USAGE AND AWARENESS OF TOOLS AND TECHNOLOGIES PROVIDING CYBERSECURITY AMONGST INTERNET USERS IN PUNE

Similar documents
Promoting Global Cybersecurity

CEH Tools. Sniffers. - Wireshark: The most popular packet sniffer with cross platform support.

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

Cyber Security Technologies

DHS Cybersecurity: Services for State and Local Officials. February 2017

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

National Policy and Guiding Principles

Implementing Executive Order and Presidential Policy Directive 21

Legal and Regulatory Developments for Privacy and Security

Designing and Building a Cybersecurity Program

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

Cybersecurity, safety and resilience - Airline perspective

Web Application Penetration Testing

May the (IBM) X-Force Be With You

Statement for the Record

Legal, Ethical, and Professional Issues in Information Security

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services

G7 Bar Associations and Councils

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

Training for the cyber professionals of tomorrow

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

CPTE: Certified Penetration Testing Engineer

CYBER RESILIENCE & INCIDENT RESPONSE

Security by Default: Enabling Transformation Through Cyber Resilience

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Must Have Items for Your Cybersecurity or IT Budget in 2018

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

Hacking Today p. 1 Defining the Hacker p. 9 Hacker Skill Levels p. 10 Information Security Consultants p. 13 Hacker Myths p. 14 Information Security

CYBER SOLUTIONS & THREAT INTELLIGENCE

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

ACHIEVING FIFTH GENERATION CYBER SECURITY

Are we breached? Deloitte's Cyber Threat Hunting

Cyber Security in Smart Commercial Buildings 2017 to 2021

Department of Management Services REQUEST FOR INFORMATION

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

Commonwealth Cyber Declaration

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Background FAST FACTS

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

The GenCyber Program. By Chris Ralph

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

to Enhance Your Cyber Security Needs

Gujarat Forensic Sciences University

Security-as-a-Service: The Future of Security Management

Chapter 5: Vulnerability Analysis

Cybersecurity for ALL

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Provisional Translation

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

THE CYBERSECURITY LITERACY CONFIDENCE GAP

Program 1. THE USE OF CYBER ACTIVE DEFENSE BY THE PRIVATE SECTOR

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

Cyber Security and Cyber Fraud

External Supplier Control Obligations. Cyber Security

COMPUTER HACKING FORENSIC INVESTIGATOR (CHFI) V9

Information Security Controls Policy

Position Title: IT Security Specialist

ANATOMY OF AN ATTACK!

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

Vulnerability Assessments and Penetration Testing

PTE Certified Penetration Testing Engineer

OSSAMS -Security Testing Automation and Reporting

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Cybersecurity Test and Evaluation Achievable and Defensible Architectures

CPTE Certified Penetration Testing Engineer

Certified Penetration Testing Engineer

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

Certified Penetration Testing Engineer

Presentation Overview

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

C)PTE Certified Penetration Testing Engineer

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

Cybersecurity Foundations

GDPR Update and ENISA guidelines

Caribbean Cyber Security: Not Only Government s Responsibility

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Jeff Wilbur VP Marketing Iconix

ScienceDirect. Vulnerability Assessment & Penetration Testing as a Cyber Defence Technology

What you Need to Know About Security Vulnerability Assessments that no one is willing to share

GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Systemic Analyser in Network Threats

Curso: Ethical Hacking and Countermeasures

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

Critical Information Infrastructure Protection Law

ISAO SO Product Outline

Transcription:

