IP spoofing

IP spoofing

Various organizations are facing different types of cyber-attacks these days which have a serious negative impact on the proper functioning of those companies. And Spoofing is one of them. Spoofing is the act of disguising itself as someone known in the network. Spoofing can be applied to emails, phone calls, websites, and even IP addresses. IP spoofing creates IP packets and sends them in the network by modifying the source IP address in order to hide the identity of the sender or for impersonating another computer system or even both.

The primary way of communicating in the network is actually by sending and receiving the packets. The IP packet consists of header and payload (i.e. body). The header of the IP packet consists of the IP version, source IP address, and destination IP address while the payload consists of the actual information to be sent. The source IP address is the address of the sender and the destination IP address is the address of the receiver. In order to communicate, the sender sends the packet to the destination computer and receives the response after the receiver has received the packets. These packets are spoofed by forging the source IP address.

The attackers uses IP spoofing to overwhelm the computer services with packets of data ultimately shutting them down. There are mainly two ways to overload the traffic of the target computer using IP spoofing. The first one is to flood the selected target with the packet from multiple spoofed addresses by sending victim tons of data making them unable to handle. This is a direct method of IP spoofing. The second method is an indirect one. Here the packets are sent to many different recipients on the network using the spoofed IP address. The attacker disguises to be the target computer and send packets to other devices. Since the spoofed packets appear to be from the target’s computer, all the responses are sent to the target’s computer causing floods of packets on the target’s computer.

Illustration of the concept

The received spoofed packets appear to be from a legitimate source. In some of the networks, trust relationships are in place between machines and internal systems. In this type of network, IP addresses are used to verify machine identities to access the systems rather than user login. This type of authentication is known as IP address-based authentication. The IP spoofing method is used by attackers sometimes to bypass IP address-based authentication. There are several types of attacks that are launched through IP spoofing. Blind spoofing, Non-blind spoofing, DDoS attacks, man-in the middle attacks are some examples.

Illustration of the concept

Spoofed packets are difficult to be detected as the source IP address seems to be authorized. But there are various preventive measures that can reduce the possibility of IP spoofing. Key-based authentication should be used rather than IP address-based authentication. This will reduce the risk of spoofing. If possible, configuring routers and switches to reject packets originating from outside the local networks but claiming to originate from within will not allow the spoofed packets to enter the network.

IP spoofing is a cyber-attack that shuts down the target’s computer by flooding it with tons of spoofed packets. The attackers will have unauthorized access over the computers and networks, and in certain cases, IP spoofing may have negative impacts on the business and economy of some organizations where computers are responsible to provide services. However, IP spoofing is not always considered to be illegal. Sometimes VPN service is used or IP address is changed in order to browse the internet safely. But IP spoofing will be illegal if it is used to harm others or someone pretends to be someone else and commits cybercrime.

Article by:

Shreya Shrestha

CS-2nd year

Batch-2018

SELFIE WITH BLACKHOLE USING COMPUTER SCIENCE

Black holes are one of the most amazing and intriguing things that we can find in our entire universe. You might be curious to know its attributes. In short, black holes are the last state of a massive star, in which the core collapses within itself due to immense gravity to form a funnel in space-time, which never ends. 

This guy sounds awesome — let us get a picture of it! Well, not so fast. No particle or even electromagnetic radiation such as light can escape from it, which makes it impossible to observe.

Despite such traits, this bad boy leaves traces of a ring of light of hot plasma zipping around it, which reveals the black hole’s event horizon. Einstein’s equation predicts the shape and size of this ring, and acquiring its picture will help to verify that those equations holds the extremist of the conditions in the universe. Now, without further ado, let’s get the picture of the traceable sides of a black hole.
Again, hold your horses! Black holes are so far away from us that these rings will appear astronomically small from the earth. It’s like taking a picture of an orange on the surface of the moon. 

We have an equation:

smallest size = wavelength/telescope size

The equation says, “In order to see smaller objects we need to make our telescope bigger and bigger”. Again, even with the assistance of the most powerful telescope on earth, we cannot reach close to it. For reference, Figure: 1 is the highest resolution image ever taken of the moon, and it contains roughly 13000 pixels. However, you can nearly fit 1.5 million of those balls of vitamin C in a single pixel. So, how big of a telescope do we need to see an orange on the moon’s surface? The answer is 510.1 million km squared. You guessed it right! It’s the size of the earth! It is almost impossible to create such a thing unless you are a green guy with a UFO.

