Network Security - Literature review Example

?NETWORK SECURITY Network Security Affiliation Table of Contents 2 Main Risks 4 3 Internal and External Security Breaches 5 3 Denial-of-Service 5 3.2 Unauthorized Access 5 3.3 Data Diddling 6 3.4 Data Destruction 6 3.5 Virus Attacks 6 3.6 Worms and Trojans 7 4 Actions Taken to Avoid Security Breaches 7 4.1 Using Encryption Techniques 7 4.2 Implement Network Security Firewalls 8 4.3 Install a Latest Anti Virus Software 8 4.4 Establish a proper Identity and Access Management mechanism 8 5 Conclusion 9 1 Introduction At the present, the majority of business organizations develop computer networks to complete their business tasks. In the same way, the Internet is a huge network of numerous small and medium networks. Additionally, the Internet has turned out to be an essential part of our lives and business tasks. Though, these advanced technologies offer a large number of benefits and opportunities but they also cause a wide variety of security and privacy issues. These issues can be dangerous for personal information safety and privacy. Thus, network management procedures are used for the effective management of the network security aspects (Kaminsky, 2012; Cisco, 2000; Huang, MacCallum, & Du, 2010). In addition, network security encompasses a set of rules and actions that an organization or business adopt to secure its computer systems, and it is a major concern for every business that uses a computer network to carry out its business tasks. Hence, compromised network security risk clearly demonstrates that a business competitor or hacker can gain access to sensitive or critical data, probably resulting in total destruction of business or personal information or system or data loss. In this scenario, effective network security can be attained when a user has to face a number of security layers before being capable to get access to the desired business or any information network. Additionally, various researches show that the implementation of more layers results in more secure network and working environment (Kaminsky, 2012; Cisco, 2000; Huang, MacCallum, & Du, 2010). This paper presents a detailed analysis of network security. This paper will outline some of the major issues regarding internal and external security breaches of a corporate. This paper will also outline the actions and suggestions that should be taken into consideration in order to address these security issues. 2 Main Risks With the passage of time, the trend of adopting new technologies is growing rapidly. Additionally, the computer networks play a significant role in our lives as they are used everywhere. In fact, we regularly use the Internet to carry out our daily tasks. On the other hand, these networks also create various security risks. In addition, network security issues are everywhere whether it is a computer being utilized in a big business/organization or it is a personal computer. In order to ensure network security every computer requires to be protected from the computer network dangers and security fears. Every time we use the new computer system we face some sort of security risks and danger like exposing personal information, credit card theft, identity theft, hacking, data leakage, virus attacks, DoS attacks, and data corruption. In addition, there are also certain other security threats such as various virus attacks and a number of other security problems (Zhang, Xiao, Chen, Zhang, & Deng, 2012; Joshi, 2008; Network Security Threats, 2012). Moreover, in order to determine network security issues a research study was conducted by the event management and security information supplier netForensics, which revealed that more than 80 percent of IT managers anticipate network-borne dangers, which have augmented all through the year 2010 and 2011, and more than 85 percent of IT managers are seeing their corporate network security environment turning out to be more and much harder and complex (Cisco, 2000; Schwartz, 2010). 3 Internal and External Security Breaches This section outlines some of the major internal and external security breaches and issues those are problematic for the network structures. These internal and external factors create a wide variety of serious problems and security dangers for the network structures. Up till now, a large number of researches and studies have been conducted to analyze the issues and problems in computer networks. In this scenario, (Curtin, 1997; Venter & Eloff, 2000; Cohen, 1999; Huang, MacCallum, & Du, 2010; Joshi, 2008) discuss various types of security attacks in computer networks: 3.1 Denial-of-Service One of the biggest and most critical network security problems that can be seen on networks is known as the DoS (or Denial-of-Service) attacks. This type of network security attack is considered as the most serious, worst, and complex problem to address network security attack. In this type of network security attack a huge volume of network traffic is sent to a computer network server or computer that makes it dump (unable to receive and process any further request). In addition, this type of network security attack disables the working power of the network and makes it useless for business working and operating. 3.2 Unauthorized Access A hacker can access the computer network of an organization both from inside and also from the outside of the organization. Basically, in this type of network security attack a business faces illegal or un-authorized access to the business network that causes serious damage or theft of an organization’s private or personal data. In addition, the basic motive behind launching this attack is to get illegal access to some resources that an organization should not offer the attacker in a simple way. The possible reason of such attacks can be use of weak passwords or conflicts among internal staff members. 3.3 Data Diddling The data diddling is considered as the most horrible kind of network security attack, for the reason that in reality the data diddling attack involves a break-in that might not be instantly obvious. In this scenario, the attacker changes the original contents of information with the wrong one that leads to possible drastic outcomes for the business as well as for an individual. 