INTERNATIONAL JOURNAL OF TECHNOLOGY AND COMPUTING (IJTC)

ISSN-2455-099X,

Volume 4, Issue 4 April, 2018

IJTC201804002 www. ijtc.org 43

An Evaluation of Prevent Hacking all the way

through Cyber Security 1Aarsh Jawa, 2Arpit Mishra

1,2 B.Tech,CSE Department, CGC Technical Campus,Jhanjeri (Mohali),India1

1manu12696@gmail.com, 227arpitmishra@gmail.com

Abstract: This analysis paper discusses the subject of cyber crime well, additionally because the varieties, strategies and effects of cyber

crimes on a network or a pc. Information has become like Associate in nursing quality that must be shielded from attacks. During this

paper, varied techniques, square measure given for the interference of the Active and Passive attacks. Some strategies square measure

delineate to forestall ourselves from cyber attacks, viruses or malwares. By following the strategies delineate during this analysis paper

one may be shielded from cyber attacks or hacking.

Keywords: Firewall, Honeypot, Intrusion detection system, Network security tools, Security.

I. INTRODUCTION

The usually accepted definition of cyber security is that the

protection of any ADPS, code program, and information

against unauthorized use, disclosure, transfer, modification,

or destruction, whether or not accidental or intentional. Here,

our major goal is to supply “information security” {of

information|of knowledge|of information} throughout on-

line or offline mode and to guard information from the “black

hat hacker” throughout on-line data transfer. Cyber attacks

will return from internal networks, the web, or different non-

public or public systems. E-mail and also the net square

measure the 2 main attack vectors employed by hackers to

infiltrate company networks. Businesses and people round

the globe have felt the sting of cyber intruders UN agency

attack structure networks with relative exemption. Some

attacks solely deface a web site, whereas others lead to

important embarrassment or loss. Whereas it's nearly not

possible to prevent some attacks, it's necessary for

organizations to acknowledge the distinction between

passive attacks and active attacks and also the shocking risks

of passive attacks. Network security is that the method by

that digital info assets square measure protected the goals of

security square measure to guard confidentiality, maintain

integrity, and assure accessibility. To secure the knowledge

and also the entire network system, one specific

methodology is needed which may be capable of providing

the entire security solutions. When a hacker infiltrates your

computer, smart phone or your online cloud account, the

outcome could be incredibly terrible for you and your family.

We never know if that hacker works for an organization and

plans to share your private data with them. That organization

may be a communal company which strategy to use your data

for marketing purposes. That organization can also be a

revolutionary group which plans to use your data for all the

erroneous reasons.

II. THE CHALLENGE

No matter what strategy is adopted, breaches can occur. It's

nearly not possible to require advantage of our

connectedness while not being in danger. Defensive

technologies like firewalls, passwords, encryption, physical

barriers, and authentication mechanisms are necessary to

keep up however alone haven't been effective in eliminating

breaches or predicting wherever following attack can occur.

Their worth as complete security measures are going to be of

restricted use in fighting more and more refined, innovative,

and well-funded cyber criminals. The rising challenge is to

search out additional prophetical ways of distinctive threats,

mitigating their impact, ANd managing an agile cyber

security operation that may each creatively and effectively

maintain protection. In attempt that challenge, it's necessary

to acknowledge that:

1) It isn't economical to guard each piece of knowledge and

each plus to constant extent.

2) A balance between the proper to privacy with the

requirement to guard nations, enterprises and people

from intrusions should be negotiated.

3) Attribution and severe penalties for cyber crime should be

additional uniformly completed among the multi-

national communities.

4) The challenge is nice and needs contemporary ways that to

mix individuals, processes, technology, and shared

information to guard societies from rising threats to

security.

