System and Network Security - Report Example

System and network security Insert Name Course Professor’s Name Institution Date Introduction The world is becoming extensively interconnected with the ever increasing adoption of the internet and networking technologies in almost all industries in the modern world. In fact, there is an immense amount of military, commercial, personal and government information on the internet and networking infrastructure in the world all over. Consequently, network security has become a major concern which has been accorded great significance. In the current architecture of networks that is, data networks and synchronous switched networks; internet security is substantially prudent. The data networks spread out in the world are connected to the internet hence exposure to security violation. Ideally, the internetwork of computers and internetworking devices is vulnerable to manipulation and abuse by malicious persons through injection of malicious programs widely known as “Trojan horses” that are extensively harmful to data networks. Network security is tackled in multifaceted manner, which seeks to curb network vulnerabilities arising from internet architecture and security methods that are prone to manipulation as well as end user interaction with internet services in which data processing methods can be compromised (Fry & Nystrom, 2009). In addition, the securing of internet security has heavily invested time and resources into developing complex software and hardware solutions to thwart the menace of internet security vice. System and network security is definitely crucial for the smooth running of applications and networks, which are threatened by security issues that are yet to be resolved. Currently, there is a grave lack of secure unbreakable security methods that can be effortlessly implemented to safeguard networks (Reid, 2004). Network design and Network Security Design In reality, there exist a major “mis-communication” in the networking industry in which network security developers are not advancing in a synchronized pace with networks developers. Although, network design is a fully established process with well organized principles that map the Opens Systems Interface (OSI) model, this is not evident in the network security development process. Overall, the Opens Systems Interface model has an array of advantages that make it easy to design comprehensive networks appropriately. Apparently, it offers fundamental aspects such as protocol standardization, modularity, user-friendliness and flexibility. Subsequently, the nature of the Open Systems Interface model makes it possible to consolidate the protocols used in different layers to build a stack that fosters modular development of security solutions to enhance network implementation. This allows the modification of specific layers to suit development needs in which implantation of various layers can be adjusted at different timeframes later without affecting the rest. Conversely, the development network security does not have a well-designed process. There is no comprehensive methodology that has been established to manage the intricate requirements that come with network security solutions. The design f network security does not share the advantages that network design does (Vacca, 2014). The consideration of network security ought to emphasize the security of the entire network. This is so mainly because security does not only concern the security of the computers at either ends of the communication chain, but also the communication channel through which the data is being transmitted since it vulnerability to attacks can compromise the entire network. In case, transmission of data is committed through an insecure channel, a hacker could possibly obtain the data and alter it and replace it with malicious content. Network security is definitely important as securing the computers and encrypting messages that traverse the network via the internet (Adeyinka, 2008). In the development of a secure network major considerations consist of: Authentication - in which the means of communicating with the system demands authentication to ensure that only authorized user get access to the system. Access-whereby users are provided an interface that is, an API to communication to and from a specific network. Confidentiality- in which the secrecy data and information in the network is guarded. Integrity- in which information is protected against manipulation and modification in the transmission process Non-repudiation- wherein the user is mapped to ensure no one can refute their access and use of the network An effective approach towards network security is implemented with a mindset of thwarting the aforementioned security issues which are the main predisposing factors to attacks. The various measures undertaken to ensure network security are explicated throughout this literature survey (Hay, Cid & Bray, 2008). Effective Network Security Design To curb the vulnerability of the computers and other network components within networks, there are various available products in the market. They include encryption tolls, authentication