Network Security Research Paper

8,362
-1

Published on

With the explosion of the public Internet and e-commerce, private computers and computer networks, if not adequately secured are increasingly vulnerable to damaging attacks. Hackers, viruses, vindictive employees and even human error all represent
clear and present dangers to networks. And all computer users from the most casual Internet surfers to large enterprises could be affected by network security breaches. However, security breaches can often be easily prevented. How? This white paper provides you an overview of the most common network security threats and its solution which protects you and your organization from threats, hackers and ensures that the
data traveling across your networks is safe.

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
8,362
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
407
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Network Security Research Paper

  1. 1. Network Security: It is a process, not a product α Suyog Dixitª and Pankaj Kumar Jha B.E. Computer Science, Third year, SD Bansal College of Technology, Indore (M.P.)a B.E Computer Science, Second year, SD Bansal College of Technology, Indore (M.P.)αEmail: pankajjha@suyogdixit.comABSTRACT enterprises are a must Network security originally focused on algorithmic aspects such as encryption and hashing techniques. While these concepts rarely change, these skillsW ith the explosion of the public Internet and e-commerce, private computers and computernetworks, if not adequately secured are increasingly alone are insufficient to protect computer networks. As crackers hacked away at networks and systems, security courses arose that emphasized the latest attacks. There isvulnerable to damaging attacks. Hackers, viruses, always fault management, fault software, abuse of resourcesvindictive employees and even human error all represent connecting to computer networks. These are the mainclear and present dangers to networks. And all reasons which cause security problems for a Network.computer users from the most casual Internet surfers to Today, security problem becomes one of the main problemslarge enterprises could be affected by network security for computer network and internet developing. However, there is no simple way to establish a secure computerbreaches. However, security breaches can often be easily network. In fact, we cannot find a network in the world,prevented. How? This white paper provides you an which does not have any security holes nowadays. Theoverview of the most common network security threats infrastructures of cyberspace are vulnerable due to threeand its solution which protects you and your kinds of failure: complexity, accident, and hostile intent.organization from threats, hackers and ensures that the Hundreds of millions of people now appreciate a cyberdata traveling across your networks is safe. context for terms like “viruses”, “denial of service”, “privacy”, “worms”, “fraud”, and “crime” more generally.Some history of networking is included, as well as an Attacks so far have been limited. While in some networkintroduction to TCP/IP and internetworking. We go on attacks the value of losses is in the hundreds of millions,to consider risk management, network threats, firewalls, damage so far is seen as tolerable.and more special-purpose secure networking devices. While preventing attack is largely based on government authority and responsibility, the detailed knowledge needed to thwart an attack on a cyber system to prevent damageINDEX TERMS: Security, Audit, Coupled stages. rests primarily with its owner. Protecting infrastructure systems arguably involves fiveINTRODUCTION coupled stages. First, it is necessary to attempt to deter potential attackers. Second, if attacked, the need is to thwartComputer and network security is a new and fast moving the attack and to prevent damage. Third, since successTechnology and as such, is still being defined and most cannot be guaranteed in either preventing or thwarting anprobably will always be “still defined”. Security incidents attack, the next stage is to limit the damage as much asare rising at an alarming rate every year [Figure - 1]. As the possible. Fourth, having sustained some level of damagecomplexity of the threats increases, so do the security from an attack, the Defender must reconstitute the pre-measures required to protect networks. Data center attack state of affairs. Finally, since changing technologyoperators, network administrators, and other data center and incentives to attack influence both offence and defense,professionals need to comprehend the basics of security in the final step is for the defender to learn from failure inorder to safely deploy and manage networks today. order to improve performance, just as attackers will learnSecuring the modern business network and IT infrastructure from their failures.demands an end-to-end approach and a firm grasp of The more specific defenses to be discussed may be usefullyvulnerabilities and associated protective measures. While partitioned into two forms: passive and active.such knowledge cannot thwart all attempts at network Passive defense essentially consists in target hardening.incursion or system attack, it can empower network Active defense, in contrast, imposes some risk or penalty onengineers to eliminate certain general problems, greatly the attacker. Risk or penalty may include identification andreduce potential damages, and quickly detect breaches. With exposure, investigation and prosecution, or pre-emptive orthe ever-increasing number and complexity of attacks, counter attacks of various sorts.vigilant approaches to security in both large and smallArmageddon’08 April 01, 2008 Warfare: Paper Presentation Computer Society of India (CSI) [1]
