International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

Computer Network Security andAttacks on Wireless Sensor Network,Hacking issues SonalR.Jathe1 ,Dipti S. Charjan2,Pallavi A.Patil3

1

Assist. Prof., Comp.Sci. andengg., J.D.I.E.T,Yavatmal, [email protected]

2

Assist. Prof., Comp.Sci. andengg., J.D.I.E.T,Yavatmal,[email protected] 3

Assist. Prof., Comp.Sci. andengg., J.D.I.E.T,Yavatmal,[email protected]

ABSTRACT ABSTRACT In the last decade, the progress of internet technologies has led to a significant increase in security and privacy issues for users. This is the study aims to how to secure computer network. In the network security cybercrime technologies have brought many good things by means of the internet: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also an other side: criminal hackers. Governments, companies, and private citizens around the world are anxious to be a part of this revolution, but they are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on- line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet. With these concerns and others, the ethical hacker can help. This paper describes ethical hackers: their skills, their attitudes, and how they go about helping their customers find and plug up security holes. "Hacking" is the word that shakes everyone whenever it is said or heard by someone. Everyone born in this world with attitude wants to be a Hacker. But it is not a job of a new born baby or an old grown lady. A Hacker needs a brilliant mind to hack anything. There are many rules that he should learn to become an Ethical Hacker which is also called as penetrate testing. These rules include knowledge of HTML, Java Scripts, Computer Tricks, Cracking & Breaking etc.etc. In this paper I explain about the hacking techniques and the functions of how it takes place in the network and the methods to be solved.

Keywords : Computer Network , Network , Security , Hacking etc. ----------------------------------------------------------------------------------------------------------------------------1.

Introduction:

Computer Networks Security (CNS) is becoming more important nowadays because of increasing demand for internet based technologies. The increase in users‟ privacy concerns is related to the increasing use of the internet [1]. However, security mechanisms that prevent such issues might deteriorate a user‟s experience. A user might find these mechanisms cumbersome or unnecessary and neglect using them, which might lead to security breaches in certain systems or simply loss of privacy of the user. In the growth of the technology many hackers argue that they follow an ethic that guides their behavior and justifies their break-ins. They state that all information

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

should be free, and hence there is no such thing as thinker property, and no need for security. If all information should be free, privacy is no longer possible. Additionally, our society is based on information whose accuracy must be assured; hence free and unrestricted access to such information is out of the question. Also, information is often collected and developed at great expense. In this paper, we study the computer network security and concept of hacking issues. Today everyone use computer networks to share resource and to exchange information. This computer network can be classified into many types based on the properties like protocol, topology and architecture. Topology defines the physical arrangements of the nodes of a network. Widely known topologies are bus, ring, star, mesh and hybrid. In bus topology all the nodes will connected using a single cable (this cable will act as a backbone). Damaging the cable will cause network failure. The information can be easily hacked by hackers by taping the cable anywhere in the network. This is a simple and cheap topology to implement. In ring topology the nodes of a network will connect via a ring like cable. Comparing bus topology it is good in speed and information can be hacked easily by taping the cable. In star topology the network devices like hub or switch will be used to connect all the nodes of a network. Tapping of single cable may not be useful to hack all the data of all the nodes if the network uses switches, because switch simply forwards the frame to a specific port, which is connected to specific node of the network. In case if a network uses hub then taping a single cable is enough to monitor or hack the data of a network. Mesh topology connects all the nodes of a network to each other. It is expensive because it needs more number of cables and network adapters. Here the advantage is failure of single cable may not affect the network performance and the network will be more stable. During the information exchange the data will travel in multiple path, so hacking is tough than previous topologies. Using architecture also we can classify the networks. Widely known architectures are peer-to peer and client-server. In peer- to-peer all nodes can communicate with each other without any specific server node to control. It is suitable for small companies or institutions where the number of nodes is less. Generally this type of architecture used to share resources. In client-server architecture a specific node can act as a NT Domain Controller, which controls all the nodes of a network. All the nodes can login to the server to get a specific service. The clientserver architecture is good in case of security comparing peer-to-peer. Because of security reasons many big companies uses this type of architecture.

