Detection of Security Concerns on Data Communications Systems

Abstract

The data communications systems in building today suffer compromises from many different types of attacks. Protection of data and messages that are communicated is the principal object of computer and network security. By far the most important automated protection tool for network and communications security is encryption. As an example, the web service HTTPS transmits private documents between hosts via the Internet over the SSL/TLS connection which uses keys to encrypt data. This paper has presented a scheme to detect the security concerns on current data communication systems via a measurement of the number of HTTPS web servers on the Internet. We presented the conventional Monte Carlo sampling approach to estimate the HTTPS web server density. As a variance reduction technique, importance sampling is introduced, which is a modified Monte Carlo approach resulting in a significant reduction of the effort required to obtain an accurate estimate. We proposed importance sampling approaches to track the prevalence and growth of the HTTPS web service. A thorough analysis of the presented sampling approaches has been performed. An increasing security concerns on the web servers have been detected and discussed. I. INTRODUCTION The IT revolution has dramatically changed the way government and industry conducts business, and with such changes, introduces high-profile vulnerabilities to strategic data and information. The reliance by business on the use of data processing systems and the increasing use of networks and communications facilities have resulted in a strong requirement for enhanced network security. The data communications systems in building today suffer compromises from many different types of attacks: viruses and worms, data theft, compromise of vulnerable documents, data/hardware hijacking, and denial-of-service, etc. Security becomes an even greater concern in a business environment since significant monetary losses can occur because of operational dependencies. Furthermore, with the introduction of inexpensive and fast implemented wireless networking devices, many consumers are turning into setting up a wireless communications system. Unfortunately consumers are not experienced enough to secure their SOHO networks leaving it vulnerable and open for others to browse. As a confirmation, the 2003 annual report from the Computer Emergency Response Team (CERT) lists over 3,700 vulnerability reports and over 137,000 computer security incidents [1]. The protection of data and messages that are communicated is the principal object of computer and network security. In a building environment, the protection can be broken into eight categories: external and physical security, operational security, surveillance, auditing, access control (authentication, passwords, digital certificate authentication, and biometrics), firewalls, encryption systems, hardening servers/hosts and vulnerability testing. By far the most important automated protection tool for network and communications security is encryption. Encryption is a process that hides message meaning by changing intelligible messages into unintelligible “nonsense”. It provides security to multimessage dialogs with three handshaking phases followed by ongoing communication. The conventional encryption, or symmetric key encryption, in which the two