Figure 1: Highest Resolution photograph of Moon

What can we do? It turns out that we can use the magic of computers to create a computational telescope that is the size of the earth, just to take the picture. To do so, we will scatter some powerful telescopes around the globe and synchronize each of them with precise atomic clocks. These telescopes will work together to freeze lights at those instances to collect terabytes of data simultaneously (remember those atomic clocks). To make it more elegant, imagine the earth as a large spinning disco ball as in Figure 2. Now, imagine those telescopes are the individual mirrors like those disco balls, which collects light individually and then combines it to create a full picture. Though covering the whole planet with those mirrors is difficult, but, we can fill them in little spaces and use earth’s rotation to observe different parts of the image. Despite those clever tricks, there will still be gaps in the image; however, we can solve this problem by using advanced algorithms to fill those gaps.

Figure 2: Disco Ball Analogy

Did we take its picture yet?

Well technically speaking, the answer to this question is a big yes and even a big no! We can only see some samples, but there is an infinite number of possible images that are consistent with our results. Now, this is where computer science shines! We can create algorithms that can find the most reasonable image fitting our results. Those algorithms can be considered as a forensic artist who creates the face of the criminals using descriptions. The algorithm ranks the possible images and chooses the most likely image. But here’s the bummer — we have never seen black holes before. What should we assume about the structures of the black holes? We could take a little help from Einstein’s equations, but we still want the picture of what is really happening! If we relied upon Einstein too much then we will get a biased result. In other words, we would like the option open for a giant alien Vacuum cleaner to exist inside a black hole. One way to solve this problem is to impose the features of different kinds of images and see if we get the same results each time. It’s like giving the same description to different sketch artists around the globe, and if all of them produce similar faces then we can be more confident that there are no biasness. Finally, (the drum roll please!) we can complete this puzzle by putting together all of those pieces and obtaining the picture of the bad boy of the universe.

If you are planning to make a run for the Nobel Prize using this ingenious technique, then you are a bit late. On 10th April 2019, a group of dedicated astronomers, physicists, mathematicians, and engineers of Event Horizon Telescope revealed the first-ever picture of a black hole (Messier-87). Similarly, Katherine L. Bouman, a graduate-level computer science student at MIT, was credited for the development of such a powerful algorithm. Without her immense contribution, achieving this milestone would not be possible.

Figure 3: Katherine L. Bouman

Bibliography: Event Horizon Telescope, TED

Images: NASA, Event Horizon Telescope, Google images

Article by
Anurag Timilsina

Computer Engineering 1st year

KU as Hogwarts and Computing as Wizardry

KU as Hogwarts and Computing as Wizardry

If coders were wizards, their coding skills would be their wands and their codes would be the spells they cast. The magic here would be their creations!

Being the student of DoCSE here at KU, hovering around this ‘if’, we could say that we chose KU to be our Hogwarts to learn the magic of the computing world. If KU was my Hogwarts, I would find Platform 9 3/4s at Ratna Park as my King’s Cross Station

Where would you find your Platform 9 3/4s?

I have often wondered if a huge black dog that shows up at KU was an Animagus, Sirius Black and the pigeons that show up all the time at the top of our block if you have noticed, were our version of owls. But, thank god, I have not encountered any Peter Pettigrew as any of my friend’s pet or any Moaning Myrtle in the bathroom.

For many of us in the first semester, COMP 101(C Programming Language) would definitely be the Defense Against The Dark Arts, the most interesting one and in the second semester, PHYS 102 (the one with gradients, curl and divergence) would definitely be the Potions, the toughest one. Metaphorically, for me and my classmates, Manoj Sir, who taught us C, would be Professor Lupin and Ganesh Sir, who taught us Physics would be Professor Snape

What about you people?

You know, what would be more interesting with this ‘if’? Our block 9 could be the Hogwarts Castle and could have The Chamber of Secrets. And who knows, one of us could speak Parseltongue with the snakes we keep seeing while chilling at the fountain near our block. The KU canteen could be the Great Hall, where we dined together. The administration block could be the Shrieking Shack of KU. That way, Harry Potter would get to know his godfather in the KU corner. Moreover, IT Meet could be our Quidditch Cup and IT Park our battlefield
Competing teams, you better work hard if you want to grab a Snitch!

