What is IP Spoofing in Web Security?

Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking. It should come as no surprise then, that criminals who conduct their nefarious activities on networks and computers should employ such techniques. IP spoofing is one of the most common forms of on-line camouflage. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine by “spoofing” the IP address of that machine. In this article, we will examine the concepts of IP spoofing: why it is possible, how it works, what it is used for and how to defend against it. Basic Overview IP Spoofing IP Spoofing is a technique used to gain unauthorized access to machines, whereby an attacker illicitly impersonates another machine by manipulating IP packets. IP Spoofing involves modifying the packet header with a forged (spoofed) source IP address, a checksum, and the order value. Internet is a packet switched network, which causes the packets leaving one machine may be arriving at the destination machine in different order. The receiving machine resembles the message based on the order value embedded in…

What is Digital Certificate in Network Security?

Digital certificates are a core component in the provision of secure data communications. Gaining an understanding of the nature, creation and operation as well as the variety of these certificates is an essential step for students of computer, information or network security. Digital Certificates provide a means of proving your identity in electronic transactions; much like a driver license or a passport does in face-to-face interactions. With a Digital Certificate, you can assure friends, business associates, and online services that the electronic information they receive from you are authentic. Basic Overview of Digital Certificate A Digital Certificate is an electronic “password” that allows a person, organization to exchange data securely over the Internet using the public key infrastructure (PKI). Digital Certificate is also known as a public key certificate or identity certificate. Digital certificates provide a mechanism to authenticate and secure information on open networks. Applications using this mechanism include secure email, secure web communications, digital signing of software files, smart card authentication, and encrypting file systems. Certificates are a key building block for providing security services within an IT infrastructure, usually referred to as a public key infrastructure (PKI). Such contexts support: the binding of public keys to entities the distribution of public key…

What is DNS Spoofing and how it works

The DNS is responsible for resolving human-readable domain names to numeric IP addresses. It is a protocol designed in the early days of the internet, and features only weak security mechanisms. DNS Spoofing, also known as DNS Poisoning or DNS Cache Poisoning, involves corrupting an Internet server’s Domain Name System table by replacing a valid Internet address with that of another, rogue address. When a web user looks for the affected page, the request is redirected to a different address where a worm, spyware, web browser hijacking program, or other malware can be downloaded to the user’s computer from the. Basic Overview of DNS Spoofing DNS spoofing occurs when a particular DNS server’s records of “spoofed” or altered maliciously to redirect traffic to the attacker. This redirection of traffic allows the attacker to spread malware, steal data, etc. For example, if a DNS record is spoofed, then the attacker can manage to redirect all the traffic that relied on the correct DNS record to visit a fake website that the attacker has created to resemble the real site or a different site completely. DNS is a Domain Name System, which has all the websites names and its corresponding IP address in…

What is RSA Algorithm in Network Security?

RSA Algorithm is christened after its joint inventors, Ron Rivset, Adi Shamir and Leonard Adleman who invented it during 1977. This algorithm is the first of its kind that can be used for public key encryption as well as digital signatures. The RSA cryptosystem is the most widely-used public key cryptography algorithm in the world. It can be used to encrypt a message without the need to exchange a secret key separately. The RSA algorithm can be used for both public key encryption and digital signatures. Its security is based on the difficulty of factoring large integers. Party A can send an encrypted message to party B without any prior exchange of secret keys. A just uses B’s public key to encrypt the message and B decrypts it using the private key, which only he knows. RSA can also be used to sign a message, so A can sign a message using their private key and B can verify it using A’s public key. RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works on two different keys i.e. Public Key and Private Key. As the name describes that the Public Key is given to everyone and Private Key…

What is Secure Hash Algorithm (SHA) in Network Security

Cryptographic hash functions cannot be thought of outside mathematics. Cryptographic hash functions are a valuable tool in cryptography. They are applied in many areas of information security to provide protection of the authenticity of messages; data integrity verification which prevents modification of data from going undetected, time stamping and digital signature scheme. The hash functions that are used in various security related applications are called cryptographic hash functions. Secure Hashing Algorithms, also known as SHA, are a family of cryptographic functions designed to keep data secured. Overview of SHA The SHA i.e. Secure Hash Algorithm is basically based on the concept of hash function. The basic idea of a hash function is that it takes a variable length message as input and produces a fixed length message as output which can also be called as hash or message-digest. The trick behind building a good, secured cryptographic hash function is to devise a good compression function in which each input bit affects as many output bits as possible. In computer cryptography, a popular message compress standard is utilized known as Secure Hash Algorithm (SHA). Its enhanced version is called SHA-1. It has the ability to compress a fairly lengthy message and create…

