Information Security Technologies: Encryption, Networks
VerifiedAdded on 2020/03/01
|14
|3537
|42
Report
AI Summary
This report provides an overview of information security technologies, focusing on encryption methods, secure networks, access control, and firewalls. It begins by explaining the concept of encryption, differentiating between symmetric and asymmetric encryption, and briefly touching upon hashing. The report then delves into secure networks, discussing denial-of-service (DoS) attacks and recommended prevention methods, including the use of routers, firewalls, over-provisioning, and server hardening. The next section addresses access control, outlining rules for working in secure areas, including physical security measures, device restrictions, and the use of discretionary access control. Finally, the report examines firewalls, specifically deep packet inspection and packet stream analysis, highlighting their roles in network security. The report emphasizes the importance of these technologies in protecting sensitive data and maintaining network integrity.
Running head: INFORMATION SECURITY TECHNOLOGIES
Information Security Technologies
Name of the Student
Name of the University
Author Note
Information Security Technologies
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
INFORMATION SECURITY TECHNOLOGIES
Table of Contents
1. Topic 3 Encryption..........................................................................................................2
1.1. Symmetric Encryption..............................................................................................2
1.2. Asymmetric or public key Encryption......................................................................3
1.3. Hashing.....................................................................................................................3
2. Topic 4 Secure Networks.................................................................................................4
3. Topic 5 Access Control...................................................................................................6
4. Topic 6 Firewalls.............................................................................................................8
4.1. Deep Packet Inspection.............................................................................................8
4.2. Packet Stream Analysis............................................................................................9
5. References......................................................................................................................11
INFORMATION SECURITY TECHNOLOGIES
Table of Contents
1. Topic 3 Encryption..........................................................................................................2
1.1. Symmetric Encryption..............................................................................................2
1.2. Asymmetric or public key Encryption......................................................................3
1.3. Hashing.....................................................................................................................3
2. Topic 4 Secure Networks.................................................................................................4
3. Topic 5 Access Control...................................................................................................6
4. Topic 6 Firewalls.............................................................................................................8
4.1. Deep Packet Inspection.............................................................................................8
4.2. Packet Stream Analysis............................................................................................9
5. References......................................................................................................................11
2
INFORMATION SECURITY TECHNOLOGIES
1. Topic 3 Encryption
Encryption is a process of data protection by converting the data into a code that can be
only accessed by the authorized user. Encryption prevents the unauthorized use or access of data
or information. Encryption is one of the most effective methods of achieving data security
(Goshwe, 2013). In order to access an encrypted file, one must obtain the security key or
passwords that will be enable them to decrypt the file. The unencrypted text before the process of
encryption is termed as plain text while the encrypted data in termed as cipher text. The process
of encryption mainly uses an algorithm to encrypt or transfer the information into a cipher text.
This method is used to protect sensitive data such as credit or debit card number by encoding and
transferring it into cipher text (Shinge & Patil, 2014). Encryption ensures trusted delivery of
sensitive information. There are mainly two main types of encryption namely symmetric
encryption and asymmetric or public key encryption.
1.1. Symmetric Encryption
Symmetric key encryption is a more secure method of encryption as it uses a common
secret key for both encryption and decryption. The data of each key is self-encrypted for
additional protection. The algorithm related to the encryption is Data Encryption Standard or
DES, which uses 56- bit encryption. However, the Advanced Encryption Standard or AES that
uses 128-bit or a 256-bit key encryption is considered as more reliable (Agrawal & Mishra,
2012). Symmetric key encryption is simpler and faster as it uses only one key. The major
drawback of this method of encryption is that only a private key is needed in both encryption and
decryption and if this key is lost, the receiver can never decrypt the information. Another
INFORMATION SECURITY TECHNOLOGIES
1. Topic 3 Encryption
Encryption is a process of data protection by converting the data into a code that can be
only accessed by the authorized user. Encryption prevents the unauthorized use or access of data
or information. Encryption is one of the most effective methods of achieving data security
(Goshwe, 2013). In order to access an encrypted file, one must obtain the security key or
passwords that will be enable them to decrypt the file. The unencrypted text before the process of
encryption is termed as plain text while the encrypted data in termed as cipher text. The process
of encryption mainly uses an algorithm to encrypt or transfer the information into a cipher text.
