-
Improving Network Security Using Elliptic Curve Cryptosystem
CHAPTER TWO -- [Total Page(s) 11]
Page 10 of 11
-
-
-
7. APPLICATION LAYER
The application layer is the closest to the
end user and it allow users to interact with the application and the
networks. This interface could be a prime target for unauthorized use
and abuse over the network if the application is weak or
unauthenticated. For instance, an intruder has no challenge in guessing
file names in TFTP protocol, because username or even password is not
required to access files in the TFTP protocol.
Standard security
control is bypassed through the backdoors and application design. If
controls force approach is not adequate, it results in excessive access
or insufficient access; when application security is too complex, it is
sometimes difficult for users to understand; and program logic flaws
could sometimes cause programs to crash or undesired behavior.
The
use of application level access controls in order to define access to
application resources, use of baseline in measuring application
implementation; such as application codes reviews and standard testing.
Using of host-based firewall systems to regulate traffic, application
activities and inquiries monitored by the use of IDS systems are all
means to control the vulnerabilities of application layers (Reed 2003).
2.8 RECONNAISSANCE ATTACKS
Administrators could overlook this
attack because of the form it takes to penetrate the network. It always
makes this kind of noise that might let the administrator to think is
just a network noise. A reconnaissance attack is always used by hackers
to gather information about a particular targeted network, which they
subsequently used to access the network or as DoS attacks. (cisco 2005)
1) Packet Sniffers
As
its name implies, a packet sniffer is a very good device used by the
administrators for detecting any kind of fault in the network. As it is a
good device for administrators for monitoring or analyzing a network,
so is it a good device for attackers for capturing packets sent across
networks.
2) Port Scans and Ping Sweep
These applications run a
series of tests against hosts and devices to identify vulnerable
services that need to be attended .These attacks can attempt to:
➢ Identify all services on the network.
➢ Identify all hosts and devices on the network.
➢ Identify the operating systems on the network.
➢ Identify vulnerabilities on the network.
Access attackers could be outsider hackers or inside users gaining entrance into a network in an unauthorized way to steal some vital and confidential information from the systems. They could also engage in destruction of resources so that some information that could lead to them could not be seen. There are different reasons for different attacks. Intruders use access attacks on networks or systems for the following reasons: to retrieve data, to gain access and escalate their access privileges. Access attacks can consist of the following:
1. Password Attacks
Hashes of passwords could be taken by L0phtCrack and the clear-text passwords could be generated from them; a brute-force password attack offers access to accounts that can be used to alter critical network services and files. A typical example for such attack that compromises the network integrity is when an attacker modifies the network’s routing tables. By doing so, the attacker ensures that all network packets are routed to the attacker before being transmitted to their final destination. In such cases, an intruder can monitor all network traffic. There are two methods for computing passwords with L0phtCrack:
I. Dictionary cracking: The password hashes for all words in a dictionary file are compared and computed against all of the password hashes for the users. This is an extremely fast method that finds very simple passwords.
II. Brute-force computation: In this method, particular character sets are used, such as A to Z plus 0 to 9 or A to Z, and compute the hash for every potential password made up of those characters. Brute-force compilation usually computes passwords if those passwords are made up of the character set someone has selected to test. The problem for the attacker is the time required for the completion of this type of attack.
CHAPTER TWO -- [Total Page(s) 11]
Page 10 of 11
-
-
ABSRACT - [ Total Page(s): 1 ]ABSTRACTSecuring a network wired or wireless for network administrator has been a big challenges for network administrators in the present day of Internet usage. This project presents ECDSA Cryptosystem as a solution to the problem been faced by network administrators and Engineers. The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic curve analogue of the Digital Signature Algorithm (DSA) with the attractiveness that there is no sub exponential algorithm known to solve the ell ... Continue reading---
TABLE OF CONTENTS - [ Total Page(s): 1 ]TABLE OF CONTENTTittle Page Declaration Certification Dedication Acknowledgements Abstract Tables of contents Table of Content1.0 CHAPTER ONE (INTRODUCTION)1.1 BACKGROUND TO THE WORK 1.2 PROBLEM DEFINITION 1.3 PROJECT JUSTIFICATION 1.4 OBJECTIVES 2.0 CHAPTER TWO (LITERATURE REVIEW)2.1 NETWORK SECURITY 2.2 CHARACTERISTICS OF NETWORK SECURITY 2.3 MAIN THREATS TO NETWORK S ... Continue reading---
CHAPTER ONE - [ Total Page(s): 2 ]CHAPTER ONE1.0 INTRODUCTION1.1 BACKGROUND TO THE WORKThe fast development of the modern Internet technology and information technology cause the individual, enterprise, school and government department joining the Internet, Which cause more illegal users to attack and destroy the network by using the fake websites, fake mail, Trojan horse and backdoor virus at the same time. The target of the attacks and intrusion on the network are computers, so once the intruders succeed, it will c ... Continue reading---
CHAPTER THREE - [ Total Page(s): 8 ]CHAPTER THREE3.0 METHODOLOGY3.1 BACKGROUND OF ELLIPTIC CURVE CRYPROGRAPHYElliptic curve cryptography provides a methodology for obtaining high-speed, efficient, and scalable implementations of network security protocols. The security of these protocols depends on the difficulty of computing elliptic curve discrete logarithm in the elliptic curve group.The group operations utilize the arithmetic of points which are elements of the set of solutions of an elliptic curve equation d ... Continue reading---
CHAPTER FOUR - [ Total Page(s): 10 ]Step 3: verifying the signatureAt this stage the program try to verify the signature weather it’s correct or not. It will display VALID or INVALID to ascertain the validity.Result:The result above what gotten using Secp256kr1 algorithm as shown above, the private and public key was gotten based on previous work inculcated into the database for the key generation and FRANCIS was used as the message string in other to get a signature value. ... Continue reading---
CHAPTER FIVE - [ Total Page(s): 1 ]CHAPTER FIVESUMMARY, CONCLUSION, AND RECOMMENDATIONElliptic Curve Digital Signature Algorithm (ECDSA) which is one of the variants of Elliptic Curve Cryptography (ECC) proposed as an alternative to established public key systems such as Digital Signature Algorithm (DSA) and Rivest Shamir Adleman (RSA), have recently gained a lot of attention in industry and academia.The main reason for the attractiveness of ECDSA is the fact that there is no sub exponential algorith known to solve the elliptic c ... Continue reading---
