Secure Communication using Identity Based Encryption

Secured communication has been widely deployed to guarantee confidentiality and\ud integrity of connections over untrusted networks, e.g., the Internet. Although\ud secure connections are designed to prevent attacks on the connection, they hide\ud attacks inside the channel from being analyzed by Intrusion Detection Systems\ud (IDS). Furthermore, secure connections require a certain key exchange at the\ud initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements

An efficient web authentication mechanism preventing man-in-the-middle attacks in industry 4.0 supply chain

The fourth industrial revolution (Industry 4.0) is transforming the next generation of the supply chain by making it more agile and efficient compared with the traditional supply chain. However, data communication across the partners in the Industry 4.0 supply chain can be the target of a wide spectrum of attackers exploiting security breaches in the internal/external environment of the partners due to its heterogeneous and dynamic nature as well as the fact that the non-professional users in security issues usually operate their information systems. Attackers can compromise the data communication between legitimate parties in the Industry 4.0 Supply Chain, and thus, jeopardizing the delivery of services across the partners as well as the continuity of the service provision. Consequently, secure data communications across the partners in the Industry 4.0 Supply Chain are of utmost importance. Toward this direction, TLS protocol, which is the de facto standard for secure Internet communications, is employed to ensure secure communication between a user's web browser and a remote web server located in the premises of the same or another partner. However, over the last few years, there have been several serious attacks on TLS, including man-in-the-middle attacks in web applications using TLS to secure HTTP communication. Therefore, in this paper, we propose an efficient TLS-based authentication mechanism, which is resistant against MITM in web applications

Man in the Browser Attacks

In the present world, everyone uses the Internet and to access the internet they would need to use a browser. Unfortunately, the benefits of the Web are also available to hackers to exploit its weaknesses. Man-in-the-Browser (MITB) attacks are utilized through Trojan malware that infects an Internet browser. This attack is dangerous because of its ability to hide from anti-virus software and steal information from a user from the browser. MITB is able to see information within the browser since no encryption occurs in a browser. This is a serious threat to financial institutions and many other secret institutions as well. No one is safe from a MITB once it is installed because it easily bypasses the security mechanisms we all rely on. This paper explains what MITB attacks are, and how dangerous are those, and how it can be identified and how can we prevent it by discussing various preventive techniques and its effectiveness. This paper will also help to create awareness to the people about this attac

Evaluating the Impacts of Detecting X.509 Covert Channels

This quasi-experimental before-and-after study examined the performance impacts of detecting X.509 covert channels in the Suricata intrusion detection system. Relevant literature and previous studies surrounding covert channels and covert channel detection, X.509 certificates, and intrusion detection system performance were evaluated. This study used Jason Reaves’ X.509 covert channel proof of concept code to generate malicious network traffic for detection (2018). Various detection rules for intrusion detection systems were created to aid in the detection of the X.509 covert channel. The central processing unit (CPU) and memory utilization impacts that each rule had on the intrusion detection system was studied and analyzed. Statistically significant figures found that the rules do have an impact on the performance of the system, some more than others. Finally, pathways towards future related research in creating efficient covert channel detection mechanisms were identified

Prevalent Network Threats and Telecommunication Security Challenges and Countermeasures in VoIP Networks

Due to the recent global popularity gained by VoIP network while many organisations/industries are employing it for their voice communication needs, optimal security assurance has to be provided to guarantee security of their data/information against present day teeming security threats and attacks prevalent in IP-based networks. This research paper has critically investigated and analysed most of the security challenges associated with VoIP systems and traditional IP data networks; and has proposed several defence measures which if designed and implemented will prevent most (if not all) of the security threats plaguing these networks. Keywords: Network security, VoIP, Computer attack, Security threats, SIP, H.323, Defence measures, IPSec

Security challenges and solutions for e-business

The advantages of economic growth and increasing ease of operation afforded by e-business and e-commerce developments are unfortunately matched by growth in cyber attacks. This paper outlines the common attacks faced by e-business and describes the defenses that can be used against them. It also reviews the development of newer security defense methods. These are: (1) biometrics for authentication; parallel processing to increase power and speed of defenses; (2) data mining and machine learning to identify attacks; (3) peer-to-peer security using blockchains; 4) enterprise security modelling and security as a service; and (5) user education and engagement. The review finds overall that one of the most prevalent dangers is social engineering in the form of phishing attacks. Recommended counteractions include education and training, and the development of new machine learning and data sharing approaches so that attacks can be quickly discovered and mitigated

AN OVERVIEW ON CYBER ATTACKS AND ITS TYPES FOR ENHANCING DATA SECURITY IN BUSINESS WORLD

For sensitive data of organizations there is a compelling need of ensuring privacy in several aspects and to inculcate protective measures in systems especially in various high-tech firms. Cyber-attacks are a wide form of threat confronted globally on the web by several users on daily basis. These attacks are fundamentally used to challenge system security of others, there are likewise some moral programmers who get into other people frameworks to make them aware about their vulnerabilities and they also get paid in return for securing such systems. In any case, these assaults have caused a great deal of concern for businessmen. Thisresearch covers the major types of cyber-attacks that can affect the business world in an immense manner along with an overview that how these threats work and how they can be possibly prevented. As the hacking mechanisms are showing signs of increased danger in a step by step manner, our frameworks should also take preventive measures to remain safe from all sorts of latest attacks on our data that can possibly attack in various forms