7/31/2019 2nd Reviewed

1/24

A New Data Sharing Environment for

a Secured Enterprise

Under the guidance of

Mrs. Chethana R MurthyAssistant Prof, Dept of ISE

RV College of EngineeringBy

USN NAME EMAIL MOB NO

1RV08IS006 Anjani Deekshitha A anjanideekshitha@gmail.com 9980815287

1RV08IS038 Ravindra Patil ravindrapatil90@gmail.com 9538667246

1RV08IS059 Vinay Hiremath vini007hiremath@gmail.com 9535535448

1RV09IS401 Ashwini D ash91legend@gmail.com 9731871968

mailto:anjanideekshitha@gmail.commailto:ravindrapatil90@gmail.commailto:vini007hiremath@gmail.commailto:ash91legend@gmail.commailto:ash91legend@gmail.commailto:vini007hiremath@gmail.commailto:ravindrapatil90@gmail.commailto:anjanideekshitha@gmail.com

7/31/2019 2nd Reviewed

2/24

Introduction

Information security has been purely defensive.

Firewalls, Intrusion Detection Systems, encryption

Detect any failures in the defense, and then react to

those failures.

Limitation: Is purely defensive, the enemy has the

initiative.

Solution: Honey nets

Honey net gather information about threats that exist.

2

7/31/2019 2nd Reviewed

3/24

Honeynet

Is a type of honey pot

Is a high-interaction honey pot designed to capture

extensive information on threats.

It provides real systems, applications, and services for

attackers to interact with.

Gains information about both external and internal

threats of an organization.

3

7/31/2019 2nd Reviewed

4/24

Problemdefinition

Hybrid peer to peer architecture to performattacks. Honeypot technique to defend such

kind of malware attacks and avoid the

malware attacks like.

4

7/31/2019 2nd Reviewed

5/24

Existing scheme

Dos attacks

Botmasters used botnet.

Many disadvantages

Solution: use hybrid peer to peer architecture.

5

7/31/2019 2nd Reviewed

6/24

Proposed system:

honey pot technique to defend the attacks.

honey pot to block the packets travelling

honey pot to defend malware attacks

hybrid peer to peer architecture

6

7/31/2019 2nd Reviewed

7/24

Objective

To know about the Hackers Activities andMotivation.

To allow the Hackers to hack the network andmonitoring the hackers activities.

To store the motivation of the hackers in the IDSdatabase.

Update the Security using the IDS information.