Asia Pacific Journal of Research Vol: I. Issue XXXVI, February 06 ISSN: 0-550, E-ISSN-7-79 USAGE AND AWARENESS OF TOOLS AND TECHNOLOGIES PROVIDING CYBERSECURITY AMONGST INTERNET USERS IN PUNE Prof. Mayank R. Kothawade Research Scholar, North Maharashtra University, Jalgaon, Maharashtra, India Prof. Dr. PreetiAgrawal Director, GHRIBM, Jalgaon, Maharashtra, India ABSTRACT Cyber security and awareness are crucial parameters while using internet or internet applications. These parameters are categorized into non-technological and technological issues. Non-technological parameters refers to awareness of security issues and policies related to security concern and technological issues covering the knowledge and awareness of tools and technologies providing cyber security. This paper highlights usage and level of awareness of various tools technologies providing cyber security with respect to five important parameters which includes usefulness, continuity with tool or technology usage, reliability, efficiency and limitations associated. KEYWORDS: Tools, Technologies, Cyber threat, Reliability, Efficiency, Awareness. INTRODUCTION: Cybercrime encompasses a wide range of activities, but these can generally be broken into two categories: first crimes that target computer networks or devices and second crimes that use computer networks to spread other criminal activities. Cybercrime is a bigger risk now than ever before, due to large number of connected people and devices. Crime, in whatever form it is, directly or indirectly affects the society. In today s world, there is immense increase in the use of internet in every field of the society and due to this escalation in usage of internet, a number of new crimes have evolved.cybercrime and cyber security are issues that can hardly be separated in an interconnected environment. The fact that the 00 UN General Assembly resolution on cybersecurity 5 addresses cybercrime as one major challenge underlines this. www.apjor.com Page 6

Asia Pacific Journal of Research Vol: I. Issue XXXVI, February 06 ISSN: 0-550, E-ISSN-7-79 To minimize the impact of these cyber threats various initiatives are taken by the worldwide organizations. The Cyber Technology and Information Security Laboratory (CTISL) conducts applied research focused on cyber threats and countermeasures, secure multi-level information sharing, resilient command and control network architectures, reverse engineering, information operations and exploitation, high performance computing, and data analytics.ctisl has six strategic thrusts 6 : Reverse Engineering, Vulnerability Identification, and Exploitation Resilient Network Systems Engineering Malicious Software Analysis, Threat Intelligence and Penetration Testing High Performance Computing and Analytics Multi-Level, Secure Software Systems and Collaboration Tools Professional Education, Outreach, and Awareness Another initiative taken by White House, President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we as a government or as a country are not adequately prepared to counter. Shortly after taking office, the President therefore ordered a thorough review of federal efforts to defend the U.S. information and communications infrastructure and the development of a comprehensive approach to securing America s digital infrastructure. In May 009, the President accepted the recommendations of the resulting Cyberspace Policy Review, including the selection of an Executive Branch Cybersecurity Coordinator who will have regular access to the President. The Executive Branch was also directed to work closely with all key players in U.S. cybersecurity, including state and local governments and the private sector, to ensure an organized and unified response to future cyber incidents; strengthen public/private partnerships to find technology solutions that ensure U.S. security and prosperity; invest in the cutting-edge research and development necessary for the innovation and discovery to meet the digital challenges of our time; and begin a campaign to promote cybersecurity awareness and digital literacy from our boardrooms to our classrooms and begin to build the digital workforce of the st century. Finally, the President directed that these activities be conducted in a way that is consistent with ensuring the privacy rights and civil liberties guaranteed in the Constitution and cherished by all Americans. To overcome these threats several tools and technologies are available and it is important to understand the usage and awareness of these tools and technologies along with their reliability and effectiveness. TOOLS AND TECHNOLOGIES PROVIDING CYBER SECURITY: Tools and technologies are playing vital role in protecting and securing systems and applications but their regular updates and patches are important. Some experts have stated that one of the cause of vulnerable computers is a lack of awareness by users and system administrators in keeping up with available security patches. To remedy this problem various tools and services are available to assist them in identifying vulnerabilities and their respective patches. A breach is stressful and expensive and only gets worse as word of the attack spreads to employees, customers, shareholders, competitors, and regulators. Today s hackers many with global networks and substantial financial resources -- have proven remarkably deft in getting around cyber security 9. Following categories of tools and technologies were considered for the study. Each category has different tools all the tools falls under different categories are shown in table. Antimalware Password auditing Application-specific scanners Port scanners Web browser related Rootkit detectors Encryption tools 5 Security-oriented operating systems 5 Debuggers 6 Packet sniffers 6 Firewalls 7 Vulnerability exploitation tools 7 Forensics Traffic monitoring tools Fuzzers 9 Vulnerability scanners 9 General-purpose tools 0 Intrusion detection systems 0 Web proxies Web vulnerability scanners Packet crafting tools Wireless Tools www.apjor.com Page 69

