CHAPTER 11.0 INTRODUCTIONWe are living in an era where information technology isparamount. Since we have found the power of technology and embraced it as ahelping tool, we are trying to make it even more useful. Technology is dynamic;it is changing and improving almost every day. After the trend of desktop PCsand laptops, there was a newfound interest in mobile devices and tablets. Incorporatingcyber security protections into software applications during development is acomplex issue. In the ever-expanding digital age, virtually every aspect ofhuman endeavor relies on secure transactions and operations. However, considerationof cyber security issues is often inadequate, leading to problems such asfinancial losses, data losses, and privacy breaches.
From a systems andnetworking view, enormous efforts have been made to develop tools to combat specifictypes of cyber-attacks as they appear. However, hackers tend to thinkdifferently than developers of applications and are constantly and proactivelydeveloping increasingly notorious and creative attack strategies. Such attacksin planting malicious pieces of code that corrupt the application, stealsensitive customer information, or introduce malware such as viruses, worms andspyware, phishing, extortion schemes, and spam, can be exploit vulnerabilities introducedat any step of the development process. Software applications that arevulnerable to cyber-attacks can drive potential customers and users of theapplication away.
To gain user trust in purposeful applications, it is importantto carry out application development while carefully addressing security issuesat each step. Software developers tend to focus on functional requirements,with little emphasis on non-functional requirements, such as security. In thispaper we provide a survey of literature that is relevant to secure softwaredevelopment practices. Several security issues, concerns, challenges, andsolutions at different phases of the software development life cycle as describedin the literature on cyber security are also presented. However, the scope ofthis paper is limited to Analysis, Design, Implementation, and testing phasesof the Software Development Life Cycle (SDLC). With technology advancement andmass digitalization of user personal data, establishing user trust has becomean important factor in the use of software systems. Most software systems arepotentially vulnerable to attacks even if there is strict adherence to leadingedge principles of encryption and decryption. Security of software systems isclassified into three categories: Confidentiality, Integrity and Availability.
Thesecategories are also collectively known as the CIA triad. Confidentiality is definedas “Preserving authorized restrictions on information access and disclosure,including means for protecting personal privacy and proprietary information..
.”Integrity is defined as “Guarding against improper information modification ordestruction, and includes ensuring information non-reputation andauthenticity…” Availability is defined as “Ensuring timely and reliableaccess to and use of information..
.” Security is often intertwined with trust.In the context of software systems, trust refers to the level of confidence or reliabilitythat a person places in a software system, including the expectations that theyhave for the software fulfilling its purpose. Trust also refers to arelationship that a person forms with software applications that are online orover a network. Trust relationship is betrayed if the user’s expectations from theseapplications are not met. This raises questions concerning the kinds ofexpectations that users have with the applications and the factors thatdiminish trust.
One factor arises from any negative risks that are associatedwith the usage of an application. There are traditional ways of assessing riskin cyber security. Again, insiders within an organization are also known tosometimes support and execute malicious attacks for which outsiders haveminimal knowledge. As described by Colwill, Examples of autonomous systemsinclude floor cleaning robots, agent software, military and private drones, surgery-performingrobots and self-driving cars.
Autonomous systems are managed and supervisedindependently by a single administrator, entity, or organization. Each autonomoussystem has a unique identifying label that can be used during data packettransfer between two systems. CHAPTER 22.
0 METHODOLOGYThis research aims to study network security issuesthrough survey method. In my term paper I will use a Survey that was conductedat Pune IT companies, it is intended to study challenges to intrusion detectionfor computer network security. Survey is conducted by questionnaire method.This research investigates applicability of data mining techniques for intrusiondetection. To investigate this, experiment method is used. Various experimentsare performed using machine learning software to know efficient methods forintrusion detection.
Computer network security is the necessity of all ITcompanies with growing network. For network security one of the most criticalfactors is detection of intrusion attack on computer security. Intrusiondetection is becoming a challenging task due to increased connectivity ofcomputer system and services. In this context “What are challenges to intrusion detectionfor computer network security?” is the question to be tackled. Researcher seeksto study network security issues, specifically need of intrusion detection systemsand challenges to intrusion detection system to ensure computer network securityin IT industrial units of Pune region.
This study is further intended to investigate how datamining techniques can serve for strengthening security. There is need to studyhow data mining can provide a mechanism to detect intrusion. What data miningtechniques are useful to handle challenges of intrusion detection? For thisvarious experiments using data mining methods are required to execute. Theseexperiments are aiming to find out methods to resolve network security issueeffectively. Aim of this study is to provide a framework which is capable togive solution for challenges to intrusion detection.
This research intends toget answers for the following research questions. 1. What are the challenges to current intrusiondetection systems? 2. What are the effective data mining techniquesfor intrusion detection? 3. Why computer network security is essential? 4. How to distinguish whether incoming networktraffic is normal or intrusion. 5.
How intrusion detection plays important role incomputer network security? Rational of the study IT industrial units need to manage security of computernetwork. Network security is an important factor of IT industrial units.Computer and computer network security becomes integral parts of all ITindustries because of increased requirement of network and processing speed. As the network dramatically extended, security is consideredas a major issue in computer networks. Internet attacks are increasing, andthere have been various attack methods, consequently. The rapid development ofPune IT industries and growing network facilities makes computer security acritical issue. Because IT industrial units keep important and classifiedinformation on their computers, there is a great need to protect thatinformation from those who would exploit it.