This method is used to protect sensitive data such as credit or debit card number by encoding and
transferring it into cipher text (Shinge & Patil, 2014). Encryption ensures trusted delivery of
sensitive information. There are mainly two main types of encryption namely symmetric
encryption and asymmetric or public key encryption.
1.1. Symmetric Encryption
Symmetric key encryption is a more secure method of encryption as it uses a common
secret key for both encryption and decryption. The data of each key is self-encrypted for
additional protection. The algorithm related to the encryption is Data Encryption Standard or
DES, which uses 56- bit encryption. However, the Advanced Encryption Standard or AES that
uses 128-bit or a 256-bit key encryption is considered as more reliable (Agrawal & Mishra,
2012). Symmetric key encryption is simpler and faster as it uses only one key. The major
drawback of this method of encryption is that only a private key is needed in both encryption and
decryption and if this key is lost, the receiver can never decrypt the information. Another
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
INFORMATION SECURITY TECHNOLOGIES
obligation of this system is that the sender and receiver must exchange the key in a secure
manner.
1.2. Asymmetric or public key Encryption
Asymmetric or public key encryption needs two different keys (public and private) in
order to encrypt and decrypt data. The key that can be shared with everyone and generally used
for encryption. The key that is kept secret and used for decryption is called private key
(Thambiraja, Ramesh & Umarani, 2012). Both the keys can be employed for encryption or
decryption. This type of encryption is generally seen in web browsers to ensure a secure
connection and also in digital signature (Hoffman, 2012).
1.3. Hashing
Hashing is the transference of a string value into a smaller or shorter value of fixed length
that represents the original string. This technique is majorly used in database in indexing and to
retrieve the items or values present in that particular database. This is mainly done as it is faster
to search and find items using a shorter hashed key instead of using the original value. It is one
of the major encryption techniques as well, that hides the real value of an arbitrary sized data or
string and transforms it into a fixed sized value.
Symmetric and asymmetric key encryption is generally used for authentication and
maintaining the confidentiality of data. The asymmetric key encryption is mainly used in digital
signatures attached with electronic documents that verify the authentication of the sender. In
symmetric key encryption, the sender share a unique key with the receiver, which the receiver
uses to decrypt the data send. Therefore, the receiver or the user who have access to the private
INFORMATION SECURITY TECHNOLOGIES
obligation of this system is that the sender and receiver must exchange the key in a secure
manner.
1.2. Asymmetric or public key Encryption
Asymmetric or public key encryption needs two different keys (public and private) in
order to encrypt and decrypt data. The key that can be shared with everyone and generally used
for encryption. The key that is kept secret and used for decryption is called private key
(Thambiraja, Ramesh & Umarani, 2012). Both the keys can be employed for encryption or
decryption. This type of encryption is generally seen in web browsers to ensure a secure
connection and also in digital signature (Hoffman, 2012).
1.3. Hashing
Hashing is the transference of a string value into a smaller or shorter value of fixed length
that represents the original string. This technique is majorly used in database in indexing and to
retrieve the items or values present in that particular database. This is mainly done as it is faster
to search and find items using a shorter hashed key instead of using the original value. It is one
of the major encryption techniques as well, that hides the real value of an arbitrary sized data or
string and transforms it into a fixed sized value.
Symmetric and asymmetric key encryption is generally used for authentication and
maintaining the confidentiality of data. The asymmetric key encryption is mainly used in digital
signatures attached with electronic documents that verify the authentication of the sender. In
symmetric key encryption, the sender share a unique key with the receiver, which the receiver
uses to decrypt the data send. Therefore, the receiver or the user who have access to the private
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
INFORMATION SECURITY TECHNOLOGIES
key can read or access the data. Thus, it maintains the confidentiality of the data as only the
sender and receiver is able to access the data.
2. Topic 4 Secure Networks
Denial of service attack or DoS attack is a cyber attack where the attacker aims to make a
network or system resources unavailable for the legitimate users by disrupting the services of the
host connected with internet indefinitely (Gunasekhar et al., 2014). This is done by flooding the
network with excessive unwanted messages asking the network or the server to authenticate the
requests that generally have invalid return addresses. Thus, it becomes difficult for the legitimate
users to access the network. Dos attacks may crash a server thus leading to the wastage of time
and money. Denial of Service attack is dangerous in sense it can paralyze even a well-structured
network for days, freezing all the online services of the company (Liu, Liu & Saddik, 2013).