Sadly, having an Invisibility Cloak or a Marauder’s Map is quite impossible in our world. And what’s worse is that the dementors would try to suck happiness from our soul at the times of pressure due to assignments and exams. 
So, wizards, be prepared with your Patronus Charm!

Being a potterhead, I can go on and on about this imaginary wizard world at KU, and those of you who could relate, may want to add some of your imaginations too, here. However, this needs an end; an end that we can learn something valuable from. So, in order to wrap this article up in the most serious and inspirational way possible, I want to emphasize on two major things. First, there is no Sorting Hat in our world. We must recognize our strengths on our own. Second, as I said earlier, our skills are our wands, but, unlike in Harry Potter’s world, neither some Ollivander will be making any wands for us, nor those wands would choose any metaphorical wizard of a real world. Instead, we must choose and build our own wands, our own set of skills.

Finally, as a believer of magic in this real world, only one thing remains to be said, ‘Explore the magic in you, and be the wizard you have always wanted to become!’


PRANIMA KANSAKAR
CE- II/II

Khalti Payment Gateway Integration With Django

Khalti Payment Gateway Integration With Django

I was currently asked to implement a back-end feature which was payment verification of the Khalti payment gateway in an API. I did not find enough resources with clear information except for Khalti Docs which helped me understand the basic and logical concepts of integrating Khalti into Web apps. So, I learned and created a reusable Django app named django-khalti  to make it very easy for all of us to integrate Khalti into our Django project.

In this post, I will show you how easy it is to implement Khalti Payment Gateway with Django. I presume the reader knows python, basic Django and API. I will be using the Django Rest Framework and django-khalti to demonstrate the implementation. Integrating Khalti Payment to your Django project requires following steps:

  • First, create a merchant account at Khalti Payment Gateway and get your test secret API keys.
  • Then create payment at the front-end of your application through SDKs provided by Khalti Docs.
    SDKs available are:
    Web SDK
    Android SDK
    iOS SDK
  • These SDKs provide this type of response on success:
    { “idx”: “8xmeJnNXfoVjCvGcZiiGe7”,
    “amount”: 1000,
    “mobile”: “98XXXXX969”,
    “product_identity”: “1234567890”,
    “product_name”: “Dragon”,
    “product_url”: “http://gameofthrones.wikia.com/wiki/Dragons“, “token”:“QUao9cqFzxPgvWJNi9aKac”
    }
  • Now, pass the amount and token data responded by Khalti SDK on step 3 to our API, which we will create using Django REST framework and django-khalti in this tutorial, in order to verify the payment.

So, let’s get started with the tutorial.

django-khalti is a Django app based on Django REST framework to conduct server-based payment verification of Khalti payment gateway. For each payment, it can verify and return status of payment through transaction token and paid amount.

  • Install the django-khalti and Django REST framework like this:
pip install djangorestframework 
pip install django-khalti
  • Add “django-khalti” and “djangorestframework” to your INSTALLED_APPS setting like this:
INSTALLED_APPS = [
 …
‘rest_framework’,
‘khalti’,
]
  • Include the django-khalti URLconf in your project urls.py like this:
path(‘khalti/’, include(‘khalti.urls’)),
  • Add Khalti Merchant API key and Verify URL in your settings.py:
KHALTI_SECRET_KEY = “<your api key>” 
KHALTI_VERIFY_URL = “https://khalti.com/api/v2/payment/verify/"
  • Test your endpoints like this:
POST: /khalti/verifypayment/
body:{
    'token':<transaction token>,
    'amount':<transaction amount>
}
  • You will get responses like this:
On Success:
    {
        'status':True,
        'details':{
                      "idx": "8xmeJnNXfoVjCvGcZiiGe7",
                      "type": {
                        "idx": "e476BL6jt9kgagEmsakyTL",
                        "name": "Wallet payment"
                      },
                      "state": {
                        "idx": "DhvMj9hdRufLqkP8ZY4d8g",
                        "name": "Completed",
                        "template": "is complete"
                      },
                      "amount": 1000,
                      "fee_amount": 30,
                      "refunded": false,
                      "created_on": "2018-20T14:48:08.867125+05:45",
                      "ebanker": null,
                      "user": {
                        "idx": "cCaPkRPQGn5D8StkiqqMJg",
                        "name": "Test User",
                        "mobile": "98XXXXXXX9"
                      },
                      "merchant": {
                        "idx": "UM75Gm2gWmZvA4TPwkwZye",
                        "name": "Test Merchant",
                        "mobile": "testmerchant@khalti.com"
                      }
                }
    }

On Error:
    {
        'status':False,
        'details':{'token': ['Invalid token.']}
    }

That’s all. It’s this easy to integrate Khalti payment gateway into your Django application.