2. BACKGROUND 2.1. Security Goals When dealing with security in WSNs, we mainly focus on the problem of achieving some of all of the following security contributes or services: • Confidentiality: Confidentiality refers to data in transit to be kept secret from eavesdroppers. Here symmetric key ciphers preferred for their low power consumption. • Integrity: Integrity measures that the received data is not altered in transit by an adversary. • Authentication: Authentication enables a node to ensure the identity of the peer with which it is communicating. • Availability: The service should be available all the time. • Data Freshness: It suggests that the data is recent, and it ensures that no old messages have been replayed. • Non-repudiation: It denotes that a node cannot deny sending a message it has previously sent. • Authorization: It ensures that only authorized nodes can be accessed to network services or resources. These goals are not ensured by traditional securitytechniques. Therefore, new security measures are needed toaddress the specific security challenges of wireless sensornetworks.

2.2. Security Challenges We summarize security challenges in sensor networks asfollows: • Minimizing resource consumption and maximizingsecurity performance.

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

• Sensor network deployment renders more link attacks. • Wireless communication characteristics rendertraditional wired-based security schemes unsuitable. • Large scale and node mobility make the affair morecomplex. • Node adding and failure make the network topologydynamic.

3. ATTACK SPECIFIC COUNTERMEASURES In this section we will refer to some of the attacks on WSN andfocus on the proposed countermeasures.[2]

3.1 Wormhole Attack

Fig-1: Demonstration of a wormhole attack As shown in the fig.1, an adversary tunnels messagesreceived in one part of the network over a low latency link and replays them in a different part. As a result, nodes in area A consider nodes in area B are their neighbors and vice versa [3]. An adversary situated close to a base station may be able to completely disrupt routing by creating a wellplaced wormhole. An adversary could convince nodes who would normally be multiple hops from a base station that they are only one or two hops away via the wormhole. Wormholes are especially dangerous because they can cause damage without even knowing the protocols used or the services offered in the network. Wormholes are hard to detect because they use a private, out-of-band channel invisible to the underlying sensor network. In [3], an IDS (Intrusion Detection System) agent is installed in all sensor nodes. It runs independently from the application. When a malicious node is found, an alarm message is broadcasted to the network. In [4], Hu at el. present a packet leashes mechanism. The geographical leash ensures that the recipient of the packet is within a certain distance from the sender. The temporal leash ensures that the packet has an upper bound on its lifetime, which restricts the maximum travel distance. It requires either location information or tight clock synchronization. In [5], each node requires directional antenna. With no wormhole link, if one node sends packets in a given direction, then its neighbor will receive that packet from the opposite direction. Only when the directions are matching in pairs, the neighboring relation is confirmed. In [6], the authors have discussed digital investigation of wormhole attack. A set of investigator nodes are distributed over the network to monitor the network topology and datagram forwarded by sensor nodes. In [7], the proposed algorithm consists of three steps: (1) statistic analysis on routing information for wormhole detection, (2) determination of the suspicious wormhole link set and (3) wormhole validation with time constraints. It needs neither time synchronization among the sensors nor extra hardware. Results show that the algorithm can detect the wormhole efficiently with high rate of accuracy. In [8], an approach towards wormhole detection requires two steps: First step is based on the algorithm that uses a hop counting technique as a probe procedure, reconstructs local maps in each node and uses a “diameter” feature to detect abnormalities. Second step is based on round trip time (RTT). It does not need any specific hardware to detect the wormhole attacks.In [9], multi dimensional scaling visualization based approach to detect wormhole attack has been proposed. Using the received signal strength, each sensor node estimates the distance to its neighbor. All sensor nodes send this distance