The recommended ways to prevent the denial of service attack are as follows-
1) Installation of routers and firewalls along with DoS mitigation appliances- Routers can
be well configured to prevent the ping attacks by filtering the invalid IP addresses and non
essential protocols. Routers can however prove to be ineffective against a sophisticated spoofed
attack. Firewalls are capable of shutting down a targeted flow related to an attack. DoS
mitigation appliances can be used for load balancing. Proper server configuration is essential to
minimize the effect of Dos attack. An administrator can limit the resources, an application can
use and how it will respond to the requests. This will prevent the allowance of the invalid
requests into the server thus preventing the Dos attack (Gupta, Joshi & Misra, 2012).
2) Over provisioning- this is another recommended way to handle DoS attack. Over
provisioning refers to allocating excess bandwidth or redundant network devices in order to
INFORMATION SECURITY TECHNOLOGIES
key can read or access the data. Thus, it maintains the confidentiality of the data as only the
sender and receiver is able to access the data.
2. Topic 4 Secure Networks
Denial of service attack or DoS attack is a cyber attack where the attacker aims to make a
network or system resources unavailable for the legitimate users by disrupting the services of the
host connected with internet indefinitely (Gunasekhar et al., 2014). This is done by flooding the
network with excessive unwanted messages asking the network or the server to authenticate the
requests that generally have invalid return addresses. Thus, it becomes difficult for the legitimate
users to access the network. Dos attacks may crash a server thus leading to the wastage of time
and money. Denial of Service attack is dangerous in sense it can paralyze even a well-structured
network for days, freezing all the online services of the company (Liu, Liu & Saddik, 2013).
The recommended ways to prevent the denial of service attack are as follows-
1) Installation of routers and firewalls along with DoS mitigation appliances- Routers can
be well configured to prevent the ping attacks by filtering the invalid IP addresses and non
essential protocols. Routers can however prove to be ineffective against a sophisticated spoofed
attack. Firewalls are capable of shutting down a targeted flow related to an attack. DoS
mitigation appliances can be used for load balancing. Proper server configuration is essential to
minimize the effect of Dos attack. An administrator can limit the resources, an application can
use and how it will respond to the requests. This will prevent the allowance of the invalid
requests into the server thus preventing the Dos attack (Gupta, Joshi & Misra, 2012).
2) Over provisioning- this is another recommended way to handle DoS attack. Over
provisioning refers to allocating excess bandwidth or redundant network devices in order to
5
INFORMATION SECURITY TECHNOLOGIES
handle DoS attacks in the system. The advantage of buying an outsourced provider of service is
that the extra bandwidth can be bought when the company needs it rather than making an
expensive capital investment of buying the redundant networks interface and devices. A
company however, has no idea that a DoS attack is coming and hence the company needs to acts
as quickly as possible in this approach. The primary aim of any DoS attack is o consume the
internet bandwidth and hence a well structured and equipped managed hosting provider is to be
selected for preventing the attack. These equipments are fixed in front of the normal servers and
are programmed to detect and filter out the malicious traffic (Hashmi, Saxena & Saini, 2012).
These systems are needed to be updated constantly by the operations team in order to remain up
to date with the latest threats. The only disadvantage of this system is that, it cannot handle the
volumetric attacks and becomes incapable when the attack exceeds the network capacity.
Cloud Mitigation provider is an effective over provisioning method. The cloud mitigation
providers are expert in delivering DoS mitigation in cloud. Cloud mitigation providers have
developed massive amounts of network bandwidth and capacity of mitigation over multiple sites
round the internet. It can take up any sort of network traffic and filter the traffic to send only the
validated traffic into the destination. The network security engineers who monitor the latest
DDoS tactics for better protection manage this (Deshmukh & Devadkar, 2015).
3) Server hardening is another recommended but less used method of controlling the DoS
attack. It deals with hardening of IP Tables to permit only those traffic that is expected by the
company. It also configures server in such a way that it is capable of auto recover on occasion of
system failure. It makes the server more resilient of the requests thus preventing the DoS attacks
(Sharma, Singh & Singh, 2013).