  2. 2. FOCUS ON SECURITY • Application Software Protection: Program and test secure software to avoid backdoor entry via SQL injection, The Network Security program emphasizes to secure a buffer overflow, etc. network. The following background information in security helps in making correct decisions. Some areas • Incident response: Respond to an attack by escalating are concept-oriented: attention, collecting evidence, and performing computer forensics. The last three skills incorporate computer • Attack Recognition: Recognize common attacks, systems security, since they are required to counteract such as spoofing, man-in-the-middle, (distributed) internet hacking. denial of service, buffer overflow, etc. Network security applies business decisions in a • Encryption techniques: Understand techniques to technical manner. Business requirements drive security ensure confidentiality, authenticity, integrity, and no Implementations. Business-related skills include: repudiation of data transfer. These must be understood • Security Evaluation: Use risk analysis to determine at a protocol and at least partially at a mathematics or what should be protected and at what cost. algorithmic level, in order to select and implement the algorithm matching the organization’s needs. • Security Planning: Prepare a security plan, including security policies and procedures. • Network Security Architecture: Configure a network with security appliances and software, such as • Audit: Prepare an Audit Plan and Report. placement of firewalls, Intrusion Detection Systems, • Legal response: Understanding and interpreting the and log management. law regarding responding to computer/network attacks, To secure a network, certain skills must also be corporate responsibility (e.g., Sarbanes-Oxley), and practiced: computer forensics. • Protocol analysis: Recognize normal from abnormal protocol sequences, using sniffers. Protocols THE TCP/IP PROTOCOL: minimally include: IP, ARP, ICMP, TCP, UDP, HTTP, and encryption protocols: SSH, SSL, IPSec. The attacks which are discussed in this paper are all utilizing • Access Control Lists (ACLs): Configure and weaknesses in the implementation of the TCP/IP protocols audit routers and firewalls to filter packets accurately to make the attacked computer or network stop working as and efficiently, by dropping, passing, or protecting (via intended. To understand the attacks one has to have a basic VPN) packets based upon their IP and/or port addresses, knowledge of how these protocols are intended to function. and state. TCP/IP is the acronym of Transmission Control •Intrusion Detection/Prevention Systems Protocol/Internet Protocol and is one of several network protocols developed by the United States Department of (IDS/IPS): Set and test rules to recognize and report Defense (DoD) at the end of the 1970s. The reason why such attacks in a timely manner. a protocol was designed was the need to build a network of • Vulnerability Testing: Test all nodes (routers, computers being able to connect to other networks of the servers, clients) to determine active applications, via same kind (routing). This network was named ARPANET scanning or other vulnerability test tools – and interpret (Advanced Research Project Agency Internetwork), and is results. the predecessor of what we call Internet these days.Armageddon’08 April 01, 2008 Warfare: Paper Presentation Computer Society of India (CSI) [2]
  3. 3. TCP/IP is a protocol suite which is used to transfer data generally have lower volumes of data. Unless some exploitsthrough networks. Actually TCP/IP consists of several exist at the victim hosts, which have not been fixed, a DoSprotocols. The most important are: attack should not pose a real threat to high-end services on IP Internet Protocol today’s Internet.This protocol mainly takes care of specifying where to sendthe data. To do that, each IP packet has sender and receiver SOME SOLUTIONS TO DOS ATTACKS:information. The most common DoS attacks at the IP levelexploit the IP packet format. The way DoS and DDoS attacks are perpetrated, by TCP Transmission Control Protocol exploiting limitations of protocols and applications, is one ofThis protocol handles the secure delivery of data to the the main factors why they are continuously evolving, andaddress specified in the IP protocol. Most of the TCP level because of that presenting new challenges on how toattacks exploit weaknesses present in the implementations of combat or limit their effects. Even if all of these attacksthe TCP finite