2012 International Conference on Computer Science and Information Processing (CSIP)

Study on Security and Prevention Strategies of Computer Network

Fuguo Li
WanF ang College of Science and Technology
Henan Polytechnic University
Jiaozuo, China
E-mail: [email protected]

Ahstract- With the rapid development of computer network individual pnvacy or confidential information on the
technology, the security of computer network becomes network transmission to be protected and to avoid being
increasingly important. Three main threats facing computer eavesdropping, tampering and forge. But for network
network security include: hackers, computer virus and denial providers, they not only care about the network information
of service attack. Things leading to the safety of the network safety, but also consider how to cope with sudden natural
are mainly: resources sharing, data communication, computer
disasters, such as a military strike to network hardware
virus and TCP/IP protocol security flaws. A safety network
damage, as well as how to restore network communication
system should include at least three kinds of measures: legal
and maintain the continuity of network communication in
measures, technical measures and review and management
abnormal situations.
measures. The paper analyzes the main threat facing
Essentially, network security include hardware that
computer network security, discusses network security
compose network system, software and its transfer over a
technology and advances some effective countermeasures in
network information safety, which protected it from
view of the hidden danger of current common network
security.
accidental or malicious attack, network security concerns
both technical problems and management issues, which are
Keywords-network security; computer network; in complement with each other.
information security; security strategy; prevention strategy
III. MAJOR THREATS OF COMPUTER NETWORK

I. INTRODUCTION
A. Internal Iinterception and Destruction
With the development of Internet technology, computer The people inside of network system may become the
network gradually changes people's life and way of work. In following possible threats: internal confidential personnel's
the process of rapid popularization of computer network, intentionally or unintentionally leaks, the change of the
hidden dangers of computer security become increasingly record information; internal unauthorized personnel's
prominent. This requires us take strong measures to ensure intentionally or not, stealing confidential information,
the safety of the network. The computer network security change the network configuration and record information;
refers to the use of network management to control and network system damage from Internal personnel.
technical measures to ensure data privacy in a network
environment. But as computer network is open, sharing and B. Unauthorized Access
international, it makes computer network more vulnerable. Unauthorized access refers to the unauthorized use of
In order to solve this problem, now people mainly research network resources or unauthorized ways to use the network
in the field of data encryption technology, identity resources. It includes illegal users' hacking into the network
authentication, firewall, network management and that sort or illegal operation system, and legitimate users'
of things[ l]. unauthorized way of operation.

II. CONCEPT OF COMPUTER NETWORK SECURITY C. Damage the Integrity of Information

The computer network security refers to the use of Attackers may damage the information integrity from
network management to control and technical measures to three aspects: changing the order of the information flow,
ensure that in a network environment, the data privacy, timing, changing the content, the form of information;
integrity and availability can be protected. The computer Deleting news or some of the news; and Inserting some
network security includes two aspects: physical security and information in the news, making the receiver not able to read
logic security. The physical security system means that or receive the wrong information[2].
equipment and related facilities are protected from
D. Interception
destruction, loss, etc. Logic security includes the integrity of
information, secrecy and availability. The meaning of Through the wiretapping or the electromagnetic wave
computer network security varies from users to users. radiation within the scope of the installation, the attacker
Different users have different understanding of network may intercept confidential information, or through to the
safety requirements. To general users who may just want information flow, communication frequency and length of

978-1-4673-1411-4/12/$31.00 ©2012 IEEE 645

 2012 International Conference on Computer Science and Information Processing (CSIP)

the parameters find out useful information. It does not network access control, directory level control and attributes
damage the transfer information, and it is not easy control[3].
examinable. 3) Database backup and recovery.
Database backup and recovery is the important operation
E. Pretending
of database administrators to maintain data security and
The attacker may pretend to do the following: pretend to integrity. Restore database backup is the easiest and can
be leadership issue orders and read the documents; Pretend prevent most accident. Recovery refers to the operation of
to be host deceive legitimate hosts and legitimate users. using backup to restore data after accident. There are three
Pretend to be network control program to show or modify main backup strategies: only backing up the database,
the access to key information, passwords, etc, excessive use backing up the database and affairs log and incremental
of network equipment and resources: take over a legitimate backup.
user, cheat the system, take up the resources of the 4) Application code technology
legitimate users. Application code technology is the core technology of
information security. Information security password is to
F. Destroy System Availability.
provide a reliable guarantee. Based on code of digital
The attacker may damage from the following aspects of
signatures and identity authentication to guarantee that the
network system availability: making a legitimate user not
main method of information integrity, one of which include
able to have normal access to the network resources; Making
classical code techniques, single key code system, public
a strict time required service not able to get the timely
key code system, digital signature and key management.
response and destroy system.
5) Cuting off the transmission way
G. Repeat Itself Carry on a thorough antivirus examination on affected
hard disk and the computer, don't use the unexplained USB
Repeat itself refers that the attacker intercepted and
disk and the program, don't download SUSpICIOUS
record information, and then send these information
information.
repeatedly when necessary.
6) Improve anti-virus technology of network
H. Denial By installing virus firewall, real-time filtering IS