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

information to the base station. It calculates the network‟s physical topology. If no wormholes present, the network topology should be more or less flat. If wormhole attackers exist, the shape of the network layout will show some bent/distorted features. In [10], the authors have proposed trust based approach to detect wormhole attack. Sensor nodes can monitor the behavior of their neighboring nodes and rate them. If a wormhole drops all the packets, a wormhole in such a system should have the least trust level. A node will have the highest trust level if all the packets sent reach the destination. In [11], the radio signal first received is converted to its digital format. The signal transient is located and its features are extracted. A set of features forms a fingerprint that can later be used for device identification. In [12], the author has proposed DeWorm, a simple protocol for detecting wormholes. It employs routing discrepancies between neighbors to determine the existence of a wormhole. It does not require location information, accurate synchronization between nodes, special hardware etc. It demonstrates excellent detection probabilities.

3.2 Jamming Attacks Jamming is defined as the act of intentionally directingelectromagnetic energy towards a communication system todisrupt or prevent signal transmission. Jamming interferes withthe radio frequencies of the sensor nodes. Only a few jammingnodes can put a considerable amount of the nodes out of order.If the adversary can block the entire network then that causescomplete DoS (Denial of Service).Existing security mechanisms against jamming attacks inWSNs are presented in [13]. Countermeasure against jammingincludes regulated transmitted power, frequency hoppingspread spectrum, direct sequence spread spectrum, hybridFHSS/DSSS, ultra wideband technology, antenna polarization,directional transmission etc. Proposed security schemes againstjamming in WSNs include detection techniques, proactivecountermeasures, reactive countermeasures and mobile agentbased countermeasures.In [14], by exploiting the multiple wireless channelsavailable on most wireless platforms, author has proposed anapproach to switch communication channels. Each nodeestimates the qualities of the channels that it has a chance toobserve. If it detects poor quality on its main communicationchannel, it leaves for a different channel for communication. Asa result, a node currently on a jammed channel can continuecommunication with its neighbors on other available channels.In [15], the author has proposed a defense technique basedon swarm intelligence. The sender and receiver changechannels in order to stay away from the jammer, in channelhoping technique. The forward ants either unicast or broadcastat each node depending on the availability of the channelinformation for end of the channel. As the backward antsreaches the source, the data collected is verified which channelthere is prevalence of attacker long time, and those are omitted.Simultaneously the forward ants are sent through other channelswhich are not detected before for attacks.In [16], author has proposed an approach to localizingmultiple jamming attackers. The proposed framework canpartition network topology into clusters and can successfullyestimate the positions of multiple jammers even when theirjamming areas are overlapping.In [17], the author has proposed a method for determining theposition of a jammer using a virtual force iterative approach(VFIL). The VFIL scheme is a range-free position estimationmethod that estimates the position of a jammer iteratively byutilizing the network topology. It re-estimates the jammer‟sposition iteratively until the estimated jammer‟s position isclose to the true location.In [18], the author has proposed compromised resilient antijammingcommunication. The physical communication channelof a sensor network is determined by the group key shared byall the sensor nodes. When insider jamming happens, thenetwork will generate a new group key to be shared only by thenon compromised nodes. After that, the insider jammers arerevoked and will not be able to predict the futurecommunication channels used by the non-compromised nodes.A powerful jamming attack called mobile jamming attack isaddressed in [19]. The author has proposed a multidataflowtopologies scheme that can effectively defend it. The simulationresults demonstrate that the mobile jamming attack is moredevastating than traditional jamming attacks.In [20], the detection scheme for advance jamming attacks isable to identify the cause of bit errors for individual packets bylooking at the received signal strength. The scheme is wellsuitedfor the protection of reactive alarm systems with verylow network traffic. Author

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

has discussed different techniquesfor the detection and localization of bit errors.In [21], a fully distributed network based protocolMULEPRO (MULtichannel Exfiltration PROtocol) works byautomatically and efficiently assigning nodes to differentchannels in the jammed area in order to defeat an attacker.Results show that even when the attacker uses a channelhopping strategy MULEPRO can effectively exfiltrate data.