state machine. By attacking specific cannot be completely avoided, some basic rules can beweaknesses in applications and implementations of TCP, it followed to protect the network against some, and to limitis possible for an attacker to make services or systems crash, the extent of the attack:refuses service, or otherwise become unstable. • Make sure the network has a firewall up that aggressively keeps everything out except legal traffic.A communication through a network using TCP/IP or • Implement router filters. This will lessen the exposure toUDP/IP will typically use several packets. Each of the certain denial-of-service attacks. Additionally, it will aid inpackets will have a sending and a receiving address, some preventing users on network from effectively launchingdata and some additional control information. Particularly, certain denial-of-service attacks.the address information is part of the IP protocol – being the • Install patches to guard against TCP/IP attacks. This willother data in the TCP or the UDP part of the packet. ICMP substantially reduce the exposure to these attacks but mayhas no separate TCP part – all the necessary information is not eliminate the risk entirely.in the ICMP packet. In addition to the recipients address all • Observe the system performance and establish baselinesTCP/IP and UDP/IP communication uses a special port for ordinary activity. Use the baseline to gauge unusualnumber which it connects to. These port numbers determine levels of disk activity, CPU usage, or network traffic.the kind of service the sender wants to communicate to thereceiver of information. CYBERSPACE IS VULNERABLE:DOS ATTACKS: The infrastructures of cyberspace are vulnerable due to three kinds of failure: complexity, accident, and hostile intent.DoS attacks today are part of every Internet user’s life. They Very little of it was designed or implemented with assuranceare happening all the time, and all the Internet users, as a or security as primary considerations. Bad things can becommunity, have some part in creating them, suffering from done either via the network infrastructures or to thethem or even loosing time and money because of them. DoS infrastructures themselves. These bad things can beattacks do not have anything to do with breaking into characterized by a lot of “D” words: destroy damage, deny,computers, taking control over remote hosts on the Internet delay, deceive, disrupt, distort, degrade, disable, divulge,or stealing privileged information like credit card numbers. disconnect, and disguise. We lack a comprehensiveUsing the Internet way of speaking DoS is neither a Hack understanding of these vulnerabilities largely because of thenor a Crack. The sole purpose of DoS attacks is to disrupt extraordinary Complexities of many of the problems, andthe services offered by the victim. While the attack is in perhaps from too little effort to acquire this understanding.place, and no action has been taken to fix the problem, the But there is ample evidence that vulnerabilities are there:victim would not be able to provide its services on the examples of all three kinds of failure abound, andInternet. DoS attacks are really a form of vandalism against vulnerabilities are found almost every time people seriouslyInternet services. DoS attacks take advantage of weaknesses look for them (e.g. via “Red Teams”). Under thein the IP protocol stack in order to disrupt Internet circumstances, it is remarkable that we have had so fewservicesDoS attacks can take several forms and can be extended and crippling failures so far. Threats to networkcategorized according to several parameters. infrastructures are potentially extensive not only as theirParticularly, in this study we differentiate denial of service value increases in terms of the Infrastructures themselves,attacks based on where is the origin of the attack being the value of hosted services, and the value of what is locatedgenerated at.“Normal” DoS attacks are being generated by a on them, but also because of their widespread and low-costsingle host (or small number of hosts at the same location). access. The connectivity of the networks gives rise to a formThe only real way for DoS attacks to impose a real threat is of long, nonlinear reach for all kinds of attackers that is notto exploit some software or design flaw. Such flaws can present for more traditional forms of infrastructure attacks,include, for example, wrong implementations of the IP stack, e.g. bombs against physical transportation systems.which crash the whole host when receiving a non-standard Dependence on some of the IT-based infrastructures inIP packet (for example ping-of-death). Such an attack wouldArmageddon’08 April 01, 2008 Warfare: Paper Presentation Computer Society of India (CSI) [3]
