Why Do We Need The Network Security

Published Date: 02 Nov 2017

As I say so, the generation had changed; today people do a multi-million business on the net instead of reality society. But why they do so? Because doing the business on the network will have a lower budget but higher income, and so every coin have two faces, with the advantage also comes the disadvantage.

With all the advantages given from the net, here comes the disadvantages side. On the network, there are some hackers trying so hard to break through the firewall and steal some information. Besides the hackers, a lot of others cyber crime would affect the security of the network. No matter what you are doing, how you are doing or even why you are doing as long as you on the network, you are a risk taker. Our personal information and any other privacy will go public once the security of network is unsecured.

There are lot of type security on the network, a lot of way to break through it and also a lot of way to secure it. I had done a study on the security on the network and this is what all about.

Objective

The objective of doing this research on the security of the network is to understand more about all the security issues on the network and also the latest security issue on the network. Other than that, understanding the theory and practical about the internet application will help a lot in our daily life not just to protect of computer but to maintain the security system of the network.

The cyber crime is getting worst and worst by day, to avoid be a next victim, as a student of Information technology of course I should do a study on this and keep myself safe from the network, besides, I can also help to prevent my friends and family to be the next victim. After understanding more about the security on the network, we can actually plan our self a simple security system in our own computer and this help us gain more experience about the security on the network.

Another objective of my research is to develop my network security knowledge and determine the important of the network security. In another hand, doing the research on the security of network will also let me understand more technical issue that related to the internet application module and this will help me to score more easily during my final test.

The Network Security

The network security is defined as consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. The network security hasn’t always been as important as in today, there are a lot of meaning in the word network security and it’s depend on where you stand to define it.  For the Legal department, network security is the set of controls vital to maintain agreement with authoritarian constraints. For product engineers, it may be the processes and technology to protect intellectual property. Business management will probably tell you that, while they are concerned with legal and intellectual property concerns, they also want to make sure critical business systems remain available.

The network is the computer network and also we can call it as the internet. The internet was first found on 1969 as the named as APRANET (Advanced Research Projects Agency) for military use and also to sharing the information from the scientist around the world. In fact, one of the original goals of APRANET is to create a network that would continue to function even if major sections of the network failed or were attacked.

As we can see the network was actually built for the connectivity between the human being all around the world, we usually gain more benefit then disadvantage on this technology until some so called genius as in the network thieve and hackers appeared. The unauthorized access from the hacker had made the network no longer save, the hacker will not only take some information they think is important and also the software in your computer, and therefore we need to increase the security of the network to make sure that the network we are using is safe and to avoid to be the next victim of cybercrime.

Why do we need the network security?

A hacker is an enthusiastic and skillful computer programmer or user and a person who uses computers to gain unauthorized access to data. It’s remarkably easy to gain unauthorized access into information that it’s in an insecure network environment, and it’s very difficult to find out the trespasser. Hacker can unauthorized access to your computer no matter what type or computer you are using on the net, as long as you are online, they can easily break through your firewall and enter to your computer, of course it require some special skill. Even if you think that you got no important information or some high confidential privacy document in your computer, the hacker will use your computer as a "weak link" to connect to the others computer that connect to the same router that you are connect with.

The hackers do not only embezzle some imperative information and data from our computer, the harmless information he get from our computer can expose the whole computer system to compromise. There is a lot of other information that would catch the hacker’s attention such as the hardware and software a company using, system configuration, and type of network connections, phone numbers, and access and authentication procedures. The example of the important information is like the password of the system, banking account password, access control files and keys, personnel information, and encryption algorithms.

According to the AVIRA security company, there is no one on the network is totally immune. The cost of a break-in cover a broad range of possibilities: a minor loss of time when you trying so hard to recover from the problem, a decrease in productivity, a significant loss of money or staff-hours, a business no longer able to compete, legal liability, and the loss of life.

