Network Security Vulnerabilities and Solutions
VerifiedAdded on 2023/01/18
|11
|2382
|80
AI Summary
This report discusses the vulnerabilities in network security and proposes solutions to mitigate them. It covers issues related to IoT devices and IT infrastructure, real-life security attacks, and vulnerabilities of the selected organization. The report concludes with a proposed network diagram.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: NETWORK SECURITY
Network Security
Name of the student:
Name of the university:
Author Note:
Network Security
Name of the student:
Name of the university:
Author Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1NETWORK SECURITY
Table of Contents
1. Introduction............................................................................................................................3
2. Identified Security Issues.......................................................................................................3
2.1 Issue related to IoT device...............................................................................................3
2.1.1 Absence of humidity measurement...........................................................................3
2.1.2 Inaccurate placement of device.................................................................................4
2.2 Issues related to the IT Devices.......................................................................................4
2.2.1 Lack of issue detection information systems............................................................4
2.2.2 Issue regarding the network switch...........................................................................5
3. Real life security attacks........................................................................................................5
3.1 IoT attack.........................................................................................................................5
3.1.1 Mirai Botnet Attack...................................................................................................5
3.1.2 SWIFT global bank messaging system.....................................................................6
4. Vulnerabilities of the selected organisation with CVE..........................................................6
4.1 CISCO ASA 5585-X........................................................................................................6
4.2 NETGEAR GS 116PP-100AJS........................................................................................6
5. Proposed solutions for the issues...........................................................................................7
6. Conclusion..............................................................................................................................7
Table of Contents
1. Introduction............................................................................................................................3
2. Identified Security Issues.......................................................................................................3
2.1 Issue related to IoT device...............................................................................................3
2.1.1 Absence of humidity measurement...........................................................................3
2.1.2 Inaccurate placement of device.................................................................................4
2.2 Issues related to the IT Devices.......................................................................................4
2.2.1 Lack of issue detection information systems............................................................4
2.2.2 Issue regarding the network switch...........................................................................5
3. Real life security attacks........................................................................................................5
3.1 IoT attack.........................................................................................................................5
3.1.1 Mirai Botnet Attack...................................................................................................5
3.1.2 SWIFT global bank messaging system.....................................................................6
4. Vulnerabilities of the selected organisation with CVE..........................................................6
4.1 CISCO ASA 5585-X........................................................................................................6
4.2 NETGEAR GS 116PP-100AJS........................................................................................6
5. Proposed solutions for the issues...........................................................................................7
6. Conclusion..............................................................................................................................7
2NETWORK SECURITY
1. Introduction
The main purpose of this report is to deal with the present network security
vulnerability in the medium sized organization. This technical report is based on the security
vulnerabilities present in the network of the selected organization (Athawale & Rana, 2015).
The evaluation as well as assessment of the network risks as well as the solutions to mitigate
them are clearly described in this report. The vulnerabilities will be identified in the fields of
IoT as well as IT related to the selected business organization.
2. Identified Security Issues
2.1 Issue related to IoT device
The network security issue that are related to the IoT devices present in the network
of the organization are the inaccurate placement of the temperature sensor device and the
humidity measurement is not present for the whole network (Kumar & Ilango, 2018). This
type of security issues can lead the network of the organization to face many issues that can
lead to DDoS as well. If the design of the network is such poorly designed without the
identification of the issues that can be very much vulnerable to the network structure of the
organization.
2.1.1 Absence of humidity measurement
The temperature sensor device lacks of the measurement of the humidity if detected in
the present network. This can lead the network system to the DDoS attack. This security
attack happens due to the poor design of the device that is installed in the system. This can
create a huge negative impact to the security of the present network (Navaz, Rex & Mary,
2015). If the device lacks in measuring the humidity of the system can also cause a network
1. Introduction
The main purpose of this report is to deal with the present network security
vulnerability in the medium sized organization. This technical report is based on the security
vulnerabilities present in the network of the selected organization (Athawale & Rana, 2015).
The evaluation as well as assessment of the network risks as well as the solutions to mitigate
them are clearly described in this report. The vulnerabilities will be identified in the fields of
IoT as well as IT related to the selected business organization.
2. Identified Security Issues
2.1 Issue related to IoT device
The network security issue that are related to the IoT devices present in the network
of the organization are the inaccurate placement of the temperature sensor device and the
humidity measurement is not present for the whole network (Kumar & Ilango, 2018). This
type of security issues can lead the network of the organization to face many issues that can
lead to DDoS as well. If the design of the network is such poorly designed without the
identification of the issues that can be very much vulnerable to the network structure of the
organization.
