NETWORK SECURITY 1
WHAT IS A NETWORK?
A ``Network'' has been defined as ``any set of interlinking lines resembling a net, an interconnected system, a
network of alliances.'' This definition suits our purpose well: a computer network is simply a system of
WHAT IS SECURITY?
In information technology, Security is the protection of information assets through the use of technology, processes,
and training. Security is of two types as computer security & network security. Network security measures are
needed to protect data during their transmission.
INTRODUCTION TO NETWORK SECURITY:
The network security refers to any activities designed to protect your network. Specifically, these activities protect
the usability, reliability, integrity, and safety of your network and data. Effective network security targets a variety
of threats and stops them from entering or spreading on your network.
Network security is typically handled by a network administrator or system administrator who implements
the security policy, network software and hardware needed to protect a network and the resources accessed through
the network from unauthorized access and also ensure that employees have adequate access to the network and
resources to work.
OBJECTIVE TO NETWORK SECURITY:
1. Access – authorized users are provided the means to communicate to and from a particular network
2. Confidentiality – Information in the network remains private
3. Authentication – Ensure the users of the network are who they say they are
4. Integrity – Ensure the message has not been modified in transit
5. Non‐repudiation – Ensure the user does not refute that he used the network
Several key events contributed to the birth and evolution of computer and network security. The timeline
can be started as far back as the 1930s.
During the 1980s, the hackers and crimes relating to computers were beginning to emerge. Robert Morris, was
convicted for unleashing the Morris Worm to over 6,000 vulnerable computers connected to the Internet.Based on
NETWORK SECURITY 2
concerns that the Morris Worm ordeal could be replicated, the Computer Emergency Response Team (CERT)
was created to alert computer users of network security issues.
TYPES OF NETWORK SECURITY:
Network security includes both public and private computer networks used in business, government agencies and
institutions. Efficient security plans should be implemented to avoid anti-social elements. The following five types
of network security can aid in secure networking.
User training and education
Wireless encryption protocol (WEP)
MAC address filtering
We need multiple layers of security. If one fails, others still stand. Network security is accomplished through
hardware and software. The software must be constantly updated and managed to protect you from emerging threats.
A network security system usually consists of many components. Ideally, all components work together,
which minimizes maintenance and improves security.
Network security components often include:
Anti-virus and anti-spyware
Firewall, to block unauthorized access to your network
Intrusion prevention systems (IPS), to identify fast-spreading threats, such as zero-day or zero-hour attacks
Virtual Private Networks (VPNs), to provide secure remote access
The security attacks compromises the information-system security.
Active attacks : attempts on blockage or modification of data or link.
Passive attacks : involves simply getting access to link, data.
NETWORK SECURITY TOOLS:
Antivirus software packages
Secure network infrastructure
Dedicated network security hardware and software
Virtual private networks
NETWORK SECURITY 3
TECHNOLOGY FOR NETWORK SECURITY:
Network threats will continue to be a major issue in the global world as long as information is accessible and
transferred across the Internet. Different defense and detection mechanisms were developed to deal with these
Cryptographic systems –The original message known as plaintext is converted in to cipher text by
Encryption and vice versa can be done by decryption. This area of study is called as cryptography.
o Secret Key Cryptography (SKC)-Uses single Key for both encryption and decryption.
o Public Key Cryptography (PKC)-Uses one key for encryption & another for decryption.
o Hash Function-plain text not recoverable from cipher text.
Plain text Cipher text
Firewall- A firewall is a typical border control mechanism or perimeter defense. It is an excellent
metaphor for network security. A firewall is the front line defense mechanism against intruders. It is a
system designed to prevent unauthorized access to or from a private network.
NETWORK SECURITY 4
o Packet Filtering Firewall
o State Full Firewall
o Deep packet inspection Firewall
o Application Aware Firewall etc..
Intrusion Detection Systems- It is a type of security management for computers and networks. In
network-based IDs (NIDS), the sensor are located at the choke in network to be monitored, it captures all
the network traffic and analyze each packets for malicious traffic.
Steganography-It is art & science of hiding information by embedding messages with in another. It is
secret transmission of message; its goal is to make a message altogether invisible.
Anti‐Malware Software and scanners- Viruses, worms and Trojan horses are all examples of malicious
software, or Malware for short. Special so‐called anti‐Malware tools are used to detect them and cure an
Secure Socket Layer (SSL) - The Secure Socket Layer (SSL)
is a suite of protocols that is a standard way to achieve a good
level of security between a web browser and a website.
There is a tunnel or security channel between them. Clients
present a certificate to the server to prove their identity.
NETWORK SECURITY 5
WIRELESS NETWORK SECURITY:
Wireless security is the prevention of unauthorized access or damage to computers using wireless networks.
Crackers have found wireless networks relatively easy to break into, and even use wireless technology to crack into
Wireless Intrusion Prevention Systems (WIPS) or Wireless Intrusion Detection Systems (WIDS) are
commonly used to enforce wireless security policies. The primary purpose of a WIP is to prevent unauthorized
network access to LAN and other information assets by wireless devices.
Implementation: It has three components: sensor, server, and console.
Sensor : They scan wireless spectrum for packets & are installed throughout areas to be protected.
Server : analyzes packet captured by sensor.
Console : provides primary user interface in to the system for administrating & reporting.
It is a short program aiming at securing communication over a network.
Transport layer security (TLS) to secure web connections.
Internet Protocols security (IPSec) for securing internet protocols communication.
PPP / Point-to-Point Protocol provide a authentication, transmission encryption privacy and compression.
Transport layer security (TLS) provides security and data integrity in network such as internet.
Network Security Services (NSS) comprises a set of libraries designed to the development of security-enabled
client and server applications. Below use NSS in a variety of products, including the following:
Mozilla client products, including Firefox, Thunderbird etc.
Google Chrome (Linux version; Windows version since at least v8) .
Sun server products from the Sun Java Enterprise System, including Sun Java System Web Server, Sun
Java System Directory Server, etc.
The network security field is continuing down the same route.
1. Hardware Developments
Biometric systems and smart cards are the only new hardware technologies that are widely impacting security.
NETWORK SECURITY 6
The most obvious use of biometrics for network security is for secure workstation logons for a
workstation connected to a network. The main use of Biometric network security will be to replace the current
Smart cards are usually a credit‐card‐sized digital electronic media. The main idea behind smart cards is to
provide undeniable proof of a user’s identity. Smart cards can be used for everything from logging in to the
network to providing secure Web communications and secure e‐mail transactions.
2. Software Developments
The software aspect of network security is very vast. It includes firewalls, antivirus, vpn, intrusion detection, and
much more. When new viruses emerge, the antivirus is updated to be able to guard against those threats. Current
research is being performed on security software using neural networks. The objective of the research is to use
neural networks for the facial recognition software.
The network security will be able to function as an immune system. The trend towards biometrics could have taken
place a while ago, but it seems that it isn’t being actively pursued. Many security developments that are taking place
are within the same set of security technology that is being used today with some minor adjustments.
Network security is an important field that is increasingly gaining attention as the internet expands. Originally it was
assumed that with the importance of the network security field, new approaches to security, both hardware and
software, would be actively researched. The network security field may have to evolve more rapidly to deal with the
threats further in the future.