1) Network security has become more important with the rise of the internet and interconnected networks. As personal and business information is transmitted over networks, security threats have also increased.
2) The document discusses the history and importance of network security. It covers how the architecture of the internet led to vulnerabilities, and how understanding attack methods has helped develop appropriate security technologies.
3) The future of network security is still evolving as new trends emerge. A layered security approach corresponding to the OSI model layers is being explored as an effective way to design secure networks.
This document provides background information on the history and importance of network security. It discusses how the advent of the internet led to security becoming a major concern, as the internet's architecture allowed for many security threats. The document outlines the internet and network security timeline, from the creation of the ARPANET in 1969 to the crimes of Kevin Mitnick in the 1990s that heightened awareness of information security. It also examines the differences between data security and network security, and how a layered security model corresponds to the OSI model layers.
Intrusion Detection Techniques In Mobile NetworksIOSR Journals
This document discusses intrusion detection techniques for mobile networks. It begins by outlining the vulnerabilities of wireless networks, including the open medium, dynamic topology, lack of centralized monitoring, and cooperative algorithms. It then explains the need for intrusion detection systems, as completely preventing intrusions is unrealistic. The document classifies intrusion detection systems and outlines their requirements, including continuous monitoring, fault tolerance, and adaptability. It concludes by describing the two main techniques of intrusion detection: anomaly detection, which flags deviations from a normal activity profile; and misuse detection, which searches for patterns matching known attacks.
This document summarizes a research paper that classifies different types of networks and discusses their associated security issues. It categorizes networks based on size (LAN, MAN, WAN), design (peer-to-peer, client-server, standalone), layering (layered, non-layered), and provides examples such as Ethernet, Wi-Fi, VPNs. It also discusses common security threats for different network types like viruses, denial of service attacks, and evaluates security measures including encryption, firewalls, access control. The paper aims to provide a comprehensive classification of networks and analyze how security needs vary depending on the network and software development stages.
Information security has evolved from securing physical access to mainframes during World War II to modern concerns over networked and digital assets. It began with physical controls but now addresses software, data, networks and more. Effective security requires balancing protection with reasonable access and is best achieved through a structured methodology like SecSDLC that considers security in all phases from analysis to maintenance. Information security seeks to preserve the confidentiality, integrity and availability of information through technical, operational and personnel countermeasures.
The document discusses network security terminology such as threats, attacks, risk analysis, and cryptography. It defines common threats like spoofing, tampering, repudiation, and denial-of-service attacks. The document also outlines the steps for performing risk analysis and includes an exercise asking questions about finding, removing, and preventing vulnerabilities.
This document provides an introduction to steganography. It defines steganography as concealing a file within another file by hiding information in images, audio, or video. The document outlines the history of steganography and its applications. It also discusses basic terminology, fields related to information hiding, steganalysis, and some common steganography tools. The document concludes with describing steganographic techniques such as least significant bit substitution and exercises for readers.
This document outlines the course objectives and contents for a Network Security course at the University of Okara. The course will introduce computer and network security concepts over 10 lectures, including topics like cryptography, encryption algorithms, digital signatures, key management, hashing, VPNs, firewalls, and viruses. Students will complete 3 assignments, 3 exercises per lecture, a final project, and case study. The course aims to explain network security in the context of protecting network resources and data, rather than just computers or individual data. It will also cover the history and basic definitions of security, like defining it as protecting systems from harm and preserving the confidentiality, integrity and availability of information.
This document provides background information on the history and importance of network security. It discusses how the advent of the internet led to security becoming a major concern, as the internet's architecture allowed for many security threats. The document outlines the internet and network security timeline, from the creation of the ARPANET in 1969 to the crimes of Kevin Mitnick in the 1990s that heightened awareness of information security. It also examines the differences between data security and network security, and how a layered security model corresponds to the OSI model layers.
Intrusion Detection Techniques In Mobile NetworksIOSR Journals
This document discusses intrusion detection techniques for mobile networks. It begins by outlining the vulnerabilities of wireless networks, including the open medium, dynamic topology, lack of centralized monitoring, and cooperative algorithms. It then explains the need for intrusion detection systems, as completely preventing intrusions is unrealistic. The document classifies intrusion detection systems and outlines their requirements, including continuous monitoring, fault tolerance, and adaptability. It concludes by describing the two main techniques of intrusion detection: anomaly detection, which flags deviations from a normal activity profile; and misuse detection, which searches for patterns matching known attacks.
This document summarizes a research paper that classifies different types of networks and discusses their associated security issues. It categorizes networks based on size (LAN, MAN, WAN), design (peer-to-peer, client-server, standalone), layering (layered, non-layered), and provides examples such as Ethernet, Wi-Fi, VPNs. It also discusses common security threats for different network types like viruses, denial of service attacks, and evaluates security measures including encryption, firewalls, access control. The paper aims to provide a comprehensive classification of networks and analyze how security needs vary depending on the network and software development stages.
Information security has evolved from securing physical access to mainframes during World War II to modern concerns over networked and digital assets. It began with physical controls but now addresses software, data, networks and more. Effective security requires balancing protection with reasonable access and is best achieved through a structured methodology like SecSDLC that considers security in all phases from analysis to maintenance. Information security seeks to preserve the confidentiality, integrity and availability of information through technical, operational and personnel countermeasures.
The document discusses network security terminology such as threats, attacks, risk analysis, and cryptography. It defines common threats like spoofing, tampering, repudiation, and denial-of-service attacks. The document also outlines the steps for performing risk analysis and includes an exercise asking questions about finding, removing, and preventing vulnerabilities.
This document provides an introduction to steganography. It defines steganography as concealing a file within another file by hiding information in images, audio, or video. The document outlines the history of steganography and its applications. It also discusses basic terminology, fields related to information hiding, steganalysis, and some common steganography tools. The document concludes with describing steganographic techniques such as least significant bit substitution and exercises for readers.
This document outlines the course objectives and contents for a Network Security course at the University of Okara. The course will introduce computer and network security concepts over 10 lectures, including topics like cryptography, encryption algorithms, digital signatures, key management, hashing, VPNs, firewalls, and viruses. Students will complete 3 assignments, 3 exercises per lecture, a final project, and case study. The course aims to explain network security in the context of protecting network resources and data, rather than just computers or individual data. It will also cover the history and basic definitions of security, like defining it as protecting systems from harm and preserving the confidentiality, integrity and availability of information.
1) The document describes the design and implementation of a private area network for a university campus that provides secure and smooth computing.
2) It proposes using Cisco EIGRP for routing, access control lists for security, and implementing a modified campus area network with network security concepts.
3) The private area network would allow higher university authorities to directly contact any department securely and without relying on external communication tools, improving privacy and security control for the university.
1) The document discusses security issues in computer networks and proposes contemporary solutions. It covers topics like cryptography, secure data access, intrusion detection, and secure routing.
2) The literature review discusses previous research on wireless sensor network security including common attacks, requirements, and defenses. It also examines security issues that arise from the unique characteristics of wireless networks.
3) The document proposes that more research is still needed on topics like quantifying security costs and benefits, data integrity, survivability, and security for data-centric wireless sensor networks. A holistic security model is needed that integrates solutions at each network layer.
this report is about how network security and privacy security works on Wireless and Wired system.It is also contain encryption method for network security and privacy.
In the past decade, internet of things IoT has been a focus of research. It makes more intelligent to core element of modern world such as hospitals, cities, organizations, and buildings. Usually, IoT has four major components including sensing, information processing, applications and services, heterogeneous access and additional components e.g. Security and privacy. In this paper, we are presenting security perspective from the perspective of layers that comprises IoT. In this we focus on the overview of IoT security perspective. Sunilkumar Malge | Pallavi Singh ""Internet of Things (IoT): Security Perspective"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd24010.pdf
Paper URL: https://www.ijtsrd.com/computer-science/artificial-intelligence/24010/internet-of-things-iot-security-perspective/sunilkumar-malge
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FIIJNSA Journal
This paper is mainly based on providing security to the wireless networks through which devices like
Bluetooth gets connected. The Wi-Fi connections are also prone to various attacks these days. The
protocols that are required to provide security to wireless networks can be implemented by creating a
wireless scenario using the software Network Simulator. This paper illustrates a scenario to check the
security protocol. As NS2 mainly has the implementation of routing protocols, a new protocol should be
designed especially for security purpose. This is done by following many tutorials to get a minimum basic
knowledge of NS2, C/C++ coding. The security feature followed in the paper is encryption/decryption of
the data that is being exchanged. Data should be ensured as and then there will be a perfect
implementation of the protocol. So, the paper throughout concentrates on adding a new security protocol to
NS2 and implementation of that protocol by providing a wireless scenario.
