Counter Measures of Popular Network Attacks

For the first few decades of their presence, computer networks were mainly used by university researchers for distribution of e-mail and by corporate employees for allotment of printers and other properties in all organizations including software companies in India. Under these situations, security did not get a lot of consideration. But now, as millions of people are using networks for their everyday use such as banking, shopping, and filing their tax returns, network security is approaching on the horizon as a potentially huge problem. Because all their regular activities are data sensitive means data should not be changed.

ATTACKS AND THEIR COUNTERMEASURES:

A. Mac flooding: 

MAC flooding is a technique employed to conciliation the security of network switches. Switches maintain a MAC Table that maps distinct MAC addresses on the network to the physical ports on the switch. 

Counter measures: To stop MAC flooding one of the subsequent features should be construct in switch for asp.net software companies India. 

Port security: Post security should be arranged which bounds number of MAC addresses that can be learned on ports linked to end stations. 

Implementations of IEEE 802.1X suites: It often permit packet filtering rules to be installed explicitly by an AAA server built on dynamically learned info about clients with the MAC address.

B. Session hijacking:

session hijacking, also known as cookie hijacking is the use of a valid computer session sometimes also called a session key to get unauthorized access to information or services in a computer system.  

Counter measures: There are numerous types of countermeasures which are listed underneath: 

Encryption: Banks and e-commerce services should use this method because it stops sniffing style attacks for c#.net software companies in india. Some user services make extra checks against uniqueness of the user. 

String as Session key: This stops attacker to guess valid session key over Brute Force attack. 

Reinforcing of Session ID after a Successful Login: This method stops session addiction, because attacker does not recognize the Session ID of the user after she has logged in. 

C. IP Spoofing  

IP spoofing, also known as IP address forgery or a host file hijack, is a hijacking method in which a cracker masquerades as a reliable host to conceal his identity, spoof a Web site, hijack browsers, or get access to a network. 

Counter measures: The countermeasures are given as under  

Encryption and Authentication: This technique is implemented in IP V6 that eliminates current spoofing threats for c#.net software companies India. There should be proper authentication process in place. 

Router filtering: Spoofing can be stop at router level by implementing ingress and egress filtering. Access Control List should be maintaining to allow only trusted IP to interact with your network.

D. Denial of Service Attack  

Denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its planned users, such as to temporarily or indefinitely interrupt or suspend services of a host associated to the Internet.

Counter measures: The DOS [3] attack has subsequent counter measures, 

Smurf Attack: This form of an attack includes sending Internet Control Message Protocol (ICMP) or ping requirements to numerous Internet Protocol (IP) broadcast addresses. All of these messages have a spoofed source address of the envisioned victim. The hosts getting the ICMP echo request with accepting it reply with an echo to the source address, which in this case is the objective of the attack. The weight of this attack is thus effectively increased by the number of replying hosts. If the attack took place on a multi-broadcast network there could possibly be hundreds of machineries to reply to every packet sent. 

UDP Flood: A UDP flood, also known as a fragile, is a partner to the Smurf attack. This is founded on UDP echo and character generator. It practices a forged UDP packet to join the echo service on one machine to the chargen on alternative. These two machineries then practices all accessible bandwidth, sending characters back and forth among themselves. 

SYN Flood: A SYN flood uses the TCP standard 3-way handshake protocol. The attacker starts a connect request to the server and then overlooks the acknowledgement (ACK). This forces the server to delay for the ACK from the attacker, worsening time and resources of asp dot net software companies in India. A server can process a fixed number of requests at any given time and so this form of attack can efficiently block all legitimate traffic. 

With the overview of computer network attacks and their particular countermeasures can help us in safeguarding our data and system from hackers.

Data Mining

Introduction:

      Data mining, the extraction of hidden predictive information from large databases, is a powerful new technology with great potential to help companies focus on the most important information in their data warehouses. Data mining tools predict future trends and behaviors, allowing businesses to make proactive, knowledge-driven decisions. The automated, prospective analyses offered by data mining move beyond the analyses of past events provided by retrospective tools typical of decision support systems. Data mining tools can answer business questions that traditionally were too much time consuming to resolve. They drill down databases for hidden patterns, finding predictive information that experts may miss because it lies outside their expectations. Data mining also helps for content management systems that manage the process of gathering data, transforming it into useful, actionable information, and delivering it to business users.

Benefits:

Marketing / Retail:

• Data mining helps marketing companies build models based on historical data to predict who will respond to the new marketing campaigns such as direct mail, online marketing campaign etc. 
• Through the results, marketers will have an appropriate approach to selling profitable products to targeted customers.

Finance / Banking:

• Data mining gives financial institutions information about loan information and credit reporting. 
• By building a model from historical customer’s data, the bank, and financial institution can determine good and bad loans. 
• In addition, data mining helps banks detect fraudulent credit card transactions to protect credit card’s owner.

Manufacturing:

• By applying data mining in operational engineering data, manufacturers can detect faulty equipment and determine optimal control parameters.
• Data mining has been applying to determine the ranges of control parameters that lead to the production of the golden wafer. 
• Then those optimal control parameters are used to manufacture wafers with desired quality.

Government:

• Data mining helps government agency by digging and analyzing records of the financial transaction to build patterns that can detect money laundering or criminal activities.

Challenges:

There are so many challenges faced by software development companies regarding data mining as follow:

Privacy Issues:

• The concerns about the personal privacy have been increasing enormously recently especially when the internet is booming with social networks, e-commerce, forums, blogs etc.
• Because of privacy issues, people are afraid of their personal information is collected and used in an unethical way that potentially causing them a lot of troubles. 
• Businesses collect information about their customers in many ways for understanding their purchasing behaviors trends. 
• However, businesses don’t last forever, some days they may be acquired by other or gone.
• At this time, the personal information they own probably is sold to other or leak.

Security Issues:

• Security is a big issue. Businesses own information about their employees and customers including social security number, birthday, payroll and etc. 
• However how properly this information is taken care is still in questions. 
• There have been a lot of cases that hackers accessed and stole big data of customers from the big corporation such as Ford Motor Credit Company, Sony etc. with so much personal and financial information available, the credit card stolen and identity theft become a big problem.

Misuse of information:

• Information is collected through data mining intended for the ethical purposes can be misused.
• This information may be exploited by unethical people or businesses to take benefits of vulnerable people or discriminate against a group of people.

Conclusion:

Data mining is an important part of knowledge discovery process that we can analyze an enormous set of data and get hidden and useful knowledge.  This concept is very useful to all software development companies in India.