2.1.1 Absence of humidity measurement
The temperature sensor device lacks of the measurement of the humidity if detected in
the present network. This can lead the network system to the DDoS attack. This security
attack happens due to the poor design of the device that is installed in the system. This can
create a huge negative impact to the security of the present network (Navaz, Rex & Mary,
2015). If the device lacks in measuring the humidity of the system can also cause a network
3NETWORK SECURITY
failure of the designed system. The whole network system can breakdown as the devices will
get highly attacked by the humidity present in the devices of the system.
2.1.2 Inaccurate placement of device
As in the given figure, it is noted that there is only one temperature system present in
the whole network this can cause a negative impact to the whole system. This is because the
other devices present in the system will go unidentified with the security issues. This security
issues will be enhanced if the temperature sensor is not available in every sector of the
systems. This issue can lead to the wormhole attack as during the attack the information
packets associated with the organization can be compromised (Kore & Bodhe, 2015). This
attack cannot be identified if there is only one sensor present for the whole device. The cyber
criminals will get an ease of access to the whole system if the sensor is not placed at every
level of the network system.
2.2 Issues related to the IT Devices
Certainly, some issues in the medium sized organization are related with the IT
devices or the IT infrastructure. However, a lack in the vulnerability of the issue detection
system of a network can be responsible for the network security issues of the present network
structure at the organization. This can be said as the security issues faced by the proxy servers
that are used in this organization that leads to attacks on the STP (Noh et al., 2016).
Moreover, another security issue related to the organization can be said with the networking
switch. This issue can lead to a MAC Flooding Attack in the organization, which will be a
negative aspect in respect to the organizational data and information systems. Thus with the
issues related to the IT Devices can be said to lead the organization with STP attack as well
as the MAC flooding attack.
failure of the designed system. The whole network system can breakdown as the devices will
get highly attacked by the humidity present in the devices of the system.
2.1.2 Inaccurate placement of device
As in the given figure, it is noted that there is only one temperature system present in
the whole network this can cause a negative impact to the whole system. This is because the
other devices present in the system will go unidentified with the security issues. This security
issues will be enhanced if the temperature sensor is not available in every sector of the
systems. This issue can lead to the wormhole attack as during the attack the information
packets associated with the organization can be compromised (Kore & Bodhe, 2015). This
attack cannot be identified if there is only one sensor present for the whole device. The cyber
criminals will get an ease of access to the whole system if the sensor is not placed at every
level of the network system.
2.2 Issues related to the IT Devices
Certainly, some issues in the medium sized organization are related with the IT
devices or the IT infrastructure. However, a lack in the vulnerability of the issue detection
system of a network can be responsible for the network security issues of the present network
structure at the organization. This can be said as the security issues faced by the proxy servers
that are used in this organization that leads to attacks on the STP (Noh et al., 2016).
Moreover, another security issue related to the organization can be said with the networking
switch. This issue can lead to a MAC Flooding Attack in the organization, which will be a
negative aspect in respect to the organizational data and information systems. Thus with the
issues related to the IT Devices can be said to lead the organization with STP attack as well
as the MAC flooding attack.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4NETWORK SECURITY
2.2.1 Lack of issue detection information systems
The lack of the issue detection system in the organization’s network system can cause
an STP attack to the organization. This lack of the system may lead to the compromise of the
data present in the existing network. This will ease the access of the cyber security criminals
in the organisations database via the root bridge present in the existing system. The impact of
this lack will be very vulnerable to the organization. The database access by the criminals
will put a very huge negative impact regarding the information present in the network (Xu &
Masys, 2016). If the access of the network switches are compromised, by the cyber attackers,
the outgoing as well as incoming data traffic will also be hampered and that will put an
adverse effect on the organizational network structure. The device connected to the present
system that is the CISCO ASA 5585-X can be an easy door for the cyber attackers to evaluate
a STP attack on the system as it gives a free access to the root ports of the network structure
present in the organization.
2.2.2 Issue regarding the network switch
The issues regarding the network switch present in the existing system of the
organisation can lead to cyber security attacks likely MAC attack. The computer systems that
run on Windows OS can be readily affected to this attack with the issue of the networking
switch (Rodday, Schmidt & Pras, 2016). The MAC table consists of the switches that are
used by the organization. The essential as well as the private data present in the database of
the organization is quite easily affected by the cyber attackers with the help of this switches.
