Analysis of Security Threats in Modern Network Infrastructures
VerifiedAdded on 2021/10/08
|17
|5254
|133
Report
AI Summary
This report provides a comprehensive overview of security threats facing modern network infrastructures. It delves into various threats, including ransomware, botnets, Distributed Denial of Service (DDoS) attacks, Cryptojacking, phishing, and the impact of unprepared network security staff. The report details the nature of each threat, explaining how they operate and the potential damage they can inflict. Furthermore, it outlines various prevention methods and security strategies to mitigate these risks, such as user education, data backup, and the implementation of security tools. The importance of secure network management in relation to ISO standards is also discussed, emphasizing the need for robust fault, configuration, performance, security, and accounting management. The report underscores the critical need for proactive security measures to protect networks from evolving cyber threats. It also gives reasons for cyber security threats such as no update in working industries, lack of network monitoring, failing to update the security patches, legacy usage, poor passwords, mistakes of IT staff and failure to back up the data.
Security threats
facing modern
network
infrastructures
facing modern
network
infrastructures
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Table of Contents
Introduction......................................................................................................................................2
Security threats facing modern network infrastructures..................................................................2
Importance of secure network management in relation to ISO standards.......................................6
Conclusion.....................................................................................................................................10
References......................................................................................................................................11
1
Introduction......................................................................................................................................2
Security threats facing modern network infrastructures..................................................................2
Importance of secure network management in relation to ISO standards.......................................6
Conclusion.....................................................................................................................................10
References......................................................................................................................................11
1
Introduction
In this paper, the security threats in modern network infrastructures will be investigated.
The different kinds of security threats which affect the modern network infrastructures will be
explained in detail. Some of the security threats of Ransomware, botnets, phishing, DDoS and
Cryptojacking will be described in detail. The prevention methods and security strategies will
also be explained briefly. The results will be provided for the attacks and their prevention
methods. Finally, the importance of securing network management will be described in detail.
Security threats facing modern network infrastructures
Nowadays the modern network infrastructure is facing a lot of security threats. These
security threats are not new. Because of the increase in mobile usage and advanced technologies,
these security threats have become more dangerous than ever before. Some of the security threats
which are faced by the modern network infrastructure are listed below (James, 2004), (Acharya,
2017), (Macrae, 2013). They are,
Ransomware,
Botnets,
Distributed-denial of services,
Crypto-jacking,
Unprepared network security staff and
Phishing.
Security Threats
2
In this paper, the security threats in modern network infrastructures will be investigated.
The different kinds of security threats which affect the modern network infrastructures will be
explained in detail. Some of the security threats of Ransomware, botnets, phishing, DDoS and
Cryptojacking will be described in detail. The prevention methods and security strategies will
also be explained briefly. The results will be provided for the attacks and their prevention
methods. Finally, the importance of securing network management will be described in detail.
Security threats facing modern network infrastructures
Nowadays the modern network infrastructure is facing a lot of security threats. These
security threats are not new. Because of the increase in mobile usage and advanced technologies,
these security threats have become more dangerous than ever before. Some of the security threats
which are faced by the modern network infrastructure are listed below (James, 2004), (Acharya,
2017), (Macrae, 2013). They are,
Ransomware,
Botnets,
Distributed-denial of services,
Crypto-jacking,
Unprepared network security staff and
Phishing.
Security Threats
2
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
The Ransomware is a kind of malware. This locks the victim’s computer data by
encryption. If the victims want to decrypt their own data, they should pay a bitcoin for the
ransom attack. The attackers demand payment in Bitcoins (virtual currency). The ransomware
malware can spread via infected software or external storage devices, compromised websites and
malicious email attachments. In a lock screen ransomware attack, the login credentials are
changed by the malware and in a data kidnapping attack, the files on the victim’s computer are
encrypted. Some of the famous ransomware attacks are crypto-locker and WannaCry (Alpcan
and Başar, 2011), (Choudhary, 2018), (Al-Hammadi and Aickelin, 2006).
