CHAPTER dynamic; it is changing and improving almost every

CHAPTER 1

1.0 INTRODUCTION

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

We are living in an era where information technology is
paramount. Since we have found the power of technology and embraced it as a
helping tool, we are trying to make it even more useful. Technology is dynamic;
it is changing and improving almost every day. After the trend of desktop PCs
and laptops, there was a newfound interest in mobile devices and tablets. Incorporating
cyber security protections into software applications during development is a
complex issue. In the ever-expanding digital age, virtually every aspect of
human endeavor relies on secure transactions and operations. However, consideration
of cyber security issues is often inadequate, leading to problems such as
financial losses, data losses, and privacy breaches. From a systems and
networking view, enormous efforts have been made to develop tools to combat specific
types of cyber-attacks as they appear. However, hackers tend to think
differently than developers of applications and are constantly and proactively
developing increasingly notorious and creative attack strategies. Such attacks
in planting malicious pieces of code that corrupt the application, steal
sensitive customer information, or introduce malware such as viruses, worms and
spyware, phishing, extortion schemes, and spam, can be exploit vulnerabilities introduced
at any step of the development process. Software applications that are
vulnerable to cyber-attacks can drive potential customers and users of the
application away. To gain user trust in purposeful applications, it is important
to carry out application development while carefully addressing security issues
at each step. Software developers tend to focus on functional requirements,
with little emphasis on non-functional requirements, such as security. In this
paper we provide a survey of literature that is relevant to secure software
development practices. Several security issues, concerns, challenges, and
solutions at different phases of the software development life cycle as described
in the literature on cyber security are also presented. However, the scope of
this paper is limited to Analysis, Design, Implementation, and testing phases
of the Software Development Life Cycle (SDLC). With technology advancement and
mass digitalization of user personal data, establishing user trust has become
an important factor in the use of software systems. Most software systems are
potentially vulnerable to attacks even if there is strict adherence to leading
edge principles of encryption and decryption. Security of software systems is
classified into three categories: Confidentiality, Integrity and Availability. These
categories are also collectively known as the CIA triad. Confidentiality is defined
as “Preserving authorized restrictions on information access and disclosure,
including means for protecting personal privacy and proprietary information…”
Integrity is defined as “Guarding against improper information modification or
destruction, and includes ensuring information non-reputation and
authenticity…” Availability is defined as “Ensuring timely and reliable
access to and use of information…” Security is often intertwined with trust.
In the context of software systems, trust refers to the level of confidence or reliability
that a person places in a software system, including the expectations that they
have for the software fulfilling its purpose. Trust also refers to a
relationship that a person forms with software applications that are online or
over a network. Trust relationship is betrayed if the user’s expectations from these
applications are not met. This raises questions concerning the kinds of
expectations that users have with the applications and the factors that
diminish trust. One factor arises from any negative risks that are associated
with the usage of an application. There are traditional ways of assessing risk
in cyber security. Again, insiders within an organization are also known to
sometimes support and execute malicious attacks for which outsiders have
minimal knowledge. As described by Colwill, Examples of autonomous systems
include floor cleaning robots, agent software, military and private drones, surgery-performing
robots and self-driving cars. Autonomous systems are managed and supervised
independently by a single administrator, entity, or organization. Each autonomous
system has a unique identifying label that can be used during data packet
transfer between two systems.

CHAPTER 2

2.0 METHODOLOGY

This research aims to study network security issues
through survey method. In my term paper I will use a Survey that was conducted
at Pune IT companies, it is intended to study challenges to intrusion detection
for computer network security. Survey is conducted by questionnaire method.
This research investigates applicability of data mining techniques for intrusion
detection. To investigate this, experiment method is used. Various experiments
are performed using machine learning software to know efficient methods for
intrusion detection.

Computer network security is the necessity of all IT
companies with growing network. For network security one of the most critical
factors is detection of intrusion attack on computer security. Intrusion
detection is becoming a challenging task due to increased connectivity of
computer system and services.

In this context “What are challenges to intrusion detection
for computer network security?” is the question to be tackled. Researcher seeks
to study network security issues, specifically need of intrusion detection systems
and challenges to intrusion detection system to ensure computer network security
in IT industrial units of Pune region.

This study is further intended to investigate how data
mining techniques can serve for strengthening security. There is need to study
how data mining can provide a mechanism to detect intrusion. What data mining
techniques are useful to handle challenges of intrusion detection? For this
various experiments using data mining methods are required to execute. These
experiments are aiming to find out methods to resolve network security issue
effectively. Aim of this study is to provide a framework which is capable to
give solution for challenges to intrusion detection. This research intends to
get answers for the following research questions.

1. What are the challenges to current intrusion
detection systems?

2. What are the effective data mining techniques
for intrusion detection?

3. Why computer network security is essential?

4. How to distinguish whether incoming network
traffic is normal or intrusion.

5. How intrusion detection plays important role in
computer network security?

Rational of the study

IT industrial units need to manage security of computer
network. Network security is an important factor of IT industrial units.
Computer and computer network security becomes integral parts of all IT
industries because of increased requirement of network and processing speed.

As the network dramatically extended, security is considered
as a major issue in computer networks. Internet attacks are increasing, and
there have been various attack methods, consequently. The rapid development of
Pune IT industries and growing network facilities makes computer security a
critical issue. Because IT industrial units keep important and classified
information on their computers, there is a great need to protect that
information from those who would exploit it. One way to identify attack is by
using IDS, which are designed to locate and alert systems administrators about the
presence of malicious traffic. This study suggests how computer network security
management can get benefit of data mining techniques for intrusion based security
attack detection. The outcome of this study will also add to the body of
knowledge on computer network security management. The output of this study may
also be used as a complementary approach to signature based intrusion detection
methods.

