StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Network Security Attack Methodologies - Essay Example

Cite this document
Summary
This essay "Network Security Attack Methodologies" is about the current computer network security systems which are faced by numerous attacks, thus creating the need for robust means of protecting the systems against threats and potential attacks. 

 
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.9% of users find it useful
Network Security Attack Methodologies
Read Text Preview

Extract of sample "Network Security Attack Methodologies"

Network Security Attack Methodologies Grade (December 11, Network Security Attack Methodologies Abstract The current computer network security systems are faced by numerous attacks, thus creating the need for robust means of protecting the systems against the threats and potential attacks. Traditionally, the attack on network security systems was purely a matter of fun, where the computer systems attackers and hackers were doing it for the fun of enjoying their prowess in managing to tamper and penetrate through established network security systems. However, the modern objective for computer systems and network security attacks has changed from that of fun into a business objective. Thus, the security system attackers and hackers are now using the information obtained after penetrating through the security systems to attack the target individuals or organizations and defraud them. Without full understanding of the nature of threats to the network security systems and the methods of attacks applied, it would not be possible to establish a strong security mechanism that will effectively protect the network systems and their associated data from attack. The understanding of the Network Security Attack Methodologies is therefore pertinent to the establishment of the most effective defense mechanisms and capabilities. Introduction The modern computer and network security systems are faced by diverse threats, owing to the fact that there has been a general growth in the internet accessibility and use, as well as the overall growth in the number of targets comprising of both individual and organizational computer and network security systems [1]. The attack capabilities has also increased, due to the development of more advanced hacking and attack tools, following the increased knowledge and skills of computer operation and usage that have come with the advanced technology wave. Securing the network security systems against potential threats, both for the individuals and business organizations is a present effort that seeks to protect older systems already established, while also securing the newly acquired systems. While the protection of the network security systems against known threats could be easy, there is a need to ensure the continuity of proactive efforts to detect emerging new threats and understand their defense mechanisms [2]. The understanding of the network security attack methodologies require a broad focus on who is interested in attacking, what their motivation is and what capabilities they have to exploit the network security weaknesses [3]. The network security systems are far ahead of the available defense mechanisms, owing to the fact that the development of the defense mechanisms is reactionary [4]. Thus, the protection of the network security systems ca only be done against the threats that have already been identified. Therefore, understanding the exploit mechanisms applied by the security system attackers can enable the development of active measures that will not only protect against the known threats, but also the foreseen and predicted attacks [5]. The computer and network security can be attacked through a thousand of methodologies, but which can be classified into a few limited categories. Thus, this discussion seeks to analyze the network security attack methodologies, with a view to recommending the proactive measures that can be undertaken to protect against these security breach mechanism. Network Attack Methodologies Physical attack Physical attack is a network attack methodology that occurs through the unauthorized access of the computer and network security systems of an individual or organization by individuals with a malicious intent [6]. Physical attack methodology is applied by individuals who have direct access to the network security systems of the target, for example organizational employees, who can then easily access the network security systems of the organization and gain the desired information [7]. The attack technique applied under the physical attack methodology is information theft, where the unauthorized access of the network security systems results in the attackers stealing important information either regarding the system or other important data that they can eventually use to their advantage [8]. The information stolen can then be used to try to connect to the network security system from outside the organization, with the intention of accessing and using the data available in the network security system for different gains. Fingerprinting Reconnaissance/surveillance Fingerprinting surveillance is a network attack methodology that is applied by computer pirates and hackers to monitor the key addressing information of a security network system of the target individual or organization [9]. Before any attack can be launched on an individual’s or