Hacking and Hackers - Literature review Example

Hacking and Hackers Spotting hackers is a primary dread to the users of wireless networks right from individual users, to huge organizationsand sometimes even the government. Several researches are being conducted, focusing the hackers and threats posed by them to the information systems of various organizations. Attempts of intruders to hack networks can never be prevented therefore strengthening the network security features is the only choice. Conventional password securities can no longer withstand the exceedingly systematized attacks of hackers. In recent times biometric based authentication schemes can prove to be more effective and efficient in handling the hacking attempts of the intruders. This work gives a brief description about various types network hacking techniques, various types of biometrics that can be integrated into the network security features and the recent trends in network security involving biometrics forbattling the attacks of the network hackers. Introduction Wireless networks have become an essential part of our daily life. In recent times the uses of wireless networks had undergone a phenomenal growth and so are the attempts of hacking and network intrusions. People transmit large amounts of sensitive/private data over the networks to their desired destinations. However, with the new advancements in the field of information technology, maximizing information security has also become more and more difficult as the result of more organized intrusion attempts by hackers. A hacker is a person who makes use of advanced programming skills and techniques to break illegally into any specific computer system in order to expose the security flaws (Ciampa, 2009). Although many significant measures have been taken to make information security and wireless security reliable, none has proved able to provide complete protection to the wireless and computer networks. In such conditions, it is essential to design a reliable security system that can minimize the risk of unauthorized use of information. This paper will describe in detail why protecting the network system from the attack of hackers is still a challenging task under research, despite various technological developments? (Ciampa, 2009), what are the various techniques used to hack a network? (Ciampa, 2009), what is biometric authentication? (Mudholkar, Shende, and Sarode, 2012),and how incorporating biometric authenticationcan be helpful in strengthening a network’s security system? (Li, et.al, 2011). Literature review The use of wireless networks and internet has become inseparable in our day to day life. With their proliferative usage, occurrences of lucrative data theft, embarrassing disclosure of personal information,revelation of sensitive data, destruction of vital servers, andothers have been hitting the headlines more often. Hackers have become incredibly smarter yet they are not invincible masterminds. They can be conquered by defeating them at their own game for which extensive knowledge about cyber security is very much essential.Libicki, Senty, and Pollak (2014) lay emphasis on the need for well-equipped cyber security professionals to combat the attacks of network intruders.The role of cyber security professionals is very indispensable for any government to ensure national and homeland security (Libicki, Senty, and Pollak, 2014). Ciampa(2009) gives a detailed note of the various network vulnerabilities and attacks posed by hackers and why counteracting them is very difficult. Mudholkar,Shende, and Sarode (2012) give a detail description of various biometric schemes that can be incorporated into the network security features to effective fight back the hackers. Li and Hwang (2010) have proposed an efficient biometric authentication scheme using smartcards. It is a mutual authentication scheme between the remote user and the server which uses random numbers instead of time stamps thus very much efficient in managing replay attacks (Li and Hwang, 2010). This work had certain deficiencies which were overcome in the work of Li, et al., (2011). This paper mitigates the insecure channel deficits by making use of a much more refined biometric scheme. Thus recent researches on network security prove that biometric authentication schemes can be more competent in preventing the attacks posed by the hackers. Methodology This paper was formulated by conducting in-depth research on the threats posed by hackers who intrude into the information systems making use of the security loop wholes available in the network infrastructure of a particular organization or government. For this purpose several sources including journals,books and websites were analyzed. Analyzing the above mentioned sources gave a clear understanding about the different kinds of security attacks and how they could be resisted by integrating biometrics into the network security infrastructure. Results Despite various technological advancements in the field of network security, securing the data in the information system remains a great challenge to