Ethical Hacking

  
                                                                          Back to Project List
                                     Domain Description

                     The practice of breaking into computers without malicious intent, simply to find security hazards and report them to the people responsible. An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit.

                                                                                            

1. MODELING AND AUTOMATED CONTAINMENT OF WORMS (IEEE-2008)

                                                                                                   View abstract

                 Self-propagating codes, called worms, such as Code Red, Nimda, and Slammer, have drawn significant attention due to their enormously adverse impact on the Internet. Thus, there is great interest in the research community in modeling the spread of worms and in providing adequate defense mechanisms against them. In this paper, we present a (stochastic) branching process model for characterizing the propagation of Internet worms. The model is developed for uniform scanning worms and then extended to preference scanning worms. This model leads to the development of an automatic worm containment strategy that prevents the spread of a worm beyond its early stage. Specifically, for uniform scanning worms, we are able to 1) provide a precise condition that determines whether the worm spread will eventually stop and 2) obtain the distribution of the total number of hosts that the worm infects. We then extend our results to contain preference-scanning worms. Our strategy is based on limiting the number of scans to dark-address space. The limiting value is determined by our analysis. Our automatic worm containment schemes effectively contain both uniform scanning worms and local preference scanning worms, and it is validated through simulations and real trace data to be nonintrusive. We also show that our worm strategy, when used with traditional firewalls, can be deployed incrementally to provide worm containment for the local network and benefit the Internet.

System Requirement Specification:-
DOMAIN     : TRANSACTION ON DEPENDABLE SECURE COMPUTING
SOFTWARE : Operating System: windows xp, Platform: JAVA, Protocol:UDP
HARDWARE : Processor: Pentium-IV Speed: 1.8 GHZ RAM: 512 MB HDD: 80 GB

2. CREDIT CARD FRAUD DETECTION USING HIDDEN MARKOV MODEL (IEEE-2008)

                                                                                                  View abstract

               Security has become one of the major issues for data communication over wired and wireless networks. Different from the past work on the designs of cryptography algorithms and system infrastructures, we will propose a dynamic routing algorithm that could randomize delivery paths for data transmission. The algorithm is easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol in wired networks and Destination-Sequenced Distance Vector protocol in wireless networks, without introducing extra control messages. An analytic study on the proposed algorithm is presented, and a series of simulation experiments are conducted to verify the analytic results and to show the capability of the proposed algorithm.

System Requirement Specification:-
DOMAIN     : TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
SOFTWARE : Operating System: Windows XP, Platform: DOTNET , Back End :SQL SERVER, 
                  Protocol :UDP
HARDWARE :  Processor: Pentium-IV, Speed: 1.8 GHZ , RAM: 512 MB,HDD: 80 GB

3. A NEW MODEL FOR DISSEMINATION OF XML CONTENT (IEEE-2008)

                                                                                                   View abstract

                  The paper proposes an approach to content dissemination that exploits the structural properties of an Extensible Markup Language (XML) document object model in order to provide an efficient dissemination and at the same time assuring content integrity and?confidentiality. Our approach is based on the notion of encrypted postorder numbers that support the integrity and confidentiality requirements of XML content as well as facilitate efficient identification, extraction, and distribution of selected content portions. By using such notion, we develop a structure-based routing scheme that prevents information leaks in the XML data dissemination, and assures that content is delivered to users according to the access control policies, that is, policies specifying which users can receive which portions of the contents. Our proposed dissemination approach further enhances such structure-based, policy-based routing by combining it with multicast in order to achieve high efficiency in terms of bandwidth usage and speed of data delivery, thereby enhancing scalability. Our dissemination approach thus represents an efficient and secure mechanism for use in applications such as publish-subscribe systems for XML Documents. The publish-subscribe model restricts the consumer and document source information to the routers to which they register with. Our framework facilitates dissemination of contents with varying degrees of confidentiality and integrity requirements in a mix of trusted and untrusted networks, which is prevalent in current settings across enterprise networks and the Web. Also, it does not require the routers to be aware of any security policy in the sense that the routers do not need to implement any policy related to access control.

System Requirement Specification:-
DOMAIN     : TRANSACTION ON SYSTEM MAN AND CYBERNETICS
SOFTWARE : Operating System: Windows XP, Platform: DOTNET, Protocol: UDP
HARDWARE : Processor: Pentium-IV, Speed: 1.8 GHZ , RAM: 512 MB, HDD: 80 GB

4. DNSSEC HASHED AUTHENTICATED DENIAL OF EXISTENCE PROCESS (IEEE-2008)

                                                                                                   View abstract

                 The domain name system is the global lookup service for network resources. To protect DNS information, the DNS security extensions have been developed and deployed on branches of the DNS to provide authentication and integrity protection using digital signatures. However, signed DNS nodes were found to have an unfortunate side effect: an attacker can query them as reconnaissance before attacking hosts on a particular network. There are different ways a zone administrator can minimize information leakage and still take advantage of DNSSEC for integrity and source authentication. This article describes the risk and examines the protocol and operational options and looks at their advantages and drawbacks

System Requirement Specification:-
DOMAIN    : TRANSACTION ON NETWORKING
Software   :Operating System: Windows xp, Platform: JAVA, Algorithm: SHA, Back end: MySql
HARDWARE: Processor: Pentium-IV Speed: 1.8 GHZ , RAM: 512 MB, HDD:80 GB