A botnet is a collection of infected devices in which more than one infected devices such
as PCs, mobile devices, IoT devices, and servers are interconnected with each other .These
infected devices are controlled by the malware. The botnets are generally used to generate attack
traffic for DDoS and send spam emails. The device which is infected by the malware is a part of
the network. These infected devices in the network are controlled by an attack group or a single
attacker. This botnet creates a passage to all security threats. Using this passage or created
vulnerability, any threat can be easily injected into the network or devices (Mtibaa, Harras and
Alnuweiri, 2015), (Campbell, 2009), (McKewan, 2006), (Acharya and Pradhan, 2017).
The Distributed denial-of-service attack happens because of the compromised devices in
the network. These compromised devices are called botnets. These compromised devices are
used to attack a target server or network resource or server. The DDoS attacking tools are usually
send more messages, malicious packets and connection requests to the target. This method is
used to slow down the target. The attackers start to exploit a vulnerability in the network to do
the DDoS attack. The attackers use that vulnerable system or device and make it as a Master
device for doing DDoS attack. This Master device also tries to find other vulnerable systems in
the network and controls them by infecting malware in them or bypassing their authentication
controls. These newly infected devices are called ‘Slave devices’. These master and slave
devices which are controlled by an intruder are called ‘bots’ or ‘zombies’. There are many types
3
encryption. If the victims want to decrypt their own data, they should pay a bitcoin for the
ransom attack. The attackers demand payment in Bitcoins (virtual currency). The ransomware
malware can spread via infected software or external storage devices, compromised websites and
malicious email attachments. In a lock screen ransomware attack, the login credentials are
changed by the malware and in a data kidnapping attack, the files on the victim’s computer are
encrypted. Some of the famous ransomware attacks are crypto-locker and WannaCry (Alpcan
and Başar, 2011), (Choudhary, 2018), (Al-Hammadi and Aickelin, 2006).
A botnet is a collection of infected devices in which more than one infected devices such
as PCs, mobile devices, IoT devices, and servers are interconnected with each other .These
infected devices are controlled by the malware. The botnets are generally used to generate attack
traffic for DDoS and send spam emails. The device which is infected by the malware is a part of
the network. These infected devices in the network are controlled by an attack group or a single
attacker. This botnet creates a passage to all security threats. Using this passage or created
vulnerability, any threat can be easily injected into the network or devices (Mtibaa, Harras and
Alnuweiri, 2015), (Campbell, 2009), (McKewan, 2006), (Acharya and Pradhan, 2017).
The Distributed denial-of-service attack happens because of the compromised devices in
the network. These compromised devices are called botnets. These compromised devices are
used to attack a target server or network resource or server. The DDoS attacking tools are usually
send more messages, malicious packets and connection requests to the target. This method is
used to slow down the target. The attackers start to exploit a vulnerability in the network to do
the DDoS attack. The attackers use that vulnerable system or device and make it as a Master
device for doing DDoS attack. This Master device also tries to find other vulnerable systems in
the network and controls them by infecting malware in them or bypassing their authentication
controls. These newly infected devices are called ‘Slave devices’. These master and slave
devices which are controlled by an intruder are called ‘bots’ or ‘zombies’. There are many types
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
of DDoS attacks available (Widagdo and Lim, 2017). They are volume based attacks, protocol
attacks, and application layer attack. The volume-based attacks include ICMP flood, UDP flood
and other spoofed-packet floods (Balasooriya and Fernando, 2013), (Lee and Hong, 2013), (New
botnets on the prowl, 2009), (ZHANG et al., 2012), (Baker et al., 2011), (Bertino and Islam,
2017).
The unauthorized access or use of another’s computer is called ‘Cryptojacking’. This is
used to mine cryptocurrency. The attackers do this Cryptojacking either by using malicious
emails or by injected online advertisement with JavaScript code. If a computer user accidentally
clicks the malicious email or infected online advertisement, the crypto mining code is started to
load on the user’s computer (Abad, 2005), (Bradbury, 2012), (Fachkha, Bou-Harb and Debbabi,
2014), (Suganya, 2016).
Phishing is one of the cyber-attacks. It uses malicious emails as its weapon. The attacker
tricks an email recipient to believe that the malicious mail sent by the attacker is important to the
email recipient and makes them click a link in the malicious email or download the attachment in
that mail. To launch phishing campaigns, the phishing kits are very useful to the attackers. The
phishing tools and website resources are bundled in the phishing kit. This is installed on a server.