7

7/31/2019 2nd Reviewed

8/24

Data flow Diagrams

7/31/2019 2nd Reviewed

9/24

Data control

Data

control

Authorized

user

Unauthorized

user

Access

operation

Access

operation

Original Files

Firewall &

honey pot

Duplicate File

7/31/2019 2nd Reviewed

10/24

Store user

activity &motivation

10

Data Capture & Data Collection

Datacontrol

Data

Capture

&

DataCollectio

n

Authorized

user

Unauthorized

user

Various

analysis

methods

IDS to capture

host activities

7/31/2019 2nd Reviewed

11/24

11

Data Analysis

Data

control

Data

Capture

& Data

Collecti

on

Data

Analysis

Read

collected

data

Analyze

weakness in

existing

security

Analyze

hackers

action &

activity

Update toperformance

7/31/2019 2nd Reviewed

12/24

12

Data Encryption & Decryption

Datacontrol

Data

Capture

& Data

Collectio

n

Data

Analysis

Encryp

tion &

decrypt

ion

Authorized

user

Unauthorized

user

Access

resource file

Access

resource file

Encrypt &

decrypt a file

Encrypt &

decrypt a file

Original file

Duplicate file

IDS

7/31/2019 2nd Reviewed

13/24

13

Data

Analysis

Log & Alert System

Data

Capture

& Data

Collecti

on

Data

control

Encrypt

ion &

decrypti

on

Log &

alert

System

IDS to

generate

future

security

Log system

Alert system

Store hackers

motivation

Provide alert

message to

admin

7/31/2019 2nd Reviewed

14/24

Data Construct Specification

S. No FIELD NAME DATA TYPE1. User_id Number2. User_Name Text3. Password Text

S. No FIELD NAME DATA TYPE1. ID, key Number2. Source File Text3. Duplicate File Text

S. No FIELD NAME DATA TYPE1. User ID Number2. IP Address Number

SIZE

SIZE

40

50

30

20

250

250

40

32

SIZE

Name of the table: Login

Name of the table: Resources

Name of the table: IPadress

7/31/2019 2nd Reviewed

15/24

Modules

DATA CONTROL

DATA CAPTURE

DATA COLLECTION

DATA ANALYSIS

DATA ENCRYPTION / DECRYPTION

LOGS AND ALERT SYSTEM

7/31/2019 2nd Reviewed

16/24

DATA CONTROL:

This module provides control from unauthorized Access .

It allows authorized user to access the original file system.

The Firewall identifies the hackers and divert them to theduplicate File System.

Immediately, an alert is send to Honey Pot & to the

Log / Alert system, about the Hacker.

7/31/2019 2nd Reviewed

17/24

DATA CAPTURE:

This module allows to collect the data about the user

activities and motivation.

It stores the various methods used by the hacker and howis he breaking the security.

The data are all stored in the IDS to analyze Hackers

activities.

7/31/2019 2nd Reviewed

18/24

DATA COLLECTION:

Data from Various HoneyPot are colleted in a centralized

HoneyPot server.

The data are analyzed to know the attacks and hacker

motivation.

7/31/2019 2nd Reviewed

19/24

DATA ANALYSIS:

Read the collected data stored in the IDS.

Analyze the data to know about the hackers action andhow they are succeeded in their activities.

Analyze the Weakness of the Existing security.

Update the Security to improve performance of the presentsecurity.

7/31/2019 2nd Reviewed

20/24

DATA ENCRYPTION AND DESCRIPTION:

Blow Fish involves replacing each letter of the alphabetwith the letter standing k places further down the alphabet.

Encryption:

C = E (p) = (p +k) mod (26).

Decryption:

P = D(C) =(C-k) mod (26).

Where,

C = Cipher Text.

P = Plain Text.

K= Key

7/31/2019 2nd Reviewed

21/24

LOGS AND ALERT SYSTEM

The IDS system collect Hackers motivation for

future generation of security.

Log system stores all motivation of the hackers in the

IDS.

Alert provides alert message to administrator

regarding attack of the Hacker.

7/31/2019 2nd Reviewed

22/24

Conclusion

Botnets - potential for illicit financial gain, More honeypot-based detection and defense systems

to find ways to avoid honeypot traps in their botnets.

Software or hardware specific codes can be used todetect the honeypot virtual environment,

Rely on a more general principle to detect botnet

This project implements various means by which

attackers could detect botnet in their constructedbotnet based on this principle.

7/31/2019 2nd Reviewed

23/24

Bibliography

23

S. Kandula, D. Katabi, M. Jacob, and A. Berger, Botz-4-sale: Survivingorganized ddos attacks that mimic flash crowds, in 2nd Symposium on Networked

Systems Design and Implementation (NSDI), May 2005.

C. T. News, Expert: Botnets No. 1 emerging Internet threat, 2006,

http://www.cnn.com/2006/TECH/internet/01/31/furst/.

F. Freiling, T. Holz, and G. Wicherski, Botnet tracking: Exploring a root-cause

methodology to prevent distributed denial-of-service attacks, CS Dept. of RWTH

Aachen University, Tech. Rep. AIB-2005-07, April 2005.

D. Dagon, C. Zou, and W. Lee, Modeling botnet propagation using time zones,

in Proceedings of 13th Annual Network and Distributed System Security

Symposium (NDSS), Feburary 2006, pp. 235249.

7/31/2019 2nd Reviewed

24/24

Thank You