Asia Pacific Journal of Research Vol: I. Issue XXXVI, February 06 ISSN: 0-550, E-ISSN-7-79 OBJECTIVES:. To identify the usage of various tools and technologies providing cyber security.. To identify the level of usefulness, continuity with tool or technology usage, reliability, efficiency and limitations associated with various tools and technologies. HYPOTHESIS: Existing tools and technologies are not efficient to deal with cyber security threats. METHODOLOGY Information about usage and awareness of tools and technologies providing cybersecurity has been collected from 5 internet users by simple random sampling method. Respondents have been asked to comment on the usage of tools from the different categories. ANALYSIS: Analysis of usage and awareness of tools providing cybersecurity. From table it can be seen that internet users are unaware to most of the tool indicated by 0%. The scenario is not good about rest of the tools also percentage shows that rest of the tools are also not widely by the internet users. Analysis of various tools and technologies providing cyber security. From Table it can be seen that; Usefulness: Most of the respondents (%) agreed that they about the usage of tools and technologies providing cyber security. Continuity with tool usage: Only % respondents wish to continue with existing tool and technologies. Limitations associated: Only % respondents Strongly that existing tools and techniques have limitations. Reliability: Only % respondents Strongly that existing tools and techniques are reliable. Table : Usage and Awareness of tools providing cybersecurity Tool Usage Tool Usage Acunetix WVS 0.5% Grendel-Scan 0.5% AIDE 0.% Helix 0.% Aircrack 0.5% HijackThis.5% Angry IP Scanner.% Honeyd 0.% AppScan 0.% HP WebInspect 0.6% ArcSight SIEM platform 0% Hping.6% Argus 0% IDA Pro.% BackTrack % ike-scan.% BeEF.% Immunity Debugger % Brutus 0% inssider 0.% Burp Suite.% John the Ripper 0.9% Cain and Abel 0.% KeePass 0.5% Canvas.6% KisMAC.% Chrome % Kismet.% ClamAV 0.7% Knoppix.9% www.apjor.com Page 70

Asia Pacific Journal of Research Vol: I. Issue XXXVI, February 06 ISSN: 0-550, E-ISSN-7-79 Core Impact 0.5% L0phtCrack.% curl 0.% Maltego 0.% DirBuster 0% Malwarebytes' Anti- Malware.7% dradis 0% MBSA 0% dsniff % Medusa 0% DumpSec 0.% Metasploit 0% EnCase 0.6% Nagios 0.9% EtherApe 0% NBTScan.% Ettercap 0% Nemesis.% fgdump 0% Nessus.% Fiddler 0% Netcat.% Firebug 6% Netfilter 0.7% Firefox.% NetScanTools.% GDB 0.% Netsparker 0% GFI LanGuard 0.5% NetStumbler 0% GnuPG/PGP 0.7% NetWitness/NextGen 0.% NetworkMiner.5% Socat 0.% Nexpose 0% Social Engineer Toolkit 0.9% Ngrep 0.% SolarWinds 0.% Nikto 0% Splunk 0.% Nipper 0% sqlmap 0.% NoScript 0.% sqlninja 0.% Ntop 0.% sslstrip 0.% OllyDbg 0% Stunnel 0% OpenBSD PF 0% Superscan 0.% OpenSSH/PuTTY/SSH.9% Sysinternals 0% OpenSSL.% Tamper Data 0% OpenVAS.6% tcpdump 0.% OpenVPN.% THC Amap 0% ophcrack 0.% THC Hydra 0% OSSEC HIDS 0% The Sleuth Kit 0% OSSIM 0% Tor 0.5% P0f 0% Tripwire.% Paros proxy.% TrueCrypt 0.% Ping/telnet/dig/trace route/whois/netstat.% Unicornscan 0.% QualysGuard 0% VirusTotal 0.9% RainbowCrack 0.% VMware.% rat proxy.7% waf 0.% Retina 0.% Wapiti 0% SAINT 0.% Web Goat 0% Samurai Web Testing Framework 0.% Web Scarab 0% Scapy 0% Websecurify 0% Secunia PSI 0% Wfuzz 0% SELinux 0% Wikto 0% Sguil 0% WinDbg 0.% skipfish 0% Wireshark.% Snort.6% Yersinia 0% Total 00% www.apjor.com Page 7

