CHAPTER ONE

INTRODUCTION

1.1 Background of the Study

Network Security Protection System is the act of ensuring that an authenticated user accesses only what
they are authorized to and no more. The bad news is that security is rarely at the top of people's lists,
although mention terms such as data confidentiality, sensitivity, and ownership and they quickly
become interested. The good news is that there is a wide range of techniques that you can apply to help
secure access to your system. Security on the Internet and on Local Area Networks is now at the
forefront of computer network related issues. Network Security protects your network and data from
breaches, intrusions and other threats. This is a vast and overarching term that describes hardware and
software solutions as well as processes or rules and configurations relating to network use, accessibility,
and overall threat protection (Unary, 2018). The evolution of networking and the Internet, the threats to
information and networks have risen dramatically. Many of these threats have become cleverly
exercised attacks causing damage or committing theft. The Internet continues to grow exponentially. As
personal, government and business-critical applications become more prevalent on the Internet, there
are many immediate benefits. However, these network-based applications and services can pose
security risks to individuals as well as to the information resources of companies and government. In
many cases, the rush to get connected comes at the expense of adequate network security. Information
is an asset that must be protected.

Several recent proposals have argued for giving third parties and end-users control over routing in the
network infrastructure. Some examples of such routing architectures include TRIAD, i3, NIRA, Data
Router, and Network Pointers. While exposing control over routing to third- parties departs from
conventional network architecture, these proposals have shown that such control significantly increases
the flexibility and extensibility of these networks. Using such control, hosts can achieve many functions
that are difficult to achieve in the Internet today. Examples of such functions include mobility, multicast,
content routing, and service composition. Another somewhat surprising application is that such control
can be used by hosts to protect themselves from packet-level denial-of-service (DOS) attacks, since, at
the extreme; these hosts can remove the forwarding state that malicious hosts use to forward packets
to the hosts. While each of these specific functions can be achieved using a specific mechanism—for
example, mobile IP allows host mobility—we believe that these forwarding infrastructures (FIs) provide
architectural simplicity and uniformity in providing several functions that makes them worth exploring.
Forwarding infrastructures typically provide user control by either allowing source-routing or allowing
users to insert forwarding state in the infrastructure. Allowing forwarding entries enables functions like
mobility and multicast that are hard to achieve using source-routing alone. While there seems to be a
general agreement over the potential benefits of user-controlled routing architectures, the security
vulnerabilities that they introduce has been one of the important concerns that has been not addressed
fully. The flexibility that the FIs provide allows malicious entities to attack both the FI as well as hosts
connected to the FI.
For instance, consider i3, an indirection-based FI which allows hosts to insert forwarding entries of the
form (id,R), so that all packets addressed to id are forwarded to R. An attacker A can eavesdrop or
subvert the traffic directed to a victim V by inserting a forwarding entry (id V, A); the attacker can
eavesdrop even when it does not have access to the physical links carrying the victim’s traffic.
Alternatively, consider an FI that provides multicast; an attacker can use such an FI to amplify a flooding
attack by replicating a packet several times and directing all the replicas to a victim. These vulnerabilities
should come as no surprise; in general, the greater the flexibility of the infrastructure, the harder it is to
make it secure.

In this project, we improve the security that flexible communication infrastructures which provide a
diverse set of operations (such as packet replication) allow. Our main goal in this project is to show that
FIs are no more vulnerable than traditional communication networks (such as IP networks) that do not
export control on forwarding. To this end, we present several mechanisms that make these FIs achieve
certain specific security properties, yet retain the essential features and efficiency of their original
design. Our main defense technique, which is based on light-weight cryptographic constraints on
forwarding entries, prevents several attacks including eavesdropping, loops, and traffic amplification.
From earlier work, we leverage some techniques, such as challenge-responses and erasure-coding, to
thwart other attacks.