INFORMATION SECURITY TECHNOLOGIES
handle DoS attacks in the system. The advantage of buying an outsourced provider of service is
that the extra bandwidth can be bought when the company needs it rather than making an
expensive capital investment of buying the redundant networks interface and devices. A
company however, has no idea that a DoS attack is coming and hence the company needs to acts
as quickly as possible in this approach. The primary aim of any DoS attack is o consume the
internet bandwidth and hence a well structured and equipped managed hosting provider is to be
selected for preventing the attack. These equipments are fixed in front of the normal servers and
are programmed to detect and filter out the malicious traffic (Hashmi, Saxena & Saini, 2012).
These systems are needed to be updated constantly by the operations team in order to remain up
to date with the latest threats. The only disadvantage of this system is that, it cannot handle the
volumetric attacks and becomes incapable when the attack exceeds the network capacity.
Cloud Mitigation provider is an effective over provisioning method. The cloud mitigation
providers are expert in delivering DoS mitigation in cloud. Cloud mitigation providers have
developed massive amounts of network bandwidth and capacity of mitigation over multiple sites
round the internet. It can take up any sort of network traffic and filter the traffic to send only the
validated traffic into the destination. The network security engineers who monitor the latest
DDoS tactics for better protection manage this (Deshmukh & Devadkar, 2015).
3) Server hardening is another recommended but less used method of controlling the DoS
attack. It deals with hardening of IP Tables to permit only those traffic that is expected by the
company. It also configures server in such a way that it is capable of auto recover on occasion of
system failure. It makes the server more resilient of the requests thus preventing the DoS attacks
(Sharma, Singh & Singh, 2013).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
INFORMATION SECURITY TECHNOLOGIES
3. Topic 5 Access Control
Working in secure areas is ensured to prevent unauthorized access or damage to the
confidential information of the organization. This is done by protecting and defining the security
perimeters with appropriate security barriers and entry control. The rules listed for protection
includes commensuration of the identified risk (Peltier, 2016).
The rules for working in secure areas are listed below-
1) Unsupervised work in secure areas should be avoided to the best and when no one is
working in the security area, the area should be locked and checked periodically.
2) Electronic devices capable of recording or copying mass amounts of information
should be forbidden in the secure areas for example, Smartphone, camera, USB, laptops and
similar devices.
3) The security perimeters should be clearly defined and the strength of each perimeter
depends on the security requirement of the assets within the perimeter. The security perimeter or
barrier includes card controlled entry doors, walls or manned reception desks to protect the
secure areas from unauthorized access. The access to those areas of the organization will be
restricted to authorized personnel only. Moreover, the areas should be equipped with suitable
intruder detection system. This system should be regularly checked and tested to ensure that they
are in perfect working condition.
4) Inspections of personnel entering or leaving the secure areas should follow strict
notification and compliance. The entry and departure of the employee and the visitors are
INFORMATION SECURITY TECHNOLOGIES
3. Topic 5 Access Control
Working in secure areas is ensured to prevent unauthorized access or damage to the
confidential information of the organization. This is done by protecting and defining the security
perimeters with appropriate security barriers and entry control. The rules listed for protection
includes commensuration of the identified risk (Peltier, 2016).
The rules for working in secure areas are listed below-
1) Unsupervised work in secure areas should be avoided to the best and when no one is
working in the security area, the area should be locked and checked periodically.
2) Electronic devices capable of recording or copying mass amounts of information
should be forbidden in the secure areas for example, Smartphone, camera, USB, laptops and
similar devices.
3) The security perimeters should be clearly defined and the strength of each perimeter
depends on the security requirement of the assets within the perimeter. The security perimeter or
barrier includes card controlled entry doors, walls or manned reception desks to protect the
secure areas from unauthorized access. The access to those areas of the organization will be
restricted to authorized personnel only. Moreover, the areas should be equipped with suitable
intruder detection system. This system should be regularly checked and tested to ensure that they
are in perfect working condition.
4) Inspections of personnel entering or leaving the secure areas should follow strict
notification and compliance. The entry and departure of the employee and the visitors are
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
INFORMATION SECURITY TECHNOLOGIES
recorded on the visitor access log and they are to be granted access to the protected areas or
organizations’ information only for specific and authorized purposes. Furthermore, authorization
controls are to be used to authorize and validate their access.