3.3. Selective Forwarding Attacks In this type of attack, the adversary includes itself in a dataflow path of interest. The attacker may choose not to forwardcertain packets. A variation of this attack is when the adversaryonly drops packets coming from a specific source whilereliably forwarding other packets.A multi-hop acknowledgements scheme to launch alarms isproposed in [22]. Each node in the forwarding path is in chargeof detecting malicious nodes. If an intermediate node detects anode as malicious in its downstream/upstream, then it will sendan alarm packet to the source node/base station through multihops.Downstream detection denotes direction towards basestation and upstream detection denotes direction towardssource node.An approach using neighbor nodes as monitor nodes isproposed in [23]. During the transmission if any malicious nodein the transmission path drops a packet, then the monitoringneighbor nodes detects the packet drop and broadcasts an alarmpacket informing that node as malicious. One of the monitoringnodes chooses another path to destination and sends packetwithout making any delay.The scheme uses two hop neighborhood information to detectthe attack [24]. In deployment phase, each node constructs two hopneighbor table. Each sensor node associates each neighbornode with malicious counter. If malicious counter crosses thethreshold then the node is set as malicious and revoked from itsneighboring list.In [25], the HSN consists of powerful high-end sensors (H-sensors) and large number of low-end sensors (L-sensors). After deploying sensors, a cluster formation takes place with H-sensor as cluster head. Whenever packet drops occur at a node, L-sensor nodes report the packet drop to a cluster head (an H-sensor). Based on the reports received, H-sensor runs a test and determines whether a node is compromised or not. Thescheme uses a Sequential Probability Ratio Test. For each node, probability value ‟p‟ is calculated which is equal to the percentage of dropped packets in all forwarded packets. In [26], the whole network is divided into different data topologies that makes, a sensor node belonging to one topology can communicate and send information only through nodes of the same topology. This division takes place at deployment time. The condition in this scheme is that every topology has to cover the sensing area completely. If the network is divided into two topologies and suppose an event is raised, nodes in both the topologies sense the event, raises an event packet and forwards to the base station. Suppose a malicious node drops packet in one topology, still packet reaches base station through path in another topology. By using their location information base station can detect malicious node.

3.4 Sinkhole Attack Sinkhole attacks typically work by making a compromised node look especially attractive to surrounding nodes withrespect to the routing algorithm. Sinkhole attacks are difficult to counter because routing information supplied by a node is difficult to verify. As an example, a laptop-class adversary has a strong power radio transmitter that allows it to provide a high-quality route by transmitting with enough power to reach a wide area of the network.

Fig-2: Demonstration of a sinkhole attack. An approach to detect sinkhole attack using data consistency and network flow information is proposed in [27]. It finds a list of suspected nodes and estimating the attacked area. Then using network flow graph, it effectively identifies the intruder in the list. Hop-count monitoring mechanism for detecting sinkhole attack is discussed in [28]. Author has proposed Anomaly Detection System (ADS), which analyzes the magnitude of hop counts stored in a node‟s routing table.

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

4. TYPES OF HACKER 4.1 WHITE HAT HACKER Also referred as Ethical Hacker or sometimes called asSneakers. [29]A White Hat Hacker mainly focuses on securingcorporate Network from outsider threat. They are with goodintention that fights against Black Hat.

4.2 BLACK HAT HACKER Also referred as cracker A Black Hat Hacker's intention is tobreak into others Network, and wish to secure his ownmachine. They often use different techniques for breakinginto systems which can involve advanced programmingskills and social engineering.

4.3 GREY HAT HACKER They are Skilled Hacker who sometimes acts legally andsometime not. In simple word you may call a Grey Hathacker as Hybrid between White Hat and Black Hat hacker

5. HACKERBRILLIANT PROGRAMMER The positive usage of the hacker is the one who knows a(sometimes specified) set of programming interfaces well enough to write software rapidly and expertly. This type ofhacker is well-respected, although the term still carries someof the meaning of hack, developing programs withoutadequate planning. This zigzag gives freedom and the ability to be creative against methodical careful progress.Types of hackers in this sense are gurus and wizards."Guru" implies age and experience, and "wizard" oftenimplies particular expertise in a specific topic, and an almostmagical ability to perform hacks no one else understands.

