This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Network security is the key issue related to prevention of unauthorized actions in the network. Security is very important concept while we transfer data through the network. There are various security threats while we send data from one place to another place through network. In this paper we have explained various network security threats and various security techniques through which we can secure our network.
Network Security is one of the important and concerning issues related to protect information. It deals with prevention and detection of unauthorized actions by users of a computer. In simple words security is defined as "Protecting information system from unintended access. "Security of information system refers to protecting all components of information system, specially data, software, hardware and networks. Network securities measures are needed to protect data during their transmissions are authentic.
NETWORK SECURITY THREATS
Network security threats fall into two categories:-
1. Passive threats, sometimes referred to as eavesdropping dropping, involve attempts by an attacker to information relating to communication.
a) Release of massage contents
A telephone conversation, an e-mail message and a transferred file may contain sensitive or condential information. We would like to prevent the opponent from learning the content of these transmissions.
b) Traffic analysis
It is a kind of attack done on encrypted message. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of message being exchange.
2. Active threats involve some modification of the data stream or the creation of a false stream.
It takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of other forms of active attack. For e.g. authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
It involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
c) Modification of message
It means that some position of a message is altered, or that messages are delayed or reordered, to produce an unauthorized effect.
d) Denial of service (DOS)
A denial of service attack takes place when the availability to a resource is intentionally blocked or degraded by an attacker. In this way the normal use or management of communication facilies is inhibited. This attack may have a specific target. Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with message so as to degrade performance.
NETWORK SECURITY TECHNIQUES
There are many techniques used for network security these are cryptography, firewalls
Cryptography provides message confidentiality. The term cryptography is a Greek word which means "secret writing". It is an art and science of transforming messages so as to make them secure and immune to attacks. Cryptography involves the process of encryption and decryption. The terminology used in cryptography is given below:
Plaintext.- The original message or data that is fed into the algorithm as input is called plaintext.
Encryption algorithm -The encryption algorithm is the algorithm that performs various substitutions and transformations on the plaintext. Encryption is the process of changing plaintext into cipher text.
Cipher text.- Cipher text is the encrypted form the message. It is the scrambled message produced as output. It depends upon the plaintext and the key.
Decryption algorithm -The process of changing cipher text into plaintext is known as decryption. Decryption algorithm is essentially the encryption algorithm runs in reverse. It takes the cipher text and the key and produces the original plaintext.
Key - It also acts as input to the encryption algorithm. The exact substitutions and transformation performed by the algorithm depend on the key. Thus a key is a number or a set of number that the algorithm uses to perform encryption and decryption.
There are two different approaches to attack an encryption scheme:
The process of attempting to discover the plaintext or key is known as cryptanalysis. The strategy used by cryptanalyst depends on the nature of the encryption scheme and the information available to the cryptanalyst. Cryptanalyst can do any or all of six different things :
Attempt to break a single message.
Attempt to recognize patterns in encrypted messages, to be able to break subsequent ones by applying a straight forward decryption algorithm.
Attempt to infer some meaning without even breaking the encryption, such as noticing unusual-frequency of communication or determining something by whether the communication was short or long.
Attempt to deduce the key, in order to break subsequent messages easily.
Attempt to find weaknesses in the implementation or environment of use encryption.
Attempt to find general weaknesses in an encryption algorithm without necessarily having intercepted any messages.
This method tries every possible key on a piece of cipher text until an intelligible translation into plaintext obtained. On an average, half of all possible keys must be tried to achieve the success.
The cryptography algorithms are grouped into following categories.
Symmetric key or secret key algorithm.
Asymmetric key or public key algorithm.
Symmetric or secret key cryptography
Symmetric key algorithms are those algorithms in which both sender and receiver use the same key.The sender uses this key and encryption algorithm to encrypt the data; the receiver uses the same key and the corresponding decryption algorithm to decrypt the data. Examples of secret key algorithms are as follows:
Data Encryption Standard(DES)
Advanced Encryption Standard(AES)
Asymmetric key or Public key Cryptography
Asymmetric algorithms are those algorithm in which sender and receiver use different keys. Public key encryption algorithms are asymmetric in the sense that the encryption and decryption keys are different. Each user is assigned a pair of keys - public key and private key. The public key is used for encryption and private key is used for decryption. Decryption cannot be done using public key. The two keys are linked but the private key cannot be derived from public key. The public key is well known but the private key is secret and known only to the user who owns the key. This means, that everybody can send a message to the user using his (user's) Public key. But the user only can decrypt the message using his private key.
The public key algorithm operates in the following manner.
The data to be sent is encrypted by sender A using the public key of the intended receiver B.
B decrypts the received cipher text using its private key which is known only to B. B replies to A encrypting its message using A's public key.
A decrypts the received cipher text using his private key which known only to him.
ADVANTAGES OF CRYPTOGRAPHY
The primary advantage of public key cryptography is increased security.
The private keys don't ever need to be transmitted or revealed to anyone.
Another major advantage of public key systems is that they can provide a method for digital signatures.
Secret key authentication systems such as Kerberos were designed to authenticate access to network resources, rather than to authenticate documents, a task which is better achieved via digital signatures.
There are popular secret key encryption methods which are significantly faster than any currently available public key encryption method.
The first use of public key techniques was for secure key exchange in an otherwise secret key system; this is still one of its primary functions.
For encryption, the best solution is to combine public and secret key systems in order to get both the security advantages of public key systems and the speed advantage of secret key systems.