Aashish Dhakal,
CE III/I,
Kathmandu University

Are you Alive?

Are you Alive?

The topic is creepy and that’s why you are here. Perhaps you could answer it or can you? It’s the most reasonable existential question that should bother you, instead of facing an existential crisis just by looking at those messages your crush didn’t even bother to open up. The question itself is doing a great job by striking right in your self-esteem, perhaps even cursing me for being such a jerk who now questions your existence.

‘O boy, that’s an obvious thing right there, isn’t it? Come on now, what are you telling me, that I ain’t alive? that I breathe and my heart beats, and I fulfill every point that a grade five science textbook describes,” What living things do” and there you are, questioning that very thing. That’s completely a nonsensical question.’

I recall the TV ad for soap Cinthol. And guess what, the tagline was cool, ”Alive is Awesome”. Oh, all frustrated and depressed guys could sue Cinthol. Not everyone’s life is joyful. Voila! You should try that soap. Perhaps it might make you awesome. Nonetheless, there is no such lie in soap that could neutralize the boring and pitiful lives most of us are having. ‘Hold on! I am not having a pitiful life. How dare you say that?’ Well, ask yourself. We all are organic machines programmed with intelligence. We are routined with contemporary civilization. You and I follow the very thing like most of our colleagues in this earthly office, let’s forget about those in ISS. Not that ISS, International Space Station, you fool. They abandoned us to live in these noises, so let’s not include them.

The routine is obvious. You are conceived and born, even if you didn’t ask for it. That’s the way it is with gods, I guess. You eat, you survive and then you die. That hasn’t changed for millions of years. Modern Humans have a lot to worry about between these events. The worries for food, predators, and shelter are replaced by enormous psychological titanosaurs. You crave dollars, power, fame, career, sex, knowledge, and rush every day to achieve something more. You don’t work for your satisfaction, instead, you work for money, power, and career. You don’t study for knowledge, but for the sake of accomplishments. I am no different, either.

There is always someone whom you idealize and wish your life was as good as his. ‘That’s right. I want a life like Richie Rich, Sexiest Sexy, highly Famous, Trumpet Trump, or Happiest Happy.’ Let’s not hop into fantasies right now. Let’s talk about someone closer not whom you want to be but envy his super chilling chills. What about the lazy neighbor’s son who according to you is the most chill man alive. He doesn’t study, doesn’t do any work. He eats, sleeps, and spends his days like, there is nothing to worry about. He is Lord Shiva with heavenly psychedelics. He is Jesus with Mark Manson’s Books instead of the Holy Bible. He is Buddha with no care for enlightenment. He is Allah with pervert Mohammad instead of prophet Mohammad. In nutshell, he lives.

But does he? His mind is a battlefield worse than Pearl Harbour. His life is joyous to others but a nightmare to him. In between the false relaxation, the questions ‘What am I doing with my life? Who am I?’ haunts his subconscious mind. In one way or another, we all have asked ourselves such questions with piles of self-doubt and reason for unhappiness. Even if you are following everything Manson said-“I ain’t giving no fucks. Well, What is it? Is it, you not being the ideal lover or an ideal child or an ideal parent or ideal whatever?” Is it the will or pressure to achieve polished stature in society than your friend over there? Is it the will or pressure to be an outstanding and lustrous man in the crowd? Everyone knows there is competition everywhere. Whether it’s with the animals or between us humans for adaptation. You survive to impress others.

Amygdala is responsible for multiple emotional responses, like love, fear, anger, and sexual desire. The evolution of the amygdala in humans is one of the reasons we are called social animals: by ourselves. Society is cool. Biological parents are emotionally attached to their offspring. You love your crush and you hate that ill-minded moron. Thanks to Amygdala. But it is due to such parts of our brain that we need therapists to listen to us while we break down our brain in their cozy couch. Americans are ahead of civilization so the therapeutic business is booming there. An underdeveloped country like us is so far in the chain that most of us don’t even know that the worries in our head and our sleepless nights could be cured in those magical couches. There is a great prospect in therapeutic business as long as people realize something is wrong in the amygdala. God, I should have approached Psychology instead of Engineering in school.

