i-manager's Journal on Information Technology (JIT)


Volume 5 Issue 1 December - February 2016 [Open Access]

Article

Cyber Security Challenges on Academic Institutions and Need For Security Framework Towards Institutional Sustainability Growth And Development

Wali Mohammad Dar*
Department of Computer Science, School of Technology, Islamic University of Science and Technology Awantipora (IUST), Pulwama, Jammu and Kashmir, India
Dar. W. M (2016). Cyber Security Challenges on Academic Institutions and Need For Security Framework Towards Institutional Sustainability Growth And Development. i-manager’s Journal on Information Technology, 5(1), 1-6. https://doi.org/10.26634/jit.5.1.4795

Abstract

The growing dependence on computer networks and internet based applications in all areas of human involvement (Health, Education, Transportation and energy) makes it a big challenge to treat Cyber security as a separate dimension. For the sustainable development and existence of Academic Institutions, a secure and comprehensive framework is the need of the hour to ensure the sustainability and existence in the digital world. Cyber security consists of 'cyber space' which is a collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment, organization and user's assets. Cyber security endeavors to ensure the attainment and maintenance of the security properties of the organization and user's assets. Therefore strong initiatives like implementation of security policies and strategic framework of procedures/plans to secure the future of Institutions are enforced. In the present era, digital information is at the core of almost all of a university activities and the safety and security of this information is vital for growth and development. This paper discusses the Security Framework as a means to protect information and technology resources, throughout the University.

Article

Ethical Hacking and Security Against Cyber Crime

Neeraj Kumar Rathore*
Assistant Professor, Department of Computer Science and Engineering, Jaypee University of Engineering and Technology, Guna, Madhya Pradesh, India.
Rathore. N (2016). Ethical Hacking and Security Against Cyber Crime. i-manager’s Journal on Information Technology, 5(1), 7-11. https://doi.org/10.26634/jit.5.1.4796

Abstract

This paper explores the fast growing Cyber world and its components over the internet. The fast growing Internet has benefited the modern society in the form of e-commerce, e-mail, online banking or system, advertising, vast stores of reference material, etc. But, there is also a dark side, where internet becomes a common and easy tool for the criminal activity using a weak link and vulnerability of internet. In this paper, the author concentrated over several hacking activity that come under Cyber crime. It also highlights the role of ethical hacker to evacuate from the culprits and cyber crime and illustrate on proactive approach to minimize the threat of hacking and Cyber crime.

Research Paper

A Substitution Based Encoding Scheme to Mitigate Cross Site Script Vulnerabilities

Bharti Nagpal* , Naresh Chauhan**, Nanhay Singh***
*Assistant Professor, Department of Computer Science Engineering, Ambedkar Institute of Advanced Communication Technology and Research (AIACT&R), Delhi, India.
** Chairman and Professor, YMCA University of Science and Technology, Faridabad, Haryana, India.
*** Associate Professor, Department of Computer Science Engineering, Ambedkar Institute of Advanced Communication Technology and Research (AIACT&R), Delhi, India.
Nagpal. B, Chauhan. N and Singh. N (2016). A Substitution Based Encoding Scheme to Mitigate Cross Site Script Vulnerabilities. i-manager’s Journal on Information Technology, 5(1), 12-17. https://doi.org/10.26634/jit.5.1.4797

Abstract

Most of the attacks made on the web, target the vulnerability of web applications. These vulnerabilities are researched and analyzed at OWASP [1]. The Open Web Application Security project, OWASP, tracks the most common failures. Cross Site Scripting (XSS) is one of the worst vulnerabilities that allow malicious attacks such as cookie thefts and web page defacements. Testing an implementation against XSS vulnerabilities can avoid these consequences. Obtaining an adequate test data set is essential for testing of XSS vulnerabilities. These inputs are interpreted by browsers while rendering web pages. When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting website. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. Cross-site scripting attacks essentially compromise the trust relationship between a user and the website. XSS occurs when a web page displays user input typically via JavaScript that is not properly validated. This paper uses an encoding scheme that scans the starting tag present in a HTML tag and encodes it such that, the script written inside the starting and closing tags will not work as a HTML element thus, rendering the attack useless.

Research Paper

Functioning of Intelligence Intrusion Multi Detection Prevention Systems (IIMDPS)

S. Murugan* , K.Kuppusamy**
* Research Scholar, Department of Computer Science and Engineering, Alagappa University, Karaikudi, Tamilnadu, India.
** Professor, Department of Computer Science and Engineering, Alagappa University, Karaikudi, Tamilnadu, India.
Murugan. S and Kuppusamy. K (2016). Functioning of Intelligence Intrusion Multi Detection Prevention Systems (IIMDPS). i-manager’s Journal on Information Technology, 5(1), 18-27. https://doi.org/10.26634/jit.5.1.4798

Abstract

This paper focuses on functioning of Intelligence Intrusion Multi Detection Prevention Systems (IIMDPS). It describes the prevention of unknown malware with the help of mathematical scheme and few models with newly designed algorithm. This is designed to provide a deeper understanding of existing intrusion detection principles with intelligence strategies, that will be responsible for acquiring unknown malware, which compare the false positive rate and the false negative rate. That will be proven by conducting different experiments with WEKA simulation.

Research Paper

A Survey on Operating System Virtualization Methods and Challenges

Abhilash C.B* , D.V. Ashoka**
* Assistant Professor, Department of Computer Science and Engineering, JSS Academy of Technical Education (VTU), Bangalore, India.
** Professor, Department of Information Science and Engineering, JSS Academy of Technical Education (VTU), Bangalore, India.
Abhilash C.B and Ashoka. D. V (2016). A Survey on Operating System Virtualization Methods and Challenges. i-manager’s Journal on Information Technology, 5(1), 28-33. https://doi.org/10.26634/jit.5.1.4799

Abstract

Computational world is turning out to be substantial and complex. Distributed computing has risen as a well registering model to bolster handling substantial volumetric information utilizing groups of product PCs. Working framework (OS) virtualization can give various imperative advantages, including straightforward relocation of utilizations, server combination, online OS upkeep, and improved framework security. Nonetheless, the development of such a framework introduces a bunch of difficulties, not withstanding for the most wary engineer, that if neglected may bring about a frail, deficient virtualization. We exhibit exchange of key execution issues in giving OS virtualization in a merchandise OS, including framework call intervention, virtualization state administration, and race conditions. The authors discussed about their encounters in executing such usefulness over two note worthy variants of Linux altogether in a loadable bit module with no portion adjustment. The author exhibit trial results on both uniprocessor and multiprocessor frameworks that show the capacity of our way to deal with furnish recapture virtualization with low overhead. In this paper, the authors first developed a comprehensive taxonomy for describing operating system architecture. Then they use this taxonomy to survey several existing operating system virtualization services and challenges.