A P2P E-commerce Related Network Security Issue: P2P Worm

Abstract RADIUS is one of the most popular protocols used in network communication for user authentication. Unfortunately, there are many vulnerabilities facing the security issue in RADIUS network protocol. One of these vulnerabilities is a replay attack problem which is need to be prevented. The previous protocols have presented number of techniques to reduce the effects of replay attack in RADIUS protocol. One time password (OTP) technique is one of the most important techniques which are used to enhance the security of user authentication in numerous environments and to close the potential gap in network security. With several OTP techniques, three OTP techniques (TOTP), (HOTP),(CROTP) are chosen in this paper. This paper highlights some of the current security approaches related to RADIUS protocol and OTP techniques. The main focus of this paper is the implementation of the three OTP techniques through providing our ELSBOT and the comparison of these techniques through presenting a set of factors such as preventing replay attack, CPU overhead, technique speed, server response time and OTP duration. Keywords: RADIUS Protocol , Replay Attacks ,One Time Password الملخـــــــص: بروتوكول RADIUS هو أحد البروتوكولات الأكثر شيوعاً والمستخدمة في شبكة الاتصالات لمصادقة المستخدم (التحقق من المستخدم). للأسف، هناك العديد من نقاط الضعف التي تواجه قضية الأمن في بروتوكول RADIUS . مشكلة هجوم إعادة الإرسال Replay Attacksتعتبر من أحد نقاط الضعف في هذا البروتوكول التي نحتاج إلى منعها. البروتوكولات السابقة قدمت عدد من التقنيات للحد من آثار هذا الهجوم في بروتوكول RADIUS . تقنية كلمة المرور لمرة واحدة One Time Password(OTP) من أهم التقنيات التي استخدمت لتعزيز أمن مصادقة المستخدم في بيئات عديدة ولسد الفجوة المحتملة في أمن الشبكات. مع العديد من تقنيات OTP، مساهمتنا في هذا البحث هو اختيار ثلاث تقنيات: TOTP، HOTP،CROTP . وهذا دفعنا لتقديم ELSBOT لتفادي مشكلة هجوم إعادة الإرسال Replay Attacksفي بروتوكول RADIUS. في هذه الورقة سوف نطبق تقنيات OTP الثلاثة في ELSBOT ضمن بيئة RADIUS ومن ثم نقدم مقارنة بين تقنيات OTP. ولفحص وتقييم نظامنا ELSBOT في ظل وجود مجموعة من العوامل مثل: منع هجوم إعادة الإرسال، العبء على المعالج وسرعة المعالج وزمن الاستجابة للسيرفر ومدة صلاحية كلمة المرور. تظهر النتائج بأن تقنيات OTP الثلاثة في ELSBOT تمنع مشكلة هجوم إعادة الإرسال ضمن بيئة RADIUS وكما أن العبء على المعالج في تقنيةـ TOTP أقل من التقنيات الأخرى وكذلك سرعة المعالج في تقنيةـ TOTP هى الأعلى بينما سرعة المعالج في تقنية CROTP أعلى من تقنية HOTP ولكن تقنية HOTP هى الأفضل بالنسبة لزمن إستجابة السيرفر, وبالتالي فإن نظام ELSBOT هو أفضل الأنظمة المتوفرة من منظور أمني.

Download Full-text

BOTNETs: A Network Security Issue

International Journal of Advanced Computer Science and Applications ◽

10.14569/ijacsa.2020.0111155 ◽

2020 ◽

Vol 11 (11) ◽

Author(s):

Umar Iftikhar ◽

Kashif Asrar ◽

Maria Waqas ◽

Syed Abbas

Keyword(s):

Network Security ◽

Security Issue

Download Full-text

Reserch on EC Security Problems and Countermeasures

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.680.554 ◽

2013 ◽

Vol 680 ◽

pp. 554-558

Author(s):

Jin Song Hu

Keyword(s):

Information Technology ◽

Network Security ◽

Computer Network ◽

Rapid Development ◽

The Internet ◽

Security Issue ◽

Security Issues ◽

Business Information ◽

Computer Network Security ◽

Transaction Security

With the rapid development of the Internet, EC is growing rapidly. The use of information technology to transmit and process business information has inevitably brought the defects and shortcomings of its own into the field of EC.The security issue is becoming the primary factor restricting the development of electronic commerce ,and is the most important issues related to EC system can be run successfully. EC security issues can be basically divided into two parts, namely, computer network security and business transaction security. The paper discusess these two parts and gives the countermeasures in the last.

Download Full-text

Authorship Pattern and Collaborative Research in the Field of Network Security

Indian Journal Of Applied Research ◽

10.15373/2249555x/jan2013/21 ◽

2011 ◽

Vol 3 (1) ◽

pp. 52-54 ◽

Cited By ~ 1

Author(s):

N. Amsaveni N. Amsaveni ◽

◽

R. Vasanthi R. Vasanthi

Keyword(s):

Network Security ◽

Collaborative Research ◽

Authorship Pattern

Download Full-text

COMMUNICATIONS RECONSTRUCTION FOR A NETWORK SECURITY ANALYSIS

Telecommunications and Radio Engineering ◽

10.1615/telecomradeng.v69.i7.50 ◽

2010 ◽

Vol 69 (7) ◽

pp. 629-638

Author(s):

J. Sisniega-Gonzalez ◽

E. Aguirre-Anaya ◽

Mariko Nakano-Miyatake ◽

Hector Manuel Perez-Meana

Keyword(s):

Network Security ◽

Security Analysis

Download Full-text

REAL-TIME TRAFFIC DETECTION AND ANALYSIS OF NETWORK SECURITY INTRUSION ATTACK: SNORT INTRUSION PREVENTION SYSTEM

Telecommunications and Radio Engineering ◽

10.1615/telecomradeng.v79.i12.30 ◽

2020 ◽

Vol 79 (12) ◽

pp. 1055-1062

Author(s):

A. L. Zhou

Keyword(s):

Network Security ◽

Real Time ◽

Intrusion Prevention ◽

Real Time Traffic ◽

Prevention System ◽

Intrusion Prevention System ◽

Traffic Detection

Download Full-text

Security issues in Mobile Computing

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v8i4.620 ◽

2018 ◽

Vol 8 (4) ◽

pp. 13

Author(s):

Kartik Khurana ◽

Harpreet Kaur ◽

Ritu Chauhan ◽

Shalu Chauhan ◽

Shaveta Bhatia ◽

...

Keyword(s):

Mobile Computing ◽

Mobile Devices ◽

Mobile Communication ◽

Internet Access ◽

Mobile Security ◽

Security Issue ◽

Security Issues

Now a day’s mobile communication has become a serious business tool for the users. Mobile devices are mainly used for the applications like banking, e-commerce, internet access, entertainment, etc. for communication. This has become common for the user to exchange and transfer the data. However people are still facing problems to use mobile devices because of its security issue. This paper deals with various security issues in mobile computing. It also covers all the basic points which are useful in mobile security issues such as categorisation of security issues, methods or tactics for success in security issues in mobile computing, security frameworks.

Download Full-text

Rule Based Network Security Using Genetic Algorithm

i-manager’s Journal on Software Engineering ◽

10.26634/jse.1.4.760 ◽

2007 ◽

Vol 1 (4) ◽

pp. 85-91

Author(s):

Jeya S ◽

◽

Ramar K ◽

Keyword(s):

Genetic Algorithm ◽

Network Security ◽

Rule Based

Download Full-text