Peer-to-peer (P-2-p) networks allow users to share music, video and software applications. As a result, there are plenty of risks when sharing files over a p2p network. This kind of sharing often exposes data on the computer to thousands of people on the Internet, and, as a result, introduces serious security threats and vulnerabilities to enterprise networks if installed on networked PCs For example a virus program file can be masked as a music file, for example in mp3 format. If this file is sent by email, the under-cover virus file is downloaded as an ordinary download without being scanned by an antivirus program. The file can easily infect the receiving system, which in turn may spread to other systems in the network. As more and more enterprises make their critical information available on the Internet, whether only to colleagues or to end-customers, they are exposed to significant risks such as financial loss, loss of reputation, fraud and denial of service attacks. Types of computer fraud vary and can be complex or simple. These might include:
- Illegally using someone else’s computer or posing as someone else in the internet.
- Hacking into computer systems and accessing confidential information.
- Sending computer viruses with the intent to destroy someone’s information.
- Using spyware to gather information about people
- Emails requesting money in return for deposits.
- Pyramid schemes via computer.
Explanation of risks and vulnerabilities associated with p2p file sharing
Identify and provide the assessment of the risks associated with the collection, processing and storage of confidential client information (loss of confidentiality).Peer to peer (denoted as p2p)- networks allows users to share music, video and software applications. Examples of p2p applications include KaZaa, Morpheus and Gnutella.
This kind of sharing often exposes data on the computer to thousands of people on the Internet. These applications are not designed for use in enterprise networks, and, as a result, introduce serious security threats and vulnerabilities to enterprise networks if installed on networked PCs. As more and more enterprises make their critical information available on the Internet, whether only to employees or to end-customers, they are exposed to significant risks such as theft, financial loss or reputation fraud and denial of service attacks doing something about it means the development of a security policy that regulates the use of p2p applications.
The biggest problem in information security management is the fact that both firewalls and security policies often are neglected once installed or implemented. The result of this is that the protection level becomes poor while new information security threats arise all the time. This is what has happens in the p2p application area. New applications with new functionalities have been developed rapidly and security management happened to be left behind.
Problems concerning peer-to-peer (risks)
Security problems related to p2p applications in a company environment are caused by a few important factors. First of all, these programs are designed for controlled use behind a firewall. A firewall can be looked at as a set of tools or strategies that are designed to allow or deny network broadcasting on the basis of set rules and thus protect the networks against unauthorized access and allowing legitimate connections to happen. The fact that p2p applications use ports dedicated to other services is even more serious when the application uses port 80. Port 80 are the standard port for Internet traffic meaning that most firewalls have to accept communication over that port otherwise it will be impossible to access the Internet from inside the firewall. The standard protocol used for Internet traffic is HTTP (Hyper Text Transfer Protocol) whereas most p2p applications use HTTP as transport protocol for files and messages. What then happens is a combination of these factors; the p2p application uses port 80 and the HTTP protocol making the traffic similar to ordinary web-traffic.
A second factor, mostly related to file sharing, is the fact that files not always are what they claim to be. For example a virus program file can be masked as a music file, for example in mp3 format. If this file is sent by email and the recipient has an antivirus program installed, the file is scanned and the true identity of the virus is revealed with the result that the file is discarded. File sharing with p2p applications works differently. Here the under-cover virus file is downloaded as an ordinary FTP (File Transfer Protocol) – or HTTP downloads without being scanned by the antivirus program. The file can easily infect the receiving system. But it does not end there, file sharing involves sharing a limited space in your computer with other file-sharers and the result of a virus file download can cause a wave of virus-file sharing in the p2p network. According to Bruce, (2009), if the virus is designed to infect p2p networks it is spread to millions of users within a short time.
The third issue is DoS attacks. A DoS attack is a huge amount of data or network traffic sent to a specific host or group of hosts (i.e. a network). The purpose is to put the target out of service caused by the unmanageable data/traffic load. DoS attacks are often used with instant messaging applications as aid, and can have a very heavy impact on the target system.
Computer fraud
Spyware gets onto a computer system through the manipulation of a technology called Active X.ActiveX was developed to make websites better. Druschel and Rowstron, (2008) argued that your bank or favorite online stores probably use ActiveX. But when an online criminal manipulates ActiveX, it can be used to remotely install malicious software on a computer. This effectively demonstrates that the computer may be infected by a spyware by just visiting a suspicious website! Temporary Internet files, cache files, and browser history files contain information like your name, your address, your phone number, what websites you visit, what kinds of online purchases your make, and even your credit card numbers. Hence a spyware’s function in a computer is to find and report these files.
Recommendations
- Install file-sharing software carefully, so that you know what’s being shared. This is important in ensuring that you don’t cause any serious problems by allowing changes in the default settings of the software. For instance, you may allow other p2p users into any of your folders and all its subfolders once you change the defaults settings of your connection.
- Having updated security software that guards the operating system.
According to Aberer et al (2009), some file sharing software may sometimes allow installation of malware that keep track of the computer users and this information is usually sent to the third party. On some occasions, some downloaded files may contain viruses or unwanted malware.
- Closing of one’s connection.
It has been noted in some cases that closing file sharing program window does not necessarily guarantee that the network connection is closed. This allows for one to be able to share files continuously and thus be able to increase the security risk. With high speeds connection, you are guaranteed connection unless the computer is turned off or you are disconnected from the internet service provider. When one is connected there is high probability that other users are able to copy the files that have not been shared.
- Creation of separate users account
In cases where there are more than one persons using the computer, taking into account the possibilities of creating separate user accounts with limited rights for others apart from the administrator is essential. Druschel and Rowstron (2007) claim that this is likely to protect against installation of any software by any other person without the administrators rights and thus no unwanted software will be installed into the computer. This also protects access of some folders and subfolders due to limited access rights.
- All sensitive documents must be backed up.
- All the files that must be kept when your computer crashes must be backed up. DVDs, CDs and detachable drives are some of the places that data can be stored, and these should be kept away safely.
- It is important to create awareness among the staff members about the file sharing. It is important to let them know of the file sharing risks and advice them on how best to ensure that the risks are managed or minimized.
Effectiveness
Use of security software ensures minimal or no threat of unauthorized persons to confidential information. In case of data loss backup can be used to retrieve lost data. Separate user accounts will help protect against unwanted software. Another preventive measure to control the sharing program is by closing the network connection when not in use.
Security technology evaluation matrix
Evaluation matrix
Key:
- 5= exceeds requirements
- 4= meets the requirements
- 3= partially meets the requirements
References
Bruce P. (2009). Building an intranet in the laboratory. Tis, Ph.D., JCSC 15, 5.
Druschel P. and Rowstron A. (2006).PAST: A large-scale, persistent peer-to-peer storage utility”, HotOS VIII, Schoss Elmau, 10, 8-78.
Karl Aberer and Manfred Hauswirth (2009). Peer-to-peer information systems, ,ACM SIGSOFT Software Engineering Notes , Proceedings of the 8th European software engineering conference held jointly with 9th ACM SIGSOFT symposium on Foundations of software engineering, Volume 26, Issue 5.
Rowstron A. and Druschel P. (2008). Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. 18th ACM SOSP’01, Lake Louise, Alberta, 18, 12-32.