Network Security: Threats, Countermeasures and Methodologies
VerifiedAdded on  2023/06/11
|10
|2146
|405
AI Summary
This report covers major methodologies used to secure the network, threats that exist in network security, and countermeasures for network security. It discusses access control, authentication, integrity of data, availability, and non-repudiation of data. The report also covers various threats that spoil the confidentiality, integrity, and security of the network, and how to eliminate vulnerabilities by removing security holes in the network.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Network Security
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1 | P a g e
Table of Contents
Introduction...........................................................................................................................................2
Major methodologies used to secure the network..................................................................................2
Threats that exist in network security....................................................................................................3
Countermeasures for network security..................................................................................................5
Conclusion.............................................................................................................................................7
Bibliography...........................................................................................................................................8
Table of Contents
Introduction...........................................................................................................................................2
Major methodologies used to secure the network..................................................................................2
Threats that exist in network security....................................................................................................3
Countermeasures for network security..................................................................................................5
Conclusion.............................................................................................................................................7
Bibliography...........................................................................................................................................8
2 | P a g e
Introduction
Network security is a set of procedures and policies that are used prevent
unauthorised access, modification of data or denial of service. Network security assures that
data is accessed only by valid users it is important as many type of institutions and
organisations are involved with it. The main concept of network security arises from
authentication that is designed to allow the access rights [1]. Thus report covers the main
concern about network security the major methods that are used to secure the network. The
threat that exists in the network of a system is addressed. The count measures are also
discussed to safeguard the system from the security.
Major methodologies used to secure the network
There are various methods used to secure the network and stop the threats to enter or
spread in the network. This is done by managing the threat by keep the software’s updated to
protect the network from all the existing threats [2]. There are following ways used to
network access security.
ď‚· ACL stands for access control list. These are the list of rules that are applied
to the interface of routers that specifies the data could be denied or permitted.
These act a as a filter that allow only valid users to enter in the system and the
users who are not given any right to access the information is denied to do so
[3]. The term ACL can be treated as firewall that allow list of users that are
allowed to access the system and only those users gain access to the network.
ď‚· Filtering- Every network has a unique MAC address thus MAC filtering is a
type of interface that allow only those packets to be transmitted over internet
Introduction
Network security is a set of procedures and policies that are used prevent
unauthorised access, modification of data or denial of service. Network security assures that
data is accessed only by valid users it is important as many type of institutions and
organisations are involved with it. The main concept of network security arises from
authentication that is designed to allow the access rights [1]. Thus report covers the main
concern about network security the major methods that are used to secure the network. The
threat that exists in the network of a system is addressed. The count measures are also
discussed to safeguard the system from the security.
Major methodologies used to secure the network
There are various methods used to secure the network and stop the threats to enter or
spread in the network. This is done by managing the threat by keep the software’s updated to
protect the network from all the existing threats [2]. There are following ways used to
network access security.
ď‚· ACL stands for access control list. These are the list of rules that are applied
to the interface of routers that specifies the data could be denied or permitted.
These act a as a filter that allow only valid users to enter in the system and the
users who are not given any right to access the information is denied to do so
[3]. The term ACL can be treated as firewall that allow list of users that are
allowed to access the system and only those users gain access to the network.
ď‚· Filtering- Every network has a unique MAC address thus MAC filtering is a
type of interface that allow only those packets to be transmitted over internet
3 | P a g e
that are registered [4]. The MAC filtering allows checking the access to a
network is granted.
ď‚· Tunnelling and encryption- Tunnelling is a process that allows one protocol
to be encrypted into another. This make sure that communication is secure
between devices. This is done by making use of cryptograph that assures that
communication is secured and the privacy of users is also designed. The
encryption is another method to boost up the security of network. This is done
by changing the plain text of data in the form of cipher text [5]. The cipher
text make sure that even if the data is leaked the hackers will not be able to
read the data as it is not in a human readable form.
ď‚· Security Monitoring- it is the method that ensure that the network remain
secure as it is continuously monitored by the user regarding the attacks. They
use main tools to monitor the network. Intrusion detector is one such tool that
monitors the network and gives an alert whenever some vulnerability is
scanned. Other tool could be firewall that deny the traffic and also check the
vulnerability that exists in the network.
ď‚· Update- The system should be updated so that there are no chances of threats
to exist in the system [6]. If the system and network remains update than there
will be no chances of threats to exist in the system.
ď‚· Intrusion prevention- The prevention methods are designed to manage the
signatures so that if any bug hit the system then prevention. They are installed
at the edge of the internet and make sure that attacks do not occur.
that are registered [4]. The MAC filtering allows checking the access to a
network is granted.