One way to identify attack is byusing IDS, which are designed to locate and alert systems administrators about thepresence of malicious traffic. This study suggests how computer network securitymanagement can get benefit of data mining techniques for intrusion based securityattack detection. The outcome of this study will also add to the body ofknowledge on computer network security management. The output of this study mayalso be used as a complementary approach to signature based intrusion detectionmethods.
Objective of studyGeneral objective The general objective of this study is constructinga data mining framework for intrusion detection system that will enhance thenetwork security system. Specific objectives 1. To studyand examine • Network security importance and issues in IT industrial units of Pune region.
• Importance of intrusion detection system and challenges to current intrusiondetection systems for network security management. 2. Toanalyze, computer network security components.
Specifically intrusion attackand intrusion detection system. 3. Toanalyze, several steps involved in data mining process.
4. Toanalyze, the applicability of existing data mining techniques. 5. Topropose data mining techniques through creation of data analysis framework. Research methodologyThis research employs survey method to identify networksecurity issues and experiment method for construction of framework. Thisresearch study is related to Network Security Management – A study with specialreference to IT industrial units in Pune region.
In this study primary andsecondary data is collected to find out importance of network security andintrusion detection system. Primary data is collected through survey methodwhereas secondary data is collected through published and unpublished material.Research methodology used in this research explains process of obtaining sampleand size of sample.
Primary data This data is collected through survey method. This datais original in nature. This data is collected by distributing the questionnaire& getting filled by the concerned respondents, for this purpose, online questionnaireas well as manual method was used. Telephonic and/or personal interviewconducted with the IT industry people of Pune region.
LITERATURE REVIEWIn this paper we disclosed or summarized variousarticles or journals regarding the cyber security and privacy protection ofdata or information. For the purpose of security we divided the referencestopic wise.2.1 AttackerAttacker means a person get control of other systemor network and destroy.
Examples like hacker, adversary in terms of computersecurity and algorithm. In literature different types of attacks reported as activeand passive as well as insider and outsider attack. For the prevention of attackvarious methods or techniques developed by researcher.
Shrivastava describedabout rushing attack and its prevention techniques for reducing harmful2.2 One time password For all online shopping or transaction one timepassword is important part for the security. Same thing for data protection orinformation protection we can use one time password system for account authenticationor file opening. Every time of transaction a new password generationfor the transaction by using genetic algorithm with elliptic curvecryptography. It is very important when we lost our old password we need not toworry. We can get new password every time which increase the security of oursystem or operation. P. Ahlawat described in his paper different techniques forsecure our OTP from hackers.
Also solve the synchronization issues when accessOTP. In other literature regarding OTP like Y. Huang described new method forthe OTP generation by changing calculation method. K.
W. Hussein explained theOTP based on the unique factor and biometric in which novel authenticationscheme used. The generated OTP has unique no and biometric authentication whichincrease the security of our data or operation. Some literature M.H. Khan explainedOTP generation using SHA algorithm which help generate new OTP every time. B.K.
Kushwaha gives new approach to OTP authentication which gives extra security toour OTP. In this paper studied graphical password and shoulder suffering problemalso explained.FINDINGS ANDOBSERVATIONSNASCIO has long seen the natural linkage betweenhomeland security and the state and local government chief information officers(CIOs), who oversee information and communications technologies that supportkey public services. Section 7(c) of Homeland Security Presidential Directive (HSPD)-7 declares that: “It is the policyof the United States to enhance the protection of our Nation’s criticalinfrastructure and key resources against terrorist acts that could…undermineState and local government capacities to maintain order and to deliver minimumessential public services.
” Section 15 designates “emergency services”—most of whichare delivered by state and local authorities—as being among the nation’s”critical infrastructure sectors.” These directives become all the more urgentwhen you consider that the nation’s information infrastructure is the only partof our national infrastructure that is under attack all the time. Thus, NASCIO’s Information Security Committee,which is led by Denise Moore, CIO of Kansas, recently concluded a survey ofstrategic cyber security issues that was intended to identify the condition ofthe states on cyber security and assess the nature of their relationship withU.S. Department of Homeland Security’s (DHS) cyber security programs andresources.
The survey was conducted from August 16th to the31st. The chief information officer (CIO) or chief information security officer(CISO)—or the equivalent state-government-wide information security officer-wasinvited to respond from each state and the District of Columbia. The surveygarnered 27 responses from states representing 57% of the nation’s population. The survey was conducted in tandem with theMetropolitan Information Exchange (MIX), the national association of county andmunicipal CIOs. Both organizations will share the findings from their surveysunder separate reports delivered to the U.S. House Committee on Homeland Security, which we hope they will use inguidance for DHS concerning state and local sector coordination.
This reportcontains five high-level, or “strategic,” recommendations along with 18lower-level, or more “tactical,” recommendations for action. Quantitative,question-by-question findings can be found in the attached appendix, titled”Detailed Results from NASCIO’s Strategic Cyber Security Survey.” 1. Cyber security education should cover thebasics:Use strong passwords.Apply system updates in a timely and efficient manner.
Secure devices by enabling a firewall and deploy solutions to address viruses, malware and spyware.Learn not to click on email links or attachments, unless the sender is known and trusted. Even then, phishing emails sometimes spoof the sender’s identity to trick the user into clicking a link or attachment.2. Leveraging trusted resources3. Buildingan economic framework- Simply purchasing every new tool orsecurity product is not the answer.
From the individual user to the smallbusiness to the large enterprise, it is important to make investment decisionsfor cyber security in a risk management construct that includes trying tosecure the biggest bang for the buck. REFERENCES1. https://www.us-cert.gov/bsi/articles/best-practices/acquisition/supply-chain-risk-management%3A-incorporating-security-into-software-development