mechanisms, intrusion-detection systems, security management and firewalls. Throughout the world, business use a combination of the security tools to secure their networks. In most cases, businesses have intranets which are connected to internet and consequently secured from the prevalent threats that are associated with it. The internet architecture has predisposing aspects that render the internet susceptible to security breaches. A comprehensive understanding of the internet is therefore crucial in the development of network security technologies (Garton, 2006). The nature and types of attacks through which the internet is compromised must be addressed in order to establish security measures to detect and counter them. Intrusion detection systems are developed on basis of the identified type of attacks. There are two major types of network intrusions that is introduction of malicious software especially Trojan horse and theft of user data that can be used to imposter the authorized user. The types of system intrusion are extremely serious and can cause extensive complications to a network. First, the network resources can be manipulation to compromise their function and derail system performance. In addition, the network can be exploited to steal information about the system as well critical information stored in the system. Consequently, the stole information is a major security concern since it can be used to launch attacks on the system at a later date (Onwubiko & Owens, 2011). Archetypal security is extant on the computers connected to the network. Security protocols seem to appear as part of a single layer in some instances in the Opens Systems Interface reference model. At present, there are ongoing development efforts aimed at the application of a layered approach in the process of secure network design. The layers that are used in the security model map those of the Open Systems Interface model. This trend in thwarting security threat is a progressive and effective undertaking that is better suited in dealing with network security issues at a large scale (Korff, Hope & Potter, 2005). Identification of data security and network security Data security differs quite much with network security. Data security is the feature of security that facilitates the encryption of user data and its safe transmission. Thus, its interception during the transmission is not a great since it has to be decrypted for it to be compromised. Thus, encryption of user data during transmission is effective and cryptographic methods have been developed and upgraded over the years to advanced complexities to counter attacks by hackers. In the transmission of cipher text over the network it is important to enhance network security. Consequently, the security of the cipher text is heightened in order to avoid unauthorized access to it let alone attempts to decrypt it. A secure network is ideal to prevent authorized insertion of packets into the network. To achieve this, hard ciphers are necessary supplemented with attack-hard internetwork (Kartalopoulos, 2008). Data security which is implemented by application of cryptographic methods occurs at the application layer wherein it is factored in by application developers. On the other hand, network security is specifically handled at the physical layer from other layers come in especially the layers above the physical layer that facilitate networks security pertaining to authentication issues. Precisely, the physical layer fosters network security in that it requires attack detection mechanisms, failure detection as well as intelligent counterattack measures (Korff, Hope & Potter, 2005). Internet Architecture and susceptible security features The trepidation of security infringement on the internet has led to the adoption of secured private networks or rather intranets. The internet engineering task force (IETF) has come up with distinctive security mechanisms at distinct layers of the internet protocol (IP). These security methods facilitate logical protection of data segments which are transmitted across the network. The security architecture used to secure the internet protocol is referred as IP Security and is a standardization of internet security. Ideally, IPSec is applicable an effective in the new generation of IP that is Internet Protocol Version Six (IPv6) and the IPv4 as well. Notwithstanding new technologies such as the IPSec which have been developed to enhance the security of the internet, there are still grave security inefficiencies. IPSec is actually a point to point protocol that employs encryption on one end and decryption on the other side by use of shared keys implemented through a hashing technique. The IPSec protocol can be deployed in two distinct forms namely tunnel mode and transport mode (Caswell & Beale, 2004). A comprehensive scrutiny of both the prevailing version (IPv4) and the new version (IPv6) is quite substantial in order to identify the security implications. In addition, it is prudent to comprehend the security threats that manifest in the internet protect, which cannot be resolved within the protocol hence the need for alternative defense