5) Discretionary access control can be used for working in secure areas. In this method,
the owner of the resource gives access rights to the other users according to his discretion.
6) The server room should be locked and should allow only authorized person to enter to
ensure that the security of the protected areas are not tampered with. Setting up a proper
surveillance is necessary for working in secure areas. A video surveillance camera should be
installed to supplement other rules of working in secure areas (Chen et al., 2012).
7) The backup of the sensitive data should be properly stored to prevent unauthorized
access. The backup files should be password protected to prevent unauthorized access. Or else,
the backup file may be kept offsite to prevent intruders’ access.
Trash bins can act as an important source information and thus it is needed to be
protected in order to prevent data loss. Trash bins are protected by ensuring that no confidential
information is discarded into the trash bin. The wastes in the trash bin are properly disposed to
prevent data theft. Moreover before disposing the contents of the trash bin, it is to be ensured that
it does not contain any sensitive information or information that can be misused.
In order to reduce the danger s of desktop PC theft, the individual desktop Pcs present in
the office premises can be locked onto their desks with a cable. In order to reduce the danger of
unauthorized use, it has to be ensured that every PC has a login screen with a complex password
so that no intruder can use it easily. The password should be strong and un-common so that the
intruder has little room for guessing the password and accessing the PC. The laptops however
INFORMATION SECURITY TECHNOLOGIES
recorded on the visitor access log and they are to be granted access to the protected areas or
organizations’ information only for specific and authorized purposes. Furthermore, authorization
controls are to be used to authorize and validate their access.
5) Discretionary access control can be used for working in secure areas. In this method,
the owner of the resource gives access rights to the other users according to his discretion.
6) The server room should be locked and should allow only authorized person to enter to
ensure that the security of the protected areas are not tampered with. Setting up a proper
surveillance is necessary for working in secure areas. A video surveillance camera should be
installed to supplement other rules of working in secure areas (Chen et al., 2012).
7) The backup of the sensitive data should be properly stored to prevent unauthorized
access. The backup files should be password protected to prevent unauthorized access. Or else,
the backup file may be kept offsite to prevent intruders’ access.
Trash bins can act as an important source information and thus it is needed to be
protected in order to prevent data loss. Trash bins are protected by ensuring that no confidential
information is discarded into the trash bin. The wastes in the trash bin are properly disposed to
prevent data theft. Moreover before disposing the contents of the trash bin, it is to be ensured that
it does not contain any sensitive information or information that can be misused.
In order to reduce the danger s of desktop PC theft, the individual desktop Pcs present in
the office premises can be locked onto their desks with a cable. In order to reduce the danger of
unauthorized use, it has to be ensured that every PC has a login screen with a complex password
so that no intruder can use it easily. The password should be strong and un-common so that the
intruder has little room for guessing the password and accessing the PC. The laptops however
8
INFORMATION SECURITY TECHNOLOGIES
can make use of the fingerprint authentication or face scanning security options to keep secured
and prevent it from unauthorized access (Jain & Nandakumar, 2012).
4. Topic 6 Firewalls
4.1. Deep Packet Inspection
Deep packet inspection is an effective way of packet filtering, which functions in the
application layer of the OSI reference model. Deep packet inspection renders it possible to
identify, classify and block certain packets with specific data that the convectional packet
filtering cannot detect. DPI is generally used to allocate resources and streamline the flow of
traffic. A high priority packet is routed to its destination ahead of less priority packets. DPI
improves the network performance by preventing the peer-to-peer abuse. The security
implication of DPI is widespread as it helps in identifying the originator of a specific packet
(Bremler-Barr et al., 2014). It is process intensive as it uses data parallel approach to process
large volumes of data. Deep packet works by inspecting the data part of the packet as it passes
the point of inspection. It generally un-hides the presence of non compliance, viruses, spam and
intrusion. Deep packet inspection helps in advanced network management and operation of
security functions such as data mining. DPI is widely used by the telecommunication provides. It
is important particularly because it mixes the objectives of intrusion detection system as well as
intrusion prevention system with the help of a state-full firewall. This combination makes it
possible to detect a number of attacks. DPI is used to overcome the buffer overflow attacks,
denial of service attacks and illegal intrusion into the system. DPI is often capable of monitoring
the layers 2 to 7 of OSI model. DPI can also be used against net neutrality (Thinh, Hieu &
Kittitornkun, 2012).