organization’s network security system, the first step must be to always obtain the network’s addressing information, also known as the network fingerprinting [10]. Thus, the fingerprinting surveillance as a network attack methodology entails gathering as much information as possible regarding the target network infrastructure and then retrieving the information for possible use against the system [11]. The notable information that the computer and network security hackers gather under the fingerprinting surveillance include the IP addresses of the computers of the target individual or the organization, as the blueprint for specification of the exact location where the attack is to be launched [12]. Additionally, the pirates and hackers also gather information related to the domain name and network protocols of the target computers, since such information is key not only for enabling attack on the target computers, but also for obtaining the pathways and channels through which the attack can be launched [13]. Finally, information regarding the server architecture and the activated services of the target computers form the other relevant information that is surveyed and retrieved by the computer hackers and pirates [11]. The information related to the server architecture and also the activated services of the target individual or the organization enables the hackers and the pirates to know the extent of gains that can be possibly reaped from the attack, such as the financial gains through defrauding the activated financial services of the target [14]. The greatest danger posed by the fingerprinting methodology of network security attack is the fact that obtaining the IP addresses or the domain name of one computer by the pirates or attackers is capable of leading them to obtain the addressing information of the entire network [15]. The fingerprinting information is crucial to a network security system, and its breach makes it possible for the pirates and hackers to compute the range of the IP address of the entire organization computer network systems, and manage to break the information into the possible sub-networks [16]. Software programming weakness exploitation The exploitation of the weaknesses in the programming software is yet another network security attack methodology that is applied by the computer network security hackers and pirates [17]. There are some software that are programmed with inherent security weaknesses, either by the software manufacturers or by the customized organizational or individual software programmers. Such inherent weaknesses offer the computer network pirates and hackers an opportunity to gain access to the other vital installations of the individual or organizational computer networking systems [18]. A single software with inherent weaknesses, which might arise out of the software being outdated or created with some minor problems poses a great risk for the computer network system, since the pirates and hackers possess the technological knowledge and IT savvy skills in programming or decoding the software program languages, which can then allow them to collect other information related to the computer in which the software with the weaknesses is installed [16]. Thus, it is paramount that an individual or organization is fully certain of the authenticity and appropriateness of the software programs that are installed in the networked computer systems, since software with some weaknesses pose the treat of the security system being hacked into. Denial of service Denial of service is a network security attack methodology that is applied by computer systems hackers and pirates, which disrupts the programs or software of the target individual or organization, causing them to stop functioning [19]. This attack methodology can also be applied by attacking some of the programming of the organization, such that it prevents the organization from using the service through network service disruption. The denial of service is achieved through the introduction of disruptive datagrams that have been carefully crafted to be able to disrupt and cause the network connections to fail or get terminated. Additionally, the introduction of malicious application commands can be introduced into the network programming, thus causing the network connection program to become extremely busy or to stop functioning altogether. This results in the whole system failing to work, and thus denying the target individual or the organization essential services. Thus, the prevention of suspicious network flows into an individual’s or organization’s system is an important strategy for addressing the denial of service threat, since the disruptive and the malicious datagrams are introduced through the network flows or malicious program installations [20]. Spoofing and eavesdropping The spoofing and eavesdropping network attack methodology comprises of the computer system hackers and pirates configuring and then installing programs that either mimic or copy the information flow into the computer network security system [9]. Once the data has been mimicked or copied, it can then be easily retrieved by the hackers, and used to access the other important information related to the network security system. This threat is most especially targeted at computer network security systems with activated broadcast network technologies that allow for multiple sharing of files and documents [8]. The