Tuesday, March 19, 2019
Thursday, March 7, 2019
Security Threats
The need for
security started increasing as universities, government and military
installations began to connect with each other. The Defense Advanced Research
Projects Agency (DARPA) is an agency of the US Department of Defense in charge
for the development of evolving technologies for usage by the military.
There are various types of threats some of the common threats to network security
are as follows:1. Denial-of-Service (DoS) attack: DoS attack aims to entirely consume network bandwidth and system resources by creating a large volume of network traffic. This makes it impossible for genuine users to use the resources which were meant for them.[1]
2. Distributed Denial of Service (DDoS) attack: DDoS attacks are a variant of DoS attacks in which an attacker simultaneously uses two or more machines to execute a DoS attack, to make the attack more powerful. [2]
3. Botnet: A botnet is a huge amount of devices linked to the Internet, each of which is infected by bots. A bot is a malware that allows an attacker to take control of a system. A bot is distributed in a variety of ways such as e-mail attachment which is unknowingly downloaded by the users. In this type of attack, an enormous number of computer systems perform their actions under the control of a single attacker. [3]
4. Payload Mutation: In this type of attack malicious packet payload is modified, but it is semantically same as original packet and looks very different from attack signatures. As it appears different from attack signatures, it can remain undetected by security measures. [4]
5. SQL Injection attack: In this attack a part of malicious SQL query is inserted into web applications via the variables used by these web applications. These applications then send malicious queries to the database server by which an attacker can read, insert, delete or update database contents. [5]
6. User to Root Attack (U2R): In this type of attack, the invader somehow login as genuine user account by sniffing password and try to exploit certain susceptibility to obtain root access to the system. [6]
7. Remote to Local Attack (R2L): This attack happens when the invader who is not a legitimate user of the machine but by exploiting some weakness to gain access to local device and sends packets to other machines in the network. [6]
8. Probe Attack: In this type of attack, the invader attempts to collect information of the network for the purpose of evading its security controls. [6]
References
- S.S. Thakare, and P.
Kaur, “Denial-of-Service Attack Detection System”, In 1st International Conference on Intelligent Systems and
Information Management (ICISIM), pp. 281-285, Oct 2017.
- K.N. Mallikarjun, K. Muthupriya, and S.M. Shalinie, “A Survey of Distributed Denial-of-Service Attack”, In 10th International Conference on Intelligent Systems and Control (ISCO), pp. 1-6, Jan 2016.
- S. Garg, and R.M. Sharma, “Anatomy of Botnet on Application Layer: Mechanism and Mitigation”, In 2nd International Conference for Convergence in Technology (I2CT), pp. 1024-1029, April 2017.
- T.H. Cheng, Y.D. Lin, Y.C. Lai, and P.C. Lin, “Evasion Techniques: Sneaking through your Intrusion Detection/Prevention Systems”, IEEE Communications Surveys Tutorials, vol. 14, no. 4, pp. 1011-1020, 2012.
- S. Mohammad, S. Sajjadi, and B.T. Pour, “Study of SQL Injection Attacks and Countermeasures”, International Journal of Computer and Communication Engineering, vol. 2, no. 5, pp. 539-542, 2013.
- A.I. Madbouly, A.M. Gody, and T.M. Barakat, “Relevant Feature Selection Model using Data Mining for Intrusion Detection System”, arXiv preprint arXiv:1403.7726, 2014.
Comparison of PHP v/s Node.JS
Comparison of PHP v/s Node.JS
Today a number of scripting languages
or technologies are available for server side processing and integration with
the databases. These technologies have their advantages and disadvantages. This
makes it difficult for developers to choose an appropriate server side
environment for their projects development. To solve your problem, we are
providing a comparison of two major server-side scripting technologies –
Node.js, and PHP.
PHP is a successor to a product name
PHP/FI which was created in 1994 by Rasmus Lerdorf. Lerdor originally created
PHP to track visits to his online resume and named the suite of scripts
“Personal Home Page Tools”. PHP is written primarily in C with some code in
C++. PHP scripts have an
extension of .php and can contain JavaScript, HTML, CSS and even plain text.
Node.js, was first introduced in May
2009 by Ryan Dahl. The goal of Node.js was set to provide an event-driven,
nonblocking I/O model that was lightweight and efficient. It allows the
application to proceed its execution without wasting clock. Node.js is
primarily written in C, C++, and JavaScript. With
the birth of Node.js, it brings users the facility to build completely JavaScript based applications.
Comparison
between PHP and Node.js
|
Functionality
|
Node.js
|
PHP
|
|
Synchronous OR Asynchronous
|
Synchronous
|
Asynchronous
|
|
Access to the
command line interface
|
Yes
|
Yes
|
|
Switch between
different environments and languages
|
User has to continuously switch
between different language and syntax.
|
No need to switch between the
languages.
|
|
Commonly used FRAMEWORKS
|
koa.js, hapi, total.js, and sails.js
|
|
|
Databases
|
PHP commonly uses MySQL, MariaDB,
PostgreSQL databases
|
Node.js works perfectly with
NoSQL (Not only SQL) databases like MongoDB.
|
How to Make the
Right Choice?
Both Node.js and PHP
have their good and bad portions. When choosing between Node.js and PHP, you
should definitely consider what type of application you are going to build,
what are the hosting requirements of your client, and what is the speed of
development. If your client is looking for a standardized solution with an
extensive hosting support, you should consider using PHP. It is a good choice
for creating blogs, news site, landing page or web portal. Node.js makes
it a great fit for RTA (Real-Time Applications) such as instant messaging and
collaborative apps (drawing and video conferencing) in which many requests are
happening concurrently and where data is frequently shuffled back and forth
from the server to the client.
Subscribe to:
Comments (Atom)
OSI Model Learn OSI Model of Computer Networks in a very easy way.