While your pc is joined to the web, the malware a hacker has

put in on your laptop quietly transmits your personal and

monetary info while not your information or consent. Or, a

pc predator might pounce on the personal info you

unknowingly unconcealed. In either case, they may:

Hijack your usernames and passwords

Steal your money and open credit card and bank

accounts in your name

Ruin your credit

Request new account Personal Identification

Numbers (PINs) or additional credit cards

Make purchases

Add themselves or an alias that they control as an

authorized user so it’s easier to use your credit

Obtain cash advances

Use and abuse your Social Security number

IJTC.O

RG

INTERNATIONAL JOURNAL OF TECHNOLOGY AND COMPUTING (IJTC)

ISSN-2455-099X,

Volume 4, Issue 4 April, 2018

IJTC201804002 www. ijtc.org 44

Sell your information to other parties who will use

it for illicit or illegal purposes.

III. ATTACKS

The motive for an attack depends on the attacker. A teenager

with too much time on his hands may be just playing around

to see what he can do without getting caught. On the other

hand, an experienced cyber criminal may be looking for user

credentials or credit card information that he can steal and

sell to others for illegal use. The motive determines to some

degree, the degree of impact on the organization and its

reputation.

A. TYPES OF ATTACKS

a) Passive Attacks

A passive attack involves somebody listening in on

telecommunications exchanges or passively recording laptop

activity. AN example of the previous is AN assaulter sniffing

network traffic employing a protocol instrument or another

packet capturing package. The assaulter finds the way to plug

into the network and begins capturing traffic for later

analysis. Different attackers think about key loggers,

typically as a worm in an exceedingly "free transfer," to

record keystrokes like user IDs and passwords. The goal,

notwithstanding the tactic, is simply to pay attention and

record the information passing through. The passive attack

itself isn't harmful, per se, however the knowledge gathered

throughout the session may be very damaging.

b) Active Attack

Active attacks on computers involve victimisation data

gathered throughout a passive attack, like user IDs and

passwords, or associate degree outright attack victimisation

technological "blunt instruments." Such instruments embody

word batty, denial-of-service attacks, email phishing attacks,

worms and different malware attacks. In a full of life attack,

the aggressor is resolute bring an internet site down, steal

data or perhaps destroy computing instrumentality. As

network directors install defenses against existing attack

tools, hackers develop a lot of refined tools and also the game

of technology leapfrog continues.

IV. PREVENTIONS

a) Registry Settings

Below Is the Recommended Registry key configuration to

ruin DOS Attacks

Caution: Incorrectly editing the registry may harshly

damage your system. Before you make changes to the

registry, one should back up any important data on the

computer. You can also use the Last Known Good

Configuration start-up option if you encounter problems

after manual changes have been applied.

These registry key settings can be implemented to enable

protection against DoS attacks:

hkey_local_machine \system \currentcontrolset \services

\tcpip \parameters \synattackprotect=1 REG_DWORD

hkey_local_machine \system \currentcontrolset \services

\tcpip \parameters

\tcpmaxconnectresponseretransmissions=2 REG_DWORD

hkey_local_machine \system \currentcontrolset \services

\tcpip \parameters \tcpmaxdataretransmissions=3

REG_DWORD

hkey_local_machine \system \currentcontrolset \services

\tcpip \parameters \enablepmtudiscovery=0 REG_DWORD

b) Steps to Follow

1. Deploy an antivirus program and firewall into your

network if not already done. This helps in restricting the

bandwidth usage to authenticated users only.

2. Server configuration can help diminish the probability of

being attacked. If you’re a network administrator at

some firm, take a look at your network configurations

and harden the firewall policies to block out

unauthenticated users from addressing the server’s

resources.

3. Ad-Blocker Must Be used to ensure Web Safety.

4. Cloud Backup Should be maintained regularly so that in

case of any attack the data can be recovered back.

5. Using Honeypot technique as it offers a fast and

effective way to prevent spam.

6. Open ports on a server are a security vulnerability that

can potentially allow a hacker to exploit services on

your network. So closing unused ports is a good safety

measure.

