A Study On Network Security Threats Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

As network takes on the task and responsibility for transportation and storage of a days work, we must pay attention to the increasing risk. We cannot say the data is safe on the network until we have clear measures to protect the information.

Network security ensures to keep information confidentiality, integrity and availability.

However there are many threats that influence computer network security. Therefore in this report we will briefly describe seven major security threats.

Network security threats

Network security threats can be divided into physical threat and non physical threat.

Physical threat

Physical threat covers mainly electrical threat, environmental threats and hardware failure.

Electrical threat could be brownouts due to insufficient voltage supply or power failure.

Environmental threat not only includes human interference the systems, but also includes natural disaster such as flood, fires, earthquakes and hurricanes, etc.

Conficker is also known as Downup, Downadnup or Kido. Conficker is a worm and is discovered on 20th November 2008 in the windows operating system which is the target of computer worm. So far conficker has already appeared as A, B, C, D, E four version and more than 1,500 million worldwide computers are infected. Conficker mainly spreads the internet system by exploiting the vulnerability in a network service (MS08-067) on windows 2000, windows XP, windows Vista, Windows server 2003 and windows server 2008, it can also affect any USB interface to the hardware equipments.[1]

"Conficker" is a portmanteau of the term "configure" with German word Ficker, which means "fucker".

Conficker worms spread through the Windows system by running buffer vulnerability in the server services. It USES specific request in the target computer RPC executable code.

When a computer is in successful execution, it will disable some system services, such as Windows, Windows update system security centre, windows defender and Windows error reports. Then conficker will connect to a server to collect personal information, and download and install additional malicious programs to the victim's computer. It will also automatically add into inevitable process of activities, such as svchose.eve, explorer.exe and service.exe.

Recently our school sever has been infected by Conficker Version B.

The following were our experiences:

We could not log into our account as user accounts were locked out.

We could not access our student folder which was place on the server storage because it was disabled.

The system became very slow when we sent requests.


Phishing is sent through a bank or other claims from well-known institutions deceptive spam, the intention is to deceive sensitive information (e.g., username, password and account ID, ATM card PIN code or the detailed information of an attack mode). The most typical phishing attacks are attempted through elaborate design and the objectives of the organizations websites are very similar to the fishing websites, and access to the web site is through the input of personal sensitive information, usually the attack process is without the awareness of the victims. It is "social engineering form of attack".


Spyware is software that is installed in the user computer but without user's informed consent. Spyware collects user information about their computer or browsing habits.

User privacy data and important information will be captured by "backdoor program ", and it was sent to the hackers, business, etc. These "backdoor program" can even remotely control the users' computers, and form huge network which is one of the important network security hidden danger.

Spyware will install additional software to change computer settings, such as to change the home page.

Trojan horse

Trojan horse is a name from Greek mythology.

Trojan horse lurks into computer, controlled by external attacker to steal information or control procedures.

Trojan horse will cause big damage, it can remotely control the machines by gaining highest authority access to users' resource, such as to copy files, delete files, view file content, upload files or downloaded file, etc. even watch the user's screen and control the computer.

Password guessing

Password guessing is a program that allows unauthorized user to try to log on computer or network by guessing username or passwords.

Password guessing can be divided two categories:

On-line Password Guessing Attack

In this kind of attack, the attacker can connect to remote server certification, and constantly enter the password of speculation, until successful authentication.

Off-line Password Guessing Attack

Attackers will use previous information to verify if the password is correct.


DDOS is Distributed Denial of Service. The main goal of the attack is the disruption of service so that the server is not able to handle legitimate user instructions. DDos uses a large number of computers that are involved over internet, DDoS software was installed into the computers that were stolen. The attacker uses those computers to attack on victim sites. They typically exhaust bandwidth, router processing capacity, or network stacks resource, break network connectivity to the victims. [2]


History of DDoS

DDOS is from DoS (Denial of service). DoS attack is to use reasonable service request to occupy the service resources, thus making the legitimate user unable to get service response.

Single Dos attack is used for peer-to-peer attack. But along with the development of computer and network technology, computer processing capacity of rapid growth, DoS attack encounters difficulty. Therefore the attacker exploits DDoS.

Performing DDoS-attacks

As figure 1[3], A complete DDos System is divided four parts. The most important parts are part 3 and part 2, because they are directly involved in controlling the actual attack. Part 2 sends command to part 3 and part 3 directly attacks the victim. Part 1 is hacker, hacker control or partially controlled by adding DDoS program to part 2 and part 3. Therefore it has become harder to trace the hacker.

How to Counter DDoS

Regular scans of network Backbone nodes

Because backbone nodes are with high bandwidth, hacker always use

this position to attack

Configure firewall in the Backbone

Firewall can resist DDoS attack and some other attacks. When system

Is under attack, firewall can resist the attack.

Filtering is an unnecessary service and port

By using Inexpress, Express, Forwarding tools to filter IP spoofing on router.

Check visitor's IP Address

Using Unicast Reverse Path Forwarding through reverse router inquires to

check visitor's IP Address. If it is not real, there will be shielding.

To limited traffic of SYN/ICMP

Configure the maximum traffic of SYN/ICMP, so that when there is plenty of traffic that exceeds the SYN/ICMP traffic limitation, that means there is an abnormal intrusion.

Filtering all RFC1918 IP Address

RFC1918 is a private IP address, like、 and172.16.0.0,commonly used in homes and offices LAN. Therefore filter IP Spoofing can be addressed to reduce the attack of DDoS.


From the discussion above, we can see that with the development of computer technology and communication technology, computer network has become a very important part to exchange information for industry, agriculture and national defense and other areas, and it has permeated every field of social life. Therefore, to recognize the network vulnerability, potential threats and to take strong security strategy to ensure the safety of network has become very important. At the same time, the computer network technology is currently in the booming development stage, new technology has emerged continuously and there will be inevitable flaws. Therefore, new technology and upgrades are needed for network security measures.