CHAPTER 2 Profile of the Problem

The former consists of linguistic or language forms of hidden writing. The later, such as invisible ink, try of hide messages physically. One disadvantage of linguistic steganography is that users must equip themselves to have a good knowledge of linguistry. In recent years, everything is trending toward digitization. And with the development of the internet technology, digital media can be transmitted conveniently over the network. Therefore, messages can be secretly carried by digital media by using the steganography techniques, and then be transmitted through the internet rapidly Steganography is the art of hiding the fact that communication is taking place, by hiding information in other information. Many different carrier file formats can be used, but digital images are the most popular because of their frequency on the internet. For hiding secret information in images, there exists a large variety of steganography techniques some are more complex than others and all of them have respective strong and weak points. So we prepare this application, to make the information hiding more simple and user friendly. 2.1 An overview of Internet Security Since the rise of the Internet one of the most important factors of information technology and communication has been the security of information. Everyday tons of data are transferred through the Internet through e-mail, file sharing sites, social networking sites etc to name a few. As the number of Internet users rises, the concept of Internet security has also gain importance. The fiercely competitive nature of the computer industry forces web services to the market at a breakneck pace, leaving little or no time for audit of system security, while the tight labour market causes Internet project development to be staffed with less experienced personnel, who may have no training in security. This combination of market pressure, low unemployment, and rapid growth creates an environment rich in machines to be exploited, and malicious users to exploit those machines.

2.2

Literature Survey 2.2.1 Information Security In general, security denotes the quality or state of being secure to be free from danger. Security is classified into different layers depending on the type of content intended to be secured: Physical security: Defines the required issues that are needed to protect the physical data or objects from unauthorized intrusion. Personal security: It is defined as the security of the individuals who are officially authorized to access information about the company and its operations Operational security: It mainly relies on the protection of the information of a particular operation of the chain of activities. Communications security: The communications security encompasses the security issues regarding the organisations communication media, technology and content. Network security: The network security is responsible for safeguarding the information regarding the networking components, connections and contents. Information security: Information security is the protection of information and the systems and hardware that use, store, and transmit that information. Information security can be defined as measures adopted to prevent the unauthorized use or modification of use of data or capabilities.

2.2.2 Security Attacks The data is transmitted from source to destination which is known as its normal flow as shown in figure 1. But the hackers might hack the network in order to access or modify the original data. These types of attacks are formally known as security attacks.

Figure 1. Normal Data Flow A hacker can disrupt this normal flow by implementing the different types of techniques over the data and network in following ways. They are: Interruption Interception Modification Fabrication 1. Interruption: Interruption is an attack by which the hackers can interrupt the data before reaching the destination. This type of attack shows the effect on availability and usually destroys the system asset and makes the data unavailable or useless.

Figure 2. Interruption

2. Interception: Interception is one of the well known attacks. When the network is shared that is through a local area network is connected to Wireless LAN or Ethernet it can receive a copy of packets intended for other device. On the internet, the determined hacker can gain access to email traffic and other data transfers. This type of attack shows the effect on confidentiality of data.

Figure 3. Interception 3. Modification: This refers to altering or replacing of valid data that is needed to send to destination. This type of attacks is done usually by unauthorized access through tampering the data. It shows effect on the integrity of the data.

Figure 4. Modification

4. Fabrication: In this type, the unauthorized user places data without the interface of source code. The hacker or unauthorized person inserts the unauthorized objects by adding records to the file, insertion of spam messages etc. This type of attack affects on the Authenticity of message.

Figure 5. Fabrication

There are many types of security attacks that will try to modify the original data. The main goal of any organisation / individual transmitting the data is to implement security measures which include Prevention Detection Response Recovery

1. Prevention: The security attacks can be prevented by using an encryption algorithm to restrict any unauthorized access to the encryption keys. Then the attacks on confidentiality of the transmitted data will be prevented.

2. Detection: Using the intrusion detection systems for detection of unauthorized individuals logged onto a system and making the resources available to legitimate users.

3. Response: Whenever the unauthorised attacks happen in the system, the security mechanisms can detect the process and the system can respond to make the data unavailable.

4. Recovery: Recovery is the final approach if an attacker modifies the data or makes the data unavailable. The data can then be recovered by using backup systems, so that the integrity of the data shall not be compromised.

10