Unit 4 CN

Network Security
Network Security refers to the measures taken by any enterprise or
organization to secure its computer network and data using both hardware
and software systems. This aims at securing the confidentiality and
accessibility of the data and network. Every company or organization that
handles a large amount of data, has a degree of solutions against many cyber
threats.
The most basic example of Network Security is password protection which
the user of the network oneself chooses. In recent times, Network Security
has become the central topic of cyber security with many organizations
inviting applications from people who have skills in this area. The network
security solutions protect various vulnerabilities of the computer systems
such as:
1. Users
2. Locations
3. Data
4. Devices
5. Applications
Benefits of Network Security
Network Security has several benefits, some of which are mentioned below:
1. Network Security helps in protecting clients’ information and data
which ensures reliable access and helps in protecting the data from
cyber threats.
2. Network Security protects the organization from heavy losses that
may have occurred from data loss or any security incident.
3. It overall protects the reputation of the organization as it protects
the data and confidential items.
Working on Network Security
The basic principle of network security is protecting huge stored data and
networks in layers that ensure the bedding of rules and regulations that have
to be acknowledged before performing any activity on the data.
These levels are:
1. Physical Network Security
2. Technical Network Security
 3. Administrative Network Security
These are explained below:
1. Physical Network Security: This is the most basic level that includes
protecting the data and network through unauthorized personnel from
acquiring control over the confidentiality of the network. These include
external peripherals and routers that might be used for cable connections.
The same can be achieved by using devices like biometric systems.
2. Technical Network Security: It primarily focuses on protecting the data
stored in the network or data involved in transitions through the network.
This type serves two purposes. One is protected from unauthorized users,
and the other is protected from malicious activities.
3. Administrative Network Security: This level of network security protects
user behavior like how the permission has been granted and how the
authorization process takes place. This also ensures the level of
sophistication the network might need for protecting it through all the
attacks. This level also suggests necessary amendments that have to be done
to the infrastructure.
Types of Network Security
The few types of network securities are discussed below:
1. Access Control
2. Antivirus and Anti-Malware Software
3. Cloud Security
4. Email Security
5. Firewalls
6. Application Security
7. Intrusion Prevention System(IPS)
1. Access Control: Not every person should have a complete allowance for
the accessibility to the network or its data. One way to examine this is by
going through each personnel’s details. This is done through Network Access
Control which ensures that only a handful of authorized personnel must be
able to work with the allowed amount of resources.
2. Antivirus and Anti-malware Software: This type of network security
ensures that any malicious software does not enter the network and
jeopardize the security of the data. Malicious software like Viruses, Trojans,
and Worms is handled by the same. This ensures that not only the entry of
the malware is protected but also that the system is well-equipped to fight
once it has entered.
3. Cloud Security: Now a day, a lot of many organizations are joining hands
with cloud technology where a large amount of important data is stored over
the internet. This is very vulnerable to the malpractices that few unauthorized
dealers might pertain to. This data must be protected and it should be
ensured that this protection is not jeopardized by anything. Many businesses
embrace SaaS applications for providing some of their employees the
allowance of accessing the data stored in the cloud. This type of security
ensures creating gaps in the visibility of the data.
4. Email Security: Email Security depicts the services, and products designed
to protect the Email Account and its contents safe from external threats. For
Example, you generally see, fraud emails are automatically sent to the Spam
folder. because most email service providers have built-in features to protect
the content.
5. Firewalls: A firewall is a network security device, either hardware or
software-based, which monitors all incoming and outgoing traffic and based
on a defined set of security rules accepts, rejects, or drops that specific traffic.
Before Firewalls, network security was performed by Access Control Lists
(ACLs) residing on routers.

6. Application Security: Application security denotes the security

precautionary measures utilized at the application level to prevent the
stealing or capturing of data or code inside the application. It also includes
the security measurements made during the advancement and design of
applications, as well as techniques and methods for protecting the
applications whenever.
7. Intrusion Prevention System(IPS): An intrusion Prevention System is also
known as Intrusion Detection and Prevention System. It is a network security
application that monitors network or system activities for malicious activity.
The major functions of intrusion prevention systems are to identify malicious
activity, collect information about this activity, report it, and attempt to block
or stop it.