After it is installed on the server, the attacker sends malicious emails to the victims. There are
many types of phishing. They are spear phishing, whale phishing, clone phishing, vishing,
malware based phishing, deceptive phishing, key loggers and screen loggers, web Trojans,
session hijacking, DNS based phishing, data theft, content-injection phishing, search engine
phishing, man-in-the-middle phishing, system reconfiguration attacks, and snowshoeing. In a
spear phishing attack, mainly individuals and companies are targeted and the personal
information about the victims are collected. In whale phishing, the high-profile individuals,
company CEO and board members are most commonly targeted (An Efficient Way to Prevent
Dos/DDoS Attack in the Cloud Environment, 2016), (FIDA and JOVITH, 2016), (Yearwood,
Mammadov and Webb, 2011), (The Degree of Occurrence of Phishing in Indonesia, 2016).
4
attacks, and application layer attack. The volume-based attacks include ICMP flood, UDP flood
and other spoofed-packet floods (Balasooriya and Fernando, 2013), (Lee and Hong, 2013), (New
botnets on the prowl, 2009), (ZHANG et al., 2012), (Baker et al., 2011), (Bertino and Islam,
2017).
The unauthorized access or use of another’s computer is called ‘Cryptojacking’. This is
used to mine cryptocurrency. The attackers do this Cryptojacking either by using malicious
emails or by injected online advertisement with JavaScript code. If a computer user accidentally
clicks the malicious email or infected online advertisement, the crypto mining code is started to
load on the user’s computer (Abad, 2005), (Bradbury, 2012), (Fachkha, Bou-Harb and Debbabi,
2014), (Suganya, 2016).
Phishing is one of the cyber-attacks. It uses malicious emails as its weapon. The attacker
tricks an email recipient to believe that the malicious mail sent by the attacker is important to the
email recipient and makes them click a link in the malicious email or download the attachment in
that mail. To launch phishing campaigns, the phishing kits are very useful to the attackers. The
phishing tools and website resources are bundled in the phishing kit. This is installed on a server.
After it is installed on the server, the attacker sends malicious emails to the victims. There are
many types of phishing. They are spear phishing, whale phishing, clone phishing, vishing,
malware based phishing, deceptive phishing, key loggers and screen loggers, web Trojans,
session hijacking, DNS based phishing, data theft, content-injection phishing, search engine
phishing, man-in-the-middle phishing, system reconfiguration attacks, and snowshoeing. In a
spear phishing attack, mainly individuals and companies are targeted and the personal
information about the victims are collected. In whale phishing, the high-profile individuals,
company CEO and board members are most commonly targeted (An Efficient Way to Prevent
Dos/DDoS Attack in the Cloud Environment, 2016), (FIDA and JOVITH, 2016), (Yearwood,
Mammadov and Webb, 2011), (The Degree of Occurrence of Phishing in Indonesia, 2016).
4
These are the security threats which affect the modern network infrastructure mostly.
These threats can be avoided by implementing some of the prevention methods and the computer
user can avoid losses occurred due to these security threats. The prevention methods for the
above-mentioned security threats are explained below in detail (FENG et al., 2013), (Murugan
and Vivekanandan, 2015) (Primary Factor Investigation for Decreasing the Computational
Complexity of LAMSTAR DDoS, 2017), (Chaudhary et al., 2015).
Prevention Methods
The ransomware attack is prevented by implementing the followings (Green, 2017). By
educating the users about ransomware attack and give training to them to identify which is
malicious email and which is not. The files and information in the device must be backed up in a
secure way during the particular period of time. It is very helpful to the user to recover data when
the user’s device is infected with ransomware. The macros need to be secured. Update all the
application in the device frequently whenever the update is available. To prevent the device from
the ransomware attack, remove administrator rights (Hernandez-Castro, Cartwright and
Stepanova, 2017), (Ranjan et al., 2009), (Ransomware and IoT among leading threats, 2017),
(Owens, 2016), (Mansfield-Devine, 2016).
The botnets can be prevented to affect the user’s device by doing the followings. The
network should be configured to block intruders. All the applications in the device must be
updated automatically. By giving training and educating the users not to click suspicious pop-
ups, malicious emails and not to download attachments from the malicious or spam emails
(Kotenko, Konovalov and Shorov, 2011), (Ransomware menace grows as new threats emerge,
2016), (Mansfield-Devine, 2010), (Jaikumar and Kak, 2012), (Gold, 2011).
