Network Security: Types Of Attacks, Guidelines, And Procedures

Analysis of Network Security

Network security is the framework of policies and procedures which are used to analyse and take preventive action in accessed of unauthorised access of network resources, viruses, malware, and denial of service attack. Network administrator is responsible for providing authorisation for accessing of network devices. The user ID and password is allocated to the user for accessing the network. The network security helps in protecting the operations of the enterprise. “The network resources are protected by providing unique ID and password. The authentication is provided with the login credentials” (Yassir, 2012). The accessed policies are enforced by the firewalls for preventing the unauthorised access. The use of intrusion detection system and anti-virus software are used ffor detecting anomalies associated with the network. The wire-shark traffic can be monitored by using anomaly based intrusion detection system. Network security is provided to functions related with hardware and software, operational procedures, access control, measures, accountability, polices related with administrative and management, and others. The network security is divided into four sections which are named as secrecy, non-repudiation, authentication, and integrity.

The enforcement mechanisms are used for managing the network security. The enforcement mechanism focuses on flow of network traffic for preserving the integrity, confidentiality, and availability of data stored on the system. “The flow of traffic is based on user, application, and content” (Lord, 2012). The identification mechanism should be used for identifying the application such as protocol, firewall, and secure socket layer. The security controls should be taken for managing the access control, authentication, identification, detection of malware, filtering of file type, and encryption policies. The network security is based on three principles which are described below:

• Confidentiality: The protection should be given to the network resources and assets for preventing from unauthorised access.
• Integrity: The modification of assets should be managed by authorised manner
• Availability: The authorised user can accessed the network resources efficiently without any hindrance. 

Eavesdropping: In this the attacker gains control of the data path for interpreting the traffic. The process of eavesdropping in the communication is known as sniffing or spoofing.

Data modification: “The attacker can manipulate the data packet send by the sender. The confidentiality of the data can be lost” (Pandey, 2011).

IP address spoofing: The IP address is the identity of the computer system on the network. The false use of IP address result into IP address spoofing.

Attacks based on Password: The attacker can hacked the weak password of the user for getting access of the user account. The attacker can hijack the list of valid user, modify the configuration of server and network, modify the routing table, and deletion of data.

Types of Network Security Attacks

Denial of service attack: The attacker sends various unauthorised request of data to the sender. When the number of request extends the capacity of frame buffer, then the condition of denial of service attack occurs.

Man in the middle attack: When the communication between two persons is actively monitored by the third person for controlling and capturing the data of communication is known as Man in the middle attack.

Compromised Key attack: The secret code is hacked by the hacker for modifying the confidential information. The hacker can get the control of secured communication by making use of secret code.

Sniffer attack: “The sniffer is the device which is used for monitoring the path of the data packet on the network” (Perkins, 2014). The encapsulated packets can be broken down by using the encrypted keys.

Application layer attack: “The attack on the application layer can result into the error in server operating system and related applications” (Ghansella, 2013). The hacker is able to read and delete data from the operating system. Virus program can be introduced in the application. The data application can be abnormally terminated. 

The network security guidelines are summarised in the table below:

Particulars	Description
Network access points	The access points of the network should be equipped with the authorisation and authentication protocols.
Types of network traffic and limitation	The permission of flow of data packets for inbound and outbound network should be through internet gateway.
Network monitoring	The network should be periodically monitored for unauthorised inclusion of intrusion. The network security policies are the set of rules which are used for accessing the information.
Configuration of baseline security	The standards of baseline security should be used for the selection of operating system
Analysis of vulnerabilities	The analysis of vulnerabilities should be performed by System administrator or system manager.
Network abuse	The normal operation of the network should not be interfered
Services of network authorisation	The network services should not be used without the authorization from central network management
Use of malicious software	The malicious software should not be used on the internet.