mechanisms. The IPv4 is an age old protocol developed in the late 1980s as a replaced of the NCP protocol used in the ARPANET. However, the IPv4 was discovered to have grave limitation over the years the innovation of the IPv6 which addresses the drawbacks of the IPv4 protocol. However, it is noteworthy that the new IPv6 protocol is not merely an improvement of the IPv4 protocol in its entirety but a new design of the Internet Protocol. In this case the elements of interest are the core parts of the Internet Protocol architecture that are most significant to network security (Convery, 2004). IPv4 Architecture The protocol comprises of a couple of features that have been identified to cause problems with the implementation of the IPv4 protocol. However, not all problems with the IPv4 protocol are related to security vulnerable of this architecture, but they form basis of an elementary comprehension f the drawbacks associated with the IPv4 protocol. The main causes of the prevailing problems in the current IPv4 architecture include: Address Space, Configuration, Routing, and Quality of service and Security. The IPv4 architecture uses an address space of 32bits, which a major drawback limiting the number of available IP addresses for use by devices connecting to the internet to total of two billion. This limitation brought sharing of address implemented in the Network Address Translation technique that is susceptible to the distribution of malicious software due to the small number of address space (Convery, 2004). Routing is also a major concern in the IPv4 architecture because the routing tables in this architecture are ever on the rise. Although there has been formulation of various methods to decrease the number of entries that make it to the routing tables, this is merely a temporarily solution. Therefore, advanced measures are needed to comprehensively address this problem. The networking capability of the IPv4 architecture that uses TCP/IP integration is highly susceptible to security breaches. This networking technique requires that users provide some data so as to make up a network. In reality, some of the information required is the IP address, DNS server, subnet mask and a routing gateway address (Nemati & Yang, 2011). The IPv4 protocol fails in ease of use especially the configuration process. Although a user can request appropriate configuration settings this complicates the efficacy of the network administrator in safeguarding the network and maintaining system integrity. In actual fact, the major concern of the Ipv4 architecture the lack of an embedded feature that expose to attacks by hacks which are widespread in modern times. The mechanisms of securing the IPv4 protocol such as IPSec exist, but do not go beyond the threat of a skilled hacker. In its capacity, the IPSec mechanism secures the packet loads carried by the IPv4 protocol through cryptographic methods which provide the following services: integrity, confidentiality and authentication which are somewhat limited since skilled hackers capable of deciphering the information on transmit may access the encryption to decrypt the information. During the advent, the quality of service (QoS) was standardized dependent on the nature of information on being transmitted. The native transfer of information was mainly in the form of plain text. This is definitely an alarm security age in the information age today (Nemati & Yang, 2011). IPv6 Design The invention of IPv6 had a good grasp of the main challenges associated with the IPv4 protocol. Thus it has increased efficiency in the following features: routing and addressing, multi-protocol architecture, traffic control and security architecture in comparison with the current IPv4. IPv6 has an address space made up of 128 bits. Consequently, the IPv6 has a maximum IP addressing capability of up to 3.4*10^38 which is four times the total addresses available in IPv4. The IPv6 routing technique is dramatically more efficient and facilitates maintenance of scalar routing tables. The configuration of hosts is automated hence greatly simplified since the hosts can configure themselves (Nemati & Yang, 2011). This novel approach makes the overall configuration easy for both the end users and network administrator. Interesting the security features of the IPv6 architecture are embedded within the protocol. The IPSec security method functions the same in both protocols with the exception of IPv6 capability to implement the feature in its entire routing process in information transmission. In addition, the quality of service feature is no longer a concern since the IPv6 architecture allows a unique technique in handling of specific tasks with a greater quality of service. The major benefits of the IPv6 protocol is mainly better approach to network security specifically the aspect of embedded security methods (Convery, 2004). Attacks perpetuated through the existing Internet Protocol IPv4 There are four major system and network security issues which include: availability, integrity, privacy and confidentiality. Confidentiality and integrity are correlated and have a similar implication that is secrecy and validity