5
These threats can be avoided by implementing some of the prevention methods and the computer
user can avoid losses occurred due to these security threats. The prevention methods for the
above-mentioned security threats are explained below in detail (FENG et al., 2013), (Murugan
and Vivekanandan, 2015) (Primary Factor Investigation for Decreasing the Computational
Complexity of LAMSTAR DDoS, 2017), (Chaudhary et al., 2015).
Prevention Methods
The ransomware attack is prevented by implementing the followings (Green, 2017). By
educating the users about ransomware attack and give training to them to identify which is
malicious email and which is not. The files and information in the device must be backed up in a
secure way during the particular period of time. It is very helpful to the user to recover data when
the user’s device is infected with ransomware. The macros need to be secured. Update all the
application in the device frequently whenever the update is available. To prevent the device from
the ransomware attack, remove administrator rights (Hernandez-Castro, Cartwright and
Stepanova, 2017), (Ranjan et al., 2009), (Ransomware and IoT among leading threats, 2017),
(Owens, 2016), (Mansfield-Devine, 2016).
The botnets can be prevented to affect the user’s device by doing the followings. The
network should be configured to block intruders. All the applications in the device must be
updated automatically. By giving training and educating the users not to click suspicious pop-
ups, malicious emails and not to download attachments from the malicious or spam emails
(Kotenko, Konovalov and Shorov, 2011), (Ransomware menace grows as new threats emerge,
2016), (Mansfield-Devine, 2010), (Jaikumar and Kak, 2012), (Gold, 2011).
5
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
The standard method to prevent the system from DDoS attack is followed More
bandwidth must be purchased and used in the network. With load balancing, the servers must be
distributed across multiple data centers (K.Lavanya and Vinothkumar, 2012), (MASUM, 2018).
The Cryptojacking attack is prevented by installing minerBlocker, uMatrix, NoScript and
NoCoin browser extensions. Then educating and giving training to the computer users about
cyber security and safety will help to prevent the Cryptojacking. By using web security tools, the
phishing attack can be prevented. This will improve online security (Jamsa and Klander, 2002),
(Gandhi and Kumar, 2012), (Jansson and von Solms, 2013), (Hong, 2014).
Importance of secure network management in relation to ISO standards
Network management
Generally, network management is described as the process of managing the network
regarding fault and performance. The main goal of this network management is to make the
network error-free. It could be done with various tools. The security is needed for network
management (Jost and Cobb, 2002), (Kalkha, Satori and Satori, 2017).
Usually, network management contains five types of management. They are fault
management, configuration management, performance management, security management, and
accounting management. In that, Security management is needed one for network management.
The security management helps to access the service by the authorized persons. Nowadays,
cyber threats are increasing more. Hence the secure network management is needed (Reddy and
Jeba, 2014), (Joshi, 2008).
Reasons for the cyber security threats
6
bandwidth must be purchased and used in the network. With load balancing, the servers must be
distributed across multiple data centers (K.Lavanya and Vinothkumar, 2012), (MASUM, 2018).
The Cryptojacking attack is prevented by installing minerBlocker, uMatrix, NoScript and
NoCoin browser extensions. Then educating and giving training to the computer users about
cyber security and safety will help to prevent the Cryptojacking. By using web security tools, the
phishing attack can be prevented. This will improve online security (Jamsa and Klander, 2002),
(Gandhi and Kumar, 2012), (Jansson and von Solms, 2013), (Hong, 2014).
Importance of secure network management in relation to ISO standards
Network management
Generally, network management is described as the process of managing the network
regarding fault and performance. The main goal of this network management is to make the
network error-free. It could be done with various tools. The security is needed for network
management (Jost and Cobb, 2002), (Kalkha, Satori and Satori, 2017).
Usually, network management contains five types of management. They are fault
management, configuration management, performance management, security management, and
accounting management. In that, Security management is needed one for network management.
The security management helps to access the service by the authorized persons. Nowadays,
cyber threats are increasing more. Hence the secure network management is needed (Reddy and
Jeba, 2014), (Joshi, 2008).
