Network Security: Protecting Digital

Assets

By Mahjabeen Fatima
 Protects against
Network security
unauthorized
includes
procedures and
policies to protect
access,
destruction,
manipulation, and
Introduct
stored data
theft
ion to
Network
Security
Enables tracking Essential for both
and prevention of individuals and
security threats organizations
 Common
Unauthoriz
ed access to
files and
Hacking
attempts
(authorized
Malware
infections
Denial of
Service
(DoS)
Network
Security
data and attacks
unauthorize
d)

Address
Resolution
Protocol
(ARP)
SSH key
vulnerabiliti
es
Brute force
attacks
Threats
spoofing
 Systematic submission
of passwords to find
correct one

Often automated using

Understandi software
ng Brute
Force More Short passwords

Attacks effective Common

words/names
against: Dictionary words

Time delays between attempts

Prevention
Account lockouts

methods: Multi-factor authentication

CAPTCHA systems
 Makes computing resources unavailable
to legitimate users

Denial Two main types:

of • Forcing host to stop services ("crashing")

• Flooding with multiple requests (overloading)

Service Distributed DoS (DDoS) –when multiple

systems are used to attack a host

(DoS) Defense methods:

Attacks • Firewall rules-complicated to setup as needs IP

addresses and ports of the attackers in advance,
can close all unused network ports
• "Cleaning/Scrubbing centers“-receives all traffic,
analyses, and passes onlycan
legitimate requests
recognise DoS attackers if
• Intrusion prevention systems-
they have patterns, signatures
or content that is already
known.
 A botnet consists of a number of networked devices that run software,
called bots, carrying out repetitive tasks using computer programs
written as scripts.
Network of infected devices running
malicious software (bots)

Can include any networked device

(phones, laptops, IoT devices)
Uses: makes use of SMTP, HTTP and IRC
to contact each other, send malicious
Understandi code or disrupt services.
• Denial of service attacks IRC (Internet Relay
ng Botnets • Spam distribution Chat) is a text-based
• Data theft chat system for
• Remote device control instant messaging.

Spreads through:
• IP probing
• Infected websites
• Trojan horses
A computer script is a set of commands in a computer language that
is stored in file and can be executed on a computer without being
compiled. Scripts are written in languages such as Perl, PHP,
 • Bots work by creating client-server or peer-to-peer
networks between devices.
• The malicious software is sent over the internet by a
cybercriminal, called a bot herder or bot master, by
randomly probing IP addresses or by inserting the bot
into the hypertext, JavaScript or other code of
websites as a Trojan.
• A device that loads the website or responds to an IP
address probe is ‘infected’ with the bot software.
• Botnets based on the client-server model connect to a
Understandi central command device, called a command and
control (C&C) server, and await instructions. The bot
ng Botnets herder sends out commands to all the bots, which
carry out the instructions and send the results back to
the herder via the C&C server.
• Peer-to-peer botnets do not have a central bot herder,
but bots update themselves with the latest version of
the malicious software from other bots. Commands or
instructions are carried out and the results sent back
to the originator.
• Botnets can be used to gather data about the keys
that a user presses or to directly harvest data about
login credentials. Key loggers and spyware can use
botnets to send the data back to the originator of the
 Malicious software, or malware, is created to inflict damage
on computer systems, applications, files or data.

Categories:
Malwa • Adware
• Ransomware

re • Rogue software
• Scareware

Types
• Spyware
• Trojan horses
• Viruses

and • Worms
Spreads through:
Threat • Network connections
• Email attachments

s • Malicious links
• Infected software
 Attacks database systems through web
applications-like in search or login fields
on online forms

SQL Targets:

Injecti • Social media sites

• Online retailers
• University websites

on Prevention:

Attack • Principle of least privilege(only read & view then

not allowed to edit)
• Avoid dynamic SQL-use only SQL commands stored

s in the system
• Regular software updates
• Input validation etc. by using reputable s/w
developers
Structured query language (SQL) is used for programming and
for managing, data in relational databases. SQL is used to
access, return and present the results of the access to a user,
for example when a user searches for a payment, item or any
 Organisations have network policies to set the
rules on how their network is used.