Possible denials are the sender's later denial of sending a conducted. The files server on the network should be
piece of news content; the receiver later denied that he had frequently scanned and monitored, using anti-virus software
received a message earlier. in the work site, strengthening the network directory and file
access settings[4].
1. Other Threats 7) Conduct research and development to improve the
The threats of network system also include computer operation of the high quality security system.
virus, electromagnetic leakage, all kinds of disasters, and the Research and develop high security operating system,
operating error, etc. and don't give the virus hotbed to live, which would make
computer network safer.
IV. PROTECTIVE MEASURES OF COMPUTER NETWORK

SECURITY
B. Management Level Countermeasures
The computer network security management not only
A. Technical Level Countermeasures depends on the security technology and preventive measures,
From technical level computer network security but also depends on the management measures it takes and
technology mainly include real-time scanning technology, the protection laws and regulations it implements. Only by
real-time monitoring technology, firewall, completeness linking them closely can we make the computer network
inspection protection technology, virus situation analysis security really effective.
report technology and system security management The computer network security management includes
technology. The technical level can take the following educating users of computer safety, and setting up
measures: corresponding security management institution, continuous

1) Establish a system of safety management improvement and strengthening the management function,

Improve the quality of stuff including system strengthen works on computer and network of the legislation

administrators and technical personnel professional and and law enforcement, etc. Strengthen computer security

users. To the important department and information, strictly management and enhance the user of the laws, regulations
and moral concepts, improve computer users' awareness of
inspect virus in computer boot, backup data in time, which is
a simple and effective method. safety, to prevent the computer crime and resistance to the
hacker attacks and prevent computer virus interference, are
2) Network access control
all very important measures.
Access control is the main strategy of network security
This means the ongoing legal education on computer
and protection. Its main task is to guarantee that the network
users, including computer security law, code, data and so on,
resources are protected from illegal use and access. It is one
make the right and obligation clearly to computer users and
of the most important strategies of network security. The
systems management personnel, consciously abide by the
technology of access control involves many things such as
legal information system principle, legal principle, the

646
 2012 International Conference on Computer Science and Information Processing (CSIP)

principle of public information, information use principle control to identifY users' identity, and to verifY its validity;
and resource constraints principle. Consciously fight against Secondly, visitors must define the scope of activities;
all the behavior of the illegal crime, maintain the safety of Thirdly, multilayer safe protection should be set in the center
the computer and network system, and the safety of the of computer system to prevent illegal invasion of violence;
information system. In addition, we still should educate Fourthly, buildings where equipment is located shall have
computer users and the staff, and obey all the rules and equipment to protect against all kinds of natural disasters.
regulations set up for maintenance system safety, including
personnel management system, operation maintenance and V. CONCLUSION

management system, computer processing control and The computer network security is a complicated system
management system, all kinds of material management of engineering, involving technology, equipment,
system, computer room management system, special plane management, system and so on, and security solutions
to defend the special division of work and strict management should be set and understood from the whole. Network
system. security solution is a combination of various security
technologies in computer network information system, one
C. Physical Security Level Countermeasures
that combines safe operating system technology, firewall
To ensure the safety of computer network system's technology, virus protection technology, intrusion detection
reliability we must ensure that there is a security system technology, and security scanning technology, which forms
entity of the physical environment conditions. The safe a complete set of network safety protection system. We must
environment refers to computer room and its facilities, make sure that management and technology, safety
mainly include the following content: technology be integrated with safety measures, and
1) Computer system environment conditions strengthen the computer legislation and enforcement of law,
The computer system security environment conditions establish backup and recovery mechanism, make
include temperature, humidity, air cleanliness, corrosion corresponding safety standards, and strengthen the network
degrees, insect, vibration and impact, electrical disturbance security management measures. Only in this way can we
and so on, which all have specific requirement and strict ensure the security of the computer network.
standards.
2)Computer room environment selection REFERENCES

The choosing of a suitable installation place for [1] Li Fuguo. The research on infonnation safety problem of digital
computer system is very important which directly affect the campus network, 2011 2nd International Conference on Artificial

reliability and safety of the system. When choosing a Intelligence, Management Science and Electronic Commerce,
2011(8),pp.828 -831.
computer room, we should pay attention to its external
[2] Lingyun Fu. The Study of the Campus Network Safety Based on
environment safety, reliability, avoid strong vibration
the Digital Network Ages[J ] ,Computer CD Software and
sources and strong noise source, and avoid high buildings
Application, 2010(6), pp.50-51 (Chinese) .
and water in the lower equipment or the next door. The
[3] Jia-rui Xu. Network Infonnation Security and Protection Strategies,
management of the entrance should also be noted[5]. Computer Security,2011( 9),pp.51-54 (Chinese).
3) Computer room safety protection [4] Wei Lui. Computer Network Security Issues and Prevention,
The computer room security protection is designed for Computer CD software and application , 20l l (lO),pp.43-44
the physical environment and to prevent disaster from (Chinese).

unauthorized individuals or group damage, tampering or [5] Xinfeng Wang. Research on Computer network security
technology , Net Security Technologies and Application,20l l (4),
theft of network facilities, important data and take security
pp.17-19 (Chinese).
measures and countermeasures. In order to manage regional
security, first of all, we should consider the physical access

647