INFORMATION SECURITY TECHNOLOGIES
can make use of the fingerprint authentication or face scanning security options to keep secured
and prevent it from unauthorized access (Jain & Nandakumar, 2012).
4. Topic 6 Firewalls
4.1. Deep Packet Inspection
Deep packet inspection is an effective way of packet filtering, which functions in the
application layer of the OSI reference model. Deep packet inspection renders it possible to
identify, classify and block certain packets with specific data that the convectional packet
filtering cannot detect. DPI is generally used to allocate resources and streamline the flow of
traffic. A high priority packet is routed to its destination ahead of less priority packets. DPI
improves the network performance by preventing the peer-to-peer abuse. The security
implication of DPI is widespread as it helps in identifying the originator of a specific packet
(Bremler-Barr et al., 2014). It is process intensive as it uses data parallel approach to process
large volumes of data. Deep packet works by inspecting the data part of the packet as it passes
the point of inspection. It generally un-hides the presence of non compliance, viruses, spam and
intrusion. Deep packet inspection helps in advanced network management and operation of
security functions such as data mining. DPI is widely used by the telecommunication provides. It
is important particularly because it mixes the objectives of intrusion detection system as well as
intrusion prevention system with the help of a state-full firewall. This combination makes it
possible to detect a number of attacks. DPI is used to overcome the buffer overflow attacks,
denial of service attacks and illegal intrusion into the system. DPI is often capable of monitoring
the layers 2 to 7 of OSI model. DPI can also be used against net neutrality (Thinh, Hieu &
Kittitornkun, 2012).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
INFORMATION SECURITY TECHNOLOGIES
This is significant because it inspects all the fields in packet including the IP header, TCP
or UDP header and the message of the application. Certain attacks cannot be prevented if the
firewall only looks at the application content.
Deep packet inspection is processing intensive as it looks at all the fields of the packet
and takes more time as well as processing power.
4.2. Packet Stream Analysis
Packet stream analysis intercepts and logs the traffic passing over a digital network. As
the data in passed through the system or a network, a sniffer captures the contents of every
packet and decodes the raw data present in the packet. It supervises and analyzes the content of
the packets according to the set objectives or specifications. Packet stream analysis requires
different IDS to maintain and compare a number of packets, which are examined to determine
whether an attack is taking place into the system or not (Rueppel, 2012). This results in placing a
heavy load of processing on the IDS. This effective filtering technique scans a series of packets
at a time to determine the probability of an attack. Ids are important because they identify
suspicious rackets that may be a cause of harm or a part of a probable attack. Packet stream
analysis identifies a probable attack with the help of IDs and alerts network administrators of
potential threats so that the suspicious packets can be dropped. IDs cannot drop the suspicious
packets on its own (Sanders, 2017).
Packet stream analysis is important because, only a single packet is not capable of
determining certain types of attack and therefore the need of checking of multiple packets comes
into play. It generally takes more than one packet to determine whether a network is
INFORMATION SECURITY TECHNOLOGIES
This is significant because it inspects all the fields in packet including the IP header, TCP
or UDP header and the message of the application. Certain attacks cannot be prevented if the
firewall only looks at the application content.
Deep packet inspection is processing intensive as it looks at all the fields of the packet
and takes more time as well as processing power.
4.2. Packet Stream Analysis
Packet stream analysis intercepts and logs the traffic passing over a digital network. As
the data in passed through the system or a network, a sniffer captures the contents of every
packet and decodes the raw data present in the packet. It supervises and analyzes the content of
the packets according to the set objectives or specifications. Packet stream analysis requires
different IDS to maintain and compare a number of packets, which are examined to determine
whether an attack is taking place into the system or not (Rueppel, 2012). This results in placing a
heavy load of processing on the IDS. This effective filtering technique scans a series of packets
at a time to determine the probability of an attack. Ids are important because they identify
suspicious rackets that may be a cause of harm or a part of a probable attack. Packet stream
analysis identifies a probable attack with the help of IDs and alerts network administrators of
potential threats so that the suspicious packets can be dropped. IDs cannot drop the suspicious
packets on its own (Sanders, 2017).