  4. 4. several countries is such that serious national consequences be trade-offs between the various courses of actioncould result from the exploitation of their vulnerabilities. suggested by this conceptual structure.Thus it is not surprising that these infrastructures are Preventing or thwarting attacks can be costly. This activityattracting a wide range of malevolent activity ranging from a may also incur losses through reduced system performance.great deal of long range vandalism, to many forms of more However, the greater the success in limiting damage, the lessserious crimes, to prospective forms of terrorism, to nation- will be the amount of damage to be repaired. If limitingversus-nation conflict. Attacks may be directed at parts of damage is difficult, it is better to invest in efforts to assist inthe information infrastructure itself or through the networks reconstitution. Damage limitation can be viewed on two timeagainst other targets that have a presence in this medium. scales. Plans can be made to limit the damage from a singleCriminals and terrorists may also value the networks as attack, or to minimize losses from multiple attacks overassets to support their own activities, e.g. for inexpensive, time. There will be other trade-offs, e.g. between detailedeffective communications or as a source for intelligence and potentially costly scrutiny of individual transactions andgathering. Virtually every connected country can serve as a that of waiting to identify and punish attackers overbase for any number of attackers, who are motivated, and the longer term.who can readily acquire access and technical Capabilities to Since an infrastructure system is typically a mix of publiccause harm to others. and private ownership, the various owners are likely to haveAttacks so far have been limited. While in some network different views of investing in protection. Private owners,attacks the value of losses is in the hundreds of millions, faced with loss of revenue and loss of confidence bydamage so far is seen as tolerable. Many believe that it is customers, regulators, investors, and insurers will seek toonly a matter of time before all sorts of malevolent people restore revenues and confidence in their stewardship.are going to find those network vulnerabilities and exploit Governments will pursue policies that focus on longer termthem through prolonged, multifaceted, coordinated attacks aspects of protection, seeking to reduce cumulative losses,producing serious consequences. Thus, prudence dictates protecting economies and national security, and maintainingbetter protection against accidents and attacks before things law and order.get much worse. Is this a domain where “a stitch in time maysave nine”, and one where government and industry can get PARTITIONING AND PROTECTING NETWORKout ahead of a problem before it becomes insufferable?However, since one unprotected system renders the entire BOUNDARIES WITH FIREWALLS:network vulnerable, cooperation between all governmentsand their constituents is required for a safer network A firewall is a mechanism by which a controlled barrier isenvironment. And, all realizations of “visions of the used to control network traffic into AND out of aninformation society” are going to be severely limited if the organizational intranet. Firewalls are basically applicationpeople in that society do not trust or feel secure with the specific routers. They run on dedicated embedded systemsunderlying infrastructures. such as an internet appliance or they can be software programs running on a general server platform. In mostStrategic defense options cases these systems will have two network interfaces, one“Security is a process, not a product.” for the external network such as the Internet and one for the internal intranet side. The firewall process can tightly controlFaced with the technical possibility of disruption of critical what is allowed to traverse from one side to the other.infrastructures in ways that could have serious consequences Firewalls can range from being fairly simple to veryto their economies and potentially result in loss of life, complex.governments should be expected to plan and implement As with most aspects of security, deciding what type ofprudent defenses. Policies directed to protecting firewall to use will depend upon factors such as trafficinfrastructures will, in the majority of countries, require that levels, services needing protection and the complexity ofthere be a clear logic relating the perceived states of rules required. The greater the number of services that mustinfrastructure vulnerability to the desired endpoints such be able to traverse the firewall the more complex thedefensive policies are intended to achieve. This will require requirement becomes. The difficulty for firewalls isthat each country identify those infrastructures, and their distinguishing between legitimate and illegitimate traffic.interdependencies that are critical to its survival and to its What do firewalls protect against and what protection dosocial and economic well-being. they not provide? Firewalls are like a lot of things; ifAbsolute defense against cyber attack has rarely, if ever, configured correctly they can be a reasonable form ofbeen achieved in a large complex, geographically protection from external threats including some denial ofdistributed, network. The complexities of such systems and service (DOS) attacks. If not configured correctly they canmodes of attack are such that we do not know precisely how be major security holes in an organization. The most basicto assess how secure they are, and this lack of understanding protection a firewall provides is the ability to block networkforces defenders to protect themselves in overlapping ways traffic to certain destinations. This includes both IPand in multiple stages. Risk or penalty may include addresses and particular network service ports. A site thatidentification and exposure, investigation and prosecution, wishes to provide external access to a web server can restrictor pre-emptive or counter attacks of various sorts. There will all traffic to port 80 (the standard http port). Usually thisArmageddon’08 April 01, 2008 Warfare: Paper Presentation Computer Society of India (CSI) [4]
