Unit 4

Network Security
Introduction
• Network security is the security provided to a network from unauthorized access and
risks. It is the duty of network administrators to adopt preventive measures to protect
their networks from potential security threats.
• Network Security refers to the measures taken by any enterprise or organization to
secure its computer network and data using both hardware and software systems.
• The basic principle of network security is protecting huge stored data and network in
layers that ensures a bedding of rules and regulations have three levels:
a) Physical network security : It includes protecting the data and network though
unauthorized personnel from acquiring the control over the confidentiality of the
network.
b) Technical network security : It primarily focusses on protection from the unauthorized
users and protection from malicious activities.
c) Administrative network security: This level of network security protects user behavior
like how the permission has been granted and how the authorization process takes
place.
Types of Network Security:
a) Access control: Not every person should have complete allowance to the
accessibility to the network or its data. This is done through Network
Access control which ensures that only a handful of authorized personnel
must be able to work with allowed amount of resources.
b) Antivirus and anti-malware software: This type of network security
ensures that any malicious software does not enter the network and
jeopardize(harm) the security of the data. This ensure that not only the
entry of the malware is protected but also that the system is well
equipped to fight once it has entered.
c) Cloud security: Now a day a lot many organizations are joining hands
with the cloud technology where a large amount of important data is
stored over the internet . This is very vulnerable to the malpractices that
few unauthorized dealers might affect.
Information Security Issues:
• Information security protects valuable information from unauthorized
access, modification and distribution.
a) Confidentiality: Confidentiality is the protection of information from
unauthorized access. Confidentiality requires measures to ensure
that only authorized people are allowed to access the information.
b) Integrity : Integrity is the condition where information is kept
accurate and consistent unless authorized changes are made.
Integrity relates to information security because accurate and
consistent information is a result of proper protection.
c) Availability : Availability is the situation where information is
available when and where it is rightly needed. It is maintained when
all components of the information system are working properly.
Security Attacks:
• The attack in cryptography means that our data or sent messages or any
kind of information is accessed by some anonymous user without our
permission. There are two types of security attacks:
a) Active Attack : Active attacks are a type of cybersecurity attack in which
an attacker attempts to alter, destroy, or disrupt the normal operation of
a system or network. Active attacks involve the attacker taking direct
action against the target system or network, and can be more dangerous
than passive attacks, which involve simply monitoring or eavesdropping
on a system or network.
b) Passive Attack : A Passive attack attempts to learn or make use of
information from the system but does not affect system resources.
Passive Attacks are in the nature of eavesdropping on or monitoring
transmission. The goal of the opponent is to obtain information that is
being transmitted. Passive attacks involve an attacker passively
monitoring or collecting data without altering or destroying it.
Main Threats to the Networking System:
a) Computer Virus : Computer viruses are pieces of software that are designed to be spread from one
computer to another.
b) Rogue Security Software: It is malicious software that mislead users to believe there is a computer virus
installed on their computer or that their security measures are not up to date.
c) Trojan Horse: They spread often by email it may appear as an email from someone you know, and when
you click on the email and its included attachment.
d) Adware and Spyware: Adware is not exactly malicious but they do breach privacy of the users for
malicious purpose. Spyware is a type of malware that perform certain tasks include watching and
tracking of user actions and collecting personal data.
e) Computer Worm: Computer worm are pieces of malware programs that replicate quickly and spread from
one computer to another.
f) Distributed Denial of Service(DDOS)Attack : Cybercriminals use thousands of IP addresses to direct
massive amounts of web traffic to an online service. Ddos can affect anyone who uses cloud services or
online platforms.
g) Phishing: Phishing is a common type of cyber attack that targets individuals through email, text messages,
phone calls, and other forms of communication.
h) Rootkit: A rootkit is malware used by hackers to gain access to, and control over, a target computer.
i) SQL Injection Attack: SQL injection (SQLI) is a cyberattack that injects malicious SQL code into an
application, allowing the attacker to view or modify a database.
j) Man-in-the-middle Attacks : They are cybersecurity attacks that allow the attacker to secretly on
communication between two targets.
Data and message Security:
• Electronic data security is importance at a time when people are
considering banking and other financial transactions by PCs. One
major threat to data security is unauthorized network monitoring also
called packet sniffing.
• Messaging Security is a program that provides protection for
companies messaging infrastructure. It protects all the personal
message of the company which are related to company’s vision and
mission.