A Data Hiding Techniques Based on Length of English Text using DES and Attack...IJORCS
The comparing recent proposal for multimedia applications network security remains an important topic for researchers. The security deals with both wired and wireless communication. Network is defined as it is a large system consisting of many similar parts that are connected together to allow the movement or communication between or along the parts or between the parts and a control center. There are the main components of the network information system such as end systems (terminals, servers) and intermediate systems (hubs, switches, gateways). Every node has its own set of vulnerabilities that can be related to hardware, software, protocol stack etc. Nodes are interconnected by physical supports in a network for example connected with cables in wired Local Area Network (LAN) or radio waves (Wi-Fi) in Wireless Local Area Network (WLAN). Some nodes are able to provide services (FTP, HTTP browsing, database access). If two nodes want to communicate together, they must be interconnected physically and logically. Network security deals with also information hiding technique. Now day’s security deals with heterogeneous networks. The use of different wireless and wired network which are working on different platform is heterogeneous. So design of network security for such type of heterogeneous network is difficult task.
Blueprint for Cyber Security Zone ModelingITIIIndustries
The increasing need to implement on-line services for all industries has placed greater focus upon the security controls deployed to protect the corporate network. The demand for cyber security is further required when IT solutions are built to operate in the cloud. As more business activities are migrated to the on-line channel the security protection systems must cater for a variety of applications. This includes access for enterprise users who are mobile, working from home, or situated at business partner locations. One set of key security measures deployed to protect the enterprise perimeter include firewalls, network routers, and access gateways. In addition, a set of controls are also in place for cloud enabled IT solutions. Collectively these components make up a set of protection systems referred to as the security zones. In this paper, a security zone model that has been deployed in practice for the industry is presented. The zone model serves as a design blueprint to validate existing architectures or to assist in the design of new cyber security zone deployments.
This document discusses cryptography and security implementations for Internet of Things (IoT) devices. It begins with an introduction to IoT and the need for security protocols as IoT devices collect and transmit large amounts of sensitive data. Challenges to IoT security include the diversity of devices which makes vulnerabilities complex, and limited computational resources. The document then explores using symmetric and public key cryptography algorithms as well as proposed lightweight cryptography solutions for IoT security. It concludes that while traditional security solutions are inadequate, lightweight cryptography protocols have the potential to help secure IoT communications and address current challenges if standardized for diverse IoT hardware.
The document discusses the need for network security on campus networks and some of the common risks faced at different layers of the TCP/IP model. It proposes using the SAPPDRR dynamic security model, which incorporates risk analysis, security policies, defense systems, real-time monitoring, response, disaster recovery and countermeasures. The model aims to provide comprehensive security and stability for campus networks through active defense against threats.
Its is project based on one of the most interesting and wide topic of Computer Science, named Cyber Security
CONTENT :
1. What is Cyber Security
2. Why Cyber Security is Important
3. Brief History
4. Security Timeline
5. Architecture
6. Cyber Attack Methods
7. Technology for Cyber Secuirty
8. Development in Cyber Security
9. Future Trend in Cyber Security
This document provides an overview of a university course on Cryptography and Network Security. It begins with the course syllabus, which outlines topics like security concepts, cryptography concepts and techniques, and types of security attacks. It then discusses key security concepts such as security services, security mechanisms, security attacks, and models for network and access security. It provides examples of security services like authentication, access control, and data confidentiality. It also describes security mechanisms and different classes of security attacks. The document concludes by listing reference books, online videos, related courses, tutorials, and sample multiple choice and problems related to cryptography and network security.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Peripheral Review and Analysis of Internet Network SecurityIJRES Journal
This paper is on the exploration of Internet Network security. With the advent of the internet, security became a major concern for computer users, organizations and the Military. The internet structure itself allow for many security threats to occur. Knowing the attack methods, the architecture of the internet when modified can reduce the possible attacks that can be sent across the network. The internet can be secured by the means of VPN, IPSec, Anti‐Malware Software and scanners, Secure Socket Layer, intrusion‐detection, security management, firewalls and cryptography mechanisms. The essence of this research is to forecast the future of internet network security.
This document provides an introduction to security, cyberspace, cybercrime, and cybersecurity. It defines security as maintaining an acceptable level of perceived risk through confidentiality, integrity, and availability. Cyberspace is defined as the environment where communication occurs over computer networks, and it impacts many aspects of modern society. Cybercrime is any criminal activity involving computers or networks, such as hacking, phishing, or cyberattacks. Cybersecurity aims to protect computers, networks, and data from unauthorized access or damage through tools, policies, and other measures to ensure security properties. The document discusses moving forward by creating a computer security incident response team to collaboratively protect cyberspace.
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTINGNishanth Gandhidoss
This document describes a project report submitted for the degree of Bachelor of Technology in Information Technology. The report focuses on network intrusion detection and node recovery using dynamic path routing. It was submitted by three students - Nishanth G., Sudharshan N., and Surya Krishnan R. - to Sri Venkateswara College of Engineering in partial fulfillment of their degree requirements. The document includes sections on acknowledgements, abstract, contents, introduction, literature survey, system design, network topology, network intrusion detection and prevention, node recovery, source anonymity, dynamic path routing, results and discussions, and conclusions. It aims to address privacy and security issues in networks through techniques like encryption, evidence collection, risk assessment
The document discusses various aspects of information security and network security. It defines information security and describes different types including physical security, communication security, and network security. It then discusses several common security processes and tools used for protection, such as anti-virus software, access controls, firewalls, intrusion detection systems, policy management, and vulnerability scanning. However, it notes that no single security measure provides complete protection and that security is an ongoing process.
This document discusses security threats to wireless networks. It begins by introducing wireless network vulnerabilities and various threats including accidental association, malicious associations, passive eavesdropping, ad-hoc networks, MAC spoofing, man-in-the-middle attacks, and denial of service attacks. It then discusses the consequences of poor wireless network security and strategies to improve security such as using encryption, passwords, firewalls, and educating users. The document provides details on specific threats and countermeasures organizations can take to secure their wireless networks.
Due to inherent limitations in wireless sensor networks, security is a crucial issue. While research in WSN security is progressing at tremendous pace, no comprehensive document lists the security issues and the threat models which pose unique threats to the wireless sensor networks. In this paper we have made an effort to document all the known security issues in wireless sensor networks and have provided the research direction towards countermeasures against the threats posed by these issues
This document summarizes the key aspects of computer network security. It discusses the importance of network security due to increased interconnectivity and risk of intellectual property theft. It describes common internet attack methods like viruses, Trojans, eavesdropping and denial of service attacks. It also discusses network security technologies used to defend against attacks, such as firewalls, encryption, intrusion detection systems. The document outlines security considerations for network design like access control, authentication, integrity and non-repudiation. It examines vulnerabilities in the internet architecture and security issues in different versions of the internet protocol. Finally, it discusses future directions for network security.
This document discusses the design and implementation of a network security model using routers and firewalls. It begins by outlining the importance of network security and some common vulnerabilities, threats, and attacks against network devices like routers. It then provides details on specific attacks like session hijacking, spoofing, and denial of service attacks. The document also discusses best practices for router and firewall security policies, including access control, authentication, and traffic filtering. The overall aim is to protect networks from vulnerabilities and security weaknesses by implementing preventative measures, securing devices like routers and firewalls, and establishing proper security policies.
This document discusses network security and approaches to securing networks. It begins by explaining that while networks are growing more complex, new security challenges are introduced. It then discusses the CIA security model of confidentiality, integrity and availability. Various security tools, techniques and best practices are covered such as access control lists, firewalls, encryption, hashing and authentication. Finally, it discusses common security threats like denial of service attacks, man-in-the-middle attacks, password cracking, trojans, viruses and worms. The goal of network security is to provide continued access to network resources while preventing unauthorized access and malicious activity.
1) The document describes the design and implementation of a private area network for a university campus that provides secure and smooth computing.
2) It proposes using Cisco EIGRP for routing, access control lists for security, and implementing a modified campus area network with network security concepts.
3) The private area network would allow higher university authorities to directly contact any department securely and without relying on external communication tools, improving privacy and security control for the university.
1) The document discusses security issues in computer networks and proposes contemporary solutions. It covers topics like cryptography, secure data access, intrusion detection, and secure routing.
2) The literature review discusses previous research on wireless sensor network security including common attacks, requirements, and defenses. It also examines security issues that arise from the unique characteristics of wireless networks.
