Hi
This section contain my report skelton and presentation for my Dissertation.
Exam related :-
Students should present :
Concise Literature Review
Justification for their topic
Objective and Scope
Previous Review comments
Work Done; Results; conclusions if any
PhD students: Work Plan; ME Students: Submission plan
Presentation time per student : 15 min. & Question Answer time : 10 min
Title page :-
Federated Network Security Administration Framework
Certificate :-
Industry Certificate :-
Declaration :-
:
Dedicated to :- My parents
Acknowledgments :-
Table of content :-
Abstract :-
In today’s world, Internet is now ubiquitous. Internet-based
services touch all aspects of our daily life in modern society. Since the Internet and World Wide Web enabled an information explosion, security issues of websites that publish the online information become more and more crucial. So As per above motivation of hosting a website in Public
IPs resulted in implementation of security devices and controls like firewalls,
routers etc.
To resolve this security issue, it is proposed to build a framework which contain vulnerability assessment of web application and after fixing all this vulnerability, this web service ready to host into public environment. This thesis presents the process of how to put web application into secure zone means put website into DMZ after fixing all vulnerability.The proposed system is designed for finding vulnerability into web application using OWASP (Open Web Application Security Project).
Introduction :-
-- Chapter overview
-- Defination and abbreviations
-- Research motivation
-- Overview of research model
-- Overview of research approach
INPUT >>> PROCESS >> OUTPUT
-- Outline of thesis chapters
Chapter Chapters Chapter Outline
No.
Litrature survey :-
Analysis :-
-- OWASP Top 10 vulnerability for 2013
--
Project Planning :-
-- Project scheduling
Table :-
ID Task Duration Start End
1 Preparing Problem statement 17 Sep 2012 | 22 Sep 2012
2 Understanding general requirement 24 Sep 2012 | 6 Oct 2012
3 Meeting with guide 8 Oct 2012 | 13 Oct 2012
4 Literature Review 15 Oct 2012 | 1 Nov 2012
5 Implementation 5 Nov 2012 | 5 Feb 2013
6 Testing 6 Feb 2013 | 30 March 2013
7 Writing project report 1 April 2013 | 25 April 2013
8 Preparing Presentation 26 April 2013 | 10 May 2013
-- Project Plan
-- Refining the Project
-- Controlling the project
-- Project Diary
--
Project management :-
Implementation strategy :-
-- Implemantation tools and Environement
-- Customization
-- Work flow
-- Testing
Methodology and Proposed system :-
-- Overview
-- Project Scheduling - Gantt chart [ First Draft]
-- Project Scheduling - Gantt chart [ Revised]
-- Project Scheduling - Gantt chart [ Showing task's progress]
-- Project Scheduling - Gantt chart [ with milestone]
-- Use Case Sample [ Diagram ]
-- Use Case Model [ Sample 1]
-- Testing process Activity diagram
Tables
-- Project Prioritization Template
-- Project Prioritization Sample
-- Project Scheduling - Bottom up - First attempt
-- Project scheduling - bottom up - continued
-- Chosing a method
-- Choosing a implementation tool
-- Test case sample
Exploit diagram :-
Conclusions :-
References :-
Appendix A :-
Appendix B :-
http://ijcsmc.com/docs/papers/March2013/V2I3201315.pdf :- Published paper in jounals.
Rough work :-
Steps for making Gantt chart :-
- understanding the problem area
- Litrature review
- Requirements managements
- Analysis
- Design
- Implementation
- Test
- Project report
- Presentation
Scanning tools :-
Netsparker, SQLMap, Nikto, Burp suit, NMAP, NESSUS, Metasploit, OpenVAS, OSSIM, NTO objective,W3af[web application attack and audit framework], IBM app ratinal scan, Pantera, Wikto, Retina, Microsoft base analyzer, SAINT, hack alert,
Abstract from IEEE :-
This paper first investigates and analyzes security holes concerning the use of server-side includes (SSI) in some of the most used Web server software packages. We show that, by exploiting features of SSI, one could seriously compromise Web server security. For example, we demonstrate how users can gain access to information they are not supposed to see, and how attackers can crash a Web server computer by having an HTML file execute a simple program. Such attacks can be made with no trace left behind. We have successfully carried out all the attacks described in this paper on dummy servers we set up for this investigation. We then suggest several practical security measures to prevent a Web server from such attacks
Today's combat zone for both ethical and unethical hackers is the web. Rapid growth of web sites and web applications gives way to deliver complex business applications through the web. As the web dependency increases, so do the web hacking activities. Web applications are normally written in scripting languages like JavaScript, PHP embedded in HTML allowing connectivity to the databases, retrieving data and putting them in the WWW site. A web application is vulnerable to many kinds of threats and attacks. In order to detect known attacks, some set of attack rules and detections are needed. In this paper, a negative security model based on misuse of web applications is used. This negative security model provides a Web Application Firewall(WAF) engine with a rule set, to ensure critical protection across every web architecture. WAFs are deployed to establish an increased external security layer to detect and/or prevent attacks before they reach web applications. This paper has been tested with apache web server's log file. We have tested successfully almost all the common attacks. This paper also allows for HTTP traffic monitoring and real-time analysis with little or no changes to existing infrastructure.
Web servers are ubiquitous, remotely accessible, and often misconfigured. In addition, custom Web-based applications may introduce vulnerabilities that are overlooked even by the most security-conscious server administrators. Consequently, Web servers are a popular target for hackers. To mitigate the security exposure associated with Web servers, intrusion detection systems are deployed to analyze and screen incoming requests. The goal is to perform early detection of malicious activity and possibly prevent more serious damage to the protected site. Even though intrusion detection is critical for the security of Web servers, the intrusion detection systems available today only perform very simple analyses and are often vulnerable to simple evasion techniques. In addition, most systems do not provide sophisticated attack languages that allow a system administrator to specify custom, complex attack scenarios to be detected. We present WebSTAT, an intrusion detection system that analyzes Web requests looking for evidence of malicious behavior. The system is novel in several ways. First of all, it provides a sophisticated language to describe multistep attacks in terms of states and transitions. In addition, the modular nature of the system supports the integrated analysis of network traffic sent to the server host, operating system-level audit data produced by the server host, and the access logs produced by the Web server. By correlating different streams of events, it is possible to achieve more effective detection of Web-based attacks.
http://projects.webappsec.org :- references for web application security.
Digital forensics is the science of identifying, extracting, analyzing and presenting the digital evidence that has been stored in the digital devices. Various digital tools and techniques are being used to achieve this. Our paper explains forensic analysis steps in the storage media, hidden data analysis in the file system, network forensic methods and cyber crime data mining. This paper proposes a new tool which is the combination of digital forensic investigation and crime data mining. The proposed system is designed for finding motive, pattern of cyber attacks and counts of attacks types happened during a period. Hence the proposed tool enables the system administrators to minimize the system vulnerability."