  5. 5. restriction will only be applied for traffic originating from Deterring criminal actions requires some amount ofthe un-trusted side. Traffic from the trusted side is not international legal machinery such as common definitions ofrestricted. All other traffic such as mail traffic, ftp, snmp, criminal actions, standards for the collection of forensicetc. would not be allowed across the firewall and into the evidence, extradition agreements, and the like. Deterringintranet. An example of a simple firewall is shown in State attackers requires less in the way of legal procedures,[Figure 2] but requires the defender to have a national policy that recognizes information attacks as attacks under the United Nations Charter that justify self-defense and constitute threats to peace. Costs of deterrence as seen by Government will differ from those seen by a private system owner in magnitude and cost-benefit expectations. National expenditures for a prompt capability to respond to attacks on the State include the correlation of intrusion events, the collection and dissemination of attack profiles and warnings, and the costs of participation in international organizations and joint responses. A second way to prevent an attack is through establishing cyber attacks as unacceptable behavior among the Figure 2 community of nations. This can be through formal arms control agreement, or it can be based on domestic laws andAn even simpler case is a firewall often used by people with international agreements designed to protect privacy,home or small business cable or DSL routers. Typically property rights, and other generally accepted areas of mutualthese firewalls are setup to restrict ALL external access and interest. Again, there is the implication that violators can beonly allow services originating from the inside. A careful subject to sanctions including social disapproval, civil orreader might realize that in neither of these cases is the criminal penalties, or revocation of rights of access and use,firewall actually blocking all traffic from the outside. If that a cyber equivalent of exile.were the case how could one surf the web and retrieve web A third way to prevent an attack is to pre-empt the attackerpages? What the firewall is doing is restricting connection in a way that results in abandoning the attack. This implies arequests from the outside. In the first case all connection great deal by way of national surveillance capability to berequests from the inside are passed to the outside as well as able to provide strategic warning. So stealthy are cyberall subsequent data transfer on that connection. From the attacks, so widespread is the ability to plan and launch them,exterior, only a connection request to the web server is so inexpensive are the tools of attack, and so lacking are theallowed to complete and pass data, all others are blocked. indicators of cyber attacks that pre-emption would notThe second case is more stringent as connections can only appear to be a practical option at this point. But shouldbe made from the interior to the exterior. responsible norms of behavior in cyberspace become betterMore complex firewall rules can utilize what is called Established, the detection and identification of abnormal“stateful inspection” techniques. This approach adds to the behavior may become easier.basic port blocking approach by looking at traffic behaviorsand sequences to detect spoof attacks and denial of serviceattacks. THWARTING AN ATTACKPREVENTING AN ATTACK While preventing attack is largely based on government authority and responsibility, the detailed knowledge neededThere are at least three ways to prevent an attack, and all to thwart an attack on a cyber system to prevent damagethree are ultimately forms of active defense. One is to deter rests primarily with its owner. The least complicated case isthe attacker by having a demonstrated capability to punish where the system owner acts individually. Not only must thethe attacker. This implies that the attacker understands the owner be concerned with defense from outsiders, but alsorisk of being identified and located; that the defender is seen needs to recognize that not all authorized users of the systemas credible in a resolve to punish, and that the “cost” of may have the owner’s interests at heart. There are manypunishing is acceptable to the defender. A simple situation is ways of defending systems against cyber attack, and somewhen the