ď‚· Tunnelling and encryption- Tunnelling is a process that allows one protocol
to be encrypted into another. This make sure that communication is secure
between devices. This is done by making use of cryptograph that assures that
communication is secured and the privacy of users is also designed. The
encryption is another method to boost up the security of network. This is done
by changing the plain text of data in the form of cipher text [5]. The cipher
text make sure that even if the data is leaked the hackers will not be able to
read the data as it is not in a human readable form.
ď‚· Security Monitoring- it is the method that ensure that the network remain
secure as it is continuously monitored by the user regarding the attacks. They
use main tools to monitor the network. Intrusion detector is one such tool that
monitors the network and gives an alert whenever some vulnerability is
scanned. Other tool could be firewall that deny the traffic and also check the
vulnerability that exists in the network.
ď‚· Update- The system should be updated so that there are no chances of threats
to exist in the system [6]. If the system and network remains update than there
will be no chances of threats to exist in the system.
ď‚· Intrusion prevention- The prevention methods are designed to manage the
signatures so that if any bug hit the system then prevention. They are installed
at the edge of the internet and make sure that attacks do not occur.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4 | P a g e
Threats that exist in network security
Network security is breached due to various threats that exist due to malicious
activities. The threats or attacks can be either active or passive [7]. Active attack is actually
caused when intruder intentionally perform certain activities to destroy the normal operations.
The hackers try to modify the data and make changes in normal operation. The passive attack
is where the hackers just monitor the path over the network without making any changes.
The threat that exists in a system is due to viruses that spoils the normal operation of
network. Data modification is one of the threats that are performed by third part user to violet
the confidentiality of data. Denial of service is another threat that says that valid users are not
able to access the information or make the resources unavailable [8]. The DNS spoofing is
the other threat in which the domain name system is introduced in the cache server that
returns incorrect result. The man in the middle attack is a threat that is caused by a third party
where they silently read the data or alter the communication between certain parties. Phishing
is another threat on the network in which the hacker tries to access the password as well as
sensitive data. These threats spoil the trust as well as confidentiality of data [9]. These threats
spoil the goodwill of an organisation as they leak the sensitive information by spoiling the
confidentiality and integrity of data.
The motive of these threats is to keep the network busy by increasing the traffic of the
network. The major threats that exist are due to old security measures that allow hackers to
steal, utilize the information without any permission. The other such threats are weak access
control that is due to poor authentication and authorization. The rights to access the resources
need to be checked so that credentials or privileges are not affected [10]. The external threats
that exist on the network include viruses, worm, spywares and Trojans. They enter the system
from side doors and damage and steal the data by performing various activities on the
network. One of the main threats that spoils the confidentiality of data is eavesdropping that
Threats that exist in network security
Network security is breached due to various threats that exist due to malicious
activities. The threats or attacks can be either active or passive [7]. Active attack is actually
caused when intruder intentionally perform certain activities to destroy the normal operations.
The hackers try to modify the data and make changes in normal operation. The passive attack
is where the hackers just monitor the path over the network without making any changes.
The threat that exists in a system is due to viruses that spoils the normal operation of
network. Data modification is one of the threats that are performed by third part user to violet
the confidentiality of data. Denial of service is another threat that says that valid users are not
able to access the information or make the resources unavailable [8]. The DNS spoofing is
the other threat in which the domain name system is introduced in the cache server that
returns incorrect result. The man in the middle attack is a threat that is caused by a third party
where they silently read the data or alter the communication between certain parties. Phishing
is another threat on the network in which the hacker tries to access the password as well as
sensitive data. These threats spoil the trust as well as confidentiality of data [9]. These threats
spoil the goodwill of an organisation as they leak the sensitive information by spoiling the
confidentiality and integrity of data.
The motive of these threats is to keep the network busy by increasing the traffic of the
network. The major threats that exist are due to old security measures that allow hackers to
steal, utilize the information without any permission. The other such threats are weak access
control that is due to poor authentication and authorization. The rights to access the resources
need to be checked so that credentials or privileges are not affected [10]. The external threats
that exist on the network include viruses, worm, spywares and Trojans. They enter the system
from side doors and damage and steal the data by performing various activities on the
network. One of the main threats that spoils the confidentiality of data is eavesdropping that
5 | P a g e
allow unauthorised monitoring to people unknowingly. These threats focus on accessing the
confidentiality data of an organisation so that it can be misused or steeled.
Preventive Controls are designed so that flaws do not occur at the first place only. These
steps are taken before any loss or problem occurs to prevent security violations and stop the
incident from occurring at all. Examples are blocking certain codes, firewalls, Security
guards, using locks, using encryption and so on.
Detective Control is used to discover the unwanted activities and report them. It happens
after the bug has already taken place as prevention control failed, it is important to detect so
that it does not future effect the performance [10]. But it is difficult as one can’t identify
when an incident will occur.