the cyber security professionals(Ciampa, 2009). This is very evident from the fact that newer attacks are being introduced to the information systems by the hackers every day for which guarding software being developed and launched by cyber security professionals. Defending against these attacks is always challenging and difficult due to the following reasons. These attacks are being launched by hackers in an unbelievably speedy manner. Hackers have become expertise in launching more sophisticated attacks which are very difficult to resolve. Hackers have become more knowledgeable in identifying and exploiting the network vulnerabilities. The difficulty in resolving the attacks naturally causes delay in the patch up of hardware and software products. The other major reason is most attacks are now being distributed attacks instead of being originating from a single source and in many circumstances the legitimate users are unaware of the attack that is being taking place(Ciampa, 2009). Next the nature of different kinds of network hacking techniques had to be known in order to develop appropriate solutions. Network attacks may be broadly classified under four major categories. They are denial of service, man-in-the-middle attack, spoofing and replay attacks(Ciampa, 2009). Denial of service attacks, aim at obstructing the network resources from availability to the genuine users. So that genuine users have to face a very large time delay and sometimes their requests are completely rejected. For this purpose, hackers use zombies to flood the network resources with fake requests(Ciampa, 2009). Man-in-the-middle attack is a kind of network hacking in which a hacker invades the communication channel between two network entities. This attack may be either passive or active. In a passive attack, the attacker just intercepts the communication channel and eavesdrop the communication. In an active attack, the hacker intercepts the actual communication and counterfeits fictitious messages to the legitimate communicating entities(Ciampa, 2009).Spoofing is a kind of attack in which the hacker impersonates to be another user by presenting manipulated false identity. The attacker may pretend to be a legitimate user or a trusted server by spoofing his/her address(Ciampa, 2009). Replay attack is similar to man in the middle attack but the captured message is saved and used in future. This kind of attack may involve capturing log in ids and passwords of legitimate users and using them to get access to unauthorized servers(Ciampa, 2009). For preventing and identifying these kinds of attacks, intrusion detection systems are being developed. Recent researches focus on biometric based authentication schemes that help in successful prevention and detection of the hacking attempts of the network intruders. Biometric authentication scheme involves measuring and using distinct biological features of human beings to distinguish them from one another while they seek permission to access any network entity(Mudholkar, Shende, and Sarode, 2012).Biometric authentication schemes may be classified into two types, physiology based schemes and behavior based schemes. Physiology based biometric authentication scheme involves face recognition, fingerprint recognition, iris analysis, hand geometry analysis, and others. Behaviorbased biometric authentication scheme involves voice identification, keystroke identification, signature identification, and others(Mudholkar, Shende, and Sarode, 2012). Recent researches have resulted in most advanced authentication schemes that may integrate biometric information of the users along with passwords on to smart cards that may make the communication process over an insecure channel much safer and can resist the attacks posed by the hackers.These schemes result in low computational cost along with features like password compatibility, mutual authentication, non-repudiation functionality, and others (Li, et al., 2011). These schemes also do not need any synchronized clock information for communication. Instead they use random numbers for this purpose, which is more secure. Analysis and discussion Challenges encountered by the cyber security professionals seem to have undergone a steep rise because the severity and sophistication of the network hacking methodology has also undergone a similar rise. Very primitive one is password guessing followed by self-replicating code, password cracking, exploiting the known vulnerabilities, disabling audits, hijacking sessions, sweepers, sniffers, stealth diagnostics, packet spoofing, hacking tools with graphical user interface, and many more (Ciampa, 2009). At the same time, unfortunately the required knowledge of the attackers seems to have undergone a steep fall. There is also severe shortage of trained cyber security professionals to combat against the network hackers (Libicki, Senty, and Pollak, 2014). So analyzing the above issue, we have attained our first objective of understanding why protecting the network system from the attack of hackers is still a challenging task under research, despite various