of information. Availability is the smooth running of computer assets and other network components on a network and their resourceful use by authorized personnel. Privacy is the right to safeguard personal secrets. There are four distinct security methods that are directly relate to these attributes system and network security. Computer Security features Nature of Attacks Security Technology mechanisms Integrity Viruses Worms, Trojans, Eavesdropping, Denial of service and IP spoofing Intrusion Detection Systems, Firewall, Ant-Malware, Cryptographic Systems, IPSec and Secure Socket Layers Certificates Confidentiality Eavesdropping, Hacking, Denial of Service and IP spoofing Intrusion Detection Systems, Cryptographic methods, IPSec and secular Sockets Layer Certificates Privacy Hacking, Spamming, Email bombing Denial of Service and Cookies Firewall, Intrusion Detection Systems, Anti-Malware Software, IPSec and Secure Sockets Layer certificates Availability Dos, System Boot Record Infectors, Email Bombing and Spamming Intrusion Detection Systems, Anti-Malware Software and Firewall The most trivial attack methods above are defended against and the security technologies which are a combination of both hardware and software solutions (Boulgouris, et al., 2010). Trivial Internet Attack Methods Common network attack methods fall into distinct categories as outlined in the table above. These attacks are aimed at compromising the system to cripple its functionality through injection of viruses, worms and Trojans. Network attacks are also a means of privacy violation through which information theft is carried out. The other forms of attacks prevalent in the modern age of internetworking are denial of service (DoS) attacks and cause hours of system unavailability. Below is an exposition of known network attack methods. (Korff, Hope & Potter, 2005). IP Spoofing Attacks Spoofing implies the use of an address assigned to a mirror computer in order to get access to other computers on a network. Through this kind of access the identity of the attackers is concealed and detection of intrusion is hardly possible. This is an alarming concern that cannot be entirely resolved due to the architecture of the IPv4. Thus, IP-spoofed packets are still a security in modern times (Garton, 2006). Denial of Service Denial of service attacks occur when the system is faced with innumerable requests from clients which it cannot return communication with. Subsequently, the system uses its resources in the process of resolving the communication deadlock until the system is exhausted and unable to respond hence system failure (Nemati & Yang, 2011). Worms Ideally, a worm is comparatively a type of a virus that is self-replicating and does not require a folder for it to spread. However, there are two known types of worms which are network-aware worms and mass-mailing worms. The two have different security threats. The mass-mailing worm use emails as their transmission channels to infect computers on a network. On the other hand, the network aware worms are selectively carriers of malicious software and target a specific host through its releases a Trojan (Nemati & Yang, 2011).. Viruses Viruses are self-replicating set of computer instructions that use files to infect components of a network and spread within them. They become active once a file in which they have been placed is open and consequently replicate within the system (sans.org.et al n.d). Eavesdropping Eavesdropping is the Interception of information in the process of transmission by unauthorized persons. This occurs in either passive or active means. In passive interception of communications an unauthorized person secretly “listens” to networked messages whereas in active interception the intruder “listens” and corrupts the information on transit hence distortion of sensitive information and probable theft (Nemati & Yang, 2011). Extant Technology for Internet security Cryptographic mechanisms Cryptography is an effective and widely used tool in securing networks by using codes and ciphers to convert data into unintelligible content. Firewall Firewall technology involves the use of typical control mechanisms that are typical perimeter defense methods. The use of firewall is to restrict unauthorized traffic from the outside of a network as well internal traffic. Firewalls are a combination of software and hardware methods. They are common in modern day networks. Anti-Malware Software Scanners Viruses, Trojan horses and worms are all malicious software. Specialized anti-malware products are available to scan and fix systems infected with malicious software. Secure Sockets Layer This is suite of protocols which is standard and oriented towards an auspicious level of security in communication transmitted between a web browser and a web server. The design SSL employs a communication tunnel between browsers and web servers such that the information on transit is protected against interception. This is accomplished by use of certificates that facilitate authentication of clients to prove identity (“cert.org et al n.d). Security concern in the IPV6 Architecture Although the Ipv6 protocol has