Network security protection system is an important aspect of any system. The bad news is that as point
out the human factor is the weakest link. Security is too often merely an illusion, an illusion sometimes
made even worse when gullibility, naivete, or ignorance come into play. The go on to say that ―security
is not a technology problem – it’s a people and management problem. Having said that, my experience
is that the―technology factor and the people factor go hand in hand; you need to address both issues
to succeed. Access control is the ability to permit or deny the use of a particular resource by a particular
entity. Access control mechanisms can be used in managing physical resources (such as a movie theater,
to which only ticket holders should be admitted), logical resources (a bank account, with a limited
number of people authorized to make a withdrawal), or digital resources (for example, a private text
document on a computer, which only certain users should be able to read). Banks are secured financial
institutions. They are often housed in large buildings that are located in a commercial or residential area.
Banks store money and other financial information and goods. Money and valuables have been stored in
banks since ancient times. As a result of the long history that banks have enjoyed, bank security has also
been important for a long time. Some of the oldest banks in the world have the best security available.
These banks include the Bank of Sweden, the Bank or England, Bank of America, and Swiss Banking.
Bank security usually includes a staff of security guards, a security system, and one or more vaults.
Security guards are uniformed personnel that maintain high visibility and watch cameras and alarms.
Cameras and alarms are usually top of the line systems in banks and other financial buildings. But these
security elements are not exclusive to banks. Some of these elements can be found in other commercial
buildings and even residential homes. Basic security starts with the locks. For a high level of security,
windows and doors will need the best locks. After high quality locks are installed many property owners
opt for a security system or even security cameras. Security cameras are often a small part of a larger
security system. Systems often include motion detectors, alarms, sensors, and cameras. Cameras are
arguably the most important because they allow the property owner to see and record everything that
happens in and around their building or property. Cameras can be installed by a professional or by a
property owner. For a large and elaborate system it may be best for a professional to do the work. But
for a smaller and easy layout, a property owner should have no problem installing a system by following
the manufactures instructions. If he does than there is usually a local installer that can be called to help
finish the job.

1.2 Statement of the Problems

Network systems in Banks have given room to unauthorized users to get access to their information.
There by, introducing viruses, hacking of information, electronic fraud, as well as detecting and deleting
company’s vital document. However, absolute security is not achievable in practice. Nevertheless an
improved method of security measures now provides certain degree of security of information since
some of the data shared between users are confidential in nature or should be available to relatively few
to be stored and transmitted information unit in other to check illicit monitoring and illegal access.

Fraudulent act of some customer/workers

Accessing the organizational data/information unauthorized

Sensitive nature of bank data/information

Valuable or costly items in bank

Increase in crime in our society

1.3 Aim and Objectives of the Study

The main aim of this study is to design and implement a Network Security Protection System with the
following objectives:

i. To detect security violations

ii. To Re-create security incidents
iii. To disallow unauthorized users
iv. To safeguard the organizational data/information
v. To computerize the organizational security
vi. To enhance the organizational security
vii. To eliminate all forms of mistakes associated with security control

1.4 Significance of the Study

The main purpose of this project is to design a Network Security Protection System that will assist UBA
Bank, Enugu Branch in the area of ensuring effective security measures.

1.5 Scope of the Study

This research work will access the design and implementation of Network Security Protection System in
UBA Bank, Enugu Branch. It will look into the operations of this bank in the aspect of computerizing their
security control system.

1.6 Limitation of the Study

This research has covered only the shell petroleum development company in Port-Harcourt due to some
constraints limiting the researcher from extending the scope of study.

A financial constraint is one of the limitations encountered during the cause of the study. The researcher
being student found it difficult to provide transport fare to the area of study for the collection of data.

Second are time constraints, the researcher being student, the time for the study clashed with the
academic work thereby not meeting the staffs when supposed for a perfect work to be

done.

Third is complexity of information. However, these constraints delimit the researcher from collecting
more data to assumed effectiveness of the work.

1.7 Definition of Terms

Computer: An electronic device which is capable of receiving information (data) and performing a
sequence of logical operation in accordance with a predetermined variable set of procedural
instructions (program) to produce a result in the form of information or signals. The sales information is
processed by computer.

System: “A computer whole, a set of things work together as a mechanism or interconnecting network.
A new system for accessing personal tax” (Chen, 2017).

Program: A series of coded software instruction to control the operation of a computer. Load the
program into the computer.

Software: Programs and other operating information used by a computer. Hopefully, the software will
run in the system.

Data: A raw facts making the basis of reasoning; it is unprocessed information. The patients data
interpretation is urgently needed.

Information: A processed data that is conveyed or presented by a particular sequence of symbols,

impulses etc. this leaflet is produced for information purpose.

Custodians: Persons who are responsible for protecting or guiding something (record keeper). The items
were left under their custody.

Authentication: Prove or show to be authentic (genuine). Check the authentication of this system before
you make payment (Shelly & Jackson, 2018).
Authorization: To give official permission for or approval to access information. The owner gave the
authorization to forge ahead (Uyminth, 2018).

Confidentiality: Information intended to be kept secret i.e. entrusted with private information. Some
cases are kept confidential.

Availability: Information able to be used or obtained. The information is available to be dispatch.

Integrity: Consistency or lack of corruption in electronic data, the quality of information principles..

Immune: Every organization is affected to the infection of insecure information. You will eventually
become immune to criticism.

Password: A secret word or phrase used to gain admission or access to something (information). Put
security password to that system for safety.