Reasons for the cyber security threats
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Based on the analysis, here are some reasons for the cyber security threats. First one is,
no update in the working industries regarding system features. Generally, cyber breaches should
be identified immediately. According to that, lack of network monitoring is also considered as
the reason for cyber security threats. Next one is, failing to update the security patches. This will
lead the security threat. Then, the legacy usage is one of the drawbacks regarding the cyber
security. The password control needs to be monitored. Because poor passwords will lead to data
breaches. Then, mistakes of IT staff are considered as the reason for the cyber security. Also,
failure to back up the data is a major problem regarding a cyber-threat. These are the reasons for
the cyber threats. So, security is needed for network management (Farina et al., 2014), (ZHANG
and QIN, 2010), (David, 2004), (Turiel, 2011), (ZHUGE, 2008), (Erridge, 2017).
Importance of network management
Nowadays, most of the organizations are regarding their networks. Mostly, a business
relies on their networks. So, the network management tools need to be improved (Vacca, 2014).
There is a tool for managing the network which is called a network management automation tool.
Also, the information exchange must need the network to share the information with other
networks. In the world, the information systems are connected through the network. The network
also acts as a local area network, IOT and mobile communication networks (Oppliger, 2000),
(Small botnets are threat, 2006), (MacQueen and Flockhart, 2006), (IBM finds new and old
threats, 2011).
ISO standards regarding the secure network management
The network management has some functional modules regarding the standard such as
International organization for standardization. It meets the functional modules regarding secure
network management. Also, many ISO standards are created for the security of network services.
These standards are used to analyze security issues and network management requirements (Lai
7
no update in the working industries regarding system features. Generally, cyber breaches should
be identified immediately. According to that, lack of network monitoring is also considered as
the reason for cyber security threats. Next one is, failing to update the security patches. This will
lead the security threat. Then, the legacy usage is one of the drawbacks regarding the cyber
security. The password control needs to be monitored. Because poor passwords will lead to data
breaches. Then, mistakes of IT staff are considered as the reason for the cyber security. Also,
failure to back up the data is a major problem regarding a cyber-threat. These are the reasons for
the cyber threats. So, security is needed for network management (Farina et al., 2014), (ZHANG
and QIN, 2010), (David, 2004), (Turiel, 2011), (ZHUGE, 2008), (Erridge, 2017).
Importance of network management
Nowadays, most of the organizations are regarding their networks. Mostly, a business
relies on their networks. So, the network management tools need to be improved (Vacca, 2014).
There is a tool for managing the network which is called a network management automation tool.
Also, the information exchange must need the network to share the information with other
networks. In the world, the information systems are connected through the network. The network
also acts as a local area network, IOT and mobile communication networks (Oppliger, 2000),
(Small botnets are threat, 2006), (MacQueen and Flockhart, 2006), (IBM finds new and old
threats, 2011).
ISO standards regarding the secure network management
The network management has some functional modules regarding the standard such as
International organization for standardization. It meets the functional modules regarding secure
network management. Also, many ISO standards are created for the security of network services.
These standards are used to analyze security issues and network management requirements (Lai
7
and Dai, 2009), (Delimatsis, 2018). Based on the standards, five managements are listed below.
They are,
Fault management
Configuration management
Performance management
Accounting management
Security management
Fault management
According to the fault management, the faults needs to be analyzed before it affects the
end user. Here, the network management tool is used to analyze, detect and alert the
corresponding system administrator regarding the problems which affect the system operations.
The administration needs to manage the network in a correct way to avoid the faults. So, the
secure network management needs to be established (Osborne and Summitt, 2006) (Liu et al.,
2012), (Forte, 2006), (Lin and Lu, n.d.).
Configuration management
The main aim of the configuration management is to monitor and analyze the network
and system configuration details. This configuration management can manage the network
operation and hardware and software components. Also, some standards are there to make the
configuration management. The network devices will be configured by using the network
commands. This configuration management contains inventory and the software management
(Joshi, 2016), (Daraghma, 2017).
Performance management
8
They are,
Fault management
Configuration management
Performance management
Accounting management
Security management
Fault management
According to the fault management, the faults needs to be analyzed before it affects the
end user. Here, the network management tool is used to analyze, detect and alert the
corresponding system administrator regarding the problems which affect the system operations.
