What is Alternate Data Streams?
Whether it is with the growing role of information technology in every field of life The relationship between business, education, banking, Internet, the day is increasing day by day. People share a lot of information on the Internet. Then with increasing There is a greater need to share information, gain information. There The various weaknesses present in the applications we are using today. so they Provide an easy way for people with bad intentions to fulfill their desires.
Thus it Networks administrators and network security personnel have become difficult Secure data from different types of attacks Therefore security issues should be kept in mind Account in every area Need to protect data or information from unauthorized the access; This data can be hidden. Data is unavailable to hide data Inadvertent user. There are different ways and software available in the market to hide For the data but for them, we must either buy them or download them in this way Some cumbersome work There is a data hiding technique in Windows NTFS file system This technique is known as an alternative data stream. This is a feature The NTFS file system that can be effectively hidden for purpose but some The attackers consider it vulnerability and take advantage of it for its own benefit.
Alternate Data Streams Network Security
This Computer is a branch of science that is related to securing a Computer Network. this is Network administrator responsibility to implement all security policies One is required to protect the network. The network administrator should prevent any kind of Unauthorized access to data on the network Network security means if two Systems are communicating over the Internet then no third user should interfere between them. Communications. Therefore, network security is based primarily on keeping information secure. Networks The main goals of information security are:
1) Privacy: This means protecting or protecting information from illegal access Protecting information from unauthorized access. In the case of banks, confidential Details of the account number or details of the credit card of the customer should be Should not leak. If such information is not confidential in the bank then it will be Lose your customers. So privacy is very important to gain information. To Maintain the confidentiality of data, encryption is used. Encryption only, encryption
Authorized users will be able to access the data. Therefore data will be confidential. This also Applying permissions to access files containing sensitive information is included.
2) Integrity: This means maintaining the accuracy of the data. Data should not be changed Or by any unauthorized person. In the case of banks, if the account number of a person If it has changed then it will create a big problem. This means that if the data is transferred from the source Then it should not be changed before reaching the destination. Data integrity is Hashish kept up with data and compared with the hash of the actual message. This comparison is done on the receiver site.
3) Authenticity: This means identifying the origin of the data. It ensures that both The parties involved in communication are real. Digital signatures are now used- Day to ensure authenticity Authenticity means that only authorized users should meet Access to information.
4) Availability: This means that the information should be available to the authorized user Whenever needed. Assume that an organization data is lost due to system failure There should be backup available so that they can recover their data.
Common Terminology used in Network Security
The commonly used terminology is below:
- Threat: Threat is a potential danger, which can lead to system compromise. Is the threat There is a fear that the attacker will find the system using weak vulnerabilities system? Threats can be deliberate as well as casual.
- Exploit: Exploit is a kind of code that is guided by the attacker for hacking Objectives By breaking the system security and exploiting the known vulnerability. Exploitation can be different for different vulnerabilities and it is not necessary that A The exploitation working for a machine (operating system) will work for other machines (Different operating systems) even if they share a common vulnerability
- Vulnerability: Vulnerability in the language of common man means no weakness The hacker is misused to come into the system. These are the entry points for loopholes Hackers Consider a lock that can be opened by another key. So the fact is that The lock can be opened by any key weak or weak. Vulnerability Due to negligence on behalf of the administrator or on behalf of the coder.
Security Threats
The following are the major security threats of information security:
1) Hacking: It can be defined as the illegal act of getting someone's access The computer and the system owner have no information about this. Person to do Such activity is known as a hacker. Once a person gets access to a system, then he The person can steal all sensitive information and also change the existing data in the system. After making changes hackers remove traces so that the system owner can not figure out About intrusion
2) Virus or Worms: These are programs that affect the efficiency of a system. Although both do the same thing, there is little difference between the two- In order to transfer the virus to a victim machine, it requires a carrier whereas there are no worms. Both Repeat yourself in the victim's system.
3) Trojan Horse: these programs were initially used by system administrators
An administration which is to control their remote workstations. But they were later
Used by hackers for an illegal purpose such as accessing the machine of the victim, stealing
Sensitive information from the victim's machine. They can be easily installed on the target
The machine by sending an attachment to the email.
4) Spoofing: spoofing means copying. Thus it means to fool the authorized user Information source is a valid system. But this is not really happening. Some of its general prevention techniques are filtering, ejection filtering and Attempt to close the packet at the destination, traceback.
