NIT5140 - SDN Approach to Information Security: Myspace Case Study

Verified

Added on 2024/06/03

AI Summary

This case study delves into the 2016 Myspace data breach, where over 427 million user account credentials were compromised due to vulnerabilities in their database encryption. The report analyzes the reasons behind the breach, including compromised encryption security and unauthenticated network access. It proposes a software-defined networking (SDN) solution for enhanced security assessment, focusing on centralized network intelligence, secure network access, and real-time tracking of suspicious activities. The SDN approach aims to prevent future data breaches by allowing only verified users, notifying administrators of suspicious activity, and blocking malicious IP addresses. The study concludes that SDN provides a robust solution for securing social networking websites and protecting user data.

NIT5140 Information Security
Software-Defined Networking
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Introduction.................................................................................................................................................3
Case study...................................................................................................................................................4
Analysis of the case study to identify reasons for Security breach issue.....................................................4
Solution.......................................................................................................................................................5
Conclusion...................................................................................................................................................6
Reference.....................................................................................................................................................7
2

Introduction
Software-defined networking is an effective approach that is used in open protocols and cloud
computing that provides network management facilities along with the network configuration so
performance and monitoring of the network can be improved. It is also used for the security
assessment of the networks to keep the information and data safe from unauthenticated access or
data breach. Here in this report, a case study is concerned regarding Myspace which is a social
networking website. In this website, the according related information and data of the users was
stolen as some potential intruders has done data breach in this website in 2016. Due to this, a lot
of accounts are hacked and their private details are leaked online. Here in this report, software-
defined networking will be used for the security assessment of these data breach issues to
prevent these issues in future (Kreutz, et. al., 2015).
3

Case study
The database center of Myspace contains all the information and data regarding the user accounts
that caused privacy issues to the entire company. The notification of the data breach was
retrieved from a breach notification website named Leakedsource that says Myspace is hacked
and almost 427 million user account credential are hacked from this website and the encryption
of these password was compromised. According to the number of hacked account, this might be
the largest data breach performed on a social networking website. This website is also hacked
once before when some of the user accounts were hacked and their details were sold over
internet. It directly affects the privacy policy of Myspace for which a security approaches must
be applied (Perez, 2016).
The data and information breached were several years old as this data was stored in a specific
dataset. According to the report of the Leaked source website, over 360 million actives accounts
were hacked in this activity. In this data, the account password of the users was stored along with
the old passwords that are kept by the users. So there were 360 million accounts details and over
427 million passwords were hacked. This data breach was larger than the LinkedIn data breach
case so it is derived that it was the biggest data breach. So there is a higher requirement of data
security as it puts a negative impact on user’s reliability towards the social networking websites
and it can also cause higher loss to the users. There is some sensitive information stored in user
accounts that can be lost due to these activities (Rawat & Reddy, 2017).
Analysis of the case study to identify reasons for Security breach issue
The data breach issues occurred on this website was done in the database of this company. All
the information and data related to the user account and their email id was stored in the database.
This database has some basic encryption security to protect the information and data from some
potential intruders. All the information and data was stolen by getting an unauthenticated access
to the network. After getting network access, all the information was stolen from a
communication channel. The main aspect that caused the data breach was that the encryption
security of the information and data stored in the database was compromised. All the information
was decrypted and sold over the internet. After that, this company is using some automated
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

security tools to identify the malicious activities in their database and all the suspicious activities
are blocked automatically. In this analysis, some other issues are retrieved regarding the old
passwords of the users that can be used for getting access to other social networking accounts of
these users. Currently, Myspace is using various security tools that keep real-time tracking of the
suspicious activities so appropriate planning can be done regarding the data breach prevention
(Rahulamathavan, et. al., 2015).
Solution:
For the security assessment of Myspace, there are various solutions that can be used for
preventing any kind of unauthenticated access. Software-defined networking is one of the
effective solutions that can be used for increasing the security level Myspace website’s database.
In this approach, a secure network assessment is done in order to identify and block any kind of
malicious activity in the system database of the company. SDN solution is most appropriate from
the network security perspective as it allows only verified users within a network and notifies the
database administrator whenever a suspicious activity gets happened. SDN addresses the static
architecture of the networks that are decentralized and highly complex. Here, SDN uses a
centralize network intelligence in a single network component by interrupting the network packet
forwarding. In SDN, there is a control plane available that works as a brain for the SDN
networks and the entire intelligence is incorporated from here. It is a remote communication
networks so the range of this network is large that contains multiple communication channels
which is beneficial for a social networking website. An association of the SDN networks is done
with the open flow control that helps in remote networking using network paper elements as it
provides path to the network packets through network switch. The SDN approach is the best
solution for prevention of the data breach that can be implemented for security assessment
(Kolevski & Michael, 2015).
5

Conclusion:
In this report, software-defined networking is used regarding the solution of the data breach
issues in Myspace social networking website. A complete analysis of the entire case is done and
the solution is derived accordingly. The case study of Myspace is analyzed to identify the factors
that influence the security of user information. SDN is used for solving the data breach issue as it
provides remote network security that is essential in social networking websites. Now the user
accounts and their password are being kept safe with the SDN tools. As the SDN identify any
suspicious activity the network admin gets notified regarding the activity and the IP address of
that user gets blocked. Some legal actions are also to be taken towards them.
6

Reference:
 Algarni, A. M., & Malaiya, Y. K. (2016, May). A consolidated approach for estimation
of data security breach costs. In Information Management (ICIM), 2016 2nd
International Conference on (pp. 26-39). IEEE.
 Kolevski, D., & Michael, K. (2015, October). Cloud computing data breaches a socio-
technical review of literature. In Green Computing and Internet of Things (ICGCIoT),
2015 International Conference on (pp. 1486-1495). IEEE.
 Kreutz, D., Ramos, F. M., Verissimo, P. E., Rothenberg, C. E., Azodolmolky, S., &
Uhlig, S. (2015). Software-defined networking: A comprehensive survey. Proceedings of
the IEEE, 103(1), 14-76.
 Perez, S., (2016). Recently confirmed Myspace hack could be the largest yet. [Online]
techcrunch. Available at https://techcrunch.com/2016/05/31/recently-confirmed-
myspace-hack-could-be-the-largest-yet/ [Accessed on 30/5/2018]
 Rahulamathavan, Y., Rajarajan, M., Rana, O. F., Awan, M. S., Burnap, P., & Das, S. K.
(2015, November). Assessing data breach risk in cloud systems. In Cloud Computing
Technology and Science (CloudCom), 2015 IEEE 7th International Conference on (pp.
363-370). IEEE.
 Rawat, D. B., & Reddy, S. R. (2017). Software defined networking architecture, security
and energy efficiency: A survey. IEEE Communications Surveys & Tutorials, 19(1), 325-
346.
7