5.1. HACKING METHODS 5.1 PHISHING METHOD Phishing is the method that you are familiar with. Youcreate a Fake Account and ID in yahoo and fool yourfriends by telling them to send the victim's ID, their own IDand their own Password in your Fake Yahoo Account.

5.2 BRUTE FORCE HACK Brute Force Hack is a Hacking which takes much time toget Password of the Victim and it needs a Hacker to learnaboutJavaScripts.

5.3 FAKE LOGIN HACK Fake Login Hack is the Hacking used by most of you foryour goal by creating a Fake Login Page and telling your friends to login there and the Password would come to you.

5.4 COOKIE STEAL HACK Cookie Steal Hack is somewhat similar to Fake Login Hackas you prepare a Cookie Stealer and tell your friends to openyour Cookie so that his Password would come to you.

5.5 WEB MAIL HACK Web Mail Hack is the toughest method to learn for Hackingas it also needs a Hacker to learn about JavaScript‟s,Computer Tricks and much more and there is also softwarefor this type of Hack. But still the software is used only forthe recover not for using those so initially the phishingrepresents the act of creating fake pages of popular social web sites for example You tube, Face book, MySpace,Windows Live Messenger, auction sites like eBay, onlinebanks, online payment processors like PayPal, ITAdministrators, any mail sites like GMAIL, YAHOOMAILindeed everythin. By this we consider example as theorkut website in that have to take the first need to take thefake page of the login page it looks like an original orkutlogin page but it is fake pages so that whenever

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

we type inour details and click on submit we do not get logged intoorkut but actually give away our account details. Let us seehow this page is created. • First the login page of orkut is saved onto out localsystem. • If we view the page source and search for a word“action” give our system address and save thatpage. • So whenever we click submit the F:/URLhttps://www.google.com/accounts/ServiceLoginAuth?service=orkut is called so instead of that we cancreate another file and do our own action. So forthat we create a file. • That file is saved as login.php. Whenever this fileis called the username and password are stored in a file called hacker.php. • To call the login.php file in the place ofhttps://www.google.com/accounts/ServiceLoginAuth?service=orkut • We write login.php so that login.php is called. Nowthe source code of the fake login page appears as: • The files are hosted and whenever a user thinking itto be orkut login page submits his username andpassword, they are stored in a file calledhacker.html.

6.PREVENTION Check the URL when login into any social networks andelse to prevent from such attacks it is sufficient if we justsee the source code and find the word “action” and see thetask related to it.

6.1 EMAIL SPOOFING This represents the act of fake emails that we receive in ourmail box saying that they are from some higher authority and ask for your username and password.This can also be associated to phishing. For example, if weconsider the orkut hacking, a mail says that it is from orkutteam and asks us to confirm something and they give you alink to do that. This link indeed re-directs to the fake orkutlogin page. So if we think it is the orkut main page andsubmit our information our account is hacked.

6.2 BRUTE FORCE ATTACKS A brute force attack consists of trying every possible code,combination, or password until you find the right one. The hacker tries out different combinations of dictionary tomatch the username and password. So if they match, theaccount is under control of the hacker. The difficulty of abrute force attack depends on several factors, such as: • How long can the key be? • How many possible values can each component ofthe key have? • How long will it take to attempt each key? • Is there a mechanism which will lock the attackerout after a number of failed attempts?Increasing Security against a Brute Force AttackFrom the example above, account security could beincreased by: • Increasing the length of the password. • Allowing the password to contain characters otherthan numbers, such as * or # • Imposing a 30 second delay between failedauthentication attempts. • Locking the account after 5 failed authenticationattempts.

