wireless Local Area Network (WLAN) Ad Hoc network can be minimized by a suitable secure routing protocol. The Integrated UMTS and WLAN multi-hop networks support different class of services, namely: conversational, streaming, interactive, and background class service [1–4]. First two classes are guaranteed QoS classes (highly delay sensitive) and next two are
nonguaranteed QoS classes (loss sensitive) [5]. Only CBR conversation class is selected in this work that is used for voice conversational application. Hear inter-domain traffic model is based on real symmetric voice conversation under large network scalability with and without inter base station soft handoff. Here, scalability is ability of particular network to extend their network size (increasing number of active user nodes while keeping network base infrastructure fixed/network load scalability) without compromising its QoS. Our main contribution is development and analysis of new secure robust neighbor authenticated distance vector routing protocol and its performance comparison with other security protocols. The rest of the paper is organized as follows: Next section discusses background: integrated UMTS and WLAN ad hoc network vulnerabilities and attacks, subsequent section discusses secure routing requirements and design of secure routing protocol for the integrated network, performance evaluation and results are discussed in separate section. Finally, last section concludes this paper.
JoNS (2016) 28-41 Š STM Journals 2016. All Rights Reserved
Page 28
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print) Volume 4, Issue 3 www.stmjournals.com
Secure and Parallel Access Mechanism for Network File System Raju Dara1,*, T. Sowjanya2
1
Department of Computer Science Engineering, Krishna Murthy Institute of Technology and Engineering, Jawaharlal Nehru Technological University, Hyderabad, Telangana, India
Abstract Secure communication is an important requirement in the real world as the number of such systems is in process. A standard for large scale distributed file systems that can support parallel access to multiple storage devices is parallel Network File System (pNFS). This file system provides security using Kerberos. Kerberos is one of the network authentication protocol used by client server applications. This is based on secret key cryptography. In this paper, we build a custom simulator application that shows how secure authentication takes place in the context of a parallel network file system. We proposed and implemented a mechanism to have secure authentication and parallel communications besides reducing overhead of metadata servers. The empirical results revealed that the proposed system supports secure authentication. Keywords: Key establishment, many-to-many communications, secure authentication
INTRODUCTION
Parallel processing systems play a vital role in real world applications. The data are stored in a central place and that can be accessed in a distributed fashion, or it is possible to have different storage devices and a network file system to access the devices simultaneously. Thus, it is possible to have more freedom in using the file systems. pNFS is a standard that supports Kerberos authentication mechanism for secure and simultaneous access to users
across the network. The problem with Kerberos is that it is causing more overhead due to the maintenance of metadata. As shown in Figure 1, it is evident that the pNFS standard is dealing with state synchronization and metadata exchange. It is causing time and overhead. There are heterogeneous clients accessing servers and pNFS. The storage devices and servers are linked to metadata server and clients in one way or other.
JoNS (2016) 42-48 Š STM Journals 2016. All Rights Reserved
Page 42
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print) Volume 4, Issue 3 www.stmjournals.com
Vulnerability Assessment and Management Using Qualys Guard 1
Shashank Gahoi1,*, Ashish Jain2
Department of Information Technology, Institute of Engineering and Technology, Devi Ahilya University, Indore, India 2 Department of Computer Engineering, Institute of Engineering and Technology, Devi Ahilya University, Indore, India
Abstract Vulnerability is some flaw or loophole in our environment that a malicious attacker can use to exploit to harm or damage, in computer security. Vulnerability is a weakness which allows a malicious attacker to reduce a systems information assurance. There are various types of tools and techniques proposed over the year to assess the vulnerabilities and to manage them. These tools and techniques use various approaches to implement the basic functionality of vulnerability assessment and management i.e. to secure the environment by assessing the vulnerabilities and remediating them. This survey describes the various aspects of VS/VM tools and techniques and various issue related to vulnerability assessment and management. Keywords: Vulnerability assessment, vulnerability management, Qualys Guard tool, remediation, reports
INTRODUCTION
This given paper provides the understanding about the basic overview of the vulnerability assessment and management and their proposed solution and remediation. In order to improve the security in the computer networks the key objectives and overview of the work is presented. Overview The process of defining, identifying and prioritizing the vulnerability in the system is called as vulnerability assessment, and on the other hand, vulnerability management is the cyclic process of identifying, categorizing, remediating, and detracting the vulnerability. Vulnerability management is the obligatory to computer security and the networks security. Every day there can be zero day vulnerability discovered which is then used to exploit the data from the environment. A zero day vulnerability refers to a hole in software environment that is unknown to the vendor. This security hole is then exploited by a hacker before the vendor becomes aware and hurries to fix it; this exploitation is called zero day attack. In addition, it is extremely difficult to detect the zero day attacks, especially with the traditional cyber defenses. The recent top 10 [4] targeted high risk vulnerabilities by US-CERT are listed below with their CVE ID.
Microsoft Windows (CVE-2014-4114) Microsoft Internet Explorer 6 and 7 (CVE2014-0322) Microsoft Internet Explorer 8 and 9 (CVE2013-1347) Microsoft Silverlight and Developer runtime (CVE-2013-0074) Microsoft Excel (CVE-2011-0101) Oracle Java Development Kit, SDK and JRE (CVE-2012-1723) Oracle Java Developer Kit and JRE (CVE2013-2465). Adobe Reader Acrobat (CVE-2013-2729) Adobe Flash Player, AIR SDK and Compiler (CVE-2014-0564) OpenSSL (CVE-2014-0160)
WHY VULNERABILITIES OCCUR?
Vulnerability is the intersection of these three principles: flaw (weakness) or susceptibility of the system, an access to the flaw for an attacker and capability of an attacker to exploit the weakness. There are several reasons for occurrence of vulnerability; some of them are listed below.
JoNS (2016) 49-55 © STM Journals 2016. All Rights Reserved
Page 49
ISO: 9001Certified
STM Journals
ISSN 2395-6739 (Online) ISSN 2321-8517 (Print)
Empowering knowledge
Free Online Registration
22
September–December 2016 /
Ch
Energy /
/
/ Instrumentation /Science
GLOBAL READERSHIP STATISTICS
conducted
Over 500 Indian and International Subscribers. 30,000 Top Researchers, Scientists, Authors and Editors All Over the World Associated. Editorial/ Reviewer Board Members : 1000+. 1,00,000+ Visitors to STM Website From 140+ Countries Quarterly. 10,000 + Downloads from STM Website.
STM Journals invites the papers from the National Conferences, International Conferences, Seminars conducted by Colleges, Universities, Research Organizations etc. for Conference Proceedings and Special Issue. ŸSpecial Issues come in Online and Print versions. ŸSTM Journals offers schemes to publish such issues on payment and gratis (online) basis as well.
STM JOURNALS Scientific
To g e t m o r e i n f o r m a t i o n : stmconferences.com
Technical
Medical
www.stmjournals.com