Types of Message Security are:
Reasons for data and message security:
• Data security refers to the protective measures of securing data from unapproved access
and data corruption throughout the data lifecycle. Today, data security is an important
aspects of IT companies of every size and type. Below are five key principles that you
must remember when it comes to protecting your data:
a) Privacy: You can enforce data privacy by using encryption or by combining data
fragmentation with encryption.
b) Integrity: Data integrity is a term used to refer to the accuracy and reliability of data.
To be considered reliable and accurate data must be complete with no variations or
compromises from the original.
c) Accessibility: There are different ways to protect data accessibility and prevent data
loss one method being replication. Replication provides instant data recovery in the
event of a disaster.
d) Responsibility : It is important to educate employees about what is considered
confidential information whether that information can or cannot be transmitted by
email and how . It is the responsibility of every employees to protect company data.
e) Assessment Capacity: IT staff can experience the benefits of virtualization through:
Cost reduction, efficient use of resources, load balancing and fault tolerance.
Firewalls and its types:
• A firewall is a network security device, either hardware or software-based,
which monitors all incoming and outgoing traffic and based on a defined
set of security rules it accepts, rejects or drops that specific traffic. Accept
: allow the traffic Reject : block the traffic but reply with an “unreachable
error” Drop : block the traffic with no reply. A firewall establishes a barrier
between secured internal networks and outside untrusted network, such
as the Internet.
• Firewall can be used to do one or more of the following things:
a) To protect and insulate the applications, services and machines of your
internal network from unwanted traffic coming in from the public
internet.
b) To limit or disable access from hosts of the internal network to services
of the public internet.
c) To support network address translation which allows your internal
network to use private IP address and share a single connection to the
public internet.
Types of firewall are:
a) Application Gateways: It is also knows as proxy server. This software
runs at the application layer of OSI model. These have been the
most secure, because they don’t allow anything to pass by default.
These are also typically the slowest, because more processes need
to be started in order to have a request serviced.
b)Packet Filtering: Packet filtering is a technique whereby routers have
ACLs(Access Control Lists) turned on. The router will pass all traffic sent it
based of rules(Source address, Destination address, port number).Data is not
check and it applied default action . It used session layer of OSI . It is often
faster than its application layer cousins.

c)Hybrid Systems : In attempt to marry the security of the application layer

gateways with the flexibility and speed of packet filtering, some vendors
have created systems that use the principles of both.
Antivirus:
• Software that is created specifically to help detect, prevent and
remove malware is called Antivirus Software. Antivirus is a kind of
software used to prevent, scan, detect and delete viruses from a
computer. Once installed, most antivirus software runs automatically
in the background to provide real-time protection against virus
attacks. Antivirus programs and computer protection software are
designed to evaluate data such as web pages, files, software and
applications to help find and destroy malware as quickly as possible.
• Antivirus software beings operating by checking your computer
programs and files against a database of known types of malware.
When the program finds a file that contains a virus, it will usually
quarantine it and/or mark it for deletion, making it inaccessible and
removing the risk to your device.
Malwares-Malicious Software:
• Malware is a software that gets into the system without user consent
with an intention to steal private and confidential data of the user
that includes bank details and password.
Data and Message Security(Secret Key
Cryptography , Public Key Cryptography)
Cryptography is the process of hiding or coding information so that only the
person a message was intended for can read it. The art of cryptography has
been used to code messages for thousands of years and continues to be used
in bank cards, computer passwords, and ecommerce.
The various components of a basic cryptosystem are as follows:
a) Plaintext
b) Encryption algorithm
c) Ciphertext
d) Decryption algorithm
e) Encryption key
f) Decryption key
 Secret Key Cryptography , Public Key Cryptography
• Secret Key Cryptography: The encryption process where same keys are used for encrypting
and decrypting the information is known as symmetric Key Encryption. Logically, in any
cryptosystem, both the keys are closely associated. The study of symmetric cryptosystems is
referred to as symmetric cryptography.
Processing power of computer system required to run symmetric algorithm is less.
Length of key is smaller hence faster.
Keys are regular basis changed to prevent any attack.
It is also expensive and cumbersome(large and heavy).
• Public Key Cryptography : The encryption process where different keys are used for
encrypting and decrypting the information is known as Asymmetric Key Encryption. Through
the keys are different, they are mathematically related and hence, retrieving the plaintext by
decrypting ciphertext is feasible.
Processing power of computer system required to run asymmetric algorithm is higher.
Length of key is larger hence slower.
Keys are not regular basis changed to prevent any attack.
It is cheaper and smaller.
Digital Signature:
• A digital signature is a mathematical technique used to validate the
authenticity and integrity of a digital document, message or software.