Asia Pacific Journal of Research Vol: I. Issue XXXVI, February 06 ISSN: 0-550, E-ISSN-7-79 Table : Analysis of tools Variable Response options Frequency Percent.0.0.0 Useful.0 5 0.0.0 Total 5 00.0.0 Disagree 6.0 6.0 Continuity 9 6.0 with tool usage.0.0.0 Total 5 00.0 Limitation associated Reliability 6.0 Disagree 5 0.0.0 6.0 6.0.0.0 Total 5 00.0 6.0 Disagree.0.0 9 6.0.0.0.0 Total 5 00.0 www.apjor.com Page 7

Reliable Limitation associated Continuity with tool usage Useful Asia Pacific Journal of Research Vol: I. Issue XXXVI, February 06 ISSN: 0-550, E-ISSN-7-79 Graph :Analysis of tools 0 5 0 5 0 5 0 5 0 5 50 Disagree Disagree Disagree 5 6 5 6 6 9 9 6 6 6 0 0 6 6 Frequency Percentage HYPOTHESIS TESTING: - Statistical Test: Binomial Test - Test proportion: Test proportion was taken as 75%. More than 75% of responses to a particular category shows more agreement towards this category. Hence, Test proportion was 75%. - Level of significance α = 0.05 - H0: The proportion of responses indicating Existing tools and technologies are inefficient to deal with cyber security threats is less than or equal to 0.75 (p 0.75). www.apjor.com Page 7

Efficiency Asia Pacific Journal of Research Vol: I. Issue XXXVI, February 06 ISSN: 0-550, E-ISSN-7-79 - H: The proportion of responses indicating Existing tools and technologies are inefficient to deal with cyber security threats is greater than 0.75 (p 0.75). Efficiency of existing tools and technologies. Observed proportion = 0. Test proportion = 0.75 P =0.000 More than 75% of the respondents admitted that existing tools and technologies are inefficient to deal with cyber security threats. Binomial Test Category N Observed Prop. Test Prop. Exact Sig. (-tailed) Group <= 0.6 0.75 0.000 Group > 0. Total 5.00 From the above discussion it can be seen that more than 75% of the respondents perceive that existing tools and technologies are not efficient to deal with cyber security threats. Hence the hypothesis Existing tools and technologies are inefficient to deal with cyber security threats stands proved. CONCLUSION: Increased cyber threats and attacks are giving birth to the several risks. These risks leftbad impact on society, organization and individual in variety of ways. At present ample tools and technologies are available to protect against such cyber threats. Many internet users have no idea about their usage and they are unaware of these tools. Researchers have identified that available tools and technologies are inefficient and are not completely reliable. Several limitations are associated with these tools and technologies.it is clearly noticed that there is need of improved security tools and technologies. REFERENCES:. Cybercrime, [Online], Available: http://www.techopedia.com[5 March 0]. What is cybercrime?, [Online], Available, http://us.norton.com[6 March 0]. Cyber Crimes in India - an Introduction, [Online],Available, http://www. vakilno.com [6 March0]. Gercke, M. (0), Understanding Cybercrime: Phenomena, challenges and legal response, ITU, p.. 5. UNGA Resolution: Creation of a global culture of cybersecurity and taking stock of national efforts to protect critical information infrastructure, A/RES/6/. 6. Andrew. H, Lab Director, Cyber Technology and Information Security Laboratory (CTISL),[Online],Avaialblehttp://www.gtri.gatech.edu/ctisl 7. The Comprehensive National Cybersecurity Initiative, Foreign Policy, White House.. Technology assessment,(00, May) Cybersecurity for critical infrastructure protection, United States general accounting office, p. 07. 9. Kobus, T., Jones, P., (0, December), Into The Breach: The Limits Of Data Security Technology www.apjor.com Page 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback