• Title/Summary/Keyword: network auditing

Search Result 20, Processing Time 0.023 seconds

Penetration Testing and Network Auditing: Linux

  • Stiawan, Deris;Idris, Mohd. Yazid;Abdullah, Abdul Hanan
    • Journal of Information Processing Systems
    • /
    • v.11 no.1
    • /
    • pp.104-115
    • /
    • 2015
  • Along with the evolution of Internet and its new emerging services, the quantity and impact of attacks have been continuously increasing. Currently, the technical capability to attack has tended to decrease. On the contrary, performances of hacking tools are evolving, growing, simple, comprehensive, and accessible to the public. In this work, network penetration testing and auditing of the Redhat operating system (OS) are highlighted as one of the most popular OS for Internet applications. Some types of attacks are from a different side and new attack method have been attempted, such as: scanning for reconnaissance, guessing the password, gaining privileged access, and flooding the victim machine to decrease availability. Some analyses in network auditing and forensic from victim server are also presented in this paper. Our proposed system aims confirmed as hackable or not and we expect for it to be used as a reference for practitioners to protect their systems from cyber-attacks.

A Novel Methodology for Auditing the Threats in Cloud Computing - A Perspective based on Cloud Storage

  • Nasreen Sultana Quadri;Kusum Yadav;Yogesh Kumar Sharma
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.2
    • /
    • pp.124-128
    • /
    • 2024
  • Cloud computing is a technology for delivering information in which resources are retrieved from the internet through a web-based tools and applications, rather than a direct connection with the server. It is a new emerging computing based technology in which any individual or organization can remotely store or access the information. The structure of cloud computing allows to store and access various information as long as an electronic device has access to the web. Even though various merits are provided by the cloud from the cloud provides to cloud users, it suffers from various flaws in security. Due to these flaws, data integrity and confidentiality has become a challenging task for both the storage and retrieval process. This paper proposes a novel approach for data protection by an improved auditing based methodology in cloud computing especially in the process of cloud storage. The proposed methodology is proved to be more efficient in auditing the threats while storing data in the cloud computing architecture.

Secure and Efficient Privacy-Preserving Identity-Based Batch Public Auditing with Proxy Processing

  • Zhao, Jining;Xu, Chunxiang;Chen, Kefei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.2
    • /
    • pp.1043-1063
    • /
    • 2019
  • With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

Efficient and Secure Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy

  • Yu, Haiyang;Cai, Yongquan;Kong, Shanshan;Ning, Zhenhu;Xue, Fei;Zhong, Han
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.10
    • /
    • pp.5039-5061
    • /
    • 2017
  • Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.

An Empirical Study on the Model of Controls Evaluations for LAN

  • 노규성
    • Proceedings of the Korea Society for Industrial Systems Conference
    • /
    • 1998.10a
    • /
    • pp.385-391
    • /
    • 1998
  • As the increase in the use of computers and rapid development of information technology exacerbate auditors' judgmental process, achieving objectives(effectiveness) of control and auditing with limited resources requires auditors to identify relative importance and priority of controls. Consequently, auditors' review and evaluation of internal control is been highlighted in modrn auditing process. Especially, as more organizations adopted LAN(Local Area Network) systems. LAN environment is facing with problems arising from characteristics of theLAN and the evaluation of LAN controls. The modern in this study is LAN control evaluation model with information system auditing objectives. This study concludes that auditors' proper evalution of the importance of LAN controls contributes to the effective achievement of IS auditing objectives.

A design and implementation of the Wireless Firewall (무선 방화벽의 설계 및 구현에 관한 연구)

  • 박대우
    • Journal of the Korea Society of Computer and Information
    • /
    • v.8 no.1
    • /
    • pp.44-50
    • /
    • 2003
  • When Mobile terminal user want to contact inner-network information sever, wireless information security need for Protect hacking. For the security, Mobile terminal user could have contact to wireless network through the gateway of Wireless Firewall. In this paper, I present a design scheme of Wireless Firewall that included major function of Packet Filtering, NAT, Authentication, and auditing reports services. I would implement to Wireless Firewall that included major function of Packet Filtering, NAT, Authentication, Integrity, and auditing reports services. I would conclude that the suggest will be useful for research and development on Korean Wireless Firewall System.

  • PDF

IPsec VPN Encrypted Packet Analysis Method for Contents Auditing (콘텐츠 감사를 위한 IPsec VPN 패킷 분석 기술 연구)

  • Junghyung Park;Jaenam Yoon;Jaecheol Ryou
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.1
    • /
    • pp.41-52
    • /
    • 2024
  • Security audits of IPsec VPNs are crucial for identifying vulnerabilities caused by implementation flaws or misconfigurations, as well as investigating incidents. Nevertheless, auditing IPsec VPN presents noteworthy challenge due to the encryptiong of network contents which ensere confidentiality, integrity, authentications and more. Some researchers have suggested using man-in-the-middle(MITM) techniques to overcome this challenge. MITM techniques require direct participation in the network and prior knowledge of the pre-shared key for authentication. This causes temporary network disconnection for security audits, and it is impossible to analyse data collected before the audit. In this paper, we present an analysis technique aimed at ensuring network continuity without relying on a specific IPsec VPN topologies or authentication method. Therefore, it is anticipated that this approach will be effective, practical and adaptable for conducting IPsec VPN security

Analyses of Security Scanning and Security Threat in Web Application Network (웹에서의 보안 위협과 시큐리티 스캐닝에 대한 분석)

  • Kim, Jung-Tae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2010.10a
    • /
    • pp.603-604
    • /
    • 2010
  • In this paper, we analyses a testing methodology that allows for harmless auditing, define three testing modes.heavy, relaxed, and safe modes, and report our results from two experiments. In the first, we compared the coverage and side effects of the three scanning modes using Web applications chosen from the different vulnerable in a previous static verification effort.

  • PDF

GRID BASED ENERGY EFFICIENT AND SECURED DATA TRANSACTION FOR CLOUD ASSISTED WSN-IOT

  • L. SASIREGA;C. SHANTHI
    • Journal of applied mathematics & informatics
    • /
    • v.41 no.1
    • /
    • pp.95-105
    • /
    • 2023
  • To make the network energy efficient and to protect the network from malignant user's energy efficient grid based secret key sharing scheme is proposed. The cost function is evaluated to select the optimal nodes for carrying out the data transaction process. The network is split into equal number of grids and each grid is placed with certain number of nodes. The node cost function is estimated for all the nodes present in the network. Once the optimal energy proficient nodes are selected then the data transaction process is carried out in a secured way using malicious nodes filtration process. Therefore, the message is transmitted in a secret sharing method to the end user and this process makes the network more efficient. The proposed work is evaluated in network simulated and the performance of the work are analysed in terms of energy, delay, packet delivery ratio, and false detection ratio. From the result, we observed that the work outperforms the other works and achieves better energy and reduced packet rate.