I think the Stone age was better than today. Just worry about fire, food, and the claws and sharp teeth of predators and enjoy the metabolism. But then, who would question life?. The question is not some personalizing self-enriching question as productivity writers would creatively misplace them in their fancy books. What counts as being alive? Being happy? Well, that could be a point but dopamine and serotonin injected in an organic robot wouldn’t make it more alive than us. What is it that makes us humans human? If being alive is just to perform biological acts, then we are no better than a louse connected to a powerful microprocessor. Do you really think you are alive? Do you think that you were alive the moment your soulmate kissed you? Did you feel alive when you became the reason for tears of joy in the eyes of the people who matter the most to you? Did you feel breathing when you reached the top after hours of hiking? What about the moment when you excreted after holding it for too long? And there are certainly many such instances when you really feel the breath, the heart’s pumps, and the simple existence in the vast voids of nothingness. Those instances were very momentary and played a crucial role in reminding our processors that this very instance of our time is not as alive as those instances. Alright then, is it those beautiful memories that we cherish, and such moments of true joy make us alive? Is it only the good things that trigger your life? Does your existence solely depend upon those sparks of lifeless electrons that make you feel good? Is being alive nothing but ‘not being alive’? What is alive? I will leave you with the very question that dragged you in this pitiful article.

Why ache your head when you can binge-watch resting on the cozy couch and who cares about the existence? Why should I give my opinion or anything at all? If these questions are popping up in your head then congrats buddy, the doomsday clock is ticking and the existential crisis that you easily left undealt in the corner of your brain, right beneath the comfort zone, needs to be excavated. You could let those hormones fool you and rely totally on gods, or you could dig up the grave while there is still time and pave your way to the afterlife and beyond. There are many things to question and time is relative, you may say.

Let’s not put this aside again and think about it cause it’s your life at stake. Question yourself: Are You Alive? Where do you stand in this vast universe? Is death even real if you’re not alive in the first place? Why are you ‘YOU’? Let us be our own Buddha.

Sagar Paudel,
CE II/I,
Kathmandu University

Thought-provoking questions about the Future of Technology raised by Movies

Thought-provoking questions about the Future of Technology raised by Movies

In the distant future, the interactions between human and computer may be vastly different than it is now. With the emergence of technology such as Artificial Intelligence (AI) and cloud computing, the world will not be the same again. In this article, the term AI is an artistic representation of AI, which is to say they are conscious and ever learning as humans. The following are some movies that portray the future and trigger the brain to raise questions about future technology.

Movies such as Her, Blade Runner, and the episode ‘San Junipero’ of the TV series Black Mirror have tried to imagine the future artistically and show a representation of how the story of humans and tech may turn out to be. They each have their own version of the future, ranging from optimistic and joyous to dark and gritty. These are all fictitious stories, and the future may not be the one portrayed in these stories.

In the movie Her, the protagonist falls in love with an AI and vice versa. They do not have a conventional relationship and thus face many problems. This idea of interconnection between AI and human is of noble emergence in itself and raises many questions. Is AI even capable of growing human emotions? Will they ever do in the future? Can we actually program emotions into lines of code?

The movie Blade Runner has many thought-provoking ideas as well. In the movie, the protagonist and his significant other are not human. They also share the feeling that their relationship is not the same as a normal human relationship. In the future, we may have to consider AI rights and to what level do these rights come to. Are AI rights equal to human rights? Do they have the right to love or reproduce? Or do they have the fundamental right to exist like humans?

‘San Junipero’ deals with a technology that allows the human mind to be uploaded to a cloud where people can choose to be in. The people in the cloud do not have a body due to various reasons such as diseases or disabilities, and the only physical space they occupy is a storage device. Now, with this technology, the difference between an AI and a human is blurred even further. Both of them do not have physical bodies and exist only electronically. Are they human anymore? Do they retain the rights they had as humans?

I do not know the answers to these questions, only time will tell if these works of fiction become a reality or not. Regardless, these are important questions people have to ask while developing technology if they are to be anywhere close to these works of fiction.

Ayush Bajracharya,
CS II/I,
Kathmandu University