effective security mechanisms it falls short of defending itself from all known security threat. There are three features of the IPv6 protocol that renders it prone to likely security threats. These features include: Header manipulation issues, Flooding issues and Mobility issues. Specifically, the IPv6 architecture does not safeguard the protocol against poorly designed applications, misconfigured servers and poorly secured websites (Nemati & Yang, 2011). Current developments in system and network security Network security is still dependent on the same security methods established years ago. However, they are being modified and enhanced by inclusion of biometric identification, which offer a more reliable means of authentication that is superior to passwords. There is also a great effort in constant development and implementation of firewalls and encryption methods. In addition, the use of smartcard as a means of network is being researched on. Hardware developments that have been witnessed in modern network include biometric analysis devices that used to authenticate workstation logons. Although biometric hardware devices are considerably expensive, voice biometric security is a feasible alternative that can be centralized and ease cost whilst serving an efficient role in network security (Newman, 2009). Software developments in system and network security are quite pervasive and entail system intrusion detection, firewalls, antivirus and virtual private networks. The trend is an onward upgrading of the existing methods to counter new threats as soon as they are detected (Northcutt & Novak, 2002). Conclusion Undeniably, the field of system and network security is significant and has gained much attention over the years and especially in recent years. As the internet becomes more relevant in various sectors of modern world security threats and relevant technology to counter them is being developed and advanced especially software solutions. Networks security comprises of both software and hardware methods. Problems and security issues arising from the internet protocol (IP) have contributed to its improvement and development of mechanisms which are useful and a gateway to realization of securing the internet. The combination of the available network security and the great benefits of the IPv6 architecture will prove useful in the efforts of ensuring security in networked systems. However, network security is rapidly evolving and new threats are probable hence the need to focus on new mechanisms to thwart them (Kim & Adeli, 2010). Reference List Garton, R. (2006). 'Nids. New York, E-Reads. Northcutt, S., & Novak, J. (2002). Network intrusion detection. Indianapolis, Ind, New Riders. Fry, C., & Nystrom, M. (2009). Security monitoring. Sebastopol, Calif, O'Reilly Media, Inc. http://proquest.safaribooksonline.com/9780596157944. Hay, A., Cid, D., & Bray, R. (2008). OSSEC host-based intrusion detection guide. Burlington, Mass, Syngress Pub. http://www.books24x7.com/marc.asp?bookid=32232. Kim, T.-H., & Adeli, H. (2010). Advances in computer science and information technology: AST/UCMA/ISA/ACN 2010 conferences, Miyazaki, Japan, June 23-25, 2010 ; joint proceedings. Berlin, Springer. Vacca, J. R. (2014). Network and system security. Amsterdam, Syngress. http://www.myilibrary.com?id=513378. Caswell, B., & Beale, J. (2004). Snort 2.1 Intrusion Detection, Second Edition. Burlington, Syngress Publishing. http://www.CQU.eblib.com/patron/FullRecord.aspx?p=294370. Korff, Y., Hope, P., & Potter, B. (2005). Mastering FreeBSD and OpenBSD security. Sebastopol, CA, O'Reilly. http://books.google.com/books?id=J7FQAAAAMAAJ Convery, S. (2004). Network security architectures: [expert guidance on designing secure networks]. Indianapolis, Ind, Cisco Press. Kartalopoulos, S. V., "Differentiating Data Security and Network Security," Communications, 2008. ICC '08. IEEE International Conference on, pp.1469‐1473, 19‐23 May 2008. Adeyinka, O., "Internet Attack Methods and Internet Security Technology," Modeling & Simulation, 2008. AICMS 08. Second Asia International Conference “Internet History Timeline,” Available at www3.baylor.edu/~Sharon_P_Johnson/etg/inthistory.htm. “Improving Security,” available at http://www.cert.org/tech_tips, 2006. Sans “Intrusion Detection FAQ: What is a Host Intrusion Detection System?” available at http://www.sans.org/security-resources/idfaq/what_is_hips.php Newman, M. (2009). Biometrics: application, technology, & management. Boston, Mass, Course Technology. Reid, P. (2004). Biometrics for network security. Upper Saddle River, N.J., Prentice Hall PTR. Boulgouris, N. V., Plataniotis, K. N., & Micheli-Tzanakou, E. (2010). Biometrics theory, methods, and applications. Piscataway, N.J., IEEE Press. Available at http://public.eblib.com/EBLPublic/PublicView.do?ptiID=468702. Onwubiko, C., & Owens, T. (2011). Situational awareness in computer network defense: principles, methods and applications. Hershey, PA, Information Science Reference. Nemati, H. R., & Yang, L. (2011). Applied cryptography for cyber security and defense: information encryption and cyphering. Hershey, PA, Information Science Reference. Read More