Network Security

By Author: Sherry Roberts
Total Articles: 99
Comment this article

Abstract
Network security is becoming increasingly important due the large number of intellectual and academic property and rights that can be acquired easily via the internet. Effective and comprehensive network security is essential in protecting the assets of the company. Company assets refer to the vital information stored in the network that is crucial and valuable tangible assets. Network security ensures the integrity and safe access to confidential information. A credible network security should be developed with comprehensive information on the security issues, network structure, potential hackers, the essential degree of security, and aspects that make the network susceptible to attacks.
 

Introduction
The globe is increasing interconnected with the arrival of technology and sophisticated networking technologies. There is a huge volume of private, commercial, management and military information on various networking infrastructures globally. As such, network security is becoming increasingly important due the large number of the intellectual property that can be acquired easily via ...
... the internet. The two main categories of networks include the data networks and the synchronous network. The internet can be categorized as a data network (Rajasekaran, & Balasubramaian, 2014). The present data networks entails computer-based routers, it is possible to obtain information through singular programs such as “Trojan horses” introduced in the routers. However, synchronous networks consist of switches and do not safeguard data and as such are not susceptible to attackers. As such, network security is a major concern for data networks such as the internet. A credible network security should be developed with comprehensive information on the security issues, potential hackers, the essential level of security, and factors that make the network susceptible to attacks.
Common type of network/internet attacks
The commonest internet attack methods are divided into categories. For example, some attackers attempt to access system knowledge or private information. Such attacks include eavesdropping and phishing. Some attackers may obstruct the system’s main function such as viruses and Trojans. Additionally, attackers may consume the resources of an organization uselessly through denial of service attacks. Networks are also susceptible to land attacks, teardrop attacks and smurf attacks. A clear description of these attacks follows.
Eavesdropping
Eavesdropping entails the interception of communications on a network by an unauthorized party. Eavesdropping can be either passive or active. Passive eavesdropping occurs when the unauthorized party listens to the networked information or data secretly. Active eavesdropping occurs when the attacker listens and introduce something to the communication channel leading to the message being distorted or stolen (Bhuyan, Kashyap, Bhattacharyya & Kalita, 2014).)
Viruses
Viruses are self-propagating programs that utilize files to contaminate and propagate. Viruses become active when an infected file is opened within the system. Viruses are similar top worms in that both are self-replicating. However, worms do not need a file to propagate. The two main common worms include mass-mailing and network-aware worms. Crowd mailing worms utilize emails to infect computers while network-aware worms select a target and infect it through Trojan horses or other means.
Trojan horses seem to be benign programs to the users, which have malicious intentions. Trojan horses often propagate or carry some payload such as viruses. Phishing are attempts to obtain private information or data from an organization or individuals. Phishers use tricks to make users disclose personal information including credit numbers, banking credentials, and other passwords.
Spoofing refers to having an address of a computer imitates the address of a credible or trusted computer so as to access the target computer. Often, the intruder hides the identity thus complicating the detection and prevention of such attacks. It is difficult to eliminate IP spoofed packets in the current IP protocol technology.
Denial of services
Denial of services attacks occur when a system receives too many requests is required to research, and the system cannot communicate back to the requestors. As such, a system consumes a large amount of resources attempting to communicate with the requestors. Eventually, the system fails making its services unavailable.
Given the economic and strategic importance of these attacks, different defense and detection mechanism have been developed. Some of these defense and detection mechanisms include:
Cryptographic systems
Cryptography is a commonly used device in security engineering. It entails the deployment of codes and ciphers to change information into unintelligible data.
Firewalls
A firewall is broader control strategy or a perimeter defense system. The aim of a firewall is to wedge traffic from the external and also from inside. In most networks, a firewall acts as the first line of defense against unlawful access to or from a private network. It is possible to implement firewalls at the hardware and software level or combine the two levels (Ailin, 2014).
An intrusion detection system (IDS) is a protection strategy that helps deter computer intrusions. An IDS can be either a hardware or a software device used to sense an imminent attack. IDS are used to observe connections in determining whether an attacker has launched an attack. Some IDS may also attempt to block the attacks.
Anti-malware software and scanners
Some of the attacks utilize viruses, worms, Trojan horses or other malicious software. Such attacks may be detected, prevented through anti-malware tools. Anti-malware tools can also cure the infected files.
Secure socket layers (SSL)
The secure socket layers are a suite of protocols that are a standard ways of achieving a competent level of security between a browser and a website. They are designed to offer a secure access channel between the browser and the server such that any data exchanged is credible and cosseted within the secure channels. SSLs provide verification of clients to servers via the use of certificates (Guttman, 2014). The client presents a certificate to the serve as a prove identity.
Current security issues with IPv6
IPv6 is an improvement of IPv4 in terms of security enhancement. However, despite the great IPv4 great security mechanism, the protocol is still vulnerable to numerous threats. For example, IPv4 does not offer protection against misconfigured servers, poorly protected sites and poorly designed applications. The protocol is vulnerable due to header manipulation issues, flooding issues and mobility issues. Header manipulation as a result of IPsec’s embedded functionality. Some extension headers deter several sources of attacks due to the header manipulation (Warfield, 2010). The extension headers have to be processed by all stacks leading to a continuous chain of extension headers. The chain can overwhelm a specific code. As such, it can be used deliberately to cause attacks. Consequently spoofing remains a major security threat on IPv6 protocol (VU, KHAW, & TSONG, 2015). IPV6 incorporates mobility. Mobility requires special security measures and the network administrators have to be cognizant of these security needs.
Security in different networks
Various types of businesses and organizations use a combination of firewalls, authentication mechanisms, and encryption to create “intranets” that offer the necessary connections to the internet and also protected. An intranet is a private computer network that utilizes internet protocols. Intranets are unique from extranets in that; intranets are limited to staff of the organization. Extranets are accessible from customers, suppliers, and other authentic parties (Kartalopoulos, 2008). The third parties access the intranet through secure gateways in the firewall. Although it is possible to establish such networks easily, the networks are vulnerable to threats unless adequate security measure is in place. Although closed networks may offer a certain degree of security, they limit the share of data or information to those who may want the data within the organization. As such, an organization may improve data sharing through open networks. However, such broad data sharing require safeguards such as firewalls to detect and report intrusion attempts. It is also vital to install comprehensive virus checking at the firewall and enforce rules for employees opening emails and such attachments. It is also necessary to encrypt all connects and data transfers.
Conclusion
Network security is increasingly gaining attention as the use of the Internet continues to grow. The current IPv6 protocol offers security enhancement mechanisms. However, it remains still vulnerable to several security threats. The use of IPV6 combined with security tools and mechanisms such as firewalls, intrusion detection, and authentication mechanisms can improve network security. Effective and comprehensive network security is essential in protecting the assets of the company. Company assets refer to the vital information stored in the network that is crucial and valuable tangible assets. Network security ensures the integrity and safe access to confidential information. Additionally, it is the responsibility of every organization to develop policies and procedures addressing the security needs of every organization. Developing effective security systems for the company’s network gives a competitive organization edge.
 