Cyber criminals directly from the physical ports can obtain the data and use them for their
own benefit. Cyber criminals use packet analysers for establishing a secure connection or
trespassing the database of the organization.
2.2.1 Lack of issue detection information systems
The lack of the issue detection system in the organization’s network system can cause
an STP attack to the organization. This lack of the system may lead to the compromise of the
data present in the existing network. This will ease the access of the cyber security criminals
in the organisations database via the root bridge present in the existing system. The impact of
this lack will be very vulnerable to the organization. The database access by the criminals
will put a very huge negative impact regarding the information present in the network (Xu &
Masys, 2016). If the access of the network switches are compromised, by the cyber attackers,
the outgoing as well as incoming data traffic will also be hampered and that will put an
adverse effect on the organizational network structure. The device connected to the present
system that is the CISCO ASA 5585-X can be an easy door for the cyber attackers to evaluate
a STP attack on the system as it gives a free access to the root ports of the network structure
present in the organization.
2.2.2 Issue regarding the network switch
The issues regarding the network switch present in the existing system of the
organisation can lead to cyber security attacks likely MAC attack. The computer systems that
run on Windows OS can be readily affected to this attack with the issue of the networking
switch (Rodday, Schmidt & Pras, 2016). The MAC table consists of the switches that are
used by the organization. The essential as well as the private data present in the database of
the organization is quite easily affected by the cyber attackers with the help of this switches.
Cyber criminals directly from the physical ports can obtain the data and use them for their
own benefit. Cyber criminals use packet analysers for establishing a secure connection or
trespassing the database of the organization.
5NETWORK SECURITY
3. Real life security attacks
The upcoming section will briefly discuss about the past real life attacks for IoT
systems as well as IT infrastructures.
3.1 IoT attack
3.1.1 Mirai Botnet Attack
In the year 2016 this major attck happened in some major organizations such as
SoundCloud, Twitter, Spotify, Etsy and many others. This particular botnet infected
numerous IoT devices and then used them to flood DNS provider Dyn with a DDoS attack
(Firoozjaei et al., 2017). This malicious code actually hampered the devices that run with the
outdated versions of OS and directly affected the kernel section of the OS leading it to a
vulnerable stage for the cyber attackers.
3.1.2 SWIFT global bank messaging system
Around the year 2015 and 2016, the hackers of North Korea breached the security
firewall of the SWIFT global messaging system. This attack was successful to steal millions
of dollars (Li, Tryfonas & Li, 2016). The Lazarus group of cyber attackers were reported
responsible for this breach. Attackers were able to find vulnerabilities in the defence system
that are used by the banks and then accessed their systems to gain access to the informational
database of the SWIFT.
4. Vulnerabilities of the selected organisation with CVE
4.1 CISCO ASA 5585-X
A vulnerability in the logging configuration of the kernel for the organization in the
Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X. This device
can allow an unauthenticated as well as remote attacker to cause a denial of service (DoS)
3. Real life security attacks
The upcoming section will briefly discuss about the past real life attacks for IoT
systems as well as IT infrastructures.
3.1 IoT attack
3.1.1 Mirai Botnet Attack
In the year 2016 this major attck happened in some major organizations such as
SoundCloud, Twitter, Spotify, Etsy and many others. This particular botnet infected
numerous IoT devices and then used them to flood DNS provider Dyn with a DDoS attack
(Firoozjaei et al., 2017). This malicious code actually hampered the devices that run with the
outdated versions of OS and directly affected the kernel section of the OS leading it to a
vulnerable stage for the cyber attackers.
3.1.2 SWIFT global bank messaging system
Around the year 2015 and 2016, the hackers of North Korea breached the security
firewall of the SWIFT global messaging system. This attack was successful to steal millions
of dollars (Li, Tryfonas & Li, 2016). The Lazarus group of cyber attackers were reported
responsible for this breach. Attackers were able to find vulnerabilities in the defence system
that are used by the banks and then accessed their systems to gain access to the informational
database of the SWIFT.