Countermeasures for network security
There are various threats that spoil the confidentiality, integrity and security of
network. Thus there are series of count measures that are undertaken to maintain the security
level. Some of the countermeasures like access control, authentication, integrity of data,
availability and nonrepudiation of data. Access control makes sure that admin ensures the
access to functions by giving permission to only authenticated user. The purpose of
authentication is to make sure that only user with valid identity can send and receive data
over the network [11]. Other than that confidentiality of data is maintained by providing the
encryption, access control as well cryptography.
Security Policy- A security related policy has been designed to deal with all the attacks.
These policies are designed to take proper steps by making user that all the security incidents
are handled properly [12]. Apart from various countermeasures are designed to protect the
network against all security risks.
allow unauthorised monitoring to people unknowingly. These threats focus on accessing the
confidentiality data of an organisation so that it can be misused or steeled.
Preventive Controls are designed so that flaws do not occur at the first place only. These
steps are taken before any loss or problem occurs to prevent security violations and stop the
incident from occurring at all. Examples are blocking certain codes, firewalls, Security
guards, using locks, using encryption and so on.
Detective Control is used to discover the unwanted activities and report them. It happens
after the bug has already taken place as prevention control failed, it is important to detect so
that it does not future effect the performance [10]. But it is difficult as one can’t identify
when an incident will occur.
Countermeasures for network security
There are various threats that spoil the confidentiality, integrity and security of
network. Thus there are series of count measures that are undertaken to maintain the security
level. Some of the countermeasures like access control, authentication, integrity of data,
availability and nonrepudiation of data. Access control makes sure that admin ensures the
access to functions by giving permission to only authenticated user. The purpose of
authentication is to make sure that only user with valid identity can send and receive data
over the network [11]. Other than that confidentiality of data is maintained by providing the
encryption, access control as well cryptography.
Security Policy- A security related policy has been designed to deal with all the attacks.
These policies are designed to take proper steps by making user that all the security incidents
are handled properly [12]. Apart from various countermeasures are designed to protect the
network against all security risks.
6 | P a g e
Thus all the vulnerabilities are eliminated by removing the entire security hole in the
network. The patches need to be removed from the network by applying proper security
updates. Thus the count measures are used to make sure that all the sensitive information is
protected [13]. The authentication mechanism should be done in such a way that it allows
only authenticated data to be transmitted and blocking all the users. To avoid the chances of
loss of confidentiality and integrity of the network a proper access control should be
delivered to the end user. A proper control regarding who can read, write and modify the
information need to be accessed [14]. If the rights are provide in a proper manner than misuse
of information will not occur. The defining the rights of information only valid users could
read the relevant portion of the database.
Thus all the vulnerabilities are eliminated by removing the entire security hole in the
network. The patches need to be removed from the network by applying proper security
updates. Thus the count measures are used to make sure that all the sensitive information is
protected [13]. The authentication mechanism should be done in such a way that it allows
only authenticated data to be transmitted and blocking all the users. To avoid the chances of
loss of confidentiality and integrity of the network a proper access control should be
delivered to the end user. A proper control regarding who can read, write and modify the
information need to be accessed [14]. If the rights are provide in a proper manner than misuse
of information will not occur. The defining the rights of information only valid users could
read the relevant portion of the database.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7 | P a g e
Conclusion
It can be concluded that network security is an important to protect the files and
directories by providing proper access control it also make sure that network is safe from
all the hackers and unauthorised users. This report covers the all the major threats that
exist in the system to spoil the integrity and confidentiality of information. The threats
and its count measures have been discussed in this report.
Conclusion
It can be concluded that network security is an important to protect the files and
directories by providing proper access control it also make sure that network is safe from
all the hackers and unauthorised users. This report covers the all the major threats that
exist in the system to spoil the integrity and confidentiality of information. The threats
and its count measures have been discussed in this report.
8 | P a g e
Bibliography
[1] Perlman, Radia, Charlie Kaufman, and Mike Speciner. Network security: private
communication in a public world. Pearson Education India, 2016.
[2] Beberlein, L. T., G. Dias, K. N. Levitt, B. Mukherjee, and J. Wood. "Network attacks and
an Ethernet-based network security monitor." (2017).
[3] Pierson, Greg, and Jason DeHaan. "Network security and fraud detection system and
method." U.S. Patent 9,203,837, issued December 1, 2015.
[4] Chen, Gaojie, Yu Gong, Pei Xiao, and Jonathon A. Chambers. "Physical layer network
security in the full-duplex relay system." IEEE transactions on information forensics and
security 10, no. 3 pp-574-583, 2015.
[5] Knapp, Eric D., and Joel Thomas Langill. Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress, 2014.