7. Turn Off Ping Service

8. Bind IP To MAC Address

9. Use Intrusion Detection Systems (IDS) and Intrusion

Prevention Systems (IPS) for security visibility, denial

of - service (DoS) protection, anti-hacking detection,

and e -commerce business defences. [1]

10. Use reputable antivirus software and a firewall.

Maintaining a strong firewall and keeping your

security software up to date are critical.

11. Do make sure that all systems and software are up-to-

date with relevant patches.

12. Do employ content scanning and filtering on your mail

servers.

13. Uses strong encryption to perform daily transaction on

the web when you transfer your personal

information, can use SSL (Digital Certificate) which

being hard for intruders.

14. Use antivirus program to detect and prevent from the

viruses

15. Use a “passphrase” that is easy to remember —

E@tUrVegg1e$ (Eat your veggies) and make sure to use

a combination of upper and lower case letters, numbers,

and symbols to make it less susceptible to brute force

attacks. Try not to use simple dictionary words as they

are subject to dictionary attacks – a type of brute force

attack.

16. Do not share or write down any “passphrases.”

IJTC.O

RG

INTERNATIONAL JOURNAL OF TECHNOLOGY AND COMPUTING (IJTC)

ISSN-2455-099X,

Volume 4, Issue 4 April, 2018

IJTC201804002 www. ijtc.org 45

17. Communicate/educate your employees and executives on

the latest cyber security threats and what they can do to

help protect critical information assets.

18. Do not click on links or attachments in e-mail from

untrusted sources.

19. Do not send sensitive business files to personal email

addresses.

20. Have suspicious/malicious activity reported to security

personnel immediately.

21. Secure all mobile devices when traveling, and report lost

or stolen items to the technical support for remote

kill/deactivation.

22. Educate employees about phishing attacks and how to

report fraudulent activity.

In this modern age, it seems almost impossible to avoid being

a victim of cybercrime, with all the advancements in

technology which make it easy for someone to perform

cybercrimes. In light of this, there are some ways however to

avoid becoming a victim of cybercrime. Users must install

and keep up-to-date antivirus programs, firewalls and

spyware checkers. Along with keeping them up to date, users

must make sure that they run the scans regularly. The easiest

way to protect a network from an outside attack is to close it

off completely from the outside world. A closed network

provides connectivity only to trusted known parties and sites

[2].

V. CONCLUSION

The risks of cybercrime are very real and too threatening to

be ignored. Every franchisor and licensor, indeed every

business owner, has to face up to their vulnerability and do

something about it. At the very least, every company must

conduct a professional analysis of their cyber security and

cyber risk or engage in a prophylactic plan to minimize the

liability and insure against losses to the greatest extent

possible and implement and promote a well-thought out

cyber policy, including crisis management in the event of a

worst case scenario. Nevertheless, business should employ

practices where their employees follow proper safety

practices to ensure that integrity and confidentially of stored

information is kept at all times to combat cybercrimes. Safety

practices like ensuring that staying off game sites on

company time where viruses can be downloaded, forwarding

chain emails, leaving workstation unattended or password

sharing over virtual mediums should be prohibited.

Preventions for attacks like ransom ware are also described

in this research paper with all these safety practices

implemented, it can be said that the safety of many clients

stored information is optimal.

REFERENCES

[1]. Network Security: Attacks, Tools and Techniques

Vandna, Dr. Ritu Sindhu (IJSRM)

[2]. A Review on Network Security Threats and Solutions

Prakhar Golchha , Rajesh Deshmukh , Palak Lunia

[3]. https://en.wikipedia.org/wiki/Computer_security

[4]. https://www.cso.com.au/article/618875/top-5-cyber-

security-tips-keep-hackers-away/

[5]. https://www.webroot.com/us/en/home/resources/article

s/pc-security/computer-security-threats-hackers

IJTC.O

RG