3.4 Data Destruction The basic purpose of the data destruction attack is to destroy the organizational data so that an organization cannot be able to make use of it to manage its business tasks. Basically, this type of attack can involve virus and worm attacks into the network security system that cause serious damage to business or personal data files. In addition, in this type of attack an attacker sends some sort of spyware, virus or worm to a host system that leads to destruction of all data in the system. 3.5 Virus Attacks Everyone who uses a computer is well aware of computer viruses. In this type of network security attacks the nasty programs known as viruses, ate launched to the network with the intention of destroying overall data and the contents of the system. In this type of attack a virus program enters in the system and causes a massive destruction of data and information files. 3.6 Worms and Trojans Similar to computer viruses, one of the major intentions of network security attacks is to install a software application on the host computer or network server. However, there is a little difference between a virus and a worm. Basically, a worm is a type of computer program that hides its presence from the user/administrator of the system. Once the worm is installed on the computer it will carry out operations whatever instructions given to it by its creator. The creator of such kind of programs is known as a cracker. In addition, this kind of attacks is also used for information theft and data diddling. 4 Actions Taken to Avoid Security Breaches This section presents the suggestions and guidelines that can be adopted to secure the computer network. As discussed above, a large number of researches have been conducted to determine the impact of these security attacks on the networks. In addition, a large number of tools and strategies have been proposed to deal with these issues. In this scenario, various researchers such as (Cohen, 1999; Chernyavskiy & Miloslavskaya, 2012; Onwubiko, 2008; Curtin, 1997) outline different mechanisms and strategies to deal with these security issues and challenges. Some of these strategies are: 4.1 Using Encryption Techniques In order to ensure maximum network security, an organization must implement an effective encryption mechanism. In this scenario, secret and personal data and information are encrypted into a format that is difficult to decrypt or understand for the hackers. In this way the hacker or security breaker cannot able to see or view business or personal information because of its unreadable form. 4.2 Implement Network Security Firewalls A security firewall is one of the most important network security management tools that are currently used by the majority of business organizations. This type of network security management tool helps an organization ensure effective management of network security. In this scenario this system scans all incoming traffic to the network and provides alerts and stops any illegal network security breach. 4.3 Install a Latest Anti Virus Software An antivirus software application plays a significant role in ensuring the maximum network security. A latest version of an antivirus program must be installed on each system on a network. This antivirus program basically scans the data and traffic in the system and protects the system from any possible attack from outside as well inside. 4.4 Establish a proper Identity and Access Management mechanism In order to ensure maximum network security, an organization needs to protect the business or corporate network by using effective identity and access management technique. In this scenario they must use strong passwords and unique username based access to allow their members to access the network. 5 Conclusion A computer network is an essential element of almost every business organization that deals with data. In view of the fact that the entire business process of an organization heavily depends on its computer network so it becomes vital to ensure the maximum security of their computer network. This paper has discussed a wide variety of security issues and attacks that can occur in a computer network. This paper has also outlined the strategies and mechanisms that an organization must adopt to deal with these serious issues. 6 References Chernyavskiy, D., & Miloslavskaya, N. (2012). A concept of unification of network security policies. SIN '12 Proceedings of the Fifth International Conference on Security of Information and Networks (pp. 27-32). ACM New York, USA. Cisco. (2000). Designing Network Security. Retrieved November 15, 2012, from http://portal.aauj.edu/portal_resources/downloads/networking/designing_network_security_cisco_press.pdf Cohen, F. (1999). Feature: Managing network security: Attack and defence strategies. Network Security, Volume 1999 Issue 7, pp. 7-11. Curtin, M. (1997). Introduction to Network Security. Retrieved November 15, 2012, from http://www.interhack.net/pubs/network-security/ Huang, S. C.-H., MacCallum, D., & Du, D.-Z. (2010). Network Security. New York: Springer. Joshi, J. (2008). Network Security: Know It All, 1st Edition. Morgan Kaufmann. Kaminsky, A. (2012). What is Network Security? Retrieved November 14, 2012, from http://www.wisegeek.com/what-is-network-security.htm Network Security Threats. (2012). Network Security Threats Explained. Retrieved November 14, 2012, from http://www.networksecuritythreats.org/network-security/network-security-threats-explained/ Onwubiko, C. (2008). Security Framework for Attack Detection in Computer Networks. Germany: VDM Verlag Saarbrucken. Schwartz, M. J. (2010, June 25). Network Security Threats Increasing. Retrieved November 13, 2012, from InformationWeek.com: http://www.informationweek.com/security/vulnerabilities/network-security-threats-increasing/225701500 Venter, H., & Eloff, J. H. (2000). Feature: Network Security: Important Issues. Network Security, Volume 2000 Issue 6, pp. 12-16. Zhang, Y., Xiao, Y., Chen, M., Zhang, J., & Deng, H. (2012). A survey of security visualization for computer network logs. Security and Communication Networks, Volume 5 Issue 4, pp. 404-421. Read More