[6] Ayyagari, Arun, Timothy M. Aldrich, David E. Corman, Gregory M. Gutt, and David A.
Whelan. "Context aware network security monitoring for threat detection." U.S. Patent
9,215,244, issued December 15, 2015.
[7] Perlman, Radia, Charlie Kaufman, and Mike Speciner. Network security: private
communication in a public world. Pearson Education India, 2016.
[8] Lin, Derek. "Anomaly detection system for enterprise network security." U.S. Patent
9,112,895, issued August 18, 2015.
Bibliography
[1] Perlman, Radia, Charlie Kaufman, and Mike Speciner. Network security: private
communication in a public world. Pearson Education India, 2016.
[2] Beberlein, L. T., G. Dias, K. N. Levitt, B. Mukherjee, and J. Wood. "Network attacks and
an Ethernet-based network security monitor." (2017).
[3] Pierson, Greg, and Jason DeHaan. "Network security and fraud detection system and
method." U.S. Patent 9,203,837, issued December 1, 2015.
[4] Chen, Gaojie, Yu Gong, Pei Xiao, and Jonathon A. Chambers. "Physical layer network
security in the full-duplex relay system." IEEE transactions on information forensics and
security 10, no. 3 pp-574-583, 2015.
[5] Knapp, Eric D., and Joel Thomas Langill. Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress, 2014.
[6] Ayyagari, Arun, Timothy M. Aldrich, David E. Corman, Gregory M. Gutt, and David A.
Whelan. "Context aware network security monitoring for threat detection." U.S. Patent
9,215,244, issued December 15, 2015.
[7] Perlman, Radia, Charlie Kaufman, and Mike Speciner. Network security: private
communication in a public world. Pearson Education India, 2016.
[8] Lin, Derek. "Anomaly detection system for enterprise network security." U.S. Patent
9,112,895, issued August 18, 2015.
9 | P a g e
[9] Borders, Kevin R. "Method, system and computer program product for detecting at least
one of security threats and undesirable computer files." U.S. Patent 9,055,093, issued June 9,
2015.
[10] Talooki, Vahid Nazari, Riccardo Bassoli, Daniel E. Lucani, Jonathan Rodriguez, Frank
HP Fitzek, Hugo Marques, and Rahim Tafazolli. "Security concerns and countermeasures in
network coding based communication systems: A survey." Computer Networks 83, pp- 422-
445, 2015.
[11] White, Gregory B., Eric A. Fisch, and Udo W. Pooch. Computer system and network
security. CRC press, 2017.
[12] Sharma, Rajesh K., and Danda B. Rawat. "Advances on security threats and
countermeasures for cognitive radio networks: A survey." IEEE Communications Surveys &
Tutorials 17, no. 2, pp- 1023-1043, 2015.
[13] Shu, Zhaogang, Jiafu Wan, Di Li, Jiaxiang Lin, Athanasios V. Vasilakos, and
Muhammad Imran. "Security in software-defined networking: Threats and
countermeasures." Mobile Networks and Applications 21, no. 5 pp-764-776, 2016.
[14] Chen, Min, Yongfeng Qian, Shiwen Mao, Wan Tang, and Ximin Yang. "Software-
defined mobile networks security." Mobile Networks and Applications 21, no. 5, pp-729-743,
2016.
[9] Borders, Kevin R. "Method, system and computer program product for detecting at least
one of security threats and undesirable computer files." U.S. Patent 9,055,093, issued June 9,
2015.
[10] Talooki, Vahid Nazari, Riccardo Bassoli, Daniel E. Lucani, Jonathan Rodriguez, Frank
HP Fitzek, Hugo Marques, and Rahim Tafazolli. "Security concerns and countermeasures in
network coding based communication systems: A survey." Computer Networks 83, pp- 422-
445, 2015.
[11] White, Gregory B., Eric A. Fisch, and Udo W. Pooch. Computer system and network
security. CRC press, 2017.
[12] Sharma, Rajesh K., and Danda B. Rawat. "Advances on security threats and
countermeasures for cognitive radio networks: A survey." IEEE Communications Surveys &
Tutorials 17, no. 2, pp- 1023-1043, 2015.
[13] Shu, Zhaogang, Jiafu Wan, Di Li, Jiaxiang Lin, Athanasios V. Vasilakos, and
Muhammad Imran. "Security in software-defined networking: Threats and
countermeasures." Mobile Networks and Applications 21, no. 5 pp-764-776, 2016.
[14] Chen, Min, Yongfeng Qian, Shiwen Mao, Wan Tang, and Ximin Yang. "Software-
defined mobile networks security." Mobile Networks and Applications 21, no. 5, pp-729-743,
2016.
1 out of 10
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.