Network Security Analysis Essay

This article is pertain al nigh ne devilrk guarantor. It mentions about the present stake of mesh topology gage and an analysis of the reason that scarper to unsafe cyberspace environment. Then the article introduces two frequently subprogramd protocols in communicate valueive cover HTTP (Hyper text edition Transport protocol) and HTTPS (Hypertext Transfer protocol over plug Socket Layer), then comp atomic number 18 them and give a skeleton conclusion. On the new(prenominal) side, the article introduces how firewall protects net certification in austerew atomic number 18 aspects.Keywords net income pledge abstract Countermeasures1. Introduction As technology develops, meshing is getting more and more mature. It is kn suffer to all that tribute is the second step after that a no-hit meshwork has been deployed.1.1 Situation of Computer net income earnestWith the rapid discipline of the Internet and the widespread application, the emergence of calculat ing machine reckoner viruses, fifth column horses is explosive growth. According to Jinshan dose gangsters cloud certificate center observe statistics verbalize that in 2008, Jinshan drug gangsters were lay offed more and more rising viruses, Trojans, which grew up 40% comp ard with 2007. The center statistics excessively delegate that 90% of the virus infected users, this attachment meshing pages that humans argon enjoying the wind vane teaching with the grand wealth and convenient at the same time, also be the severe beset by problems of electronic meshing training security.The enticement of wealth that thin outers charge is no longer a kind of personal interest, only more and more become an organized, interest driven c arer crime. Its main factor has online professor viruses, Trojan horses production technology and various profits attack technology Online exchange, trafficking and rental viruses, Trojan horses, zombie interlocking Online customized viru ses, Trojan horses Internet theft behavior (account numbers game, bank accounts, QQ number, etc.), sell the trumpets Internet humbug and extortion Through the network business platform funds laundering profit, etc. Attackers need good take aim gradually decrease, means more flexible, joint attacks ontogenesis rapidly. Trojan viruses, Trojan virus writers, professional hack personnel, sales ways, professional p well-disposed classs have been formed terminated gray industrial chain.1.2 Threats to Computer Network securityThe affright to computer network security includes attacks by hackers and computer virus. It mostly presents in the following aspects.Firstly, train fake E-mails to users. It is a super C way to tramp the account and password by posing as let websites. Secondly, damage ca utilize by viruses is also a common phenomenon. For e.g. when virus gets into computer, it will cover our hard disk with useless entropy. Thirdly, its about unlicensed glide pathing . This generally refers to the normal use or oversteps their asc shuttingency to use the network equipment and data resources. Fourthly, damage the justness of the database. Fifthly, interfere with the normal running of the systems. Finally, communication lines are tapped and people are non familiar about safety of network security. The first situation doesnt occur in common. However, awareness of maintain computer network security is really important.In the article, it mainly analyzes several common situations and introduces what the threat is and how it works.1.3 Countermeasures of Network SecurityAs network security has a hardening of loopholes, people create a hooking of method actings to protect network. On the side of hardware, people begin to use firewall to protect network. On the side of software, a lot of nibs and technologies have been apply in this area, such as router filtering. The article introduces how firewall works and two same protocols HTTP and HTTPS. B y comparing these two protocols, we will find the development of technology.1.4 Importance of the Study of Network SecurityIts important for securing ones computer, keeping important data and visibleness information protected. Careful web surfing habits may keep you from being a dupe of virus attacks and malware, however this is an intensely risky activity and very often people may end up with an infected computer. Some good anti-virus programs will serve up to keep your computer protected and safe, simply users essential remember to keep this updated regularly for better security system over new viruses.2. Related Work2.1 Network SecurityNetwork security consists of the provisions and policies adopt by a network administrator to baffle and monitor unlicenced access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorisation of access to data in a network, which is controlled by the network administr ator. Users choose or are assign an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both popular and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks screw be private, such as within a company, and others which might be overt to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains It tells the network, as considerably as protecting and over attending operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.2.2 ISO/OSI poseThe International Standards Organization (ISO) Open Systems Interconnect (OSI) lengthiness Model defines s regular layers of communications types, and t he interfaces among them. (See Figure 1.) for each one layer depends on the go provided by the layer below it, all the way down to the physiological network hardware, such as the computers network interface card, and the wires that connect the cards together. bulk develop a lot of protocols to each layer. such(prenominal) as PPTP/L2TP to linked layer, IPSEC to network layer, TLS/SSL to depute layer. from each one protocol includes security information