Basic security concepts

There are three pillar of information security, which is the Confidentiality, Integrity, and Availability. Concepts relating to the people who use that information are authentication, authorization, and no disclaimer. These are the main three outcomes of the objective of all network security, including stopping bad stuff from coming into the network and upsetting attacks which make it past perimeter controls and they will eventually make it past your well-planned and implemented defenses firewall.

The Confidentiality is actually to make sure that the wrong people won’t have the authorize to read some of the confidential file and document, when these file are being copied or read by someone who is unauthorized and this is called as a lost of confidentiality. For examples include research data, medical and insurance records, new product specifications, and corporate investment strategies is absolutely a high confidential document, if all these file are being read or copied by someone unauthorized is will cause a big loss to the particular company or people.

The Integrity in network security is ensuring all the data, whether medical, business, or financial, is accurate. When we have a lot of confidential file saved in our system, we have to keep it safe, once we kept it safe; we have to make sure that all those data and information are accurate. Once the document file or particular specification information had been change or read in unexpected way, the result is also known as loss of Integrity on the network security.

The Availability in network security is keeping the hackers from access they can use to take down a system or entire network as in killing one or more critical business processes. The Availability of a network security is the most important attribute in the service oriented businesses that depend on useful and important information such as the airline company with the airline schedule and online inventory system for some banks and those online ordering website, in this case the cinema was included. The information and data can be erased or become inaccessible, resulting in loss of availability.

To make the information be more available for those who need it, and also for those who can be trusted in, the organization proved it by authentication and authorization. The authentication is to prove a user that he or she is the person that is he or she claim to be, and the authorization is the act of determining whether a particular user (or computer system) has the right to carry out a certain activity, such as reading a file or running a program. The proving of authentication is special for the user, as in the only password for the user; the user’s fingerprint or even the user’s smart card is included. After the authentication has been confirmed, then the computer gave the authorization for the user to use the information.

Vulnerability of the Internet

In this high-tech century of 2013, there are more and more people who are very good in using the network and this cause us a new problem. The professional in the network security around the world have confirm that the network security level today is much more lower than the previous few years due to the people who are getting better to break through the security system. According to all the top network Security Company like AVIRA anti-virus company had declared that there are no one on the network is total immune, and here is why they say so.

The vulnerability of the internet, the word vulnerability is defined as exposed to the possibility of being attacked or harmed, either physically or emotionally by the Oxford dictionary, but with the word vulnerability of the network is a weakness that a person can exploit to accomplish something that is not authorized or intended as legitimate use of a network or system. The security of system or information on certain system was compromised; the result is a security incident. Engineering or design errors or faulty implementation may be cause the vulnerability of the network.

Why the security of the network is vulnerable? The network security is hard and expensive, it’s really nearly called impossible to create or design a system that is totally resist penetration. The network security is just like a bottomless pit, to build a solid defense wall; it required a lot of considerable skill and investment of resources, dozens of engineer and scientist of research year of work. Often said, the only 100% and best way to be immune on the network is to pull the plug, the security policies are too complex, imprecise and sometime it’s too conflicting. The internet is also a peer to peer system, which has the benefit of making it virtually impossible to bring the internet as a system down. There is no single point of failure that can impact all or even large parts of the internet.

Besides, one of the main reasons is because that the user and system developer today have limited resources to spend on the product development, such resources was included as functionality, performance and customer support. The consequences cause by the decision of the senior of the management because they do not see the security as very important. At last but not least, the security involve by the human being as the user himself too. Human beings are responsible for designing, configuring, and using system with security feature, they make lot of mistake in judgment and implementation, of course everyone of us love shortcuts. Finally, the need for well trained and experienced people to engineer and manage the network in a secure manner has been expended due to the explosive growth of the internet user, because the need for network security experts far exceeds the supply, inexperienced people are called upon to secure systems, opening windows of opportunity for the intruder community.

