School Work


journal software engineering
of 16
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
  International Journal of Software Engineering and Its Applications   Vol.8, No.5 (2014), pp.189-204   ISSN: 1738-9984 IJSEIA   Copyright ⓒ  2014 SERSC   Droidglance:   Network Topology Generator and Device Security Assessment Application on Android Mobile Device   Aditya Kurniawan, Doni Nathaniel Pranama, Junius, and Martina Megasari  Bina Nusantara University,,,  Abstract  Nowadays, the number of mobile device and Internet users is increasing significantly. The growing of sophisticated technology has eased people’s productivity. However, in the other hand, security risks have also grown without an equal degree of awareness of the society. The objective of this research is to design and develop an Android application that is able to draw a topology of a network and do a simple security assessment towards a host in order to detect host's vulnerability. The information gathered will be presented in a PDF report and can be used for maintenance purposes. The application will have wizard feature, where the user can analyze network and discover an underlying vulnerability with guided steps. The methodology is interview, literature study, observation and system design using object oriented approach.  DroidGlance, an Android application that can draw a wireless network topology generator and help security tester analyze a host's vulnerability. The application main feature are Topology generator, Ping, Traceroute, Port Scanner, Vulnerability Checker, and Listen. These features are tested. These features are able to run well. However, they need several improvements for future development.  Keywords:  Network, Topology, Security, Android 1. Introduction Internet usage has been increasing from time to time. It is now considered as one of the most useful technology of the modern times, which gives us so much help in our daily lives. Internet makes the world interconnected. Communication with people around the world can  be easily done with a computer and Internet connection. Internet is also a large encyclopedia for everyone. People use Internet to gain many kinds of information and do researches. That’s why the number of Internet user keeps increasing. Internet is now used in many aspects of daily lives. People rely more and more on the Internet. People with high mobility in this era want to have Internet connection anytime and anywhere; they want to improve their work efficiency. Along with the improvement in mobile  broadband services, this tendency stimulates the increasing demand in the mobile device market. Sales of mobile devices, such as smartphones and tablets exceed PCs. And now, mobile devices are transforming our lives in almost every way; connecting our physical and digital worlds. However, increasing number of Internet users and mobile devices users can also bring harm, such as cybercrime. According to Symmantec Internet Security Threat Report 2013, as expected, the amount of mobile malware in 2012 has been rising [11]. There was 58% increase in mobile malware families compared to 2011. The total number of 2012 accounted for 59 percent of all malware to-date. These malwares also accounted to data breaches. The  International Journal of Software Engineering and Its Applications   Vol.8, No.5 (2014)   190  Copyright ⓒ  2014 SERSC   report stated that the top cause of data breaches in 2012 are hackers. 40% of the data breaches case is caused by hackers. An action should be taken to handle this situation. A network should be made as secure as  possible. Network security professionals need some tools to notify them about the vulnerability of the system. Some of the tools are networking tools and security assessment, to detect vulnerability and cover them. 1.1. Penetration Testing There are several steps how hackers work: Reconnaissance >> Scanning >> Gaining Access >> Maintaining Access >> Clearing Track [12]. Reconnaissance is the phase of preparation where the hackers gather information about the target. The information gathered may include the employees, operations, network, and systems. There are two types of reconnaissance: passive (without direct interaction with the target) and active (with direct interaction with the target). Scanning is the pre-attack phase when the hackers scan the network for more specific information as an extension to those in the previous step (reconnaissance). It includes port scan, network mapping, and vulnerability scanner. As a final step in this phase, the information is extracted. Gaining Access is the phase when the hackers have obtained access to the computer or network. The testers can also escalate the privilege to obtain total control. Maintaining Access is the phase when the tester maintain a shortcut to regain the access next time. The testers have to set up exclusive access, for example, backdoors. Clearing trakc is the phase when the testers attempt to cover malicious acts. The testers overwrite server, log, and the system. The purpose of this phase is to gain continuous access stealthily Unlike hackers, ethical hackers do the steps above not to destroy, but to protect instead, by finding out what intruders can obtain from the network (Reconnaissance and Scanning  phases), what intruders can exploit using the acquired information (Gaining Access and Maintaining Access phases), whether the victims notice any malicious attempt. (Reconnaissance and Covering Tracks phases). Penetration Testing use several tools such as ping, port scanning tools, vulnerability assessment tools an many more. 1.2. State of the Art State of the art of this research is to design an Android application for drawing network topology and for analyzing the vulnerability of a host through port scanning. It also provides reporting feature for network or security maintenance purposes. These features will be arranged in a wizard so that user can use it in several clicks. Hopefully, this application can help security experts to detect security holes and make a network as secure as possible. 