The administration needs to manage the network in a correct way to avoid the faults. So, the
secure network management needs to be established (Osborne and Summitt, 2006) (Liu et al.,
2012), (Forte, 2006), (Lin and Lu, n.d.).
Configuration management
The main aim of the configuration management is to monitor and analyze the network
and system configuration details. This configuration management can manage the network
operation and hardware and software components. Also, some standards are there to make the
configuration management. The network devices will be configured by using the network
commands. This configuration management contains inventory and the software management
(Joshi, 2016), (Daraghma, 2017).
Performance management
8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
This management is used to analyze network performance. By this performance
management, it is able to know about the review of existing bandwidth and used network
resources. Also, it is used to make the network operate in an efficient manner. It is considered as
the essential part in the network management. Nowadays, the organization needs the
performance management. Also, this performance management has some tools regarding the ISO
standards. The service level agreements are analyzed in the performance management (Sotelo
Asef, 2018).
Accounting management
Accounting management is also considered as the functional area of the secure network
management. According to that, this management is used to control and examine the data or
resources usage. This kind of network management is used by customers to know about resource
usage. It is a process which is used to measure the network usage parameters. By using this
accounting management, the network can be regulated regarding the individual or group. It is
used for accounting purposes. It is similar to performance management. Because this accounting
management is also used to measure the network resources (Kshetri and Voas, 2017).
Security management
This security management is used for the controlling access and notifies the authorities
regarding the available resources (Castilla et al., 2014). Usually, the network devices are sharing
the messages by using the network access. This security management system can enable the
intrusion detection system and Symantec intruder alert. Usually, many products regarding
network management are used for the purpose of information sharing. So, it needs to be secured.
For that, this management has some protocols like simple network management protocol and
CMIP protocol (Ifrastructure locks us into toasty future, 2011).
9
management, it is able to know about the review of existing bandwidth and used network
resources. Also, it is used to make the network operate in an efficient manner. It is considered as
the essential part in the network management. Nowadays, the organization needs the
performance management. Also, this performance management has some tools regarding the ISO
standards. The service level agreements are analyzed in the performance management (Sotelo
Asef, 2018).
Accounting management
Accounting management is also considered as the functional area of the secure network
management. According to that, this management is used to control and examine the data or
resources usage. This kind of network management is used by customers to know about resource
usage. It is a process which is used to measure the network usage parameters. By using this
accounting management, the network can be regulated regarding the individual or group. It is
used for accounting purposes. It is similar to performance management. Because this accounting
management is also used to measure the network resources (Kshetri and Voas, 2017).
Security management
This security management is used for the controlling access and notifies the authorities
regarding the available resources (Castilla et al., 2014). Usually, the network devices are sharing
the messages by using the network access. This security management system can enable the
intrusion detection system and Symantec intruder alert. Usually, many products regarding
network management are used for the purpose of information sharing. So, it needs to be secured.
For that, this management has some protocols like simple network management protocol and
CMIP protocol (Ifrastructure locks us into toasty future, 2011).
9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
ISO standards
Generally, ISO standards have a deal with the secure network management system (Joint
ISO/CIE Standard ISO 17166:1999/CIE S007/E-1998 erythema reference action spectrum and
standard erythema dose, 2000). There are many standards to provide the network service and
control access. Mostly the ISO standards are used to describe the network security concepts. It
also delivers the guidelines for the network security implementation. The networks and the
control threats are described. It also explores the knowledge regarding the secure communication
between the networks using security gateways (CABAJ, 2015).
Conclusion
The detailed discussion is made regarding network security threats. The various types of
security threats are explained. And the importance of secure network management is described.
The most common security threats in the modern network infrastructure are Ransomware, DDoS,
botnets, phishing, and Cryptojacking. These security threats are explained along with its
prevention methods. The security strategies used in preventing the network from the security
threats are also explained briefly. The importance of secured network management and some
network management concepts are also briefly explained. The second section includes the
importance of network management and the reasons for the cyber security threats. The
importance of the cyber security is explained regarding the International Organization of
Standardization. Also, the functional areas of network management are described regarding the
ISO standards. In total, five functional modules are described. They are fault management,
security management, configuring management, performance management, and account
management. Finally, the ISO standards and their specifications are explained regarding
network management.