technological developments. Different types of hacking methods like denial of service, man-in-the-middle attack, spoofing and replays were discussed earlier. Whatever be the type of attack, they exhibit certain common characteristics mentioned below.Probing the network information through password guessing, port scanning, ping sweeping, and others (Ciampa,2009). Penetrating the existing defense mechanism of the networkby sending malicious email attachments, Trojan horses, and others(Ciampa,2009). Modifying the existing set up and security settings, by creating new documents, registering trap doors, and others(Ciampa,2009). Spreading the infection to other systems by emailing malicious software to all the addresses in the address book and through file transfer protocols(Ciampa,2009). Paralyzing the devices connected to the network and sometimes the entire network by crashing the servers and deleting important files(Ciampa,2009). Thus we have understood about the various network hacking methodologies and their characteristics. To resist the attempts of the hackers several network defense mechanism are being developed in recent times, among which biometric authentication schemes prove to be advantageous and effective in detecting and preventing the hacking attempts of the network intruders. Physiological and behavioral biometric techniques can be used to identify a legitimate user and authenticate him/her to access the network resources(Mudholkar, Shende, and Sarode, 2012). Also biometric authentication schemes have several advantages compared to conventional schemes which are prone to be lost, duplicated or stolen. Like other password schemes they need not be memorized and they have additional benefits of reliability, accuracy, fast and easy access(Mudholkar, Shende, and Sarode, 2012). Thus we have understood what a biometric authentication scheme is and how it is beneficial compared to conventional authentication schemes. Recent researches combine the biometric verification process and cryptographic techniques and have introduced smart card based authentication schemes. These schemes result in low computational cost (Li and Hwang, 2010). The registration phase, login phase, and authentication phase arecapable of providing a mutual authentication between the user and the server, at the same time resisting replay attacks. These schemes had certain faults like their inability to resist the man-in-the-middle attacks and impersonation attacks(Li and Hwang, 2010). Rigorous researches are going on in order to overcome the security flaws of these schemes. A more recent work proposes the concept of session key agreement which can effectively remove the above mentioned security flaws (Li, et al., 2011). This method proves be more secure, reliable, accurate, and cost effective. Thus we have understood the role of biometric authentication in strengthening the security system of a network to survive and resist the attacks posed by the network hackers. Conclusion The enormous increase in volume and sophistication of network security attacks and vulnerabilities, demands huge attention in monitoring and securing the information systems of various organizations. The internet infrastructure itself provides loop holes for hackers to intrude. Hence proper knowledge about the hacking methods can alone allow the appropriate and relevant security scheme to emerge. Thus this paper describes in detail the various challenges involved in securing a network against the various types of hacking, the basic concepts of biometric authentication schemes and their effectiveness in resisting the attempts of hacking posed by the network hackers. Works cited Ciampa, Mark. “Security+ Guide to Network Security Fundamentals.” CengageBrain, 2009. Web. 08 Mar 2015. http://www.cengage.com/search/productOverview.do?N=16+4294966150+4294960352&Ntk=P_EPI&Ntt=2054934996177056448014159782001064467224&Ntx=mode%2Bmatchallpartial Libicki, Martin.C, Senty, David, &Pollak, Julia.“Hackers Wanted: What Others Have Observed.”RAND Corporation,2014. Web. 08 Mar 2015. http://www.rand.org/content/dam/rand/pubs/research_reports/RR400/RR430/RAND_RR430.pdf Li, Chun-Ta and Hwang Min - Shiang.”An efficient biometrics-based remote user authentication scheme using smart cards.” Journal of network and computer applications,Vol.33, Issue1, Jan 2010. Web. 08 Mar, 2015. www.elsevier.com/locate/jnca Li,Xiong,Niu,Jian-Wei, Ma,Jian, Wang,Wen-Dong, and Liu, Cheng-Lian. “Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards.”Journal of Network and Computer Applications, Vol. 34, Issue 1, 31 Jan 2011. Web. 08 Mar, 2015. http://scholar.google.com/citations?view_op=view_citation&hl=en&user=oRaABLcAAAAJ&citation_for_view=oRaABLcAAAAJ:J_g5lzvAfSwC Mudholkar, Smita S., Shende, Pradnya M., and Sarode, Milind V. “Biometrics authentication techniques for intrusion detection systems using finger print recognition.” International Journal of Computer Science, Engineering and Information Technology (IJCSEIT), Vol.2, No.1, Feb 2012. Web. 08 Mar, 2015. http://airccse.org/journal/ijcseit/papers/2112ijcseit06.pdf Read More