attacker suffers a large “front end” loss through minimal number must probably be employed for the ownerdiscovery during the probe phase and the defender can to demonstrate due diligence.accomplish that discovery cheaply. When the cost to the Thus, techniques such as requiring authorization to enter,defender to punish is less than the loss that can be caused by monitoring and recording the use of the system to detectthe attacker, there will clearly be an incentive to develop unauthorized activities, periodic checking on the integrity ofways of discovering attackers. But the more common critical software, and establishing and enforcing policiessituation is when the relatively high costs of legal governing system security and responses to unexpectedProsecution of a single attacker are returned in reduced event will be necessary. Owners can limit unauthorizedlosses over the longer term. activities through compartmenting information within theArmageddon’08 April 01, 2008 Warfare: Paper Presentation Computer Society of India (CSI) [5]
  6. 6. system and maintaining need-to-know discipline. Owners In this regard, system design must have an explicitlycan provide themselves substantially more rights to monitor defensive aspect, where models of attackers and theirinside users by covering access through contractual terms strategies and tactics are established and where tools for thewith employees and vendors. collection of forensic data are provided. An analogy is the design of a military combat system. Not only must a systemLIMITING DAMAGE DURING A SUCCESSFUL meet its functional objectives, but its defense in the face ofATTACK hostile action is addressed at the beginning of the design process, not, as is often the case in commercial systems, theThe central idea of this strategic objective is to limit damage end of the process or even reactively. Information about thein the trans-attack period by constructing an “incident defense of the system should be concealed from potentialmanagement” system. The premised technical capability is attackers and the system should be designed to givethe ability of the defender to audit system operation, to be unsuccessful attackers as little information as possible onable to detect an attack underway, and to take steps in real- which to develop improved attacks. As a second responsetime to limit the extent of the damage. “Defender” can apply toward improving effectiveness, during the developmentto the company level, the industry level, or the national process, and after deployment, systems should be subject tolevel. independent penetration testing.Damage limitation implies, beyond having attack Post-attack analysis of intrusion attempts, whether the attack“templates” to enable recognition that an attack is under was successful or not, is critical for a learning organization.way, the linking of system operation centers to higher-level While failure analysis is normal in areas such asanalysis centers for situation awareness and attack transportation, power, and structural failure, it is lessassessment. This also implies having pre-established common in the case of information systems where failuresresponse options at the company, industry, or national level. are more difficult to diagnose and where forensic evidence isSeveral kinds of responses are possible. Adaptive defense more difficult to collect. Such data as are collected must beallows a defender to increase levels of defense, Such as analyzed, not only to assess damage, but also to thwart acalling for re-authentication of all users, or those currently recurrence of that attack and to address possibleundertaking critical functions or accessing critical inadequacies in forensic data collection. While this mayinformation, putting critical transactions in “quarantine” smack of locking the barn door after the horse has beenuntil they can be more thoroughly scrutinized, backing-up stolen, if successful, the same attacker or others may repeatsystem status, providing real-time warning to other systems, attacks, and hence there is ample opportunity for learning inand increasing the collection of forensic evidence the large.RECONSTITUTING AFTER AN ATTACK HALTING CYBER ATTACKS IN PROGRESSShort-term reconstitution is the set of first steps taken to Along with the sharing of information, systemmeet the most urgent threats to life and property. administrators also need procedures they can use to assist inThey include assessing damage and implementing an ending attacks already under way. This need is particularlyappropriate recovery plan. Systems are restored from evident in DoS attacks, which can be of extended durationbackups where possible, and residual resources may have to and which can shut down business operations while theybe rationed. It is possible that additional capacity can be occur. To aid in ending an attack, system administratorsgenerated as facilities that are idle or in maintenance are would profit by working with infrastructure operators tobrought on line. Online status reporting, dispatching of trace the attack to its source and then to block the attacker.emergency personnel and repair equipment, notification of Methods for