3) The document proposes that more research is still needed on topics like quantifying security costs and benefits, data integrity, survivability, and security for data-centric wireless sensor networks. A holistic security model is needed that integrates solutions at each network layer.
this report is about how network security and privacy security works on Wireless and Wired system.It is also contain encryption method for network security and privacy.
In the past decade, internet of things IoT has been a focus of research. It makes more intelligent to core element of modern world such as hospitals, cities, organizations, and buildings. Usually, IoT has four major components including sensing, information processing, applications and services, heterogeneous access and additional components e.g. Security and privacy. In this paper, we are presenting security perspective from the perspective of layers that comprises IoT. In this we focus on the overview of IoT security perspective. Sunilkumar Malge | Pallavi Singh ""Internet of Things (IoT): Security Perspective"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd24010.pdf
Paper URL: https://www.ijtsrd.com/computer-science/artificial-intelligence/24010/internet-of-things-iot-security-perspective/sunilkumar-malge
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FIIJNSA Journal
This paper is mainly based on providing security to the wireless networks through which devices like
Bluetooth gets connected. The Wi-Fi connections are also prone to various attacks these days. The
protocols that are required to provide security to wireless networks can be implemented by creating a
wireless scenario using the software Network Simulator. This paper illustrates a scenario to check the
security protocol. As NS2 mainly has the implementation of routing protocols, a new protocol should be
designed especially for security purpose. This is done by following many tutorials to get a minimum basic
knowledge of NS2, C/C++ coding. The security feature followed in the paper is encryption/decryption of
the data that is being exchanged. Data should be ensured as and then there will be a perfect
implementation of the protocol. So, the paper throughout concentrates on adding a new security protocol to
NS2 and implementation of that protocol by providing a wireless scenario.
A Data Hiding Techniques Based on Length of English Text using DES and Attack...IJORCS
The comparing recent proposal for multimedia applications network security remains an important topic for researchers. The security deals with both wired and wireless communication. Network is defined as it is a large system consisting of many similar parts that are connected together to allow the movement or communication between or along the parts or between the parts and a control center. There are the main components of the network information system such as end systems (terminals, servers) and intermediate systems (hubs, switches, gateways). Every node has its own set of vulnerabilities that can be related to hardware, software, protocol stack etc. Nodes are interconnected by physical supports in a network for example connected with cables in wired Local Area Network (LAN) or radio waves (Wi-Fi) in Wireless Local Area Network (WLAN). Some nodes are able to provide services (FTP, HTTP browsing, database access). If two nodes want to communicate together, they must be interconnected physically and logically. Network security deals with also information hiding technique. Now day’s security deals with heterogeneous networks. The use of different wireless and wired network which are working on different platform is heterogeneous. So design of network security for such type of heterogeneous network is difficult task.
Blueprint for Cyber Security Zone ModelingITIIIndustries
The increasing need to implement on-line services for all industries has placed greater focus upon the security controls deployed to protect the corporate network. The demand for cyber security is further required when IT solutions are built to operate in the cloud. As more business activities are migrated to the on-line channel the security protection systems must cater for a variety of applications. This includes access for enterprise users who are mobile, working from home, or situated at business partner locations. One set of key security measures deployed to protect the enterprise perimeter include firewalls, network routers, and access gateways. In addition, a set of controls are also in place for cloud enabled IT solutions. Collectively these components make up a set of protection systems referred to as the security zones. In this paper, a security zone model that has been deployed in practice for the industry is presented. The zone model serves as a design blueprint to validate existing architectures or to assist in the design of new cyber security zone deployments.
This document discusses cryptography and security implementations for Internet of Things (IoT) devices. It begins with an introduction to IoT and the need for security protocols as IoT devices collect and transmit large amounts of sensitive data. Challenges to IoT security include the diversity of devices which makes vulnerabilities complex, and limited computational resources. The document then explores using symmetric and public key cryptography algorithms as well as proposed lightweight cryptography solutions for IoT security. It concludes that while traditional security solutions are inadequate, lightweight cryptography protocols have the potential to help secure IoT communications and address current challenges if standardized for diverse IoT hardware.
The document discusses the need for network security on campus networks and some of the common risks faced at different layers of the TCP/IP model. It proposes using the SAPPDRR dynamic security model, which incorporates risk analysis, security policies, defense systems, real-time monitoring, response, disaster recovery and countermeasures. The model aims to provide comprehensive security and stability for campus networks through active defense against threats.
Its is project based on one of the most interesting and wide topic of Computer Science, named Cyber Security
CONTENT :
1. What is Cyber Security
2. Why Cyber Security is Important
3. Brief History
4. Security Timeline
5. Architecture
6. Cyber Attack Methods
7. Technology for Cyber Secuirty
8. Development in Cyber Security
9. Future Trend in Cyber Security
This document provides an overview of a university course on Cryptography and Network Security. It begins with the course syllabus, which outlines topics like security concepts, cryptography concepts and techniques, and types of security attacks. It then discusses key security concepts such as security services, security mechanisms, security attacks, and models for network and access security. It provides examples of security services like authentication, access control, and data confidentiality. It also describes security mechanisms and different classes of security attacks. The document concludes by listing reference books, online videos, related courses, tutorials, and sample multiple choice and problems related to cryptography and network security.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Peripheral Review and Analysis of Internet Network SecurityIJRES Journal
This paper is on the exploration of Internet Network security. With the advent of the internet, security became a major concern for computer users, organizations and the Military. The internet structure itself allow for many security threats to occur. Knowing the attack methods, the architecture of the internet when modified can reduce the possible attacks that can be sent across the network. The internet can be secured by the means of VPN, IPSec, Anti‐Malware Software and scanners, Secure Socket Layer, intrusion‐detection, security management, firewalls and cryptography mechanisms. The essence of this research is to forecast the future of internet network security.
This document provides an introduction to security, cyberspace, cybercrime, and cybersecurity. It defines security as maintaining an acceptable level of perceived risk through confidentiality, integrity, and availability. Cyberspace is defined as the environment where communication occurs over computer networks, and it impacts many aspects of modern society. Cybercrime is any criminal activity involving computers or networks, such as hacking, phishing, or cyberattacks. Cybersecurity aims to protect computers, networks, and data from unauthorized access or damage through tools, policies, and other measures to ensure security properties. The document discusses moving forward by creating a computer security incident response team to collaboratively protect cyberspace.
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTINGNishanth Gandhidoss
This document describes a project report submitted for the degree of Bachelor of Technology in Information Technology. The report focuses on network intrusion detection and node recovery using dynamic path routing. It was submitted by three students - Nishanth G., Sudharshan N., and Surya Krishnan R. - to Sri Venkateswara College of Engineering in partial fulfillment of their degree requirements. The document includes sections on acknowledgements, abstract, contents, introduction, literature survey, system design, network topology, network intrusion detection and prevention, node recovery, source anonymity, dynamic path routing, results and discussions, and conclusions. It aims to address privacy and security issues in networks through techniques like encryption, evidence collection, risk assessment
The document discusses various aspects of information security and network security. It defines information security and describes different types including physical security, communication security, and network security. It then discusses several common security processes and tools used for protection, such as anti-virus software, access controls, firewalls, intrusion detection systems, policy management, and vulnerability scanning. However, it notes that no single security measure provides complete protection and that security is an ongoing process.
This document discusses security threats to wireless networks. It begins by introducing wireless network vulnerabilities and various threats including accidental association, malicious associations, passive eavesdropping, ad-hoc networks, MAC spoofing, man-in-the-middle attacks, and denial of service attacks. It then discusses the consequences of poor wireless network security and strategies to improve security such as using encryption, passwords, firewalls, and educating users. The document provides details on specific threats and countermeasures organizations can take to secure their wireless networks.
Due to inherent limitations in wireless sensor networks, security is a crucial issue. While research in WSN security is progressing at tremendous pace, no comprehensive document lists the security issues and the threat models which pose unique threats to the wireless sensor networks. In this paper we have made an effort to document all the known security issues in wireless sensor networks and have provided the research direction towards countermeasures against the threats posed by these issues
This document summarizes the key aspects of computer network security. It discusses the importance of network security due to increased interconnectivity and risk of intellectual property theft. It describes common internet attack methods like viruses, Trojans, eavesdropping and denial of service attacks. It also discusses network security technologies used to defend against attacks, such as firewalls, encryption, intrusion detection systems. The document outlines security considerations for network design like access control, authentication, integrity and non-repudiation. It examines vulnerabilities in the internet architecture and security issues in different versions of the internet protocol. Finally, it discusses future directions for network security.
This document discusses the design and implementation of a network security model using routers and firewalls. It begins by outlining the importance of network security and some common vulnerabilities, threats, and attacks against network devices like routers. It then provides details on specific attacks like session hijacking, spoofing, and denial of service attacks. The document also discusses best practices for router and firewall security policies, including access control, authentication, and traffic filtering. The overall aim is to protect networks from vulnerabilities and security weaknesses by implementing preventative measures, securing devices like routers and firewalls, and establishing proper security policies.
This document discusses network security and approaches to securing networks. It begins by explaining that while networks are growing more complex, new security challenges are introduced. It then discusses the CIA security model of confidentiality, integrity and availability. Various security tools, techniques and best practices are covered such as access control lists, firewalls, encryption, hashing and authentication. Finally, it discusses common security threats like denial of service attacks, man-in-the-middle attacks, password cracking, trojans, viruses and worms. The goal of network security is to provide continued access to network resources while preventing unauthorized access and malicious activity.
Network security refers to protecting computer networks from unauthorized access and system threats. Effective network security implements measures like firewalls, encryption, and user authentication to restrict access and ensure confidentiality, integrity, and availability of network resources. As networks and threats evolve, network security requires an adaptive, layered approach using tools like antivirus software, intrusion detection, and biometrics alongside continued software and hardware advances.
Security Technique and Congestion Avoidance in Mesh Networkijtsrd
Security in wireless network is one of the prime concern in todays Information Age, where information is an asset not only to an organisation but also to an individual. Security to a great extent is able to protect the network from various unauthorized attacks. On the other side implementation of security mechanisms also causes an overhead in terms of increased load in the network. Further the increased load in the network paves path to congestion which degrades the performance of the wireless network. In this paper we try to highlight various challenges pertaining to security in mesh networks and the ways of reducing security threats. We propose an improved version of AODV which has a congestion avoidance mechanism. We also use a security technique called PGP for enhanced security of Mesh network. Mankiran Kaur | Jagjit Kaur"Security Technique and Congestion Avoidance in Mesh Network" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-1 | Issue-6 , October 2017, URL: http://www.ijtsrd.com/papers/ijtsrd4690.pdf http://www.ijtsrd.com/engineering/computer-engineering/4690/security-technique-and-congestion-avoidance-in-mesh-network/mankiran-kaur
Network security architecture is the planning and design of the camp.pdfaquazac
Network security architecture is the planning and design of the campus network to reduce
security risks in accordance with the institution’s risk analysis and security policies. It focuses on
reduc-ing security risks and enforcing policy through the design and con-figuration of firewalls,
routers, and other network equipment.
Network security is important because it is one of the means to enforce the policies and
procedures developed by the institution to protect information. It is often referred to as the “front
door” in broader discussions of IT security. To the extent that you can block network access to a
computer, you “lock” the door and provide bet-ter protection for that computer and its contents.
Traditional network design has focused on creating a secure net-work perimeter around the
organization and strategically placing a firewall at the point where the network is connected to
the Inter-net. For higher education, this traditional design is problematic; our constituents need
access from off campus to a large number of machines and services on campus. In addition,
because we have many computers on our campus that we cannot implicitly trust, we also must be
concerned about security threats from inside the perimeter protected by a traditional firewall.
These design issues require a different approach to network security. Although it is impossible to
do justice to the topic of network design in a few pages, there are some best practices that I feel
universities should focus on in terms of network design.
Step 1: Eliminate Network Components That Still UseShared Ethernet
Shared Ethernet switches (or hubs) were developed more than a decade ago to interconnect
multiple computers and networks. These hubs retransmit all network traffic to all computers
connected to that hub. The security implication is that if one computer has its security
compromised it can be used to monitor network traffic com-ing from any other computer that
shares the same hub. This could expose passwords and other sensitive information. Today,
switched Ethernet, which isolates traffic intended for one computer from the view of others on
the same switch, is very inexpensive and, hence, it is worth the cost of replacing older hubs.
Step 2: Embrace and Implement the Concept of Defense and Use Multiple Firewalls Within
Your Network
Commercial and Linux-based firewalls are inexpensive enough that you can deploy these in
multiple locations as needed. It is still bene-ficial to have a firewall separating your institutional
network from the connection to the Internet. This firewall, called a border firewall, will provide a
minimal level of protection for all computers on your net-work. The major benefit of this firewall
is that it allows your network and security staff to quickly block external access should a threat
arise, such as when the “SQL worm” was launched in January 2003 In addition to the border
firewall, consider adding internal firewalls to protect areas that requi.
E-Commerce Privacy and Security SystemIJERA Editor
The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cyber crime. In certain e-commerce-related areas, such as networking, data transfer and data storage, researchers applied scanning and testing methods, modeling analysis to detect potential risks .In the Security system ,Questions are related to online security in which given options are Satisfied, Unsatisfied ,Neutral, Yes, No. and weak password , Strong password. it is revealed that it is quite difficult, if not impossible, to suggest that which online security is best. Online security provide the flexibility, efficiency of work, provide the better security of net banking . The main feature of the research that the data is safe in banking management for long time and open any account after along time. The Future scope of the study of Security is use to reduce threats. Security is used in the long run results in the reduction of number of branches, saying rentals of related and properties. If the better Security operate than net banking and e-marketing will be increase.
E-Commerce Privacy and Security SystemIJERA Editor
The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cyber crime. In certain e-commerce-related areas, such as networking, data transfer and data storage, researchers applied scanning and testing methods, modeling analysis to detect potential risks .In the Security system ,Questions are related to online security in which given options are Satisfied, Unsatisfied ,Neutral, Yes, No. and weak password , Strong password. it is revealed that it is quite difficult, if not impossible, to suggest that which online security is best. Online security provide the flexibility, efficiency of work, provide the better security of net banking . The main feature of the research that the data is safe in banking management for long time and open any account after along time. The Future scope of the study of Security is use to reduce threats. Security is used in the long run results in the reduction of number of branches, saying rentals of related and properties. If the better Security operate than net banking and e-marketing will be increase.
4.report (cryptography & computer network)JIEMS Akkalkuwa
This document discusses network security and cryptography. It begins by defining network security and explaining the key areas of secrecy, authentication, non-repudiation, and integrity control. It then discusses what cryptography is, explaining that it uses mathematics to encrypt and decrypt data to provide security. The document provides an overview of symmetric and asymmetric key encryption techniques as well as hash functions. It also discusses some existing network security systems and their use of symmetric encryption with periodic key distribution and refresh.
This document discusses network security. It begins by introducing the importance of network security due to the large amount of information shared over networks. It then discusses common security threats like denial of service attacks, information theft, and data tampering. The document categorizes security techniques into services like availability, confidentiality, integrity, identification, and authorization. It also discusses implementations of security including encryption, authentication, access control, and using security protocols and layered defenses.
https://www.ijmst.com/
IJMST Volume 1 Issue 1, Manuscript 4
As the popularity of mobile devices and wireless networks significantly increased over the
past years. The wireless adhoc network has now become one of the most vibrant and active
fields of communication and networking research. These networks are a new generation of
networks offering unrestricted mobility without any underlying infrastructure. As their
principle application is in disastrous environments, security is critical. Various challenges are
faced in the adhoc environment, mostly due to the resource poorness of these networks. One
man confront in the design of these networks is their vulnerability to security attacks. The
solutions for conventional networks are usually not sufficient to provide efficient adhoc
operations. Just because of its wireless nature of communication and lack of any security
infrastructure raise several security problems and threats.
In this paper, we briefly review the threats an adhoc network faces and the security goals to
be achieved. Moreover, it also presents existing security schemes used in wireless adhoc
networks in order to handle security threats.
This document provides an overview of firewall technologies. It discusses how firewalls enforce security policies by filtering network traffic and guarding entry points to protected networks. Firewalls can filter traffic at various layers of the ISO network model and implement rules through packet filtering. Specifying and testing firewall policies is complicated. Emerging network technologies pose new challenges for firewalls, which cannot block all attacks but remain an important protective mechanism.
Cloud technology to ensure the protection of fundamental methods and use of i...SubmissionResearchpa
A comparative analysis of attacks carried out in cloud technologies, the main methods and methods of information protection, the possibilities of using hardware and software, and methods to combat threats when eliminating them, ensuring data protection were carried out by Mamarajabov Odil Elmurzayevich 2020. Cloud technology to ensure the protection of fundamental methods and use of information. International Journal on Integrated Education. 3, 10 (Oct. 2020), 313-315. DOI:https://doi.org/10.31149/ijie.v3i10.780 https://journals.researchparks.org/index.php/IJIE/article/view/780/750 https://journals.researchparks.org/index.php/IJIE/article/view/780
This document discusses a seminar on network security. It covers topics like the history and need for network security, types of network security including authentication methods, common network attacks, and network security architecture. Network security aims to prevent unauthorized access to systems and data on a network. It discusses how network security has become more important as networks have expanded and grown more complex, and outlines some of the key aspects of designing and evaluating network security architecture.
Analysis of Honeypot Networks and Intrusion Prevention System IPS on Wireless...ijtsrd
Honeypot is a way to trap or ward off unauthorized use attempts in an information system. Honeypots are a distraction for hackers, so that it appears as if they have succeeded in breaking into and retrieving data from a network, even though in fact the data is not important and the location is already isolated. One type of honeypot is honeyd. Honeyd is a honeypot with a low interaction type which has less risk than the high interaction type because the interaction with the honeypot does not directly involve the actual system. Security issues are one of the important aspects of a network, especially network security on servers. This problem underlies the need to build a system that can detect threats from parties who do not have access rights hackers , namely by building a honeypot security system. Honeypot is. The aim of implementing Honeypot and IPS is that it can be used as a tool for administrators to view activity reports produced by Honeyd and administrators can also view reports stored in logs to help determine network security policies. Karina Asmara | M. Fakhri | Togu Harlen Lbn. Raja "Analysis of Honeypot Networks and Intrusion Prevention System (IPS) on Wireless Networks" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-8 | Issue-1 , February 2024, URL: https://www.ijtsrd.com/papers/ijtsrd63502.pdf Paper Url: https://www.ijtsrd.com/computer-science/computer-network/63502/analysis-of-honeypot-networks-and-intrusion-prevention-system-ips-on-wireless-networks/karina-asmara
Firewall is a device or set of instruments designed to permit or deny network transmissions based upon a set of rules and regulation is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass or during the sensitive data transmission. Distributed firewalls allow enforcement of security policies on a network without restricting its topology on an inside or outside point of view. Use of a policy language and centralized delegating its semantics to all members of the networks domain support application of firewall technology for organizations, which network devices communicate over insecure channels and still allow a logical separation of hosts in- and outside the trusted domain. We introduce the general concepts of such distributed firewalls, its requirements and implications and introduce its suitability to common threats on the Internet, as well as give a short discussion on contemporary implementations.
Dr. Arun Sood is a professor of computer science who has developed an approach called Self Cleansing Intrusion Tolerance (SCIT) to improve server security. SCIT works by converting static servers into dynamic servers that refresh regularly, reducing exposure time to malware while maintaining service. His research aims to limit losses from successful attacks by restoring servers to a pristine state frequently. SCIT has been implemented to refresh servers every minute, limiting the time for malware to cause damage.
This seminar covers network security from its history to modern techniques. It introduces network security, the need for it due to increased internet usage, and basic concepts like authentication and common attacks. The document outlines early security protocols and why confidentiality, availability and integrity of information were important as the internet grew. It discusses how to secure a network from outside intrusion and different authentication techniques. Specific security methods like WPA, WEP and how hackers have evolved are also summarized. The advantages and challenges of network security are presented, as well as the importance of a well-designed security architecture for an organization's network.
Strategies for Effective Upskilling is a presentation by Chinwendu Peace in a Your Skill Boost Masterclass organisation by the Excellence Foundation for South Sudan on 08th and 09th June 2024 from 1 PM to 3 PM on each day.
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionTechSoup
Let’s explore the intersection of technology and equity in the final session of our DEI series. Discover how AI tools, like ChatGPT, can be used to support and enhance your nonprofit's DEI initiatives. Participants will gain insights into practical AI applications and get tips for leveraging technology to advance their DEI goals.
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
The simplified electron and muon model, Oscillating Spacetime: The Foundation...RitikBhardwaj56
Discover the Simplified Electron and Muon Model: A New Wave-Based Approach to Understanding Particles delves into a groundbreaking theory that presents electrons and muons as rotating soliton waves within oscillating spacetime. Geared towards students, researchers, and science buffs, this book breaks down complex ideas into simple explanations. It covers topics such as electron waves, temporal dynamics, and the implications of this model on particle physics. With clear illustrations and easy-to-follow explanations, readers will gain a new outlook on the universe's fundamental nature.
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
Thinking of getting a dog? Be aware that breeds like Pit Bulls, Rottweilers, and German Shepherds can be loyal and dangerous. Proper training and socialization are crucial to preventing aggressive behaviors. Ensure safety by understanding their needs and always supervising interactions. Stay safe, and enjoy your furry friends!
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
How to Build a Module in Odoo 17 Using the Scaffold MethodCeline George
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
1.
Network Security: History, Importance, and Future
University of Florida Department of Electrical and Computer Engineering
Bhavya Daya
ABSTRACT
Network security has become more important to
personal computer users, organizations, and the
military. With the advent of the internet, security
became a major concern and the history of security
allows a better understanding of the emergence of
security technology. The internet structure itself
allowed for many security threats to occur. The
architecture of the internet, when modified can
reduce the possible attacks that can be sent across
the network. Knowing the attack methods, allows
for the appropriate security to emerge. Many
businesses secure themselves from the internet by
means of firewalls and encryption mechanisms.
The businesses create an “intranet” to remain
connected to the internet but secured from
possible threats.
The entire field of network security is vast and in an
evolutionary stage. The range of study
encompasses a brief history dating back to
internet’s beginnings and the current development
in network security. In order to understand the
research being performed today, background
knowledge of the internet, its vulnerabilities, attack
methods through the internet, and security
technology is important and therefore they are
reviewed.
INTRODUCTION
The world is becoming more interconnected with
the advent of the Internet and new networking
technology. There is a large amount of personal,
commercial, military, and government information
on networking infrastructures worldwide. Network
security is becoming of great importance because
of intellectual property that can be easily acquired
through the internet.
There are currently two fundamentally different
networks, data networks and synchronous network
comprised of switches. The internet is considered a
data network. Since the current data network
consists of computer‐based routers, information
can be obtained by special programs, such as
“Trojan horses,” planted in the routers. The
synchronous network that consists of switches
does not buffer data and therefore are not
threatened by attackers. That is why security is
emphasized in data networks, such as the internet,
and other networks that link to the internet.
The vast topic of network security is analyzed by
researching the following:
1. History of security in networks
2. Internet architecture and vulnerable
security aspects of the Internet
3. Types of internet attacks and security
methods
4. Security for networks with internet access
5. Current development in network security
hardware and software
Based on this research, the future of network
security is forecasted. New trends that are
emerging will also be considered to understand
where network security is heading.
1. Network Security
System and network technology is a key technology
for a wide variety of applications. Security is crucial
2. 2
to networks and applications. Although, network
security is a critical requirement in emerging
networks, there is a significant lack of security
methods that can be easily implemented.
There exists a “communication gap” between the
developers of security technology and developers
of networks. Network design is a well‐developed
process that is based on the Open Systems
Interface (OSI) model. The OSI model has several
advantages when designing networks. It offers
modularity, flexibility, ease‐of‐use, and
standardization of protocols. The protocols of
different layers can be easily combined to create
stacks which allow modular development. The
implementation of individual layers can be changed
later without making other adjustments, allowing
flexibility in development. In contrast to network
design, secure network design is not a well‐
developed process. There isn’t a methodology to
manage the complexity of security requirements.
Secure network design does not contain the same
advantages as network design.
When considering network security, it must be
emphasized that the whole network is secure.
Network security does not only concern the
security in the computers at each end of the
communication chain. When transmitting data the
communication channel should not be vulnerable
to attack. A possible hacker could target the
communication channel, obtain the data, decrypt it
and re‐insert a false message. Securing the network
is just as important as securing the computers and
encrypting the message.
When developing a secure network, the following
need to be considered [1]:
1. Access – authorized users are provided the
means to communicate to and from a
particular network
2. Confidentiality – Information in the network
remains private
3. Authentication – Ensure the users of the
network are who they say they are
4. Integrity – Ensure the message has not
been modified in transit
5. Non‐repudiation – Ensure the user does not
refute that he used the network
An effective network security plan is developed
with the understanding of security issues, potential
attackers, needed level of security, and factors that
make a network vulnerable to attack [1]. The steps
involved in understanding the composition of a
secure network, internet or otherwise, is followed
throughout this research endeavor.
To lessen the vulnerability of the computer to the
network there are many products available. These
tools are encryption, authentication mechanisms,
intrusion‐detection, security management and
firewalls. Businesses throughout the world are
using a combination of some of these tools.
“Intranets” are both connected to the internet and
reasonably protected from it. The internet
architecture itself leads to vulnerabilities in the
network. Understanding the security issues of the
internet greatly assists in developing new security
technologies and approaches for networks with
internet access and internet security itself.
The types of attacks through the internet need to
also be studied to be able to detect and guard
against them. Intrusion detection systems are
established based on the types of attacks most
commonly used. Network intrusions consist of
packets that are introduced to cause problems for
the following reasons:
• To consume resources uselessly
• To interfere with any system resource’s
intended function
• To gain system knowledge that can be
exploited in later attacks
The last reason for a network intrusion is most
commonly guarded against and considered by most
as the only intrusion motive. The other reasons
mentioned need to be thwarted as well.
3. 3
Typical security currently exists on the computers
connected to the network. Security protocols
sometimes usually appear as part of a single layer
of the OSI network reference model. Current work
is being performed in using a layered approach to
secure network design. The layers of the security
model correspond to the OSI model layers. This
security approach leads to an effective and
efficient design which circumvents some of the
common security problems.
2. Differentiating Data Security and
Network Security
Data security is the aspect of security that allows a
client’s data to be transformed into unintelligible
data for transmission. Even if this unintelligible
data is intercepted, a key is needed to decode the
message. This method of security is effective to a
certain degree. Strong cryptography in the past can
be easily broken today. Cryptographic methods
have to continue to advance due to the
advancement of the hackers as well.
When transferring ciphertext over a network, it is
helpful to have a secure network. This will allow for
the ciphertext to be protected, so that it is less
likely for many people to even attempt to break
the code. A secure network will also prevent
someone from inserting unauthorized messages
into the network. Therefore, hard ciphers are
needed as well as attack‐hard networks [2].
Figure 1: Based on the OSI model, data security and network
security have a different security function [2].
The relationship of network security and data
security to the OSI model is shown in Figure 1. It
can be seen that the cryptography occurs at the
application layer; therefore the application writers
are aware of its existence. The user can possibly
choose different methods of data security.
Network security is mostly contained within the
physical layer. Layers above the physical layer are
also used to accomplish the network security
required [2]. Authentication is performed on a
layer above the physical layer. Network security in
the physical layer requires failure detection, attack
detection mechanisms, and intelligent
countermeasure strategies [2].
HISTORY OF NETWORK SECURITY
Recent interest in security was fueled by the crime
committed by Kevin Mitnick. Kevin Mitnick
committed the largest computer‐related crime in
U.S. history [3]. The losses were eighty million
dollars in U.S. intellectual property and source code
from a variety of companies [3]. Since then,
information security came into the spotlight.
Public networks are being relied upon to deliver
financial and personal information. Due to the
evolution of information that is made available
through the internet, information security is also
required to evolve. Due to Kevin Mitnick’s offense,
companies are emphasizing security for the
intellectual property. Internet has been a driving
force for data security improvement.
Internet protocols in the past were not developed
to secure themselves. Within the TCP/IP
communication stack, security protocols are not
implemented. This leaves the internet open to
attacks. Modern developments in the internet
architecture have made communication more
secure.
4. 4
1. Brief History of Internet
The birth of the interne takes place in 1969 when
Advanced Research Projects Agency Network
(ARPANet) is commissioned by the department of
defense (DOD) for research in networking.
The ARPANET is a success from the very beginning.
Although originally designed to allow scientists to
share data and access remote computers, e‐mail
quickly becomes the most popular application. The
ARPANET becomes a high‐speed digital post office
as people use it to collaborate on research projects
and discuss topics of various interests. The
InterNetworking Working Group becomes the first
of several standards‐setting entities to govern the
growing network [10]. Vinton Cerf is elected the
first chairman of the INWG, and later becomes
known as a "Father of the Internet." [10]
In the 1980s, Bob Kahn and Vinton Cerf are key
members of a team that create TCP/IP, the
common language of all Internet computers. For
the first time the loose collection of networks
which made up the ARPANET is seen as an
"Internet", and the Internet as we know it today is
born. The mid‐80s marks a boom in the personal
computer and super‐minicomputer industries. The
combination of inexpensive desktop machines and
powerful, network‐ready servers allows many
companies to join the Internet for the first time.
Corporations begin to use the Internet to
communicate with each other and with their
customers.
In the 1990s, the internet began to become
available to the public. The World Wide Web was
born. Netscape and Microsoft were both
competing on developing a browser for the
internet. Internet continues to grow and surfing
the internet has become equivalent to TV viewing
for many users.
2. Security Timeline
Several key events contributed to the birth and
evolution of computer and network security. The
timeline can be started as far back as the 1930s.
Polish cryptographers created an enigma machine
in 1918 that converted plain messages to
encrypted text. In 1930, Alan Turing, a brilliant
mathematician broke the code for the Enigma.
Securing communications was essential in World
War II.
In the 1960s, the term “hacker” is coined by a
couple of Massachusetts Institute of Technology
(MIT) students. The Department of Defense began
the ARPANet, which gains popularity as a conduit
for the electronic exchange of data and
information [3]. This paves the way for the creation
of the carrier network known today as the Internet.
During the 1970s, the Telnet protocol was
developed. This opened the door for public use of
data networks that were originally restricted to
government contractors and academic researchers
[3].
During the 1980s, the hackers and crimes relating
to computers were beginning to emerge. The 414
gang are raided by authorities after a nine‐day
cracking spree where they break into top‐secret
systems. The Computer Fraud and Abuse Act of
1986 was created because of Ian Murphy’s crime of
stealing information from military computers. A
graduate student, Robert Morris, was convicted for
unleashing the Morris Worm to over 6,000
vulnerable computers connected to the Internet.
Based on concerns that the Morris Worm ordeal
could be replicated, the Computer Emergency
Response Team (CERT) was created to alert
computer users of network security issues.
In the 1990s, Internet became public and the
security concerns increased tremendously.
Approximately 950 million people use the internet
today worldwide [3]. On any day, there are
approximately 225 major incidences of a security
5. 5
breach [3]. These security breaches could also
result in monetary losses of a large degree.
Investment in proper security should be a priority
for large organizations as well as common users.
INTERNET ARCHITECTURE AND
VULNERABLE SECURITY ASPECTS
Fear of security breaches on the Internet is causing
organizations to use protected private networks or
intranets [4]. The Internet Engineering Task Force
(IETF) has introduced security mechanisms at
various layers of the Internet Protocol Suite [4].
These security mechanisms allow for the logical
protection of data units that are transferred across
the network.
The security architecture of the internet protocol,
known as IP Security, is a standardization of
internet security. IP security, IPsec, covers the new
generation of IP (IPv6) as well as the current
version (IPv4). Although new techniques, such as
IPsec, have been developed to overcome internet’s
best‐known deficiencies, they seem to be
insufficient [5]. Figure 2 shows a visual
representation of how IPsec is implemented to
provide secure communications.
IPSec is a point‐to‐point protocol, one side
encrypts, the other decrypts and both sides share
key or keys. IPSec can be used in two modes,
namely transport mode and tunnel modes.
Figure 2: IPsec contains a gateway and a tunnel in order to secure communications. [17]
The current version and new version of the
Internet Protocol are analyzed to determine the
security implications. Although security may exist
within the protocol, certain attacks cannot be
guarded against. These attacks are analyzed to
determine other security mechanisms that may be
necessary.
1. IPv4 and IPv6 Architectures
IPv4 was design in 1980 to replace the NCP
protocol on the ARPANET. The IPv4 displayed many
limitations after two decades [6]. The IPv6 protocol
was designed with IPv4’s shortcomings in mind.
IPv6 is not a superset of the IPv4 protocol; instead
it is a new design.
6. 6
The internet protocol’s design is so vast and cannot
be covered fully. The main parts of the architecture
relating to security are discussed in detail.
1.1 IPv4 Architecture
The protocol contains a couple aspects which
caused problems with its use. These problems do
not all relate to security. They are mentioned to
gain a comprehensive understanding of the
internet protocol and its shortcomings. The causes
of problems with the protocol are:
1. Address Space
2. Routing
3. Configuration
4. Security
5. Quality of Service
The IPv4 architecture has an address that is 32 bits
wide [6]. This limits the maximum number of
computers that can be connected to the internet.
The 32 bit address provides for a maximum of two
billions computers to be connected to the internet.
The problem of exceeding that number was not
foreseen when the protocol was created. The small
address space of the IPv4 facilitates malicious code
distribution [5].
Routing is a problem for this protocol because the
routing tables are constantly increasing in size. The
maximum theoretical size of the global routing
tables was 2.1 million entries [6]. Methods have
been adopted to reduce the number of entries in
the routing table. This is helpful for a short period
of time, but drastic change needs to be made to
address this problem.
The TCP/IP‐based networking of IPv4 requires that
the user supplies some data in order to configure a
network. Some of the information required is the
IP address, routing gateway address, subnet mask,
and DNS server. The simplicity of configuring the
network is not evident in the IPv4 protocol. The
user can request appropriate network
configuration from a central server [6]. This eases
configuration hassles for the user but not the
network’s administrators.
The lack of embedded security within the IPv4
protocol has led to the many attacks seen today.
Mechanisms to secure IPv4 do exist, but there are
no requirements for their use [6]. IPsec is a specific
mechanism used to secure the protocol. IPsec
secures the packet payloads by means of
cryptography. IPsec provides the services of
confidentiality, integrity, and authentication [6].
This form of protection does not account for the
skilled hacker who may be able to break the
encryption method and obtain the key.
When internet was created, the quality of service
(QoS) was standardized according to the
information that was transferred across the
network. The original transfer of information was
mostly text‐based. As the internet expanded and
technology evolved, other forms of communication
began to be transmitted across the internet. The
quality of service for streaming videos and music
are much different than the standard text. The
protocol does not have the functionality of
dynamic QoS that changes based on the type of
data being communicated [6].
1.2 IPv6 Architecture
When IPv6 was being developed, emphasis was
placed on aspects of the IPv4 protocol that needed
to be improved. The development efforts were
placed in the following areas:
1. Routing and addressing
2. Multi‐protocol architecture
3. Security architecture
4. Traffic control
The IPv6 protocol’s address space was extended by
supporting 128 bit addresses. With 128 bit
addresses, the protocol can support up to
3.4 10 ^38 machines. The address bits are used
less efficiently in this protocol because it simplifies
addressing configuration.
7. 7
The IPv6 routing system is more efficient and
enables smaller global routing tables. The host
configuration is also simplified. Hosts can
automatically configure themselves. This new
design allows ease of configuration for the user as
well as network administrator.
The security architecture of the IPv6 protocol is of
great interest. IPsec is embedded within the IPv6
protocol. IPsec functionality is the same for IPv4
and IPv6. The only difference is that IPv6 can utilize
the security mechanism along the entire route [6].
The quality of service problem is handled with IPv6.
The internet protocol allows for special handling of
certain packets with a higher quality of service.
From a high‐level view, the major benefits of IPv6
are its scalability and increased security. IPv6 also
offers other interesting features that are beyond
the scope of this paper.
It must be emphasized that after researching IPv6
and its security features, it is not necessarily more
secure than IPv4. The approach to security is only
slightly better, not a radical improvement.
2. Attacks through the Current Internet
Protocol IPv4
There are four main computer security attributes.
They were mentioned before in a slightly different
form, but are restated for convenience and
emphasis. These security attributes are
confidentiality, integrity, privacy, and availability.
Confidentiality and integrity still hold to the same
definition. Availability means the computer assets
can be accessed by authorized people [8]. Privacy is
the right to protect personal secrets [8]. Various
attack methods relate to these four security
attributes. Table 1 shows the attack methods and
solutions.
Table 1: Attack Methods and Security Technology [8]
Common attack methods and the security
technology will be briefly discussed. Not all of the
methods in the table above are discussed. The
current technology for dealing with attacks is
understood in order to comprehend the current
research developments in security hardware and
software.
2.1 Common Internet Attack Methods
Common internet attacks methods are broken
down into categories. Some attacks gain system
knowledge or personal information, such as
eavesdropping and phishing. Attacks can also
interfere with the system’s intended function, such
as viruses, worms and trojans. The other form of
attack is when the system’s resources are
consumes uselessly, these can be caused by denial
of service (DoS) attack. Other forms of network
intrusions also exist, such as land attacks, smurf
attacks, and teardrop attacks. These attacks are
not as well known as DoS attacks, but they are
used in some form or another even if they aren’t
mentioned by name.
8. 8
2.1.1 Eavesdropping
Interception of communications by an
unauthorized party is called eavesdropping. Passive
eavesdropping is when the person only secretly
listens to the networked messages. On the other
hand, active eavesdropping is when the intruder
listens and inserts something into the
communication stream. This can lead to the
messages being distorted. Sensitive information
can be stolen this way [8].
2.1.2 Viruses
Viruses are self‐replication programs that use files
to infect and propagate [8]. Once a file is opened,
the virus will activate within the system.
2.1.3 Worms
A worm is similar to a virus because they both are
self‐replicating, but the worm does not require a
file to allow it to propagate [8]. There are two main
types of worms, mass‐mailing worms and network‐
aware worms. Mass mailing worms use email as a
means to infect other computers. Network‐aware
worms are a major problem for the Internet. A
network‐aware worm selects a target and once the
worm accesses the target host, it can infect it by
means of a Trojan or otherwise.
2.1.4 Trojans
Trojans appear to be benign programs to the user,
but will actually have some malicious purpose.
Trojans usually carry some payload such as a virus
[8].
2.1.5 Phishing
Phishing is an attempt to obtain confidential
information from an individual, group, or
organization [9]. Phishers trick users into disclosing
personal data, such as credit card numbers, online
banking credentials, and other sensitive
information.
2.1.6 IP Spoofing Attacks
Spoofing means to have the address of the
computer mirror the address of a trusted computer
in order to gain access to other computers. The
identity of the intruder is hidden by different
means making detection and prevention difficult.
With the current IP protocol technology, IP‐
spoofed packets cannot be eliminated [8].
2.1.7 Denial of Service
Denial of Service is an attack when the system
receiving too many requests cannot return
communication with the requestors [9]. The
system then consumes resources waiting for the
handshake to complete. Eventually, the system
cannot respond to any more requests rendering it
without service.
2.2 Technology for Internet Security
Internet threats will continue to be a major issue in
the global world as long as information is
accessible and transferred across the Internet.
Different defense and detection mechanisms were
developed to deal with these attacks.
2.2.1 Cryptographic systems
Cryptography is a useful and widely used tool in
security engineering today. It involved the use of
codes and ciphers to transform information into
unintelligible data.
2.2.2 Firewall
A firewall is a typical border control mechanism or
perimeter defense. The purpose of a firewall is to
block traffic from the outside, but it could also be
9. 9
used to block traffic from the inside. A firewall is
the front line defense mechanism against
intruders. It is a system designed to prevent
unauthorized access to or from a private network.
Firewalls can be implemented in both hardware
and software, or a combination of both [8].
2.2.3 Intrusion Detection Systems
An Intrusion Detection System (IDS) is an additional
protection measure that helps ward off computer
intrusions. IDS systems can be software and
hardware devices used to detect an attack. IDS
products are used to monitor connection in
determining whether attacks are been launched.
Some IDS systems just monitor and alert of an
attack, whereas others try to block the attack.
2.2.4 Anti‐Malware Software and scanners
Viruses, worms and Trojan horses are all examples
of malicious software, or Malware for short. Special
so‐called anti‐Malware tools are used to detect
them and cure an infected system.
2.2.5 Secure Socket Layer (SSL)
The Secure Socket Layer (SSL) is a suite of protocols
that is a standard way to achieve a good level of
security between a web browser and a website. SSL
is designed to create a secure channel, or tunnel,
between a web browser and the web server, so
that any information exchanged is protected within
the secured tunnel. SSL provides authentication of
clients to server through the use of certificates.
Clients present a certificate to the server to prove
their identity.
3. Security Issues of IP Protocol IPv6
From a security point of view, IPv6 is a considerable
advancement over the IPv4 internet protocol.
Despite the IPv6’s great security mechanisms, it
still continues to be vulnerable to threats. Some
areas of the IPv6 protocol still pose a potential
security issue.
The new internet protocol does not protect against
misconfigured servers, poorly designed
applications, or poorly protected sites.
The possible security problems emerge due to the
following [5]:
1. Header manipulation issues
2. Flooding issues
3. Mobility issues
Header manipulation issues arise due to the IPsec’s
embedded functionality [7]. Extension headers
deter some common sources of attacks because of
header manipulation. The problem is that
extension headers need to be processed by all
stacks, and this can lead to a long chain of
extension headers. The large number of extension
headers can overwhelm a certain node and is a
form of attack if it is deliberate. Spoofing continues
to be a security threat on IPv6 protocol.
A type of attack called port scanning occurs when a
whole section of a network is scanned to find
potential targets with open services [5]. The
address space of the IPv6 protocol is large but the
protocol is still not invulnerable to this type of
attack.
Mobility is a new feature that is incorporated into
the internet protocol IPv6. The feature requires
special security measures. Network administrators
need to be aware of these security needs when
using IPv6’s mobility feature.
SECURITY IN DIFFERENT NETWORKS
The businesses today use combinations of firewalls,
encryption, and authentication mechanisms to
create “intranets” that are connected to the
internet but protected from it at the same time.
10. 10
Intranet is a private computer network that uses
internet protocols. Intranets differ from
"Extranets" in that the former are generally
restricted to employees of the organization while
extranets can generally be accessed by customers,
suppliers, or other approved parties.
There does not necessarily have to be any access
from the organization's internal network to the
Internet itself. When such access is provided it is
usually through a gateway with a firewall, along
with user authentication, encryption of messages,
and often makes use of virtual private networks
(VPNs).
Although intranets can be set up quickly to share
data in a controlled environment, that data is still
at risk unless there is tight security. The
disadvantage of a closed intranet is that vital data
might not get into the hands of those who need it.
Intranets have a place within agencies. But for
broader data sharing, it might be better to keep
the networks open, with these safeguards:
1. Firewalls that detect and report intrusion
attempts
2. Sophisticated virus checking at the firewall
3. Enforced rules for employee opening of e‐
mail attachments
4. Encryption for all connections and data
transfers
5. Authentication by synchronized, timed
passwords or security certificates
It was mentioned that if the intranet wanted access
to the internet, virtual private networks are often
used. Intranets that exist across multiple locations
generally run over separate leased lines or a newer
approach of VPN can be utilized. VPN is a private
network that uses a public network (usually the
Internet) to connect remote sites or users together.
Instead of using a dedicated, real‐world connection
such as leased line, a VPN uses "virtual"
connections routed through the Internet from the
company's private network to the remote site or
employee. Figure 3 is a graphical representation of
an organization and VPN network.
Figure 3: A typical VPN might have a main LAN at the corporate
headquarters of a company, other LANs at remote offices or
facilities and individual users connecting from out in the field. [14]
CURRENT DEVELOPMENTS IN NETWORK
SECURITY
The network security field is continuing down the
same route. The same methodologies are being
used with the addition of biometric identification.
Biometrics provides a better method of
authentication than passwords. This might greatly
reduce the unauthorized access of secure systems.
New technology such as the smart card is surfacing
in research on network security. The software
aspect of network security is very dynamic.
Constantly new firewalls and encryption schemes
are being implemented.
The research being performed assists in
understanding current development and projecting
the future developments of the field.
1. Hardware Developments
Hardware developments are not developing
rapidly. Biometric systems and smart cards are the
only new hardware technologies that are widely
impacting security.
11. 11
The most obvious use of biometrics for network
security is for secure workstation logons for a
workstation connected to a network. Each
workstation requires some software support for
biometric identification of the user as well as,
depending on the biometric being used, some
hardware device. The cost of hardware devices is
one thing that may lead to the widespread use of
voice biometric security identification, especially
among companies and organizations on a low
budget. Hardware device such as computer mice
with built in thumbprint readers would be the next
step up. These devices would be more expensive to
implement on several computers, as each machine
would require its own hardware device. A
biometric mouse, with the software to support it, is
available from around $120 in the U.S. The
advantage of voice recognition software is that it
can be centralized, thus reducing the cost of
implementation per machine. At top of the range a
centralized voice biometric package can cost up to
$50,000 but may be able to manage the secure log‐
in of up to 5000 machines.
The main use of Biometric network security will be
to replace the current password system.
Maintaining password security can be a major task
for even a small organization. Passwords have to
be changed every few months and people forget
their password or lock themselves out of the
system by incorrectly entering their password
repeatedly. Very often people write their password
down and keep it near their computer. This is of
course completely undermines any effort at
network security. Biometrics can replace this
security identification method. The use of
biometric identification stops this problem and
while it may be expensive to set up at first, these
devices save on administration and user assistance
costs.
Smart cards are usually a credit‐card‐sized digital
electronic media. The card itself is designed to
store encryption keys and other information used
in authentication and other identification
processes. The main idea behind smart cards is to
provide undeniable proof of a user’s identity. Smart
cards can be used for everything from logging in to
the network to providing secure Web
communications and secure e‐mail transactions.
It may seem that smart cards are nothing more
than a repository for storing passwords. Obviously,
someone can easily steal a smart card from
someone else. Fortunately, there are safety
features built into smart cards to prevent someone
from using a stolen card. Smart cards require
anyone who is using them to enter a personal
identification number (PIN) before they’ll be
granted any level of access into the system. The
PIN is similar to the PIN used by ATM machines.
When a user inserts the smart card into the card
reader, the smart card prompts the user for a PIN.
This PIN was assigned to the user by the
administrator at the time the administrator issued
the card to the user. Because the PIN is short and
purely numeric, the user should have no trouble
remembering it and therefore would be unlikely to
write the PIN down.
But the interesting thing is what happens when the
user inputs the PIN. The PIN is verified from inside
the smart card. Because the PIN is never
transmitted across the network, there’s absolutely
no danger of it being intercepted. The main
benefit, though, is that the PIN is useless without
the smart card, and the smart card is useless
without the PIN.
There are other security issues of the smart card.
The smart card is cost‐effective but not as secure
as the biometric identification devices.
2. Software Developments
The software aspect of network security is very
vast. It includes firewalls, antivirus, vpn, intrusion
detection, and much more. The research
development of all security software is not feasible
to study at this point. The goal is to obtain a view
12. 12
of where the security software is heading based on
emphasis being placed now.
The improvement of the standard security
software still remains the same. When new viruses
emerge, the antivirus is updated to be able to
guard against those threats. This process is the
same for firewalls and intrusion detection systems.
Many research papers that have been skimmed
were based on analyzing attack patterns in order to
create smarter security software.
As the security hardware transitions to biometrics,
the software also needs to be able to use the
information appropriately. Current research is
being performed on security software using neural
networks. The objective of the research is to use
neural networks for the facial recognition software.
Many small and complex devices can be connected
to the internet. Most of the current security
algorithms are computational intensive and require
substantial processing power. This power,
however, is not available in small devices like
sensors. Therefore, there is a need for designing
light‐weight security algorithms. Research in this
area is currently being performed.
FUTURE TRENDS IN SECURITY
What is going to drive the Internet security is the
set of applications more than anything else. The
future will possibly be that the security is similar to
an immune system. The immune system fights off
attacks and builds itself to fight tougher enemies.
Similarly, the network security will be able to
function as an immune system.
The trend towards biometrics could have taken
place a while ago, but it seems that it isn’t being
actively pursued. Many security developments that
are taking place are within the same set of security
technology that is being used today with some
minor adjustments.
CONCLUSION
Network security is an important field that is
increasingly gaining attention as the internet
expands. The security threats and internet protocol
were analyzed to determine the necessary security
technology. The security technology is mostly
software based, but many common hardware
devices are used. The current development in
network security is not very impressive.
Originally it was assumed that with the importance
of the network security field, new approaches to
security, both hardware and software, would be
actively researched. It was a surprise to see most of
the development taking place in the same
technologies being currently used. The embedded
security of the new internet protocol IPv6 may
provide many benefits to internet users. Although
some security issues were observed, the IPv6
internet protocol seems to evade many of the
current popular attacks. Combined use of IPv6 and
security tools such as firewalls, intrusion detection,
and authentication mechanisms will prove effective
in guarding intellectual property for the near
future. The network security field may have to
evolve more rapidly to deal with the threats further
in the future.
REFERENCES
[1] Dowd, P.W.; McHenry, J.T., "Network security: it's
time to take it seriously," Computer, vol.31, no.9, pp.24‐
28, Sep 1998
[2] Kartalopoulos, S. V., "Differentiating Data Security
and Network Security," Communications, 2008. ICC '08.
IEEE International Conference on, pp.1469‐1473, 19‐23
May 2008
[3] “Security Overview,”
www.redhat.com/docs/manuals/enterprise/RHEL‐4‐
Manual/security‐guide/ch‐sgs‐ov.html.
[4] Molva, R., Institut Eurecom,“Internet Security
Architecture,” in Computer Networks & ISDN Systems
Journal, vol. 31, pp. 787‐804, April 1999