4. Vulnerabilities of the selected organisation with CVE
4.1 CISCO ASA 5585-X
A vulnerability in the logging configuration of the kernel for the organization in the
Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X. This device
can allow an unauthenticated as well as remote attacker to cause a denial of service (DoS)
6NETWORK SECURITY
situation as it highly consumes the resources of the present system. This issue occurs due to
the unauthenticated logging of the IP packets. An attacker can easily access the network
system by sending a flood of specially crafted IP packets to the affected device (Pagani &
Aiello, 2015). This can also cease the access of the data traffic.
4.2 NETGEAR GS 116PP-100AJS
The network switches that are used in the selected IT infrastructure is too much
vulnerable as it easily allows the cyber attackers to hijack the authentication of the attacker.
This will be enhanced if criminals request Doman Name Server with the hostname parameter
to dnslookup.cgi for performing the attack (Abomhara, 2015). The issue associated with this
device in the selected organisation is that the IP addresses are stored manually for all the
computer systems present in this network. Rebooting all the computers present in the
organization can help in the mitigation of this issue.
5. Proposed solutions for the issues
Issues Counter Measures
Absence of humidity measurement The sensor calibration should be
implemented with the humidity measure
techniques so that the devices could perform
well and the sensors could identify the risks
that can come in near future.
Inaccurate placement of device The number of devices should be more in
the system so that the temperature can be
sensed at all levels and the security of the
devices could be enhanced (Yoo & Shon,
2016).
Lack of issue detection information systems Tools like Nexpose as well as Acunetix can
be implemented in the infrastructure so that
the issue can be detected way earlier it will
happen.
Issue regarding the network switch Implementation of the Firmware patches in
the system can help mitigating these risks.
situation as it highly consumes the resources of the present system. This issue occurs due to
the unauthenticated logging of the IP packets. An attacker can easily access the network
system by sending a flood of specially crafted IP packets to the affected device (Pagani &
Aiello, 2015). This can also cease the access of the data traffic.
4.2 NETGEAR GS 116PP-100AJS
The network switches that are used in the selected IT infrastructure is too much
vulnerable as it easily allows the cyber attackers to hijack the authentication of the attacker.
This will be enhanced if criminals request Doman Name Server with the hostname parameter
to dnslookup.cgi for performing the attack (Abomhara, 2015). The issue associated with this
device in the selected organisation is that the IP addresses are stored manually for all the
computer systems present in this network. Rebooting all the computers present in the
organization can help in the mitigation of this issue.
5. Proposed solutions for the issues
Issues Counter Measures
Absence of humidity measurement The sensor calibration should be
implemented with the humidity measure
techniques so that the devices could perform
well and the sensors could identify the risks
that can come in near future.
Inaccurate placement of device The number of devices should be more in
the system so that the temperature can be
sensed at all levels and the security of the
devices could be enhanced (Yoo & Shon,
2016).
Lack of issue detection information systems Tools like Nexpose as well as Acunetix can
be implemented in the infrastructure so that
the issue can be detected way earlier it will
happen.
Issue regarding the network switch Implementation of the Firmware patches in
the system can help mitigating these risks.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7NETWORK SECURITY
6. Conclusion
The above report states the two major security issues related to the IoT device as well
as the IT infrastructure of the network system. The lack of the vulnerability identification
systems in the network can cause a huge negative impact in the organizational structure. The
paper also deals with two real life examples that are exposed due to the related vulnerabilities
of the system Finally the paper concludes with the solutions that will help the organization
mitigating the vulnerabilities. Thus it can be concluded that this paper will be very much
useful to the management team of the specific organization in identification as well as
mitigation of the risks in their present system.
7. Proposed network diagram
PROPOSED NETWORK DIAGRAM
6. Conclusion
The above report states the two major security issues related to the IoT device as well
as the IT infrastructure of the network system. The lack of the vulnerability identification
systems in the network can cause a huge negative impact in the organizational structure. The
paper also deals with two real life examples that are exposed due to the related vulnerabilities
of the system Finally the paper concludes with the solutions that will help the organization
mitigating the vulnerabilities. Thus it can be concluded that this paper will be very much
useful to the management team of the specific organization in identification as well as
mitigation of the risks in their present system.
7. Proposed network diagram
PROPOSED NETWORK DIAGRAM
8NETWORK SECURITY
(Source: Created by Author)
(Source: Created by Author)
9NETWORK SECURITY
References
Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats,
intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.
Athawale, R. P., & Rana, J. G. (2015). Wireless sensor network based environmental
temperature monitoring system. In International Conference on Information
Engineering, Management, and Security.