Network security incident

Any network-related activity with negative security implication is called as the network security incident. Incident of the network security come in all shape and size, from anywhere on the internet, well some of the attacks might be launched from specific systems and require access to specific accounts. An emblematic attack pattern consists of gaining access to a user's account, gaining restricted access, and using the victim's system as a launch stage for attacks on other sites. It is possible to accomplish all these steps manually in as little as 45 seconds; with automation, the time decreases further.

In recent years, there are many of network security incident happen over the world. Due to the rapid growth user of the internet, the security network is more vulnerable than ever now. There are few types of the security incident on the network, which is broadly classified into several kinds: the probe, scan, account compromise, root compromise, packet sniffer, Denial of service, exploitation of trust and malicious code.

PROBE

A probe is characterized by unusual attempts to gain access to a system or to discover information about the system. For a good example in our daily life, probe is an attempt to log in to an unused account. Like some of the email address or even some internet web account, even if that are the result of curiosity and confusion like forgetting the password are also considered as the probe incident.

SCAN

A scan is a larger amount of number in probes done using an automated tool from the intruder, but when the scan is discovered, it’s often a prelude to a more directed attach on the system which the intruder found is vulnerable.

ACCOUNT COMPROMISE

Account compromise is the unauthorized use of a computer account by other people other than the account owner, without involving in a system-level. An account compromise might expose all the victim privacy, such like some really serious data lost, date theft.

ROOT COMPROMISE

A root compromise is similar to the account compromise, but then that the account that has been compromised has special privileges on that particular system. The intruders who are successfully in a root compromise in a computer can do just about anything in that victim’s computer system including running on their own program.

DENIAL OF SERVICE

A denial of service attack can come in many forms, and it’s a bit different from other network security incident. The main objective of the denial-of-service attacks is not to gain unauthorized access to machines and date, but is to avoid legitimate users of a service from using it. They may also disrupt physical components of the network or manipulate data in transit, including the encrypted data.

EXPLOITATION OF TRUST

Computer and computer often have trust relationship on the network. Before perform some commands, the computer check a set of files that specify which other computer on the network are permitted to use those commands. If intrudes are trying to counterfeit their identity, and appearing using the trusted computer, they may be able to gain unauthorized access to other computers.

Types of Technical Vulnerabilities

The vulnerability of the network and software cause us a lot of problem today. The word vulnerability means the weakness of a solid defense system or anything that a person can exploit to accomplish something that is not authentication and authorization from a system. There are a lot of different kind of software protocol today was actually built in without security in mind, without a fundamentally secure infrastructure that cause the network defense getting tougher.

The internet attacks in general are quick and easy, and may be hard to detect or track due to the inherent openness of the internet and the original design of the protocol. After an intruder attacks, it’s easy to hide his location and identity because there are many attacks can actually be launched readily from anywhere in the world. Besides, in internet there are many sites place are unwarranted trust, but it’s common for sites to be innocent under the risk of trust they place in the internet too.

TYPES OF TECHNICAL VULNERBILITIES

There are few ways listed below that it’s real useful in understanding the more technical area cause behind every successful intrusion and also help profession to find out solution for addressing each type of problem.

FLOWS IN SOFTWARE OR PROTOCOL DESIGNS

The rules and conventions for computer to communicate on a network is defined as protocols. A protocol will be vulnerable to exploitation no matter how well it is implemented if a protocol has a fundamental design flaw. For an example of a NFS (network file system), which allows system to share files. There is no way of verifying that a person logging in really is if the protocol does not include a provision for authentication, that’s why NFS server is often the targets for the intruder community.