5) Sniffing: This means intercepting data. This software or a program that reads all The data is passing on a network without any changes. It's like communicating The place between two people and the third person is listening without their knowledge. Protocols that are sensitive to it, they are clearly sending data and passwords. Lesson Such protocols are SMTP, HTTP, FTP etc This is the only solution to prevent Sending data in an encrypted form.
6) Denial of Service: This attack does not happen by stealing data but it creates a goal The system is unavailable for use. The target system is not able to provide the service legitimate user Ping commands can be used to perform this attack. From the flood A large number of ping messages on the server, the server is not able to handle so much Load and Crash. Generally, the attackers use a large number of zombies for this demonstration attack and which are known as Distributed Off Service (DDOS) attacks.
Network Security Device
Various security tools available in the market to protect the system against security dangers are:
1) Antivirus: Antivirus software detects possible security threats by matching The signing of files with the signature stored in their database. So antivirus Need to properly update so that they can perform fully.
2) Secure Network Infrastructure: In the network, switches and router should be used Because they provide both hardware and software functionality and provide services like Intrusion protection, security management, etc.
3) Virtual Private Network: In this network when the data is transferred between two Nodes, it is transferred in an encrypted form. Thus data integrity is maintained. So, In such networks, the possibility of infiltration decreases.
4) Identification Services: These services help determine the user's identity The user is authorized or not identifying the source of the data or not. This also includes Services such as digital signatures, passwords, etc.
5) Vulnerability Evaluation: Various tools are available in the market which shows the Presence of various weaknesses in the user's system Once after weaknesses It is known, users must patch them immediately before the attacker exploits them. Some of the popular vulnerability assessment tools are Acunetix, N-Stacker, IBM
Based on the rational AppScan etc and the merit of each, their qualities and abilities are And detection rate.
Data Hiding
Hide data or hide information is basically related to the protection of sensitive data Unauthorized access This makes data invisible for unknown users. Information Hiding is also used by hackers or criminals to hide their criminal activities. Like this Hide, information is done by both criminals and general users. Are different The techniques available to hide data or information. Here are:
1) Hiding non-physical data: It is related to hiding in digital form. Different forms Hiding non-physical data is steganography, cryptography and watermarking. Steganography means that sensitive data should be hidden in a normal message.
Cryptography is meant to protect data by encrypting data from unauthorized users The unreadable form is known as cipher before sending the difference between Steganography and cryptography that data is sent to steganography Plain Text (embedded in other data) is not in encrypted form like cryptography. Watermarking technology is used primarily to prove copyright information Document. This audio is done by adding pattern bits to video files. Bit pattern Copyright information should be used to define, they should be scattered and invisible So that they can not be manipulated.
2) Hiding File System Data: This is a form of hiding data that includes hiding Data in storage locations such as hard disk, file system Different ways are available To hide the data in the file system. These are hidden files or folders, slack space, delete Files, deleted or hidden partitions, bad clusters, alternative data streams, etc.
Literature Review
File System
A file system can be defined as a method for naming files in a computer. It controls Storage and retrieval of files on the media (hard drive or CD or flash drive) its works As an index where the physical location is actually present in the data Media. Whether each Operating System is Windows or Macintosh or Unix, each Includes a file system to store files.
File System in Windows
There are two main file systems in Windows:
1) Fat Allocation Table: File allocation table (FAT) is a file system that was Developed by Microsoft in 1977 This was the primary file system from MS-DOS Windows me From Windows NT, NTFS became the primary file system. East FAT was designed for floppy disks but later it was universally used for the hard disk. Different versions of FAT include FAT8, FAT12, FAT16, and FAT32. It is still
A favorite file system is considered for floppy disks and high capacity storage. Tools like flash drives.
2) New Technology File System: It is also known as NTFS. It was introduced in 1993 In Microsoft Windows NT 3.1. Starting NTFS 3.1, NTFS is now Be the primary file system in all versions of Windows including Windows XP, Windows Vista, and Windows 7 and now in Windows 8 NTFS was developed With some improvement on the existing FAT system Here are:
Increase security through file encryption and permission modes given to file used by the file owner. Hard it can support large size hard disks. Some automated recovery from some errors related to disk. File compression is included to save disk space.
No comments:
Post a Comment