Total views : 238

Design and Implementation of a Defense System from TCP Injection Attacks

Affiliations

  • Department of CSE, Warangal Institute of Technology and Sciences, Warangal – 506342, Telangana, India

Abstract


Data and Information Security are the major concerns in the modern network world. The most widely used and reliable transport protocol is TCP over internet. As it is most widely used network, which is facing a security breach from the TCP injection Attacks. We discussed different attacks such as Spoofing Attacks, IP Address Spoofing Attacks, ARP Spoofing Attacks, Man–in Middle Attacks, TCP-Session Hijacking and even we concentrated on Advanced Persistent Threat. We exposed different security measures against packet sniffing, packet modification and IP Spoofing. The mathematical analysis is given for the authentication mechanism to protect the data from the different risks, threats and attacks. We also focused different security measures and protocols at transport level such as secure sockets layer and transport layer security protocols. We designed and implemented the defense system to protect against the Advanced Persistent Threat and other attacks, and research issues in networks and Cloud Computing. An experimental analysis is given along with In-depth analytics and mechanisms regarding the threats in transit and TCP Session Hijacking. Network data and information security methods such as packet filters design methods and implementation are provided along with the mathematical analysis and experimental output.

Keywords

Advanced Persistent Threat, Defense in Depth, Multi-path TCP, TCP-Injection Attack.

Full Text:

 |  (PDF views: 223)

References


  • Zhuang Q, Jiang J , Xiong T. An Intelligent Anti-phishing Strategy Model for Phishing Website Detection, 32nd International Conference on Distributed Computing Systems Workshops (ICDCSW). Macau. 2012. p. 51-6.
  • Bennett CH , Gacs P , Li M , Vitanyi PMB, Zurek WH. Information distance. IEEE Transactions on Information Theory.1998; 44(4):1407-23.
  • ALmomani AB, Gupta B, Wan TC, Altaher A, Manickam S . Phishing dynamic evolving neural Fuzzy framework for online detection “Zero-day” phishing email. Indian Journal of Science and Technology. 2013; 6(1):122-6 .
  • Zeydan HZ, Selamat A , Salleh M . Survey of anti-phishing tools with detection capabilities. International Symposium on Biometrics and Security Technologies (ISBAST), Kuala Lumpur. 2014. p. 214-9.
  • Chandra JV, Challa N, Pasupuleti S. Intelligence based defense system to protect from advanced persistent threat by means of social engineering on social cloud platform., Indian Journal of Science and Technology. 2015; 8(28):1-9.
  • Chandra JV, Challa N, Hussain MA . Data and information storage security from advanced persistent attack in cloud computing. International Journal of Applied Engineering Research. 2014; 9 (20): 7755-68.
  • Chen TC, Stepan T, Dick S, Miller J. An Anti-phishing system employing diffused information. ACM Transactions on Information and System Security (TISSEC). 2014; 16(4):12-4.
  • Bilge L, Sen S, Balzarotti D, Kirda E, Kruegel C. Exposure: A passive dns analysis service to detect and report malicious domains. ACM Transactions on Information and System Security (TISSEC). 2014; 16(4):14.
  • Chandra JV, Challa N, Pasupuleti S, Thirupathi RK, Krishna RV. Numerical formulation and simulation of social networks using graph theory on social cloud platform. Global Journal of Pure and Applied Mathematics. 2015; 11(2):1253–64 .
  • Li B , Sun R, Fang X, Luo X, Chang WH. Emergent challenges and IPDS for Anti-phishing attack. International Conference on IT Convergence and Security (ICITCS): Beijing: 2014. p. 1-4.
  • Zhou Y, Zhang Y, Xiao J, Wang Y, Lin W . Visual similarity based Anti-phishing with the combination of local and global features. IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom): Beijing; 2014. p. 189-196.
  • Singh P, Maravi YPS, Sharma S. Phishing websites detection through supervised learning networks. International Conference on Computing and Communications Technologies (ICCCT): Chennai; 2015. p. 61-5.
  • Basnet RB, Doleck T . Towards developing a tool to detect phishing URLs: A machine learning approach. IEEE International Conference on Computational Intelligence and Communication Technology (CICT): Ghaziabad: 2015.p. 220-3.
  • Lakhita S, Yadav B, Bohra B, Pooja P. A review on recent phishing attacks in Internet. International Conference on Green Computing and Internet of Things (ICGCIoT); Noida: 2015. p. 1312-15.
  • Reddy VKB, Rao T. Reddy LSS, Sai Kiran P . Research Issues in Cloud Computing. Global Journal of Computer Science and Technology. 2011; 11(11):70-6 .
  • Chandra MSS, Raghava Rao K , Hussain MA . An efficient scheme for facilitating secure data sharing in decentralized disruption tolerant networks. Indian Journal of Science and Technology. 2016; 9(5):1-13.
  • Chandra JV, Challa N, Pasupuleti SK. Advanced persistent threat defense system using self-destructive mechanism for cloud security. 2016 IEEE International Conference on Engineering and Technology (ICETECH). Coimbatore: 2016. p. 7-11.
  • Chandra JV, Challa N, Pasupuleti SK. A practical approach to E-mail spam filters to protect data from advanced persistent threat. 2016. International Conference on Circuit, Power and Computing Technologies (ICCPCT); Nagercoil: 2016.p. 1-5.
  • Marri M , Reddy R, Yalla P, Chandra JV. Design and implementation of integrated testing tool based on metrics and quality assurance. International Journal of Applied Engineering Research. 9(21):10463-72.

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.