Firoozjaei, M. D., Jeong, J. P., Ko, H., & Kim, H. (2017). Security challenges with network
functions virtualization. Future Generation Computer Systems, 67, 315-324.
Kore, L. J., & Bodhe, S. K. (2015). Wireless Microcontroller Based Mutlidrop System. The
International Journal of Science and Technoledge, 3(5), 13.
Kumar, S. A., & Ilango, P. (2018). The impact of wireless sensor network in the field of
precision agriculture: a review. Wireless Personal Communications, 98(1), 685-698.
Li, S., Tryfonas, T., & Li, H. (2016). The Internet of Things: a security point of view.
Internet Research, 26(2), 337-359.
Navaz, A. S., Rex, J. A. D., & Mary, S. J. (2015). Cluster Based Secure Data Transmission in
WSN. July–2015, International Journal of Scientific & Engineering Research, Vol
No-6, Issue No-7, 1776-1781.
Noh, J., Lee, S., Park, J., Shin, S., & Kang, B. B. (2016). Vulnerabilities of network OS and
mitigation with state‐based permission system. Security and Communication
Networks, 9(13), 1971-1982.
References
Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats,
intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.
Athawale, R. P., & Rana, J. G. (2015). Wireless sensor network based environmental
temperature monitoring system. In International Conference on Information
Engineering, Management, and Security.
Firoozjaei, M. D., Jeong, J. P., Ko, H., & Kim, H. (2017). Security challenges with network
functions virtualization. Future Generation Computer Systems, 67, 315-324.
Kore, L. J., & Bodhe, S. K. (2015). Wireless Microcontroller Based Mutlidrop System. The
International Journal of Science and Technoledge, 3(5), 13.
Kumar, S. A., & Ilango, P. (2018). The impact of wireless sensor network in the field of
precision agriculture: a review. Wireless Personal Communications, 98(1), 685-698.
Li, S., Tryfonas, T., & Li, H. (2016). The Internet of Things: a security point of view.
Internet Research, 26(2), 337-359.
Navaz, A. S., Rex, J. A. D., & Mary, S. J. (2015). Cluster Based Secure Data Transmission in
WSN. July–2015, International Journal of Scientific & Engineering Research, Vol
No-6, Issue No-7, 1776-1781.
Noh, J., Lee, S., Park, J., Shin, S., & Kang, B. B. (2016). Vulnerabilities of network OS and
mitigation with state‐based permission system. Security and Communication
Networks, 9(13), 1971-1982.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10NETWORK SECURITY
Pagani, G. A., & Aiello, M. (2015). A complex network approach for identifying
vulnerabilities of the medium and low voltage grid. International Journal of Critical
Infrastructures 7, 11(1), 36-61.
Rodday, N. M., Schmidt, R. D. O., & Pras, A. (2016, April). Exploring security
vulnerabilities of unmanned aerial vehicles. In NOMS 2016-2016 IEEE/IFIP Network
Operations and Management Symposium (pp. 993-994). IEEE.
Xu, T., & Masys, A. J. (2016). Critical infrastructure vulnerabilities: embracing a network
mindset. In Exploring the Security Landscape: Non-Traditional Security Challenges
(pp. 177-193). Springer, Cham.
Yoo, H., & Shon, T. (2016). Challenges and research directions for heterogeneous cyber–
physical system based on IEC 61850: Vulnerabilities, security requirements, and
security architecture. Future generation computer systems, 61, 128-136.
Pagani, G. A., & Aiello, M. (2015). A complex network approach for identifying
vulnerabilities of the medium and low voltage grid. International Journal of Critical
Infrastructures 7, 11(1), 36-61.
Rodday, N. M., Schmidt, R. D. O., & Pras, A. (2016, April). Exploring security
vulnerabilities of unmanned aerial vehicles. In NOMS 2016-2016 IEEE/IFIP Network
Operations and Management Symposium (pp. 993-994). IEEE.
Xu, T., & Masys, A. J. (2016). Critical infrastructure vulnerabilities: embracing a network
mindset. In Exploring the Security Landscape: Non-Traditional Security Challenges
(pp. 177-193). Springer, Cham.
Yoo, H., & Shon, T. (2016). Challenges and research directions for heterogeneous cyber–
physical system based on IEC 61850: Vulnerabilities, security requirements, and
security architecture. Future generation computer systems, 61, 128-136.
1 out of 11
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.