attackers and hackers take advantage of the broadcast technologies to trace the source computer as well as the recipient computers, through mimicking or copying their important security information such as IP address and passwords [13]. This information can eventually be applied to attack both the source and the recipient computers. Recommendations The most plausible defense mechanisms against the physical attack methodology is strict control and specification of who can access and use the personal or the organizational security systems. This way, it will be possible to ensure that those who can access and use the network security system are the intended users, thus minimizing the risks of physical access and tampering with the security systems or their associated data. Secondly, fingerprinting surveillance is the initial network security methodology that is applied by the pirates and hackers. Therefore, guarding the fingerprinting information such as the domain names and the IP addresses of the individual or organizational computer networks is a crucial defense mechanism against this method of attack [1]. To overcome the threat of exploitation of the weaknesses in software programming, it is important to update and advance the versions of the software programs installed into the most updated versions [1]. This is because; most of the computer vendors and manufactures are unable to guarantee the security of the outdated versions of the software [2]. The effort to counter the threat of denial of service attack requires declining all program and software installation and update requests that are not generated and initiated from within the normal and routine program installation or updating schedule of the organization [6]. This will hinder malicious programs from installing into the organization’s computer security network. The threat of spoofing and eavesdropping can be overcome through ensuring to avoid activating any broadcast technologies on the individual or organizational computers [4]. The use of IP firewall security system as well as the use of data encryption for all the data communicated and transmitted from one computer to the other is also an effective defense mechanism against the attack on the computer network security system caused by spoofing and eavesdropping [5]. Bibliography [1] W. Cheswick. S. Bellovin et al. Firewalls and Internet security: Repelling the wily hacker. Boston: Addison-Wesley, 2007. [2] V. Sugumaran. Intelligent information technologies: Concepts, methodologies, tools, and applications. Hershey, PA: Information Science Reference, 2008. [3] O. Kirch. Linux network administrators guide. Sebastopol, Calif: OReilly, 1995. [4] T. Bautts, D. Tony, et. al. Linux network administrators guide: [infrastructure, service, and security]. Beijing: OReilly, 2005. [5] B. Cunningham. Network security evaluation using the NSA IEM. Rockland, Mass: Syngress Pub 2005. [6] C. Bryton. Cracking DES: Secrets of encryption research, wiretap politics & chip design. Sebastopol, Calif: OReilly, 1998. [7] R. Stevens. TCP/IP illustrated: 1. Reading, Mass. [u.a.: Addison-Wesley, 1994. [8] W. Schmidt. Diophantine Approximation. Berlin, Heidelberg [usw.: Springer, 1980. [9] M. Rash. Linux firewalls. San Francisco: No Starch Press, 2007. [10] S. Garfinkel and G. Spafford. Web security, privacy and commerce. Cambridge, Mass: OReilly, 2002. [11] G. McGraw. Software security: Building security in. Upper Saddle River, NJ: Addison-Wesley, 2006. 72-75. [12] C. McNab. Network security assessment. Beijing: OReilly Media, Inc, 2008. 46-49. [13] A. Sloan. Network Troubleshooting Tools. Sebastopol: OReilly Media, Inc, 2009. 46-58. [14] Guttman, Barbara and Roback, Edward. An introduction to computer security: The NIST handbook. Washington: US Govern. Printing Office, 1995. 65-67. [15] Linux Document Project. Linux Network Administrators Guide: Methods of Attack, 2014. Web. December 13, 2014. < http://www.tldp.org/LDP/nag2/x-082-2-firewall.attacks.html> [16] D. Harley, R. Slade et al. Viruses revealed. Berkeley, Calif: Osborne/McGraw-Hill, 2001. 24-23. [17] Information Resources Management Association. Wireless technologies: Concepts, methodologies, tools and applications. Hershey, PA: Information Science Reference, 2012. 210-239. [18] G. Hoglund and G. Mcgraw. Exploiting Software: How to Break Code. Pearson Education, 2004. 33-34. [19] H. Nemati. Information security and ethics: Concepts, methodologies, tools and applications. Hershey PA: Information Science Reference, 2008. [20] D. Nagamalai. Advances in Network Security and Applications: 4th International Conference, Cnsa 2011, Chennai, India, July 15-17, 2011, Proceedings. New York: Springer-Verlag Inc, 2011. 16-17. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Attack metholodgies ( network security ) Essay Example | Topics and Well Written Essays - 1750 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1671906-attack-metholodgies-network-security
(Attack Metholodgies ( Network Security ) Essay Example | Topics and Well Written Essays - 1750 Words)
https://studentshare.org/information-technology/1671906-attack-metholodgies-network-security.
“Attack Metholodgies ( Network Security ) Essay Example | Topics and Well Written Essays - 1750 Words”, n.d. https://studentshare.org/information-technology/1671906-attack-metholodgies-network-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Network Security Attack Methodologies