Traditional cryptography
Traditional cryptography refers to the early methods of encrypting information to
protect it from unauthorized access or interpretation. These methods, while less
sophisticated than modern cryptographic techniques, played a crucial role in
safeguarding communication and information security throughout history. Two
fundamental types of traditional ciphers are substitution ciphers and transposition
ciphers.
❖ Substitution Ciphers
Substitution ciphers, also known as substitution encryption, replace characters in the
plaintext with different characters according to a predetermined rule or substitution
table. This technique alters the appearance of the message, making it difficult for
unauthorized individuals to decipher.
• Types of Substitution Ciphers
1. Monoalphabetic Substitution: In monoalphabetic substitution, each plaintext
character is replaced with a corresponding ciphertext character using a fixed
substitution table. A well-known example is the Caesar cipher, where each
letter is shifted a certain number of positions in the alphabet.
2. Polyalphabetic Substitution: Polyalphabetic substitution employs multiple
substitution tables or alphabets to encrypt the plaintext. This method makes it
more difficult to decipher, as the substitution pattern changes throughout the
message. Examples include the Vigenère cipher and the Playfair cipher.
❖ Transposition Ciphers
Transposition ciphers, also known as transposition encryption, rearrange the order of
characters in the plaintext without changing the characters themselves. This
technique alters the sequence of the message, making it difficult for unauthorized
individuals to read.

• Types of Transposition Ciphers

 1. Simple Transposition: Simple transposition involves rearranging the
plaintext characters according to a fixed pattern, such as reversing the order
or shifting the characters by a certain number of positions.
2. Complex Transposition: Complex transposition employs more intricate
patterns and techniques to rearrange the plaintext, such as using a keyword
or a grid to determine the new order of characters.
➢ Applications of Traditional Cryptography
Traditional cryptography has been used in various forms throughout history,
including:
1. Military Communication: Encrypted messages were used to convey
sensitive military plans and strategies during conflicts.
2. Diplomatic Correspondence: Diplomatic messages were encrypted to
protect sensitive information and maintain confidentiality between
governments.
3. Commercial Communication: Businesses used encrypted messages to
protect trade secrets and financial information.
4. Personal Correspondence: Individuals used encrypted messages to protect
personal information and maintain privacy in their communications.
While traditional cryptography has been largely superseded by modern cryptographic
techniques, it remains an important part of the history of cryptography and serves as
a foundation for understanding more advanced encryption methods.

Cryptographic Principles
Cryptographic principles are the fundamental concepts and techniques that are
used in the field of cryptography to secure communication and protect data.
These principles include confidentiality, integrity, authentication, non-
repudiation, and key management.

There are several fundamental principles that are important in the field of
cryptography, including −

• Confidentiality − Confidentiality refers to the ability to keep information private and

secure. Cryptographic techniques, such as encryption, can be used to protect the
confidentiality of information by making it unreadable to anyone who does not have
the proper decryption key.
 • Integrity − Integrity refers to the ability to ensure that information has not been
altered or tampered with. Cryptographic techniques, such as hash functions, can be
used to ensure the integrity of information by providing a way to detect any changes
to the data.

Data Encryption Standard (DES)

− The Data Encryption Standard (DES) is a symmetric-key block cipher that
was adopted by the National Institute of Standards and Technology (NIST) as
a Federal Information Processing Standard (FIPS) in 1977.
− DES is a block cipher that encrypts data in blocks of 64 bits, using a key of 56
bits.
− DES works by performing a series of transformations on the plaintext block,
using the key as a control input.
− The transformations are designed to be complex and non-linear, making them
difficult to reverse without the key.
− DES was the first widely adopted block cipher and was used in a variety of
applications, including data encryption, network security, and file encryption.
However, DES has been superseded by more secure block ciphers, such as
the Advanced Encryption Standard (AES).

❖ DES Operation
DES encryption works as follows:
1. The plaintext block is divided into two halves, each of 32 bits.
2. The first half of the plaintext block is passed through a series of 16 rounds of
encryption.
3. In each round, the plaintext block is combined with a subkey, which is
generated from the key using a key schedule.
4. The output of the 16th round is combined with the second half of the plaintext
block.
5. The resulting block is the ciphertext.
The subkeys are generated from the key using a key schedule. The key schedule is
a deterministic algorithm that generates 16 subkeys from the original key. This
ensures that the same plaintext will always encrypt to the same ciphertext,
regardless of the order in which the rounds are performed.
DES Security
The security of DES depends on the length of the key. The 56-bit key is relatively
short, and has been shown to be vulnerable to brute-force attacks. A brute-force
attack is an attack that tries every possible key until the correct key is found.
In 1998, a team of researchers from the Electronic Frontier Foundation (EFF) used a
custom-built computer to crack a DES-encrypted message in 22 hours. This
demonstrated that DES is no longer considered secure for most applications.
• DES Applications
DES was used in a variety of applications, including:
− Data encryption: DES was used to encrypt data stored on hard drives,
removable media, and network devices.
− Network security: DES was used to encrypt data transmitted over networks,
such as the Internet and private networks.
− File encryption: DES was used to encrypt files, such as documents, images,
and software.
• DES Replacement
DES has been superseded by more secure block ciphers, such as the Advanced
Encryption Standard (AES). AES is a 128-bit block cipher that is considered to be
much more secure than DES.