5. DESIGN AND IMPLEMENTATION OF DENIAL OF SERVICE ATTACKS USING THE DOMAIN ME
   SYSTEM AND FIREWALL SECURITY (IEEE)

                                                                                                   View abstract

              In the distributed denial of service (DDos) attack, attacker requests the target IP Address to the DNS server. Then he takes over many computers that have vulnerabilities in advance. Hosts that are taken over called zombie hosts (a machine which can�t protect itself from unauthorized access, like the remote system may not have firewall).
By employing many zombie hosts, attacker can send vast amount of data packet to the target host. It makes huge traffic in the host network. If the network traffic increased, the speed of the data transmission will be very less.
           There is a technique to reduce the influence of the DoS attack without disturbing the demand of the regular users by allocating the information, when DoS attack occurs, to the filtering rules. To overcome this DoS attack in network, we are implementing Filtering technique based on DNS query response and creating a Hashed value table using the IP address of source and destination machines. Firewall is employed for DoS countermeasure. By limiting packet rate at which it passes to inner network, it can protect inner network from flooding.

System Requirement Specification:-
DOMAIN      : TRANSACTION ON NETWORKING
SOFTWARE : Operating System: windows xP Platform: JAVA,DB: SQL Server
HARDWARE : Processor: Pentium-IV Speed: 1.8 GHZ RAM: 512 MB HDD: 80 GB

6. DOS PACKET FILTER USING DNS INFORMATION (IEEE)

                                                                                                   View abstract

                 This is a technique to reduce the influence of the DoS attack without disturbing the demand of the regular users by allocating the information, when DoS attack occurs, to the filtering rules.
                 To overcome this DoS attack in network, we are implementing Filtering technique based on DNS query response and creating a Hashed value table using the IP address of source and destination machines. Firewall is employed for DoS countermeasure. By limiting packet rate at which it passes to inner network, it can protect inner network from flooding.

System Requirement Specification:-
DOMAIN      : TRANSACTION ON NETWORKING
SOFTWARE : Operating System: windows xp, Platform: JAVA,Back end: :My SQL
HARDWARE : Processor: Pentium-IV, Speed: 1.8 GHZ , RAM: 512 MB,HDD: 80 GB

7. DISCOVERING E-MAIL SPAM AND ANTICIPATION VIA COLLABORATION AND AI ECHNIQUES
    (IEEE)

                                                                                                   View abstract

                  Spam has become a very necessary topic of discussion these days. It is especially assuming alarming proportions due to the fact that genuine emails get buried in the horde of Spam. More so that in recent days free email service providers like yahoo are considering ways to charge the senders of emails to preferred accounts.

System Requirement Specification:-
DOMAIN      : ARTIFICIAL INTELLIGENCE
SOFTWARE : Operating System: Windows xp , Platform: JAVA, Back end: Ms Access
HARDWARE : Processor: Pentium-IV, Speed: 1.8 GHZ , RAM: 512 MB,HDD: 80 GB

8. PUBLIC KEY VALIDATION FOR DNS SECURITY EXTENSION (IEEE)

                                                                                                    View abstract

                  To provide security by combining the concept of both the Digital Signature and Asymmetric key (Public key) Cryptography. Here the Public key is send instead of Private key. The DNS security uses Message Digest Algorithm to encrypt the Message (text file) and PRNG (Pseudo Random Number Generator) Algorithm for generating Public and Private key. The message combines with the Private key to form a Signature using DSA Algorithm, which is send along with the Public key.

System Requirement Specification:-
DOMAIN     : TRANSACTION ON NETWORKING
SOFTWARE : Operating System: Windows xp, Platform: JAVA, Algorithm: DSA, Protocol: TCP/IP
HARDWARE : Processor: Pentium-IV, Speed: 1.8 GHZ , RAM: 512 MB, HDD: 80 GB

9. ANALYZING NETWORK TRAFFIC IN ORDER TO DETECT POSSIBLE INTRUSIONS 
   (UNIVERSITY OF CALIFORNIA)

                                                                                                   View abstract

                This paper describes a model for a real-time intrusion-detection expert system that aims to detect a wide range of security violations ranging from attempted break-ins by outsiders to system penetrations and abuses by insiders. The development of a real-time intrusion-detection system is motivated by four factors:
1) Most existing systems have security flaws that render them ?usceptible to intrusions, penetrations, and other forms of abuse; finding and fixing all these deficiencies is not feasible for technical and economic reasons
2) Existing systems with known flaws are not easily replaced by systems that are more secure-mainly because the systems have attractive features that are missing in the more-secure systems, or else they cannot be replaced for economic reasons
3) Developing systems that are absolutely secure is extremely difficult, if not generally impossible and Even the most secure systems are vulnerable to abuses by insiders who misuse their privileges.

System Requirement Specification:-
DOMAIN     : NETWORKING SECURITY
SOFTWARE : Operating System: windows xp, Platform: JAVA
HARDWARE : Processor: Pentium-IV, Speed: 1.8 GHZ, RAM: 512 MB, HDD: 80 GB

 




                                                       
                                                                                                                             Back to Project List