2. Related Research 2.1. Design and Implementation of Common Network Security Scanning System  Network security scanning can be used for protecting a system and for destroying a system  by intruders [14]. To protect a system, an administrator can use the system to detect  backdoors or any malicious software before the system is damaged. There are some methods for scanning:  International Journal of Software Engineering and Its Applications   Vol.8, No.5 (2014)   Copyright ⓒ  2014 SERSC  191 1.   Port Scanning The aim of port scanning is to find some open ports on the remote host. Port scanning can find out which ports are open, which are closed, and which are filtered. A common way of  port scanning is to send protocol packet to the remote port and get the result packet from the remote machine. The result can identify the status of the remote machine port. For example, if SYN packet is sent to a remote open port, the remote host will respond back with a SYN+ACK packet. If the port is closed, the remote host will respond back with a RST packet. There are three ways of port scanning [3] : ã   Open Scanning. It uses the three-way TCP/IP handshake mechanism and it needs a whole network connection. It produces more log information and can be detected easily. However, it is fast and can get the correct result. ã   Half-Open Scanning. It doesn't finish the whole connection progress and it can avoid the IDS (Intrusion Detection System). The example of half-open scanning is SYN scanning. ã   Stealth Scanning. It can avoid the IDS and firewall, but may get the error result because of the network configuration. 2. Remote Operating System Detection. Different OS has its security character, especially in a network environment. The remote operating system detection is the first step of network security scanning. It is very useful for the OS vulnerability detection. Because different OS has different kernel or implement style, the remote operating system detection became very essential to get the correct method to find the vulnerability of the system. There are some tools that can be used to detect remote operating system [15]: ã    Nmap (Network Mapper). It provides a comprehensive method of scanning and detects the remote operating system using protocol fingerprint [3]. It supports the wide range of  protocols such as UDP, TCP, connect(), TCP SYN, ftp proxy, ICMP, FIN, ACK sweep and Null scan [3]. Nmap also has its GUI version, called Zenmap. Compared to the classic Nmap, Zenmap arranges the scanning result in a convenient way. Additionally, it can generate a topology. Zenmap also provide a comparison between two scans. It can also keeps track of the scan results. The scanning configuration can also be saved.   ã   RING (Remote Identification Next Generation). It is designed to identify the OS running on the remote machine with minimal target disturbance. ã   Xprobe. It's a remote active OS fingerprinting tool. It detects the remote OS through a matrix based fingerprinting approach. 3. Vulnerability Scanning Vulnerability detection is done to identify and fix system weaknesses before some people use them against the system. It is often deployed with the penetration testing which simulate network attack behavior and the process of intrusion.  International Journal of Software Engineering and Its Applications   Vol.8, No.5 (2014)   192  Copyright ⓒ  2014 SERSC   Vulnerability scanner scans a specified set of ports on a remote host and tries to detect the service offered at each port for its known vulnerabilities, which can lead some threats to the system. There are two types of vulnerability scanning: host scanning and network scanning. The former needs agent software to be installed on each host. Instead of having each host be installed with an agent, the latter needs dedicated computer to run scanning solution.  Nessus is a famous remote security scanner. It runs on one host to scan all the services offered by a remote host in order to detect whether the remote host is safeguarded against the known security vulnerabilities. 2.2. Development of Security Scanner with High Usability A security scanner detects vulnerabilities in routine operation, and informs the user about its findings [13]. Many security scanners were not easy to use nor understandable. Usability is useful, convenience, ease of use/operation, and ease of understanding. Many products are  built with very high functionality but lack of usability. A security scanner with high usability should have the following characteristics: 1. Easy Installation 2. Easy Operation 3. Intelligible scanned result 2.3. Session Hijacking with Mobile Device Single authentication is popular technique today for login for many system. This technique  begin popular implement on web service for make user comfort to login to related system without re-enter username and password. Username and password are store in session identifier on web service server. Regarding to Koch (2011) who make a session hijacking tool for android called Droidsheep, session identifier id can steal from any broadcast wireless network. Session identifier are stateless and not reliable [16]. Many website do not offer encrypted communication using TLS like HTTPS on web service that used for session store mechanism Session cookies information placed on packet data that broadcast on wireless network. On wireless network public, a user can read any packet that spread out over the network and read  packet data content and generate Figure 1. Capturing Session Cookies in Wireless Network [16]

Career Session[1]

Jul 23, 2017


Jul 23, 2017
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks