Network Security: It is a process, not a product

α
Suyog Dixitª and Pankaj Kumar Jha
B.E. Computer Science, Third year, SD Bansal College of Technology, Indore (M.P.)
a
B.E Computer Science, Second year, SD Bansal College of Technology, Indore (M.P.)
α
Email: [email protected]

ABSTRACT enterprises are a must Network security originally focused

on algorithmic aspects such as encryption and hashing
techniques. While these concepts rarely change, these skills
W ith the explosion of the public Internet and
e-commerce, private computers and computer
networks, if not adequately secured are increasingly
alone are insufficient to protect computer networks. As
crackers hacked away at networks and systems, security
courses arose that emphasized the latest attacks. There is
vulnerable to damaging attacks. Hackers, viruses, always fault management, fault software, abuse of resources
vindictive employees and even human error all represent connecting to computer networks. These are the main
clear and present dangers to networks. And all reasons which cause security problems for a Network.
computer users from the most casual Internet surfers to Today, security problem becomes one of the main problems
large enterprises could be affected by network security for computer network and internet developing. However,
there is no simple way to establish a secure computer
breaches. However, security breaches can often be easily
network. In fact, we cannot find a network in the world,
prevented. How? This white paper provides you an which does not have any security holes nowadays. The
overview of the most common network security threats infrastructures of cyberspace are vulnerable due to three
and its solution which protects you and your kinds of failure: complexity, accident, and hostile intent.
organization from threats, hackers and ensures that the Hundreds of millions of people now appreciate a cyber
data traveling across your networks is safe. context for terms like “viruses”, “denial of service”,
“privacy”, “worms”, “fraud”, and “crime” more generally.
Some history of networking is included, as well as an Attacks so far have been limited. While in some network
introduction to TCP/IP and internetworking. We go on attacks the value of losses is in the hundreds of millions,
to consider risk management, network threats, firewalls, damage so far is seen as tolerable.
and more special-purpose secure networking devices. While preventing attack is largely based on government
authority and responsibility, the detailed knowledge needed
to thwart an attack on a cyber system to prevent damage
INDEX TERMS: Security, Audit, Coupled stages. rests primarily with its owner.
Protecting infrastructure systems arguably involves five
INTRODUCTION coupled stages. First, it is necessary to attempt to deter
potential attackers. Second, if attacked, the need is to thwart
Computer and network security is a new and fast moving the attack and to prevent damage. Third, since success
Technology and as such, is still being defined and most cannot be guaranteed in either preventing or thwarting an
probably will always be “still defined”. Security incidents attack, the next stage is to limit the damage as much as
are rising at an alarming rate every year [Figure - 1]. As the possible. Fourth, having sustained some level of damage
complexity of the threats increases, so do the security from an attack, the Defender must reconstitute the pre-
measures required to protect networks. Data center attack state of affairs. Finally, since changing technology
operators, network administrators, and other data center and incentives to attack influence both offence and defense,
professionals need to comprehend the basics of security in the final step is for the defender to learn from failure in
order to safely deploy and manage networks today. order to improve performance, just as attackers will learn
Securing the modern business network and IT infrastructure from their failures.
demands an end-to-end approach and a firm grasp of The more specific defenses to be discussed may be usefully
vulnerabilities and associated protective measures. While partitioned into two forms: passive and active.
such knowledge cannot thwart all attempts at network Passive defense essentially consists in target hardening.
incursion or system attack, it can empower network Active defense, in contrast, imposes some risk or penalty on
engineers to eliminate certain general problems, greatly the attacker. Risk or penalty may include identification and
reduce potential damages, and quickly detect breaches. With exposure, investigation and prosecution, or pre-emptive or
the ever-increasing number and complexity of attacks, counter attacks of various sorts.
vigilant approaches to security in both large and small
Armageddon’08 April 01, 2008 Warfare: Paper Presentation
Computer Society of India (CSI)
[1]
 FOCUS ON SECURITY • Application Software Protection: Program and test
secure software to avoid backdoor entry via SQL injection,
The Network Security program emphasizes to secure a
buffer overflow, etc.
network. The following background information in
security helps in making correct decisions. Some areas • Incident response: Respond to an attack by escalating
are concept-oriented: attention, collecting evidence, and performing computer
forensics. The last three skills incorporate computer
• Attack Recognition: Recognize common attacks,
systems security, since they are required to counteract
such as spoofing, man-in-the-middle, (distributed)
internet hacking.
denial of service, buffer overflow, etc.
Network security applies business decisions in a
• Encryption techniques: Understand techniques to technical manner. Business requirements drive security
ensure confidentiality, authenticity, integrity, and no Implementations. Business-related skills include:
repudiation of data transfer. These must be understood • Security Evaluation: Use risk analysis to determine
at a protocol and at least partially at a mathematics or
what should be protected and at what cost.
algorithmic level, in order to select and implement the
algorithm matching the organization’s needs. • Security Planning: Prepare a security plan, including
security policies and procedures.
• Network Security Architecture: Configure a
network with security appliances and software, such as • Audit: Prepare an Audit Plan and Report.
placement of firewalls, Intrusion Detection Systems, • Legal response: Understanding and interpreting the
and log management. law regarding responding to computer/network attacks,
To secure a network, certain skills must also be corporate responsibility (e.g., Sarbanes-Oxley), and
practiced: computer forensics.
• Protocol analysis: Recognize normal from
abnormal protocol sequences, using sniffers. Protocols THE TCP/IP PROTOCOL:
minimally include: IP, ARP, ICMP, TCP, UDP, HTTP,
and encryption protocols: SSH, SSL, IPSec. The attacks which are discussed in this paper are all utilizing
• Access Control Lists (ACLs): Configure and weaknesses in the implementation of the TCP/IP protocols
audit routers and firewalls to filter packets accurately to make the attacked computer or network stop working as
and efficiently, by dropping, passing, or protecting (via intended. To understand the attacks one has to have a basic
VPN) packets based upon their IP and/or port addresses, knowledge of how these protocols are intended to function.
and state. TCP/IP is the acronym of Transmission Control
•Intrusion Detection/Prevention Systems Protocol/Internet Protocol and is one of several network
protocols developed by the United States Department of
(IDS/IPS): Set and test rules to recognize and report Defense (DoD) at the end of the 1970s. The reason why such
attacks in a timely manner. a protocol was designed was the need to build a network of
• Vulnerability Testing: Test all nodes (routers, computers being able to connect to other networks of the
servers, clients) to determine active applications, via same kind (routing). This network was named ARPANET
scanning or other vulnerability test tools – and interpret (Advanced Research Project Agency Internetwork), and is
results. the predecessor of what we call Internet these days.

Armageddon’08 April 01, 2008 Warfare: Paper Presentation

Computer Society of India (CSI)
[2]
TCP/IP is a protocol suite which is used to transfer data generally have lower volumes of data. Unless some exploits
through networks. Actually TCP/IP consists of several exist at the victim hosts, which have not been fixed, a DoS
protocols. The most important are: attack should not pose a real threat to high-end services on
IP Internet Protocol today’s Internet.
This protocol mainly takes care of specifying where to send
the data. To do that, each IP packet has sender and receiver SOME SOLUTIONS TO DOS ATTACKS:
information. The most common DoS attacks at the IP level
exploit the IP packet format. The way DoS and DDoS attacks are perpetrated, by
TCP Transmission Control Protocol exploiting limitations of protocols and applications, is one of
This protocol handles the secure delivery of data to the the main factors why they are continuously evolving, and
address specified in the IP protocol. Most of the TCP level because of that presenting new challenges on how to
attacks exploit weaknesses present in the implementations of combat or limit their effects. Even if all of these attacks
the TCP finite state machine. By attacking specific cannot be completely avoided, some basic rules can be
weaknesses in applications and implementations of TCP, it followed to protect the network against some, and to limit
is possible for an attacker to make services or systems crash, the extent of the attack:
refuses service, or otherwise become unstable. • Make sure the network has a firewall up that aggressively
keeps everything out except legal traffic.
A communication through a network using TCP/IP or • Implement router filters. This will lessen the exposure to
UDP/IP will typically use several packets. Each of the certain denial-of-service attacks. Additionally, it will aid in
packets will have a sending and a receiving address, some preventing users on network from effectively launching
data and some additional control information. Particularly, certain denial-of-service attacks.
the address information is part of the IP protocol – being the • Install patches to guard against TCP/IP attacks. This will
other data in the TCP or the UDP part of the packet. ICMP substantially reduce the exposure to these attacks but may
has no separate TCP part – all the necessary information is not eliminate the risk entirely.
in the ICMP packet. In addition to the recipient's address all • Observe the system performance and establish baselines
TCP/IP and UDP/IP communication uses a special port for ordinary activity. Use the baseline to gauge unusual
number which it connects to. These port numbers determine levels of disk activity, CPU usage, or network traffic.
the kind of service the sender wants to communicate to the
receiver of information. CYBERSPACE IS VULNERABLE:
DOS ATTACKS: The infrastructures of cyberspace are vulnerable due to three
kinds of failure: complexity, accident, and hostile intent.
DoS attacks today are part of every Internet user’s life. They Very little of it was designed or implemented with assurance
are happening all the time, and all the Internet users, as a or security as primary considerations. Bad things can be
community, have some part in creating them, suffering from done either via the network infrastructures or to the
them or even loosing time and money because of them. DoS infrastructures themselves. These bad things can be
attacks do not have anything to do with breaking into characterized by a lot of “D” words: destroy damage, deny,
computers, taking control over remote hosts on the Internet delay, deceive, disrupt, distort, degrade, disable, divulge,
or stealing privileged information like credit card numbers. disconnect, and disguise. We lack a comprehensive
Using the Internet way of speaking DoS is neither a Hack understanding of these vulnerabilities largely because of the
nor a Crack. The sole purpose of DoS attacks is to disrupt extraordinary Complexities of many of the problems, and
the services offered by the victim. While the attack is in perhaps from too little effort to acquire this understanding.
place, and no action has been taken to fix the problem, the But there is ample evidence that vulnerabilities are there:
victim would not be able to provide its services on the examples of all three kinds of failure abound, and
Internet. DoS attacks are really a form of vandalism against vulnerabilities are found almost every time people seriously
Internet services. DoS attacks take advantage of weaknesses look for them (e.g. via “Red Teams”). Under the
in the IP protocol stack in order to disrupt Internet circumstances, it is remarkable that we have had so few
servicesDoS attacks can take several forms and can be extended and crippling failures so far. Threats to network
categorized according to several parameters. infrastructures are potentially extensive not only as their
Particularly, in this study we differentiate denial of service value increases in terms of the Infrastructures themselves,
attacks based on where is the origin of the attack being the value of hosted services, and the value of what is located
generated at.“Normal” DoS attacks are being generated by a on them, but also because of their widespread and low-cost
single host (or small number of hosts at the same location). access. The connectivity of the networks gives rise to a form
The only real way for DoS attacks to impose a real threat is of long, nonlinear reach for all kinds of attackers that is not
to exploit some software or design flaw. Such flaws can present for more traditional forms of infrastructure attacks,
include, for example, wrong implementations of the IP stack, e.g. bombs against physical transportation systems.
which crash the whole host when receiving a non-standard Dependence on some of the IT-based infrastructures in
IP packet (for example ping-of-death). Such an attack would
Armageddon’08 April 01, 2008 Warfare: Paper Presentation
Computer Society of India (CSI)
[3]
several countries is such that serious national consequences be trade-offs between the various courses of action
could result from the exploitation of their vulnerabilities. suggested by this conceptual structure.
Thus it is not surprising that these infrastructures are Preventing or thwarting attacks can be costly. This activity
attracting a wide range of malevolent activity ranging from a may also incur losses through reduced system performance.
great deal of long range vandalism, to many forms of more However, the greater the success in limiting damage, the less
serious crimes, to prospective forms of terrorism, to nation- will be the amount of damage to be repaired. If limiting
versus-nation conflict. Attacks may be directed at parts of damage is difficult, it is better to invest in efforts to assist in
the information infrastructure itself or through the networks reconstitution. Damage limitation can be viewed on two time
against other targets that have a presence in this medium. scales. Plans can be made to limit the damage from a single
Criminals and terrorists may also value the networks as attack, or to minimize losses from multiple attacks over
assets to support their own activities, e.g. for inexpensive, time. There will be other trade-offs, e.g. between detailed
effective communications or as a source for intelligence and potentially costly scrutiny of individual transactions and
gathering. Virtually every connected country can serve as a that of waiting to identify and punish attackers over
base for any number of attackers, who are motivated, and the longer term.
who can readily acquire access and technical Capabilities to Since an infrastructure system is typically a mix of public
cause harm to others. and private ownership, the various owners are likely to have
Attacks so far have been limited. While in some network different views of investing in protection. Private owners,
attacks the value of losses is in the hundreds of millions, faced with loss of revenue and loss of confidence by
damage so far is seen as tolerable. Many believe that it is customers, regulators, investors, and insurers will seek to
only a matter of time before all sorts of malevolent people restore revenues and confidence in their stewardship.
are going to find those network vulnerabilities and exploit Governments will pursue policies that focus on longer term
them through prolonged, multifaceted, coordinated attacks aspects of protection, seeking to reduce cumulative losses,
producing serious consequences. Thus, prudence dictates protecting economies and national security, and maintaining
better protection against accidents and attacks before things law and order.
get much worse. Is this a domain where “a stitch in time may
save nine”, and one where government and industry can get PARTITIONING AND PROTECTING NETWORK
out ahead of a problem before it becomes insufferable?
However, since one unprotected system renders the entire BOUNDARIES WITH FIREWALLS:
network vulnerable, cooperation between all governments
and their constituents is required for a safer network A firewall is a mechanism by which a controlled barrier is
environment. And, all realizations of “visions of the used to control network traffic into AND out of an
information society” are going to be severely limited if the organizational intranet. Firewalls are basically application
people in that society do not trust or feel secure with the specific routers. They run on dedicated embedded systems
underlying infrastructures. such as an internet appliance or they can be software
programs running on a general server platform. In most
Strategic defense options cases these systems will have two network interfaces, one
“Security is a process, not a product.” for the external network such as the Internet and one for the
internal intranet side. The firewall process can tightly control
Faced with the technical possibility of disruption of critical what is allowed to traverse from one side to the other.
infrastructures in ways that could have serious consequences Firewalls can range from being fairly simple to very
to their economies and potentially result in loss of life, complex.
governments should be expected to plan and implement As with most aspects of security, deciding what type of
prudent defenses. Policies directed to protecting firewall to use will depend upon factors such as traffic
infrastructures will, in the majority of countries, require that levels, services needing protection and the complexity of
there be a clear logic relating the perceived states of rules required. The greater the number of services that must
infrastructure vulnerability to the desired endpoints such be able to traverse the firewall the more complex the
defensive policies are intended to achieve. This will require requirement becomes. The difficulty for firewalls is
that each country identify those infrastructures, and their distinguishing between legitimate and illegitimate traffic.
interdependencies that are critical to its survival and to its What do firewalls protect against and what protection do
social and economic well-being. they not provide? Firewalls are like a lot of things; if
Absolute defense against cyber attack has rarely, if ever, configured correctly they can be a reasonable form of
been achieved in a large complex, geographically protection from external threats including some denial of
distributed, network. The complexities of such systems and service (DOS) attacks. If not configured correctly they can
modes of attack are such that we do not know precisely how be major security holes in an organization. The most basic
to assess how secure they are, and this lack of understanding protection a firewall provides is the ability to block network
forces defenders to protect themselves in overlapping ways traffic to certain destinations. This includes both IP
and in multiple stages. Risk or penalty may include addresses and particular network service ports. A site that
identification and exposure, investigation and prosecution, wishes to provide external access to a web server can restrict
or pre-emptive or counter attacks of various sorts. There will all traffic to port 80 (the standard http port). Usually this

Armageddon’08 April 01, 2008 Warfare: Paper Presentation

Computer Society of India (CSI)
[4]
restriction will only be applied for traffic originating from Deterring criminal actions requires some amount of
the un-trusted side. Traffic from the trusted side is not international legal machinery such as common definitions of
restricted. All other traffic such as mail traffic, ftp, snmp, criminal actions, standards for the collection of forensic
etc. would not be allowed across the firewall and into the evidence, extradition agreements, and the like. Deterring
intranet. An example of a simple firewall is shown in State attackers requires less in the way of legal procedures,
[Figure 2] but requires the defender to have a national policy that
recognizes information attacks as attacks under the United
Nations Charter that justify self-defense and constitute
threats to peace. Costs of deterrence as seen by Government
will differ from those seen by a private system owner in
magnitude and cost-benefit expectations. National
expenditures for a prompt capability to respond to attacks on
the State include the correlation of intrusion events, the
collection and dissemination of attack profiles and warnings,
and the costs of participation in international organizations
and joint responses.
A second way to prevent an attack is through establishing
cyber attacks as unacceptable behavior among the
Figure 2 community of nations. This can be through formal arms
control agreement, or it can be based on domestic laws and
An even simpler case is a firewall often used by people with
international agreements designed to protect privacy,
home or small business cable or DSL routers. Typically property rights, and other generally accepted areas of mutual
these firewalls are setup to restrict ALL external access and interest. Again, there is the implication that violators can be
only allow services originating from the inside. A careful subject to sanctions including social disapproval, civil or
reader might realize that in neither of these cases is the criminal penalties, or revocation of rights of access and use,
firewall actually blocking all traffic from the outside. If that
a cyber equivalent of exile.
were the case how could one surf the web and retrieve web A third way to prevent an attack is to pre-empt the attacker
pages? What the firewall is doing is restricting connection in a way that results in abandoning the attack. This implies a
requests from the outside. In the first case all connection great deal by way of national surveillance capability to be
requests from the inside are passed to the outside as well as able to provide strategic warning. So stealthy are cyber
all subsequent data transfer on that connection. From the attacks, so widespread is the ability to plan and launch them,
exterior, only a connection request to the web server is
so inexpensive are the tools of attack, and so lacking are the
allowed to complete and pass data, all others are blocked. indicators of cyber attacks that pre-emption would not
The second case is more stringent as connections can only appear to be a practical option at this point. But should
be made from the interior to the exterior. responsible norms of behavior in cyberspace become better
More complex firewall rules can utilize what is called Established, the detection and identification of abnormal
“stateful inspection” techniques. This approach adds to the behavior may become easier.
basic port blocking approach by looking at traffic behaviors
and sequences to detect spoof attacks and denial of service
attacks.
THWARTING AN ATTACK
PREVENTING AN ATTACK While preventing attack is largely based on government
authority and responsibility, the detailed knowledge needed
There are at least three ways to prevent an attack, and all
to thwart an attack on a cyber system to prevent damage
three are ultimately forms of active defense. One is to deter rests primarily with its owner. The least complicated case is
the attacker by having a demonstrated capability to punish where the system owner acts individually. Not only must the
the attacker. This implies that the attacker understands the owner be concerned with defense from outsiders, but also
risk of being identified and located; that the defender is seen needs to recognize that not all authorized users of the system
as credible in a resolve to punish, and that the “cost” of may have the owner’s interests at heart. There are many
punishing is acceptable to the defender. A simple situation is
ways of defending systems against cyber attack, and some
when the attacker suffers a large “front end” loss through minimal number must probably be employed for the owner
discovery during the probe phase and the defender can to demonstrate due diligence.
accomplish that discovery cheaply. When the cost to the Thus, techniques such as requiring authorization to enter,
defender to punish is less than the loss that can be caused by monitoring and recording the use of the system to detect
the attacker, there will clearly be an incentive to develop unauthorized activities, periodic checking on the integrity of
ways of discovering attackers. But the more common
critical software, and establishing and enforcing policies
situation is when the relatively high costs of legal governing system security and responses to unexpected
Prosecution of a single attacker are returned in reduced event will be necessary. Owners can limit unauthorized
losses over the longer term. activities through compartmenting information within the
Armageddon’08 April 01, 2008 Warfare: Paper Presentation
Computer Society of India (CSI)
[5]
system and maintaining need-to-know discipline. Owners In this regard, system design must have an explicitly
can provide themselves substantially more rights to monitor defensive aspect, where models of attackers and their
inside users by covering access through contractual terms strategies and tactics are established and where tools for the
with employees and vendors. collection of forensic data are provided. An analogy is the
design of a military combat system. Not only must a system
LIMITING DAMAGE DURING A SUCCESSFUL meet its functional objectives, but its defense in the face of
ATTACK hostile action is addressed at the beginning of the design
process, not, as is often the case in commercial systems, the
The central idea of this strategic objective is to limit damage end of the process or even reactively. Information about the
in the trans-attack period by constructing an “incident defense of the system should be concealed from potential
management” system. The premised technical capability is attackers and the system should be designed to give
the ability of the defender to audit system operation, to be unsuccessful attackers as little information as possible on
able to detect an attack underway, and to take steps in real- which to develop improved attacks. As a second response
time to limit the extent of the damage. “Defender” can apply toward improving effectiveness, during the development
to the company level, the industry level, or the national process, and after deployment, systems should be subject to
level. independent penetration testing.
Damage limitation implies, beyond having attack Post-attack analysis of intrusion attempts, whether the attack
“templates” to enable recognition that an attack is under was successful or not, is critical for a learning organization.
way, the linking of system operation centers to higher-level While failure analysis is normal in areas such as
analysis centers for situation awareness and attack transportation, power, and structural failure, it is less
assessment. This also implies having pre-established common in the case of information systems where failures
response options at the company, industry, or national level. are more difficult to diagnose and where forensic evidence is
Several kinds of responses are possible. Adaptive defense more difficult to collect. Such data as are collected must be
allows a defender to increase levels of defense, Such as analyzed, not only to assess damage, but also to thwart a
calling for re-authentication of all users, or those currently recurrence of that attack and to address possible
undertaking critical functions or accessing critical inadequacies in forensic data collection. While this may
information, putting critical transactions in “quarantine” smack of locking the barn door after the horse has been
until they can be more thoroughly scrutinized, backing-up stolen, if successful, the same attacker or others may repeat
system status, providing real-time warning to other systems, attacks, and hence there is ample opportunity for learning in
and increasing the collection of forensic evidence the large.

RECONSTITUTING AFTER AN ATTACK HALTING CYBER ATTACKS IN PROGRESS

Short-term reconstitution is the set of first steps taken to Along with the sharing of information, system
meet the most urgent threats to life and property. administrators also need procedures they can use to assist in
They include assessing damage and implementing an ending attacks already under way. This need is particularly
appropriate recovery plan. Systems are restored from evident in DoS attacks, which can be of extended duration
backups where possible, and residual resources may have to and which can shut down business operations while they
be rationed. It is possible that additional capacity can be occur. To aid in ending an attack, system administrators
generated as facilities that are idle or in maintenance are would profit by working with infrastructure operators to
brought on line. Online status reporting, dispatching of trace the attack to its source and then to block the attacker.
emergency personnel and repair equipment, notification of Methods for halting attacks in progress as well as those for
users of possibly lost transactions, an ability to adjust plans investigating attacks are constrained by the inability to easily
in near-real time, and procedures for secure emergency identify and locate attackers. In the case of the Internet,
communication will be required. because packet source addresses are easily forged, the only
way to identify an attacker with confidence is to trace the
path taken by the packet through the routing infrastructure.
IMPROVING DEFENDER PERFORMANCE This tracing is a manual process and essentially requires the
cooperation of every network operator between the attacker
A current management paradigm asserts that organizations and his target. The inability to automatically trace the source
must learn from experience. Even under the best of of an attack in real-time significantly impairs the ability of
circumstances, events often unfold unpredictably. Social and targets and law enforcement agencies to respond to
technological change may also diminish an organization’s incidents.
present effectiveness. Recognizing this, there are two
responses. The first response is to recognize the possibility
that the network system could fail in several ways. Initial
design of new systems, or upgrades of existing systems,
should include thorough analysis to identify potential flaws
an attacker could exploit.
Armageddon’08 April 01, 2008 Warfare: Paper Presentation
Computer Society of India (CSI)
[6]
PROVIDING ASSISTANCE TO DEVELOPING 4. Batista, E., IDC: Tech Bucks, Hack Threats Up, Wired
NATIONS News, 23 December 2002:
http://www.wired.com/news/infostructure/0,1377,56902,00.
Developing nations face particularly severe shortages of html.
resources and trained personnel that both decrease their own 5. Brush, C., Surcharge for Insecurity. Information Security
security posture and prevent them from effectively providing Magazine, July 2001:
assistance in such transnational efforts as investigation http://www.infosecuritymag.com/articles/july01/departments
procedures. Developing nations need an awareness of the _news.shtml.
problem, as well as laws to address it that are compatible CERT/CC, CERT/CC Statistics 1988-2002, 5 April 2002:
with the needs of the international community; but they also http://www.cert.org/stats/cert_stats.html.
need more. All countries need the capability to assist each 6. Coglianese, C., Globalization and the Design of
other in developing skills in the pursuit of secure networks. International Institutions, In J. S. J. Nye, and John D.
Donahue (Ed.), Governance in a Globalizing World,
Washington D.C., Brookings Institution Press, 2002.
CONCLUSION: Conry-Murray, A.Kerberos, Computer Security's Hellhound,
The security issues in our networked systems as described in Network Magazine, 5 July 2002,
this paper identify some of the work that needs to be done, http://www.commweb.com/article/NMG20010620S0008/1.
and the urgency with which concerns need to be addressed. 7. Council of Europe, Convention on Cyber crime ETS no.:
Dependence on some of the IT-based infrastructures in 185 - Explanatory Report (Article II, Section II) 23
several countries is such that serious national consequences November 2001:
could result from the exploitation of their vulnerabilities. http://conventions.coe.int/Treaty/en/Reports/Html/185.htm.
And as the density of networks increases, the necessity for
transnational participation in improving network security
increases. The changing technologies and the potential for
changing threats is taxing our understanding of the threats
and how to deal with them. Due to the complexity and
entanglement among networks and communities
internationally, any increases in network security must
involve the concerted efforts of as many nations as possible.
We have to understand that a great deal can be accomplished
through such mechanisms, but not without taking note of
their earlier trouble spots. We must learn from prior
unexpected consequences in international cooperation, just
as in the battle to secure networked systems, and be ever
more cautious as we move forward toward some type of
international action. But move forward quickly we must if
the benefits from the use of our networked systems are to be
realized in the myriad ways that they have been and are
hoped for in the future. Nations must cooperate fully within
their capability in order to contain the actions of those who
threaten our networks, and to realize the positive vision that
we have for our societies.

REFERENCES:
1. “Google Query-Serving Architecture” at National
Conference sponsored by NACC (National Assessment and
Accreditation Council) By Suyog Dixit & Dr. R. K. Dixit
(HOD of Computer Science, Indore)
2. “Intrusion Controls in Computer Networks: How
Effective Are They and What a Computer Engineer Can
Do?”, Published in National Seminar, sponsored by Higher
Education of M.P.) By Suyog Dixit & Dr. R. K. Dixit
(HOD of Computer Science, Indore)
3. American Bar Association. International Cyber Crime
Project of the ABA Privacy and Computer Crime
Committee:
http://www.abanet.org/scitech/computercrime/cybercrimepr
oject.html.
Armageddon’08 April 01, 2008 Warfare: Paper Presentation
Computer Society of India (CSI)
[7]