A network policy can include the following:

Netwo • the types of technologies allowed and not allowed

(for instance whether or not wireless devices or
USB memory sticks can be used)
rk • what users can and cannot use the network
for(an acceptable use policy)
policie • the responsibilities of every user when using the
network (including how to keep data safe and

s
secure and what to do if a breach or virus attack
occurs)
• the security protocols to be used (such as a
password policy)

It also serves as a basis for enforcing legal action if

the rules are broken.
 Impact of Network Security threats
on individuals and organizations

IMPACT OF IMPACT OF IMPACT OF IMPACT OF IMPACT OF

DATA DATA DATA THEFT OF IDENTITY
DESTRUCTION MANIPULATIO MODIFICATIO DATA THEFT
Overwriting the entire hard disk sector
N by sector with ones N
and zeroes several times is used to securely destroy its
contents.
Use encryption provided by the disk manufacturer to store the data. Encrypting, all the data with an encryption key of
at least 128 bits renders the data impossible to retrieve or be understood without the key. To destroy the data, the key is
discarded by the encrypting software. This is called cryptographic erasure and is deemed highly effective in ensuring
that data lost forever. While the data remains on the disk, it is irretrievable.
 Impact of data destruction
Data destruction is the process of making sure that it is
impossible for data to be recovered.

Impact of Impact of data manipulation

Data manipulation is the changing of the format of data so it is

network displayed in different ways.

By causing others to doubt the real data, a process called
‘gaslighting? in some countries, governments’ and politicians’
security credibility and reputations can be seriously damaged, public
opinion altered and elections influenced.

threats on Impact of data modification

Data modification changes the actual data. Data modification
individual attacks are often carried out by employees or insiders who have
an argument or disagreement with their employers.
s and Impact of theft of data

organisati The theft of data from a company, organisation or government

can lead to fraud, bankruptcy and embarrassment.

ons Impact of identity theft

Identity theft is a deliberate use of another person’s identity.
Identity theft may be for financial gain or other benefits.
Identity cloning is when a person assumes another’s identity in
real life or social situations and pretends to be that person using
their stolen data.
 Prevention of network security issues
(Physical Security Methods)
Effective security measures and the enforcement of company security
policies can help to prevent unauthorised access to files and data stored on
networks.

LOCKED SECURITY BIOMETRIC AIR- SECURE ACCESS SECURITY

DOORS CAMERAS ACCESS GAPPING DISPOSAL CARDS GUARDS
AND AND CONTROLS CRITICAL OF AND
SECURE MONITORI SYSTEMS PHYSICAL BADGES
ENTRANCE NG MEDIA
S
Physical methods of security are designed to keep devices, terminals and other network equipment
out of reach of any unauthorised user.
Software security measures are designed to prevent unauthorised users from electronically accessing
data and files using networks.
 Software Security Methods

Biometrics Anti- Anti-virus Anti-

malware protection spyware
software tools

Encryption Access Firewalls Digital

systems rights certificates
manageme
 Symmetric encryption (shared key)

Asymmetric encryption
(public/private keys)
Encrypti
Transport Layer Security (TLS)
on and
Data HTTPS for web security

Protectio Digital certificates and signatures

n
Certificate Authorities

Key management
 Monitors and
controls network
traffic

Firewall Hardware

Protecti Types: firewalls

Software
firewalls

on
Packet
filtering
Access

Functions: control
Traffic
monitoring
Zone
protection
 Acceptable use
Netwo guidelines
Technology restrictions
rk User responsibilities
Securi Security protocols
ty Password policies
Policie Data handling
s procedures
Incident response plans
Data Protection Methods: Advantages and
disadvantages of the various methods
 Locks, keys, and physical
barriers
Physic Security guards at entrances
al
Key advantages:
Securi • Prevents direct access to systems

ty
• Blocks easy USB access

Key challenges:
Metho • Keys can be lost or stolen
• Guard reliability issues
ds • Privacy concerns with cameras
• Cost of implementation
 Definition: Using unique physical characteristics for
identification Biometr
Common types:
ic
Security
Fingerprint scanning Retinal scanning

Solution
Benefits:
Cannot be forgotten or
Difficult to forge Fast and convenient
lost

s
Limitations:
High
Hygiene Privacy
implementation Accuracy issues
concerns considerations
costs
 Anti-
malware • Real-time scanning
• Threat quarantine
Softwar
protectio • Regular updates needed

n:
• Protects data itself
e
Encrypti
on:
• Allows secure transmission
• Key management challenges
• Resource intensive
Protecti
Drive-by • Automatic malware installation
on
download
Methods
• System vulnerability exploitation
risks:
 • Packet analysis
Firewalls • Real-time monitoring
: • DNS protection
Network
Limitatio • Performance impact
• Setup complexity
Security
ns: • Cost considerations
Infrastruc
Access
• File permissions
• Folder hierarchies
• Backup considerations
ture
Rights: • Protection against internal
threats
 Impact
of
Business Financial
disruption losses

Security
Customer Data
trust loss destruction

Breache
Legal
Identity
consequen
theft
ces

Reputatio
n damage

s
Regular Strong
Multi-
factor
Best
Practic
software password
authenticat
updates policies
ion

es for
Regular
Employee Backup
security
training procedures
audits

Incident
response
Continuous
monitoring
Securit
planning
y