WEAKNESS IN HOW PROTOCOLS AND SOFTWARE ARE IMPLEMENTED

No matter how well design your protocol is, the vulnerability is still high just because of the way you implemented it. For an example, there’s an email protocol implemented in way to get permission for intruder connect to the mail port of people’s computer and fool the computer into performing a mission not intended by the service. If some of the hackers try to supply some date for the TO: field instead of correcting the email address, they actually can fool the computer by sending them the users password details and grant access to the victim’s computer with reading some private message and also run certain program on that system. This is the kind of vulnerability of intruder’s attack that able to remote access without access to any account on the victim’s system, and normally with this type of hacking; it’s actually only the first step and leading to the larger attack in the certain system or software. The flaws that were not identified before the software was release will cause the software vulnerable too. This type of vulnerability has a very big range of subclasses, which all the hackers will use their own attack tools. Here are some of the subclasses included for those who are well known with the software design.

Race conditions in file access

Non-existent checking of data content and size

Non-existent checking for success or failure

Inability to adapt to resource exhaustion

Incomplete checking of operating environment

Inappropriate use of system calls

Re-use of software modules for purposes other than their intended ones

WEAKNESSES IN SYSTEM AND NETWORK CONFIGURATIONS

Problems inherent in protocols or software programs will not cause vulnerability in the category of system and network configurations. The vulnerability is actually just a result of the way all the mechanism are set up and used. The product may be delivered with the special default setting that those hackers can easily exploits. So as a reminder, the user or system admin should change the default setting or even setting up system to a better way that leave the network more secure and vulnerable. The anonymous File Transfer Protocol service is another example for the faulty configuration that has been exploited. The only way to secure configuration is to ensure the password file, ancillary and archive tree are separate from the other operating system, besides, the operating system must not be reach from this staging area. Unauthorized users can get authentication information and use it to compromise the system while the sites misconfigure their anonymous FTP archives.

.

Technical way improving security

IMPROVING NETWORK SECURITY

There are certain ways that IT technician has discovered in recent years, to make sure we have a better network area to be in the future; they have suggested us in the following ways to prevent the network security incident.

OPERATIONAL TECHNOLOGY

Networks and hosts are the main target for intruder to access. As an intruder to gain access to any network or system, they do actually need a lot of knowledge and experience about specific vulnerabilities and social engineering techniques to computerize information gathering and system penetration. While the system administrators minimizing the vulnerability of complex network infrastructures to attack, they also are facing the problem of maximizing the availability of system service to the valid user. Unfortunately, the intruder always chooses to compromise the services that often depend on the same characteristics of system and network protocol that make them vulnerable. Nevertheless, carefully preparing and strategically deploying personnel and operational technologies is the way that the organization can significantly improve their resistance to attack.

SECURITY ANLALYSIS TOOLS

It’s actually essential to assess periodically network susceptibility to compromise due to the increasing of sophistication of hacker methods and the vulnerability present in commonly used application. There are some vulnerability of identification tools are available, that have garnered both compliment and criticism. When you are trying to find the weaknesses in your system, these are the tools that system administrators will find it is useful.

Critical comment and analysis

Internet gave uncountable benefits to us, and of course we all will hope to keep it safe. To allow a better critical application to operate in the future than exists today, no doubt, that we need more research and development efforts underway to maintain the security level than today.

INTERNETWORKING PROTOCOLS

There are several weaknesses must be aware such as lack of encryption to preserve privacy, lack of cryptographic authentication to identify the source of information and lack of cryptographic to have a better and secure network environment foundation for the critical internet application of the future. The cryptography to authenticate the originator of a packet and to protect the integrity and confidentiality of data is the main point of the new internetworking protocols.

INTRUSION DETECTION

Recognized a problematic area of research that is still in its infancy was one of the intrusion detection’s functions. Anomaly detection and pattern recognition are the two major areas of research in intrusion detection. Determining patterns of normal behavior for networks, host, and users and then detecting behavior that is significantly different are in the research of anomaly detection based on. The goal of the second major area of intrusion is to detect the patterns of the network, host, and user activity that match known intruder attack. The variability that is possible within a single overall attack strategy is the one of the problem with this approach, besides, the new attacks, with new attacks pattern and style cannot be detected or aware in this approach. The intrusion detection tools and techniques that will help us in identifying coordinated distributed attack are critically needed to support the needs of the future internet security.