6.3 KEY LOGGING Keystroke logging (often called key logging) is a methodof capturing and recording user keystrokes. The techniqueand name came from before the era of the graphical userinterface; loggers nowadays would expect to capture mouseoperations and screenshots.A hacker when has access to the victim‟s system installs akey logger or if he has no access he makes the user believethe key logger is some trusted application and makes himinstall it.It records all the users‟ activities (which also includeusernames and passwords) in a local file called log file. Thehacker somehow receives the log file and hence the victimssystem is hacked.

6.4 KEY LOGGER Based on the order of the keystrokes, it is usually easy toidentify the password(s) from the file later. Like the Trojan,this also requires that someone actually type the password.Key loggers come in two types: hardware and

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

software. Ahardware key logger can be fitted between the keyboardcable and the computer and can be activated with a fewkeystrokes. It is then left in place until after the passwordthat you are looking to recover is typed. Later it is removedand the file of keystrokes is examined for the password. Ahardware key logger is indictable by anti-virus software. Asoftware key logger is installed on a system and effectivelyhas the same function, however, it is a little bit morecomplex to use since it must be installed to run stealthily tobe effective. A key logger could be used to steal a passwordfrom someone who is using an office computer or sharing acomputer. It is possible that installing and using such adevice or piece of software could be illegal depending uponwhether the target has a presumption of privacy when usingthe computer on which the key logger is installed.

6.5 PACKET SNIFFING A sniffer is a piece of software that‟s grabs information„packets‟ that travel along a network. That network could be running a protocol, such as Ethernet, TCP/IP, IPX or others.The purpose of sniffer is to place the network interface into„promiscuous‟ mode and, by doing so, capture all networktraffic. Looking into packets can reveal information likeusernames, passwords, address or the contents of e-mails.

7. BASIC NEEDS FOR HACKING We learn about computers - in as much detail as you cannowmost people will disagree with this but the first thing you should do is learn HTML this way you will know howto make decent websites. We may wonder why? Becausehacking is something knowing everything about a computerby using that knowledge to get what you want. Now after you have done this you can start on this list of things to do. 1. Learn about hardware - basically how your computerworks. 2. Learn about different types of software. 3. Learn DOS. (Learn everything possible) 4. Learn how to make a few batch files. 5. Port scanning. (Download blues port scanner if it's yourfirst time) 6. Learn a few programming languagesHTML, C++, Python, Perl.... (I‟d recommend learning html as your first Language) 7. How to secure yourself (proxy, hiding Ipetc) FTPTCP/IP, UDP, DHCP, 8. Get your hands dirty with networking 9. Learn disassemble language (its the most basic languagefor understanding machine language and very useful tounderstands when anything is disassembled and decoded) 10. Learn to use a UNIX Operating System. (A Unix systemis generally loaded with networking tools as well as a fewhacking tools) 11. Learn how to use Exploits and compile them. (Perl andC++ is must)

7.1.HACKING WINDOWS XP Here are the steps in which the systems can be accessedthrough the network with the security below are the steps how to hack the windows XP this is I done by means of casestudy, 1. Boot the PC in Safe Mode by pressing the F8 key. 2. Select the Safe Mode option, now you can nowLogin as an Administrator and XP won't promptfor the Password. 3. Try rebooting the PC in DOS. 4. Now, Access toC:\Windows\system32\config\Abhi 5. Rename Abhi as abhi.mj. 6. Now XP won't ask for Password next time youLogin. 7. Now, again go to Start menu --> Run. 8. Type there cmd prompt. 9. Type net user *, It will list all the users.

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

10. Again type net user "administrator" or the name ofthe administrator "name" *. 11. It will ask for the password. Type the password andthere you are done. 12. Hold the Ctrl+Alt key and press Del twice. Thiswill bring up the normal login and you can log onas Administrator. To unhide the Administratoraccount so it does show up. 13. Again go to Start --> Run --> reedit. 14. Go to HKEY_LOCAL_MACHINE -->SOFTWARE --> Microsoft --> Windows NT -->Current Version --> Win logon --> SpecialAccounts --> User List.