10
Generally, ISO standards have a deal with the secure network management system (Joint
ISO/CIE Standard ISO 17166:1999/CIE S007/E-1998 erythema reference action spectrum and
standard erythema dose, 2000). There are many standards to provide the network service and
control access. Mostly the ISO standards are used to describe the network security concepts. It
also delivers the guidelines for the network security implementation. The networks and the
control threats are described. It also explores the knowledge regarding the secure communication
between the networks using security gateways (CABAJ, 2015).
Conclusion
The detailed discussion is made regarding network security threats. The various types of
security threats are explained. And the importance of secure network management is described.
The most common security threats in the modern network infrastructure are Ransomware, DDoS,
botnets, phishing, and Cryptojacking. These security threats are explained along with its
prevention methods. The security strategies used in preventing the network from the security
threats are also explained briefly. The importance of secured network management and some
network management concepts are also briefly explained. The second section includes the
importance of network management and the reasons for the cyber security threats. The
importance of the cyber security is explained regarding the International Organization of
Standardization. Also, the functional areas of network management are described regarding the
ISO standards. In total, five functional modules are described. They are fault management,
security management, configuring management, performance management, and account
management. Finally, the ISO standards and their specifications are explained regarding
network management.
10
References
Abad, C. (2005). The economy of phishing: A survey of the operations of the phishing
market. First Monday, 10(9).
Acharya, A. (2017). Internet of Things, Ransomware and Terrorism. Journal of Defense
Management, 07(01).
Acharya, S. and Pradhan, N. (2017). DDoS Simulation and Hybrid DDoS Defense
Mechanism. International Journal of Computer Applications, 163(9), pp.20-24.
Al-Hammadi, Y. and Aickelin, U. (2006). Detecting Botnets Through Log Correlation. SSRN
Electronic Journal.
Alpcan, T. and Başar, T. (2011). Network security. Cambridge: Cambridge University Press.
An Efficient Way to Prevent Dos/DDos Attack in the Cloud Environment. (2016). International
Journal of Science and Research (IJSR), 5(3), pp.829-832.
Baker, P., McQuoid, S., Thompson, J. and Jacobs, R. (2011). An audit of laryngoscopes and
application of a new ISO standard. Pediatric Anesthesia, 21(4), pp.428-434.
Balasooriya, A. and Fernando, S. (2013). Next Generation Security Framework to Detect Botnets
on Computer Networks. International Journal of Engineering and Technology, pp.257-261.
Bertino, E. and Islam, N. (2017). Botnets and Internet of Things Security. Computer, 50(2),
pp.76-79.
Bradbury, D. (2012). Fighting botnets with sinkholes. Network Security, 2012(8), pp.12-15.
11
Abad, C. (2005). The economy of phishing: A survey of the operations of the phishing
market. First Monday, 10(9).
Acharya, A. (2017). Internet of Things, Ransomware and Terrorism. Journal of Defense
Management, 07(01).
Acharya, S. and Pradhan, N. (2017). DDoS Simulation and Hybrid DDoS Defense
Mechanism. International Journal of Computer Applications, 163(9), pp.20-24.
Al-Hammadi, Y. and Aickelin, U. (2006). Detecting Botnets Through Log Correlation. SSRN
Electronic Journal.
Alpcan, T. and Başar, T. (2011). Network security. Cambridge: Cambridge University Press.
An Efficient Way to Prevent Dos/DDos Attack in the Cloud Environment. (2016). International
Journal of Science and Research (IJSR), 5(3), pp.829-832.
Baker, P., McQuoid, S., Thompson, J. and Jacobs, R. (2011). An audit of laryngoscopes and
application of a new ISO standard. Pediatric Anesthesia, 21(4), pp.428-434.
Balasooriya, A. and Fernando, S. (2013). Next Generation Security Framework to Detect Botnets
on Computer Networks. International Journal of Engineering and Technology, pp.257-261.
Bertino, E. and Islam, N. (2017). Botnets and Internet of Things Security. Computer, 50(2),
pp.76-79.
Bradbury, D. (2012). Fighting botnets with sinkholes. Network Security, 2012(8), pp.12-15.
11
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 17
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.