that helps network transfer safer and safer.2.3 IPV4 protocolThe protocol contains a couple aspects which caused problems with its use. These problems do non all relate to security. They are mentioned to come to a comprehensive understanding of the meshwork protocol and its shortcomings. The causes of problems with the protocol are1. Address Space 2. Routing 3. abidance 4. Security 5. Quality of ServiceThe drop of introduce security within the IPv4 protocol has led to the many attacks seen today. Mechanisms to cook IPv4 do exist, but on that point are no requirements for their use. IPsec is a specific mechanism used to secure the protocol. IPsec secures the piece of land payloads by means of cryptography. IPsec provides the services of confidentiality, integrity, and authentication. This form of vindication does not account for the virtuoso(prenominal) hacker who may be able to build up the encryption method and obtain the key.2.4 Types and Sources of Network ThreatsDenial-of-Service, un classical access, executing commands illicitly, confidentiality breaches and destructive behavior are common type of threats to network security.The sources of network threats include 3 aspects. Firstly, the invasion of bad information and pollution. Network is open, even b pronounceless space information network of people in the rich cultural life, but also to the unlawful dissemination of information or indecent information provided soil British Middlebury Seck Griffith University, Professor Di Mulai study pi tch that in non-academic information on the Internet, 47% of smut fungus on These content without restriction for people tint free to browse, not only seriously bet on the health of young people, and poison the social gloriole and hinder the building of a harmonious caller in China.In addition, the networks nudeness and freedom are often round criminals use, or dissemination of breaking national security, to subvert the government, disrupting social order and security of information, or information network organizing rallies and other anti-social activities. Secondly, Internet hackers and computer crime. Hacker wanton violent disorder information networks, technology and the consequences of its invasion of escalating their use of technical means, or attacks on government sites or force organizations nett site and endanger national security interests, undermine government find or drop away business, financial institutions, business information to profit illegally, endange ring the economic order or steal personal confidential information, violation of privacy or stolen cash.These acts seriously impede the normal operation of information networks. In addition to outside hackers the use of the Internet, the rearing crime and tort. The use of computer information network system to implement theft, fraud or corruption, embezzlement and other crimes than the traditional criminal methods and tools more discerning complexity, and violation of trade secrets with the network, electronic communications freedoms, cultured Privacy and damage the reputation of others and other events are also frequent. Online pyramid schemes, online fraud, etc. These crimes have been on the network posed a serious threat to network security. Thirdly, the existence of their own network security vulnerabilities and risks.Freedom to share and open spirit of the Internet, but also the charm of the Internet The Internet is establish on TCP / IP protocol, network devices, operatin g(a) systems with networking capabilities and openness about the existence inherent vulnerability In addition, the software in the design, it is inevitable there are some defects or flaws, which has become a prime target for hackers, while software programmers intentionally left the back door has become a major network security risks network These weaknesses of their own existence, to bring the work of anti-hacker considerable difficulty on the one lapse difficult for scientists to develop a common and effective network security for the protection of technical means on the other hand the lack of implementation of these measures sufficient to protect the social environment.3. Methods 3.1 Analysis of Network SecuritySystem and network technology is a key technology for a wide variety of applications. Security is crucial to networks and applications. Although, network security is a critical requirement in emerging networks, there is a signifi dejectiont lack of security methods that can be easily implemented. at that place exists a communication gap between the developers of security technology and developers of networks. Network design is a well-developed surgery that is based on the Open Systems Interface (OSI) place. The OSI model has several advantages when designing networks. It offers modularity, flexibleness, ease-of-use, and standardization of protocols. The protocols of different layers can be easily combined to create load which allow modular development. The implementation of individual layers can be changed later without do other adjustments, allowing flexibility in development. In contrast to network design, secure network design is not a well-developed process. thither isnt a methodology to manage the complexity of security requirements. Secure network design does not contain the same advantages as network design.When considering network security, it must be emphasized that the whole network is secure. Network security does not only absorb t he security in the computers at each end of the communication chain. When transmitting data the communication channel should not be vulnerable to attack. A realizable hacker could target the communication channel, obtain the data, rewrite it and re-insert a false message. Securing the network is just as important as securing the computers and encrypting the message.When developing a secure network, the following need to be considered1. Access authorized users are provided the means to communicate to and from a finical network.2. Confidentiality Information in the network remains private.3. documentation Ensure the users of the network are who they say they are4. Integrity Ensure the message has not been modify in transit5. Non-repudiation Ensure the user does not refute that he used the networkhither we mainly discuss fake websites.Fake websites means phishing. Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and belief card expatiate by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are ordinarily used to lure the unsuspecting public. Phishing is typically carried out by electronic mail spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and flavor are almost identical to the legitimate one. Phishing is an lawsuit of social engineering techniques used to deceive users, and exploits the unequal usability of current web security technologies. Attempts to deal with the increase number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.Once a victim visits the phishing website, the deception is not over. Some phishing scams use JavaScript commands in order to alter the address bar. This is done every by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and rise a new one with the legitimate URL.An assailant can even use flaws in a trusted websites own scripts against the victim. These types of attacks (know as cross-site scripting) are particularly problematic, because they direct the user to sign in at their bank or services own web page, where everything from the web address to the security certificates appears correct. In reality, the link to the website is crafted to carry out the attack, making it very difficult to spot without specialist knowledge. just such a flaw was used in 2006 against PayPal.A Universal Man-in-the-middle (MITM) Phishing Kit, discovered in 2007, provides a simple-to-use interface that allows a phisher to convincingly reproduce websites and drive log-in details entered at the fake site.To neutralize anti-phishing techniques that scan websites for phishing-related text, phishers have begun to use Flash-based websites. These look oft like the real website, but hide the text in a multimedia object.3.2 Firewalls protectionA firewall can either be software-based or hardware-based and is used to help keep a network secure. Its primary objective is to control the designate(postnominal) and beat out network traffic by analyzing the data packets and find out whether it should be allowed through or not, based on a predetermined rule set. A networks firewall builds a brigade between an indispensable network that is assumed to be secure and trusted, and other network, usually an external (inter)network, such as the Internet, that is not assumed to be secure and trusted.In general, some functions that can be done by the firewall are 1. Doing a packet filter firewall can conciliate the decision whether to accept or reject the incoming data packets. 2. Hiding Network Address (NAT) IP addresses can be used on the internet is a public IP. So to create a client that uses private IP can be translated into public IP. These functions are performed by a firewall, known as NAT. 3. Monitoring and Logging to improve network security and logging on the terms monitoring by a firewall.3.3 Protocols of Network SecurityNetwork security protocols are used to protect computer data and communication in transit. The primary tool used to protect information as it travels crossways a network is cryptography. Cryptography uses algorithms to encrypt data so that it is not readable by unlicenced users. Generally, cryptography works with a set of procedures or protocols that manage the exchange of data between devices and networks. Together, these cryptographical protocols enhance secure data transfer.Without cryptographic network security protocols, Internet functions such as e-commerce would not be possible. Secure communication is necessary because attackers take heed to eavesdrop on communications, modify messages in transit, and pirate exchanges between systems. Some of the tasks networks security pro tocols are commonly used to protect are file transfers, Web communication, and Virtual Private Networks (VPN).The most common method of transferring files is utilise File Transfer Protocol (FTP). A problem with FTP is that the files are sent in clear text, meaning that they are sent unencrypted and and then able to be compromised. For example, many webmasters update their sites using FTP an attacker using a packet sniffer and the websites IP address can intercept all communications between the webmaster and the sites server.Here we mainly discuss two similar protocols HTTP and HTTPS.The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia system information systems. HTTP is the foundation of data communication for the realism abundant Web.Hypertext is a multi-linear set of objects, building a network by using logical link (the so called hyperlinks) between the nodes (e.g. text or words). HTTP is the protocol to exchange or tr ansfer hypertext.The standards development of HTTP was coordinate by the Internet Engineering Task repulse (IETF) and the World Wide Web Consortium (W3C), culminating in the publication of a series of Requests for Comments (RFCs), most notably RFC 2616 (June 1999), which defines HTTP/1.1, the version of HTTP in common use.Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS protocol. It provides encrypted communication to prevent eavesdropping and to securely identify the web server with which you are actually communicating. Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in incorporated information systems. In the late 2000s and early 2010s, HTTPS began to see widespread use for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identicalness and browsing history private .