7.2. HACKERS GOALS Then following are the main goals of the hackers in which itcan be processed by means of ethical hacking • Corporate espionage • Info warfare • Web site defacing • ISPs • DDOS • Access • Credit cards • Computer control • Home computers • Business • Data bases • Software theft • Hacktivism • Computer time • Theft of intellectual property • Riding the Bullet.

7.CONCLUSION In this paper, a survey is given on existing attacks in wireless networks. We have also covered the countermeasures and potential solutions against those attacks, and mentionedsome open research issues. This paper helps the readers tohave better view of attacks and countermeasures in networks, and find their way to start secure designs forthese networks. And also Hacking is now an issue that does not have any conclusion.The only way we can stop a hacker is by learning hacking.By learning we can read the minds of a hacker whichenables us to know the reality. Hacking is not a crime but itis made a crime by misusing the knowledge ofprogramming. Every hacker is a perfect programmer evenmore than a normal programmer. Everyone should know theethics of hacking and follow them to be safer.

REFERENCES [1] A. Anton, J. Earp, and J. Young. How internet users‟ privacy concernshave evolved since 2002. Security Privacy, IEEE, 8(1):21–27, Jan-Feb2010. [2]Security Attacks in Wireless Sensor Networks: ASurvey by International Conference on Intelligent Systems and Signal Processing (ISSP) 2013By Mr. Manish M Patel Dr. Akshai Aggarwal. [3] Krontiris, T. Giannetsos, and T. Dimitriou, “Lidea: A distributed SECURECOMM ’08: Fourth International Conference on Security andPrivacy for Communication Networks, Istanbul, Turkey, September 22- 25 2008. [4] Y. C. Hu, A. Perrig, and D. B. Johnson, “Packet Leashes: A Defense Against Wormhole Attacks in Wireless Networks,”inProcofIEEEINFOCOM, 2003, pp. 1976-1986, vol.3[5] L. X. Hu and D. Evans, “Using directional antennas to prevent wormhole attacks,” in Proc. IEEE Symp. Network andDistributed System, Security(NDSS 04),