The public key system can be used to encrypt a secret key which is then used to encrypt the bulk of a file or message.
DISADVANTAGES OF CRYPTOGRAPHY
In a secret key system, by contrast, there is always a chance that an enemy could discover the secret key while it is being transmitted.
Authentication via secret key systems requires the sharing of some secret and sometimes requires trust of a third party as well.
A sender can repudiate a previously signed message by claiming that the shared secret was somehow compromised by one of the parties sharing the secret.
Key cryptography can share the burden with secret key cryptography to get the best of both worlds.
A major disadvantage of using public key cryptography for encryption is speed.
Firewall, in a network security is a device that blocks unauthorized access to an organization. A firewall can reside on the administrative computer (the serve) the acts as the local area network's gateway to the internet or it can be a dedicated computer placed between the local area network, so that the network is never in direct contact to the network. A firewall consists of hardware or software that lies between two networks, such as an internal network and internet service provider. The firewall protects your network by blocking unwanted users from gaining access and by disallowing messages to specific recipients outside the network, such as competitors.
Types of Firewalls
A.)Simple Traffic Logging System:-
The traffic logging systems are the predominant firewall method used in web server. Such systems record all network traffic following through the firewall in a file or a database for auditing purposes. On most web servers, an HTTPD (hyper text transfer protocol domain) also called domain that the server came in on, the extent second of the access and the number of bytes transmitted.
B.)Packet Filter Firewalls:-
A firewall can be used as a packet filter. It can forward or block packets based on the information in the network layer and transport layer headers:-Source and Destination IP address, source and destination port address and type of protocol. A packet filter firewall is also known as IP packets screening routers.
Firewalls can also be created through software called proxy service. The host computer running the proxy is referred to as application gateway. Application gateway sits between the internet and companies network and provide middleman services to users on other side. The packet filter firewall based on the information available on the network layer and transport layer headers (IP and TCP/UD). However sometimes we need to filter a message based on the information in the message itself (at the application layer). As an example assume that an organization wants to implement the following policies regarding its web pages:-
Only that internet user who has previously established business relations with the other company can have access. Access to other users must be blocked. In this case the packet filter firewalls is not feasible because the router can't distinguish between the packets arriving at TCP. Testing must be done at the application level.
Encryption and decryption provides security or confidentiality but not integrity. The integrity algorithms enable the receiver to check whether the message sent by the sender has been altered in any manner during its transit. In these algorithms, a cryptographic integrity checksum is calculated and attached to the message by the sender. The receiver recalculates the checksum at its end and compares it with received checksum. If they are same the message is intact.
Example of checksum algorithms are:-
Message Digest 5(MD5)
Secure Hash Algorithm(SHA)
Message authentication ensures that the message has been sent by a genuine identity and not by an imposter. The service used to provide message authentication is a Message Authentication Code (MAC). A MAC uses a keyed hash function that includes the symmetric key between the sender and receiver when creating the digest. For e.g.:- a sender A uses a keyed hash function to authenticate his message and how the receiver B can verify the authenticity of the message. This system makes use of a symmetric key shared by A and B. A, using this symmetric key and a keyed hash function, generates a MAC. A then sends this MAC along with the original message to B. B receives the message and the MAC and separates the message from the MAC. B then applies the same keyed hash function to the message using the same symmetric key to get a fresh MAC. B then compares the MAC sent by A with the newly generated MAC. If the two MAC are identical, it shows that the message has not been modified and the sender of the message is definitely A.
Signature is the proof to the receiver that the document comes from the correct entity. The person who signs it takes the responsibility of the content present in the document. A signature on a document, when verified, is a sign of authentication, the document is authentic. In the networked world, there is a similar need for digital signatures. Authenticating message using digital signatures requires the following conditions to be met:-
The receiver should be able to verify the claimed identity of the sender. For e.g.:- an imposter may advise a bank to transfer money from the account of another person. The bank should be able to verify the identity of the user before acting on the advice.
The sender should not be able to repudiate the contents of the message it sent at a later date. For example, a person having sent advice to transfer money from his account should not be able at later date to repudiate the content of the message sent by him. The bank should be able to prove that he and only he sent the advice and that the contents of message are unaltered.
The receiver should not be able to alter the message or concoct the message himself on behalf of the sender. This requirement is important to protect the interests of the sender.
The internet carries an increasing amount of private traffic. This may be personal information about the user or information of commercial value. Whether the messages contain credit card details, purchased software or examination marks, their owners need to keep them secret. Unfortunately messages can be read off the network as easily as usernames and passwords, so the only solution is to encrypt them. It is important to note that any mathematical encryption scheme can be broken by the use of sufficient computing power; the best that can be hoped for is to make the cost in time and CPU power needed to break the code significantly greater than the value of the encrypted material.
While it seems attractive to apply a single encryption method to all Internet Service, some services benefit from specific operations performed by intermediate systems. For example, mail bagging reduce the bandwidth required to send multiple copies of electronic mail messages to distant sites, FTP requests may be re-directed to local mirror sites and web requests may be serviced by caches rather than the original servers. Each of these operations requires that some intermediate machine be able to read the request contained within a packet, which is impossible with transport layer encryption. The alternative is to encrypt at the application layer, leaving the useful header information readable but encrypting the content. The most popular system for encryption at this level is Pretty Good Privacy (PGP) which is widely used for E-mail and FTP, and is one of the options supported by the proposed Secure HTTP (SHTTP).