halting attacks in progress as well as those forusers of possibly lost transactions, an ability to adjust plans investigating attacks are constrained by the inability to easilyin near-real time, and procedures for secure emergency identify and locate attackers. In the case of the Internet,communication will be required. because packet source addresses are easily forged, the only way to identify an attacker with confidence is to trace the path taken by the packet through the routing infrastructure.IMPROVING DEFENDER PERFORMANCE This tracing is a manual process and essentially requires the cooperation of every network operator between the attackerA current management paradigm asserts that organizations and his target. The inability to automatically trace the sourcemust learn from experience. Even under the best of of an attack in real-time significantly impairs the ability ofcircumstances, events often unfold unpredictably. Social and targets and law enforcement agencies to respond totechnological change may also diminish an organization’s incidents.present effectiveness. Recognizing this, there are tworesponses. The first response is to recognize the possibilitythat the network system could fail in several ways. Initialdesign of new systems, or upgrades of existing systems,should include thorough analysis to identify potential flawsan attacker could exploit.Armageddon’08 April 01, 2008 Warfare: Paper Presentation Computer Society of India (CSI) [6]
  7. 7. PROVIDING ASSISTANCE TO DEVELOPING 4. Batista, E., IDC: Tech Bucks, Hack Threats Up, WiredNATIONS News, 23 December 2002: http://www.wired.com/news/infostructure/0,1377,56902,00.Developing nations face particularly severe shortages of html.resources and trained personnel that both decrease their own 5. Brush, C., Surcharge for Insecurity. Information Securitysecurity posture and prevent them from effectively providing Magazine, July 2001:assistance in such transnational efforts as investigation http://www.infosecuritymag.com/articles/july01/departmentsprocedures. Developing nations need an awareness of the _news.shtml.problem, as well as laws to address it that are compatible CERT/CC, CERT/CC Statistics 1988-2002, 5 April 2002:with the needs of the international community; but they also http://www.cert.org/stats/cert_stats.html.need more. All countries need the capability to assist each 6. Coglianese, C., Globalization and the Design ofother in developing skills in the pursuit of secure networks. International Institutions, In J. S. J. Nye, and John D. Donahue (Ed.), Governance in a Globalizing World, Washington D.C., Brookings Institution Press, 2002.CONCLUSION: Conry-Murray, A.Kerberos, Computer Securitys Hellhound,The security issues in our networked systems as described in Network Magazine, 5 July 2002,this paper identify some of the work that needs to be done, http://www.commweb.com/article/NMG20010620S0008/1.and the urgency with which concerns need to be addressed. 7. Council of Europe, Convention on Cyber crime ETS no.:Dependence on some of the IT-based infrastructures in 185 - Explanatory Report (Article II, Section II) 23several countries is such that serious national consequences November 2001:could result from the exploitation of their vulnerabilities. http://conventions.coe.int/Treaty/en/Reports/Html/185.htm.And as the density of networks increases, the necessity fortransnational participation in improving network securityincreases. The changing technologies and the potential forchanging threats is taxing our understanding of the threatsand how to deal with them. Due to the complexity andentanglement among networks and communitiesinternationally, any increases in network security mustinvolve the concerted efforts of as many nations as possible.We have to understand that a great deal can be accomplishedthrough such mechanisms, but not without taking note oftheir earlier trouble spots. We must learn from priorunexpected consequences in international cooperation, justas in the battle to secure networked systems, and be evermore cautious as we move forward toward some type ofinternational action. But move forward quickly we must ifthe benefits from the use of our networked systems are to berealized in the myriad ways that they have been and arehoped for in the future. Nations must cooperate fully withintheir capability in order to contain the actions of those whothreaten our networks, and to realize the positive vision thatwe have for our societies.REFERENCES:1. “Google Query-Serving Architecture” at NationalConference sponsored by NACC (National Assessment andAccreditation Council) By Suyog Dixit & Dr. R. K. Dixit(HOD of Computer Science, Indore)2. “Intrusion Controls in Computer Networks: HowEffective Are They and What a Computer Engineer CanDo?”, Published in National Seminar, sponsored by HigherEducation of M.P.) By Suyog Dixit & Dr. R. K. Dixit(HOD of Computer Science, Indore)3. American Bar Association. International Cyber CrimeProject of the ABA Privacy and Computer CrimeCommittee:http://www.abanet.org/scitech/computercrime/cybercrimeproject.html.Armageddon’08 April 01, 2008 Warfare: Paper Presentation Computer Society of India (CSI) [7]

×