An IT security consultant

This paper will explain four methodologies and how they can be used to protect an organization's system from being vulnerable.... hellip; Considering the exposure of most systems to multiple users through the internet, and environments such as the operating system, the vulnerability to attack increases, with unpredictable consequences in costs and damages (Zellan 2003).... An IT security Consultant Name: Institution: An IT security Consultant A vulnerability could be a flaw, error or weakness in an Information Technology (IT) system which an attacker may exploit and alter the system's normal behavior (Christey 2007)....
3 Pages (750 words) Essay

IT Consultant & Methodolgies

These loopholes are categorized into four categories known as “attack methodologies.... IT Consultant & methodologies Instructor Date Introduction As many people would agree, the computer age has brought with it many advancements in many areas.... IT Consultant & methodologies Introduction As many people would agree, the computer age has brought with it many advancements in many areas.... The system tends to be configured in a manner that leaves loopholes that crackers might use to attack the system....
3 Pages (750 words) Essay

Thinking Like a Hacker to Protect Your Network

The sure way to best ensure network security is by using the viewpoint of a hacker.... In order to achieve a watertight network security understanding how hackers operate and the methods used to attack and exploit vulnerabilities in the system is imperative.... Knowing the valuable assets and the methods through which they can be attacked is fundamental in the process of ensuring the network security of an organization or personal network.... This literature review "Thinking Like a Hacker to Protect Your Network" presents the advancement of information technology that has brought forth the evolution of the types of threats and methods of attack used to penetrate an organization's private network....
8 Pages (2000 words) Literature review

Microsoft Baseline Security Analyzer

Focus on the overall “security assessment” risk rating that appears at the top of your report.... Considering what security measures you (or the computer owner) have undertaken for your computer, does the assessment surprise you?... What measures should you… I didn't receive a complete security assessment for my personal computer because the MBSA could not complete one or more requested checks.... Overall, I'm not surprised at the results of my security assessment due to the fact that I'm the only user of this computer, and I exercise safe practices while using it, and I only use it on an as needed basis....
7 Pages (1750 words) Essay

The Analysis of the Heartbleed

Classically, ACE vulnerability attacks are carried out on running programs and entail an extremely advanced understanding of the internals of assembly language, code execution and memory layout—the kind of attack that calls for an expert, to be concise (Sampathkumar, Balasubramani 2014).... The attack seemingly looked to have been triggered by a malicious computer code referred to as malware, according to people familiar with such matters.... SSL, this shorthand represents Secure Sockets Layer—It is a security standard that allows secure transmission of information to occur between you and a service without the risk of interception of vital information by a third party....
16 Pages (4000 words) Essay

Aspects of Network Security Management

This essay "network security" presents a comprehensive overview and analysis of some of the main aspects of network security as well as its management.... nbsp;At present, network security has become a hot topic that demands massive public and organizational awareness.... hellip; This essay is aimed to proficiently evaluate and analyze some of the core issues regarding network security, its main concerns and possible solutions to manage and protect network security....
6 Pages (1500 words) Essay

Trusted Platform Module Vulnerabilities

This article "Trusted Platform Module Vulnerabilities" focuses on TPM, an overview, is known to offer a protection space for key operations, provide a safe place for storing sensitive information and other critical security tasks, and report and store integrity measurements....
7 Pages (1750 words) Article

Importance of Security in Cyberspace

hellip; Large companies and individual users have both suffered the negative impacts that have been created by the continued use of IT devices and methodologies.... One approach is the installation of a security program in response to damages that were caused by a previous attack on the premises of an organization.... The author of the paper under the title "Importance of security in Cyberspace" will begin with the statement that the advent of information and communication technologies has come along with benefits as well as limitations to the users....
8 Pages (2000 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us