Packet stream analysis is important because, only a single packet is not capable of
determining certain types of attack and therefore the need of checking of multiple packets comes
into play. It generally takes more than one packet to determine whether a network is
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
INFORMATION SECURITY TECHNOLOGIES
symmetrically scanned or not, whether the TCP is half open or even a probability of denial of
service attack (Asrodia & Patel, 2012).
The packet stream analysis is processing intensive because every fields of a series of
packets are inspected. This is necessary for defining the probability of attack and thus has more
processing power (Singh, Lozano & Ott, 2013).
INFORMATION SECURITY TECHNOLOGIES
symmetrically scanned or not, whether the TCP is half open or even a probability of denial of
service attack (Asrodia & Patel, 2012).
The packet stream analysis is processing intensive because every fields of a series of
packets are inspected. This is necessary for defining the probability of attack and thus has more
processing power (Singh, Lozano & Ott, 2013).
11
INFORMATION SECURITY TECHNOLOGIES
5. References
Agrawal, M., & Mishra, P. (2012). A comparative survey on symmetric key encryption
techniques. International Journal on Computer Science and Engineering, 4(5), 877.
Asrodia, P., & Patel, H. (2012). Network traffic analysis using packet sniffer. International
journal of engineering research and applications, 2(3), 854-856.
Bremler-Barr, A., Harchol, Y., Hay, D., & Koral, Y. (2014, December). Deep packet inspection
as a service. In Proceedings of the 10th ACM International on Conference on emerging
Networking Experiments and Technologies (pp. 271-282). ACM.
Chen, C., Sun, L., Shao, Y., Hu, Z., & Shi, Q. (2012, January). Iems: An intelligent environment
monitoring system of server room. In Intelligent Computation Technology and Automation
(ICICTA), 2012 Fifth International Conference on (pp. 189-192). IEEE.
Deshmukh, R. V., & Devadkar, K. K. (2015). Understanding DDoS attack & its effect in cloud
environment. Procedia Computer Science, 49, 202-210.
Goshwe, N. Y. (2013). Data encryption and decryption using RSA Algorithm in a Network
Environment. International Journal of Computer Science and Network Security (IJCSNS), 13(7),
9.
Gunasekhar, T., Rao, K. T., Saikiran, P., & Lakshmi, P. S. (2014). A survey on denial of service
attacks.
Gupta, B. B., Joshi, R. C., & Misra, M. (2012). Distributed denial of service prevention
techniques. arXiv preprint arXiv:1208.3557.
INFORMATION SECURITY TECHNOLOGIES
5. References
Agrawal, M., & Mishra, P. (2012). A comparative survey on symmetric key encryption
techniques. International Journal on Computer Science and Engineering, 4(5), 877.
Asrodia, P., & Patel, H. (2012). Network traffic analysis using packet sniffer. International
journal of engineering research and applications, 2(3), 854-856.
Bremler-Barr, A., Harchol, Y., Hay, D., & Koral, Y. (2014, December). Deep packet inspection
as a service. In Proceedings of the 10th ACM International on Conference on emerging
Networking Experiments and Technologies (pp. 271-282). ACM.
Chen, C., Sun, L., Shao, Y., Hu, Z., & Shi, Q. (2012, January). Iems: An intelligent environment
monitoring system of server room. In Intelligent Computation Technology and Automation
(ICICTA), 2012 Fifth International Conference on (pp. 189-192). IEEE.
Deshmukh, R. V., & Devadkar, K. K. (2015). Understanding DDoS attack & its effect in cloud
environment. Procedia Computer Science, 49, 202-210.
Goshwe, N. Y. (2013). Data encryption and decryption using RSA Algorithm in a Network
Environment. International Journal of Computer Science and Network Security (IJCSNS), 13(7),
9.
Gunasekhar, T., Rao, K. T., Saikiran, P., & Lakshmi, P. S. (2014). A survey on denial of service
attacks.
Gupta, B. B., Joshi, R. C., & Misra, M. (2012). Distributed denial of service prevention
techniques. arXiv preprint arXiv:1208.3557.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.