What is Secure Socket layer (SSL) and How it Secure the Network

The boom of internet, web technologies bring the whole world under a single roof. Transferring information through e-ways leads security to be an important aspect to deal with. In recent years, there has been tremendous development in Internet. Right from retrieving information about any subject, you can use Internet for many purposes. But when two parties like client and a server are communicating over the Internet. Secure Socket layer (SSL) is vital to Web security. It provides a strong sense of confidentiality, message integrity, and server authentication to users. Overview of SSL SSL stands for Secure Sockets Layer protocol developed by Netscape and is the standard Internet protocol for secure communications. SSL (Secure Sockets Layer) is a standard security protocol for establishing an encrypted link between a server and a web browser. This link ensures that all data exchanged between the browser and the server remains secure. SSL allows your website and your visitor’s browser to transmit private, sensitive information without the worry of eavesdropping, web forgery, and data tampering. The main role of Secure Socket layer (SSL) is to provide security for Web traffic. Security includes confidentiality, message integrity, and authentication. SSL achieves these elements of security through the…

What is Firewall in Networking

The range of network security is very broad. The security in computer networks is a rapidly growing area of concern. Most of the valuable information resides on the network, making network an inevitable entity for survival. Security is optimized by lack of access; connectivity is optimized by complete access. Internet enabled organizations; wireless connectivity and roaming clientage have made network peripheries relatively transparent. With the rapid application and popularization of computer networks, the increase of difficult steps of enterprises and government information digitization, existing enterprise network system structure is increasingly complex. Complex network structure gives a lot of safety concerns; the need for network security is also in rapid increase of the nature of the unprecedented.  Overview of Firewall The rapid development of Internet has brought great convenience to people’s life, but at the same time, the Internet is faced with unprecedented threat. Therefore, how to use effective feasible method to make the network risk within an acceptable range is in the attention of more and more people get. Firewalls are network devices which enforce an organization’s security policy. Firewalls protect a trusted network from an untrusted network by filtering traffic according to a specified security policy. A diverse set…

What is Digital Identity in Network Security and How it Works

Having an identity and expressing it have been of that importance from the early time. Digital identity related mechanisms are the core of modern systems, networks, and applications security. In an increasingly borderless and digital world, privacy and security cannot be ensured through the construction of walls around sensitive information. Identity is the new frontier of privacy and security, where the very nature of entities is what allows them to complete some transactions but be denied from completing others.  To understand the importance of identity and the criticality of strong identity protocols that protect against cyber-risk and suit the needs of transacting parties, it is essential to understand what identity is, and its role in enabling transactions. Overview of Digital Identity Digital identity is said to be at the heart of many contemporary strategic modernizations and innovations, ranging from crime, misconduct, offence, internal and external security, business models etc. This necessitates disclosing the personal information within ubiquitous environment. A digital identity is an online or networked identity adopted or claimed in cyberspace by an individual, organization or electronic device. These users may also project more than one digital identity through multiple communities. In terms of digital identity management, key areas of concern…

What is Password Authentication protocol (PAP)
Technology & Science , Web Security / February 22, 2018

In many systems, the user authentication is widely applied and discussed in security services. Password authentication, which is widely used for authenticated method, also is important protocol by requiring a username and password before being allowed access to resources. In an internet environment, a remote user has to obtain the access right from a server before doing any job. The procedure of obtaining access right is called a user authentication protocol. User authentication via user memorable password provides convenience without needing any auxiliary devices, such as smart card. It is very common that a server in a network of resources is used to provide controlled access to the network or to applications residing within the network. Therefore, it is necessary for the server to authenticate the client via username and password. Overview of Password Authentication protocol Password authentication is one of the simplest and the most convenient authentication mechanisms to deal with secret data over insecure networks. It is more frequently required in areas such as computer networks, wireless networks, remote login systems, operation systems, and database management systems. To access resources at remote systems, users should have proper access rights. One of the simplest and most convenient security mechanisms is…

What is Plagiarism Detection
Big Data , Technology & Science , Web Security / February 15, 2018

Plagiarism is the reuse of someone else’s prior ideas, processes, results, or words without explicitly acknowledging the original author and source. In modern years, plagiarism has raised great concern over knowledgeable property protection. Plagiarists violate knowledgeable property rights either by copying source/binary code or by stealing and covertly implementing protected algorithms. The first case is also known as software plagiarism. Plagiarism involves reproducing the existing information in modified format or sometimes the original document as it is. This is quiet common among students, researchers and academicians. This has made some strong influence on research community and awareness among academic peoples to prevent such a kind of misuse. in this presented article Plagiarism Detection is explained. Overview of Plagiarism Detection A word may have several possible meanings and senses due to the richness of natural languages, which make detecting plagiarism a hard task especially when dealing with semantic meaning, not just searching for patterns of text that are illegally copied from others (copy and paste texts from digital resources without acknowledging the original resource), Plagiarism occurs in various forms: submitting another’s work exactly same without proper citation, paraphrasing text, reordering the sentences, using synonyms, or changing grammar, code plagiarism etc. Plagiarism is…

Insert math as
Block
Inline
Additional settings
Formula color
Text color
#333333
Type math using LaTeX
Preview
\({}\)
Nothing to preview
Insert