It's the digital equivalent of a handwritten signature or stamped seal,
but it offers far more inherent security. A digital signature is intended
to solve the problem of tampering and impersonation in digital
communications. Verisign , entrust
communications.eg
Digital signatures offer the following benefits:
• Security. Security capabilities are embedded in digital signatures to ensure a legal document isn't
altered and signatures are legitimate. Security features include asymmetric cryptography,
personal identification numbers (PINs), checksums and cyclic redundancy checks (CRCs), as well
as CA and trust service provider (TSP) validation.
• Timestamping. This provides the date and time of a digital signature and is useful when timing is
critical, such as for stock trades, lottery ticket issuance and legal proceedings.
• Globally accepted and legally compliant. The public key infrastructure (PKI) standard ensures
vendor-generated keys are made and stored securely. With digital signatures becoming an
international standard, more countries are accepting them as legally binding.
• Time savings. Digital signatures simplify the time-consuming processes of physical document
signing, storage and exchange, enabling businesses to quickly access and sign documents.
• Cost savings. Organizations can go paperless and save money previously spent on the physical
resources, time, personnel and office space used to manage and transport documents.
• Positive environmental effects. Reducing paper use also cuts down on the physical waste
generated by paper and the negative environmental impact of transporting paper documents.
• Traceability. Digital signatures create an audit trail that makes internal record-keeping easier for
businesses. With everything recorded and stored digitally, there are fewer opportunities for a
manual signee or record-keeper to make a mistake or misplace something.
 Certificate Authority and Third Party Authentication:
• A certificate authority (CA) is a trusted entity that issues Secure Sockets Layer
(SSL) certificates. These digital certificates are data files used to
cryptographically link an entity with a public key. Web browsers use them to
authenticate content sent from web servers, ensuring trust in content
delivered online.
• CA are trusted agency that can issue digital signature.
• Third-party authentication services are platforms that provide authentication
and authorization features for web applications, such as user registration,
login, password reset, social login, email verification, role-based access
control, and more. They handle the complex and tedious aspects of security,
such as encryption, hashing, token generation, and verification, and allow
developers to focus on the core functionality of their applications.
SSL
• Secure Sockets Layer (SSL) is a standard technique for transmitting
documents securely across a network. SSL technology, created by
Netscape, establishes a secure connection between a Web server and
a browser, ensuring private and secure data transmission. SSL
communicates using the Transport Control Protocol (TCP).The term
"socket" in SSL refers to the method of sending data via a network
between a client and a server.
• Secure Socket Layer has been universally accepted on the world wide
web for authenticated and encrypted communication between clients
and servers . SSL works by using a public key to encrypt data that’s
transferred over the SSL connection.
• SSL encrypts the link between a web server and a browser which
ensures that all data passed between them remain private and free
from attack.
SSL objectives:
a) Authenticating the client and server to each other
b) Ensuring data integrity
c) Security data privacy
d) The protocol to ensure data security and integrity
e) The protocols that are designed to establish an SSL connection
SSL diagram:
VPN
• A virtual private network is a private communications network often used
within a company, or by several different companies or organizations, to
communicate confidentially over a publicly accessible network.
• VPNs can be used to hide a user's browser history, Internet Protocol (IP)
address and geographical location, web activity or devices being used.
Anyone on the same network will not be able to see what a VPN user is
doing. This makes VPNs a go-to tool for online privacy. A VPN
uses tunneling protocols to encrypt data at the sending end and decrypts it
at the receiving end. The originating and receiving network addresses are
also encrypted to provide better security for online activities.
• VPN apps are often used to protect data transmissions on mobile devices.
They can also be used to visit websites that are restricted by location.
Secure access through a mobile VPN should not be confused with private
browsing, however. Private browsing does not involve encryption; it is
simply an optional browser setting that prevents identifiable user data
from being collected.
SET : Secure Electronic Transaction
• SET is an open encryption and security specification designed to
protect credit card transactions on the Internet. Rather it is a set of
security formats and protocols like SSL(Secure Socket Layer,
STT(Microsoft’s Secure Transaction Technology) and S-HTTP(Secure
Hypertext Transfer Protocol).
• SET features are:
a) Confidentiality
b) Convenience
c) Integrity
d) Lower Cost
SET provides three basic services:
• Provides a secure communications amongst parties.
• Provides trust by the use of X.509v3 digital certificates.
• Ensures privacy the restricted info to those who need it.
Functions of SET:
a) Provide confidentiality of payment and ordering information.
b) Ensure the integrity of all transmitted data.
c) Provide authentication that a cardholder is a legitimate user of a credit
card account.
d) Provide authentication that a merchant can accept credit card
transactions through its relationship with a financial institution.
e) Facilitate and encourage interoperability among software and network
providers.