Objective of study

General objective

The general objective of this study is constructing
a data mining framework for intrusion detection system that will enhance the
network security system.

Specific objectives

1.                 
To study
and examine

• Network security importance and issues in IT industrial units of Pune region.

• Importance of intrusion detection system and challenges to current intrusion
detection systems for network security management.

2.                 
To
analyze, computer network security components. Specifically intrusion attack
and intrusion detection system.

3.                 
To
analyze, several steps involved in data mining process.

4.                 
To
analyze, the applicability of existing data mining techniques.

5.                 
To
propose data mining techniques through creation of data analysis framework.

Research methodology

This research employs survey method to identify network
security issues and experiment method for construction of framework. This
research study is related to Network Security Management – A study with special
reference to IT industrial units in Pune region. In this study primary and
secondary data is collected to find out importance of network security and
intrusion detection system. Primary data is collected through survey method
whereas secondary data is collected through published and unpublished material.
Research methodology used in this research explains process of obtaining sample
and size of sample.

Primary data

This data is collected through survey method. This data
is original in nature.

This data is collected by distributing the questionnaire
& getting filled by the concerned respondents, for this purpose, online questionnaire
as well as manual method was used. Telephonic and/or personal interview
conducted with the IT industry people of Pune region.

 

LITERATURE REVIEW

In this paper we disclosed or summarized various
articles or journals regarding the cyber security and privacy protection of
data or information. For the purpose of security we divided the references
topic wise.

2.1 Attacker

Attacker means a person get control of other system
or network and destroy. Examples like hacker, adversary in terms of computer
security and algorithm. In literature different types of attacks reported as active
and passive as well as insider and outsider attack. For the prevention of attack
various methods or techniques developed by researcher. Shrivastava described
about rushing attack and its prevention techniques for reducing harmful

2.2 One time password

For all online shopping or transaction one time
password is important part for the security. Same thing for data protection or
information protection we can use one time password system for account authentication
or file opening.

Every time of transaction a new password generation
for the transaction by using genetic algorithm with elliptic curve
cryptography. It is very important when we lost our old password we need not to
worry. We can get new password every time which increase the security of our
system or operation. P. Ahlawat described in his paper different techniques for
secure our OTP from hackers. Also solve the synchronization issues when access
OTP. In other literature regarding OTP like Y. Huang described new method for
the OTP generation by changing calculation method. K. W. Hussein explained the
OTP based on the unique factor and biometric in which novel authentication
scheme used. The generated OTP has unique no and biometric authentication which
increase the security of our data or operation. Some literature M.H. Khan explained
OTP generation using SHA algorithm which help generate new OTP every time. B.K.
Kushwaha gives new approach to OTP authentication which gives extra security to
our OTP. In this paper studied graphical password and shoulder suffering problem
also explained.

FINDINGS AND
OBSERVATIONS

NASCIO has long seen the natural linkage between
homeland security and the state and local government chief information officers
(CIOs), who oversee information and communications technologies that support
key public services. Section 7(c) of Homeland Security Presidential

Directive (HSPD)-7 declares that: “It is the policy
of the United States to enhance the protection of our Nation’s critical
infrastructure and key resources against terrorist acts that could…undermine
State and local government capacities to maintain order and to deliver minimum
essential public services.” Section 15 designates “emergency services”—most of which
are delivered by state and local authorities—as being among the nation’s
“critical infrastructure sectors.” These directives become all the more urgent
when you consider that the nation’s information infrastructure is the only part
of our national infrastructure that is under attack all the time.

Thus, NASCIO’s Information Security Committee,
which is led by Denise Moore, CIO of Kansas, recently concluded a survey of
strategic cyber security issues that was intended to identify the condition of
the states on cyber security and assess the nature of their relationship with
U.S. Department of Homeland Security’s (DHS) cyber security programs and
resources.

The survey was conducted from August 16th to the
31st. The chief information officer (CIO) or chief information security officer
(CISO)—or the equivalent state-government-wide information security officer-was
invited to respond from each state and the District of Columbia. The survey
garnered 27 responses from states representing 57% of the nation’s population.

The survey was conducted in tandem with the
Metropolitan Information Exchange (MIX), the national association of county and
municipal CIOs. Both organizations will share the findings from their surveys
under separate reports delivered to the U.S. House Committee on

Homeland Security, which we hope they will use in
guidance for DHS concerning state and local sector coordination. This report
contains five high-level, or “strategic,” recommendations along with 18
lower-level, or more “tactical,” recommendations for action. Quantitative,
question-by-question findings can be found in the attached appendix, titled
“Detailed Results from

NASCIO’s Strategic Cyber Security Survey.”

 

1.     
Cyber security education should cover the
basics:

Use strong passwords.Apply system updates in a timely and
efficient manner.Secure devices by enabling a firewall and
deploy solutions to address viruses, malware and spyware.Learn not to click on email links or
attachments, unless the sender is known and trusted. Even then, phishing
emails sometimes spoof the sender’s identity to trick the user into
clicking a link or attachment.

2.     
 Leveraging trusted resources

3.     
Building
an economic framework- Simply purchasing every new tool or
security product is not the answer. From the individual user to the small
business to the large enterprise, it is important to make investment decisions
for cyber security in a risk management construct that includes trying to
secure the biggest bang for the buck.

 

REFERENCES

1.                 
https://www.us-cert.gov/bsi/articles/best-practices/acquisition/supply-chain-risk-management%3A-incorporating-security-into-software-development