• Keep patches and updates current: “The vulnerabilities of the operating system can be introduced by hackers through patching and updates” (Kumar, 2012). The regular updates of the application are the necessary step to keep network secure from vulnerabilities.
• Making use of strong passwords: The strong passwords are difficult to hack by the hackers which help in securing the user accounts.
• Securing virtual private network: The virtual private network can be secured by following the techniques of data encryption and authentication of identity. The multi factor authentication protocol should be used for securing the network.
• Actively managing the access privilege of the user: “The security threat is associated with the user access privileges” (Stallings, 2014). The structured framework of security policies should be used for managing the security of unstructured data.
• Periodic cleaning of the inactive account: The hackers can use inactive account for anomalies. The inactive account should be periodically cleaned from the network.
• Use of cryptography algorithms: The cryptography algorithms should be used for securing the network such as DES, RSA, HASH, MD5, AES, SHA1, and HMAC.
• Contact information: The contact details of network connected devices should be available to the central computing support group.
• Placement of system: “The logical placement of security system should be undertaken” (Joshi, 2015).
• Configuration of system operation: The configuration setting of the system should be changed by the system administrator for securing the system.

The network security threats can exploit the wireless security, unlatching of software and hardware, security of the websites, unwanted application can entered into the network, generation of weak password, loss of devices, and others. “There are some fundamentals of network security which are mostly used for prevention of down time, compliance with government regulations, reducing the liability, and protection of reputation” (Dias, 2011). “The security controls should be taken for managing the access control, authentication, identification, detection of malware, filtering of file type, and encryption policies” (Devi, 2013). The techniques which can be used for network security are categorised as keep patches and updates current, making use of strong passwords, security to the virtual private network, actively managing the access privilege of the user, inactive account should be cleaned up, contact information, system placement, configuration of system operation, and methods of cryptography. “The network security policies are the set of rules which are used for accessing the information” (Pawar, 2015). 

Conclusion:

Network security is provided to functions related with hardware and software, operational procedures, access control, measures, accountability, polices related with administrative and management, and others. The virtual private network can be secured by following the techniques of data encryption and authentication of identity. The access points of the network should be equipped with the authorisation and authentication protocols. The network security helps in protecting the operations of the enterprise. 

References:

Devi, A. (2013). A study on network security aspects and attacking methods. 1st ed. [ebook] Available at: https://www.ijpttjournal.org/volume-3/issue-2/IJPTT-V3I2P406.pdf [Accessed 20 May. 2017].

Dias, G. (2011). A network security monitor. 1st ed. [ebook] Available at: https://seclab.cs.ucdavis.edu/papers/pdfs/th-gd-90.pdf [Accessed 20 May. 2017].

Ghansella, S. (2013). Network security: Attacks, tools, and techniques. 1st ed. [ebook] Available at: https://www.ijarcsse.com/docs/papers/Volume_3/6_June2013/V3I6-0254.pdf [Accessed 20 May. 2017].

Joshi, M. (2015). Network security with cryptography. 1st ed. [ebook] Available at: https://www.ijcsmc.com/docs/papers/January2015/V4I1201544.pdf [Accessed 20 May. 2017].

Kumar, S. (2012). A secure email system based on DNS and proxy service. 1st ed. [ebook] Available at: https://www.cisjournal.org/journalofcomputing/archive/vol3no9/vol3no9_1.pdf [Accessed 20 May. 2017].

Lord, N. (2012). Common malware types: cyber security. 1st ed. [ebook] Available at: https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101 [Accessed 20 May. 2017].

Pandey, S. (2011). Modern network security: Issues and challenges. 1st ed. [ebook] Available at: https://www.researchgate.net/publication/267691532_MODERN_NETWORK_SECURITY_ISSUES_AND_CHALLENGES [Accessed 20 May. 2017].

Pawar, M. (2015). Network security and types of attack in network. 1st ed. [ebook] Available at: https://www.researchgate.net/publication/277723629_Network_Security_and_Types_of_Attacks_in_Network [Accessed 20 May. 2017].

Perkins, W. (2014). Vulnerabilities threats and attacks. 1st ed. [ebook] Available at: https://www.lovemytool.com/files/vulnerabilities-threats-and-attacks-chapter-one-7.pdf [Accessed 20 May. 2017].

Stallings, W. (2014). Network security essentials application and standard. 1st ed. [ebook] Available at: https://sbmu.ac.ir/uploads/3._Network-security-essentials-4th-edition-william-stallings.pdf [Accessed 20 May. 2017].

Yassir, A. (2012). Cybercrime: A threat to network security. 1st ed. [ebook] Available at: https://paper.ijcsns.org/07_book/201202/20120214.pdf [Accessed 20 May. 2017].