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

San Diego; February 2004. [6] Bayrem TRIKI, Slim REKHIS, and Noureddine BOUDRIGA “Digital Investigation of Wormhole Attacks in Wireless Sensor Networks” Eighth IEEEInternational Symposium on Network Computing and Applications, 2009, pp.179-186[7] Zhibin Zhao; Bo Wei; Xiaomei Dong; Lan Yao; Fuxiang Gao; “Detecting Wormhole Attacks in Wireless Sensor Networks with Statistical Analysis” International Conference on Information Engineering(ICIE), 2010, pp. 251-254[8] Prasannajit B, Venkatesh, Anupama S, Vindhykumari K, Subhashini S R, Vinitha G; “An approach towards Detection of Wormhole Attack in Sensor Networks” First International Conference on Integrated Intelligent Computing(ICIIC), 2010, pp. 283-289.[9] W. Wang and B. Bhargava, “Visualization of wormholes in sensor networks”WiSe’04, Proceeding of the 2004 ACM workshop on Wireless Security , ACMPress, pp. 51-60, 2004.[10] S. Ozdemir, M. Meghdadi and I. Guler, “A time and trust based wormholedetection algorithm for wireless sensor networks” in 3rd Information Security andCryptology Conference (ISC‟08), pp. 139-142 [11] K.B. Rasmussen and S. Capkun, “Implications of radio fingerprinting on thesecurity of sensor networks” Third International Conference on Security andPrivacy in Communication Networks and the Workshops, pp. 331-340, Sep. 2007 [12] ThaierHayajneh, Prashant Krishnamurthy, David Tipper, “DeWorm: A SimpleProtocol to Detect Wormhole Attacks in Wireless Ad hoc Networks” ThirdInternational Conference on Network and System Security, 2009, IEEE[13] Mpitziopoulos A. Gavalas D. Konstantopoulos C. Pantziou, G, “A Survey onJamming Attacks and Countermeasures in WSNs” IEEE CommunicationsSurveys & Tutorials, 2009, Volume 11, Issue 4, pp. 42-56 [14] Sangwon Hyun, Peng Ning, and an Liu, “Mitigating Wireless Jamming Attacksvia Channel Migration” 31st International Conference on DistributedComputing Systems Workshops, 2011, pp 313-322 [15] S.Periyanayagi, V.Sumathy, RamyaKulandaivel “A Defense Technique forJamming Attacks in Wireless Sensor Networks Based On SI” InternationalConference on Process Automation, Control and Computing, 2011, pp. 15.[16] Hongbo Liu, Zhenhua Liu, Yingying Chen, Wenyuan Xu; “Localizing Multiple Jamming Attackers in Wireless Networks” 31st International Conference onDistributed Computing Systems, 2011, pp. 517-528. [17] Hongbo Liu, Zhenhua Liu, Yingying Chen and Wenyuan Xu, “Determining theposition of a jammer using a virtual-force iterative approach” Wireless Network@Springer, 2010, pp. 1-17 [18] Xuan Jiang, Wenhui Hu, Sencun Zhu and Guohong Cao, “Compromiseresilientanti-jamming communication in wireless sensor networks” WirelessNetwork@ Springer, 2011, pp. 1513-1527 [19] Hung-Min Sun, Shih-Pu Hsu, and Chien-Ming Chen, “Mobile Jamming Attack and its Countermeasure in Wireless Sensor Networks” 21st InternationalConference on Advanced Information Networking and ApplicationsWorkshops (AINAW'07), 2007, pp 457-462 [20] Mario Strasser, Boris Danev and SrdjanCapkun, “Detection of Reactive Jamming in Sensor Networks” ACM Transactions on Sensor Networks, Vol. 7, No. 2, Article 16, 2010 [21] GhadaAlnifie and Robert Simon “A Multi-channel Defense Against Jamming Attacks in Wireless Sensor Networks” Q2SWinet’07, 2007 [22] Bo Yu, and Bin Xiao, “Detecting Selective Forwarding Attacks in WirelessSensor Networks", Proc. 20th International Parallel and DistributedProcessing Symposium IPDPS 2006 (SSN2006), Page(s):1 – 8, Greece, 2529April 2006 [23] Wang Xin-sheng, Zhan Yong-zhao, Xiong Shu-ming, and Wang Liangmin“Lightweight defense scheme against selective forwarding attacks in wireless sensor networks” pages 226 –232, oct. 2009. [24] Tran Hoang Hai and Euinam Huh “Detecting selective forwarding attacks in wireless sensor networks using two-hop neighbor knowledge” In NCA, pages 325– 331, 2008. [25] Jeremy Brown and Xiaojiang Du “Detection of selective forwarding attacks in heterogeneous sensor networks” In ICC, pages 1583–1587, 2008. [26] Hung-Min Sun, Chien-Ming Chen, and Ying-Chu Hsiao. An efficient countermeasure to the selective forwarding attack in wireless sensor networks.pages 1 –4, Oct. 2007. [27] Edith C. H. Ngai, Jiangchuan Liu and Michael R. Lyu; “On the Intruder Detection for Sinkhole Attack in Wireless Sensor Networks” IEEE InternationalConference on Communications, 2006, Volume 8, pp. 3383-3389

IJRISE| www.ijrise.org|[email protected] [646-656]

International Journal of Research In Science & Engineering Special Issue: Techno-Xtreme 16

e-ISSN: 2394-8299 p-ISSN: 2394-8280

[28] Daniel Dallas, Christopher Leckie, KotagiriRamamohanarao; “Hop-Count Monitoring: Detecting Sinkhole Attacks in Wireless Sensor Networks” 15th IEEEInternational Conference on Networks, 2007, ICON 2007, pp. 176181nal Conference on Security and Privacy in Communication Networks and the Workshops, pp. 331-340, Sep. 2007 [29]A Study Of Network Security UsingPenetration Testingby R. Shanmugapriya.

IJRISE| www.ijrise.org|[email protected] [646-656]