References
Ailin, Z. (2014). Discussion and research of computer network security. Journal Of Chemical & Pharmaceutical Research, 6(7), 780-783.
Bhuyan, M. H., Kashyap, H. J., Bhattacharyya, D. K., & Kalita, J. K. (2014). Detecting Distributed Denial of Service Attacks: Methods, Tools, and Future Directions. Computer Journal, 57(4), 537-556.
Guttman, J. D. (2014). Establishing and preserving protocol security goals. Journal Of Computer Security, 22(2), 203-267. Doi:10.3233/JCS-140499
Kartalopoulos, S (2008). Differentiating Data Security and Network Security. Communications, 2008. ICC '08. IEEE International Conference on, pp.1469‐1473, 19‐23.
Rajasekaran, K., & Balasubramaian, K. (2014). A Security Framework For Fault Node Detection In Wireless Sensor Network. International Journal Of Applied Engineering Research, 9(23), 22501-22510.
VU, H. L., KHAW, K. K., & TSONG YUEH, C. (2015). A New Approach for Network Vulnerability Analysis. Computer Journal, 58(4), 878-891. doi:10.1093/comjnl/bxt149
Warfield (2010). Security Implications of IPv6,” Internet Security Systems White Paper.
Yan, Q., & Yu, F. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59. doi:10.1109/MCOM.2015.7081075

Carolyn Morgan is the author of this paper. A senior editor at Melda Research in custom research paper service if you need a similar paper you can place your order for a custom research paper from nursing writing services.

Author is associated with MeldaResearch.Com which is a global Custom Essay Writing and Term Paper Writing Company. If you would like help in Research Papers and Term Paper Help you can visit Custom Writing Service