NETWORK SECURITY AND CRYPTOGRAPHY 1

Network Security and Cryptography

Jose Rivera

ISSC-641 Telecommunications and Network Security

Professor Elliot Lynn

American Public University System

October 30, 2018

NETWORK SECURITY AND CRYPTOGRAPHY 2

Contents

1. Introduction ----------------------------------------------------------------------------------------------

2. Problem Statement -------------------------------------------------------------------------------------6

3. Networks and Services ---------------------------------------------------------------------------------6

3.1 Popular Networks ---------------------------------------------------------------------------------7

3.2 Cellphone Networks ------------------------------------------------------------------------------8

3.3 VoIP networks -------------------------------------------------------------------------------------

3.4 Security Services --------------------------------------------------------------------------------10

3.5 Security Program --------------------------------------------------------------------------------10

3.6 Security Policy -----------------------------------------------------------------------------------10

3.7 Risk management --------------------------------------------------------------------------------

11

4. Security Threats ---------------------------------------------------------------------------------------11

4.1 End-User ------------------------------------------------------------------------------------------12

4.2 Attacks --------------------------------------------------------------------------------------------12

4.3 Where are they initiated from? ----------------------------------------------------------------13

4.4 Mitigating Security Risk -----------------------------------------------------------------------13

5. Security Mechanisms ---------------------------------------------------------------------------------14

5.1 Security Awareness Training ------------------------------------------------------------------14

5.2 Tools ----------------------------------------------------------------------------------------------15

5.3 Smartphone OS security ------------------------------------------------------------------------16

NETWORK SECURITY AND CRYPTOGRAPHY 3

5.4 SMS Security ------------------------------------------------------------------------------------17

5.5 VoIP Security ------------------------------------------------------------------------------------18

5.6 Hardware -----------------------------------------------------------------------------------------19

5.7 Software ------------------------------------------------------------------------------------------19

5.8 Firewalls ------------------------------------------------------------------------------------------20

6. Cryptography ------------------------------------------------------------------------------------------21

6.1 Variations of Cryptography --------------------------------------------------------------------21

6.1.1 Symmetric Cryptography -------------------------------------------------------------21

6.1.2 Asymmetric Cryptography -----------------------------------------------------------22

6.1.3 Hashing ----------------------------------------------------------------------------------22

7. Conclusion ----------------------------------------------------------------------------------------------23

8. References ----------------------------------------------------------------------------------------------24
NETWORK SECURITY AND CRYPTOGRAPHY 4

1. Introduction

When networking was developed many years ago, security and cryptography were the last

things anyone thought about; digital networking was developed to share information. However,

as the internet grew, and networks began to expand, there became a need for security and

cryptography. The development of the internet also created new types of criminals known as

hackers or cyber criminals, and with this new type of criminal, a need for digital security became

a priority.

Since as far back as recorded history, cryptography has been used to relay messages and

keep secret messages a confidential; it was also used in many battles and several wars. Today,

cryptography has advanced exponentially, and it is still used with the mindset of protecting

information, messages and battle strategies. There are several different tactics out there that help

protect the information that is being put on the internet. With all of the online shopping and

collection of financial data after purchasing an item, corporations must take precautions in

protecting that data.

Financial institutions, like banks, also must take precautions on how they protect their

customers’ information and financial assets. Every day, these financial institutions are attacked

in an attempt to get unauthorized access. However, it is not just financial institutions that are

getting attacked, there are governments and other business that are also prone to attacks.

Network security and cryptography play an important role in protecting the network along with

the data that is contained on it.

NETWORK SECURITY AND CRYPTOGRAPHY 5

The questions that come to mind are: How do we protect the network? What security

mechanism(s) can we implement to protect the data that is stored and shared? How do we

determine which security mechanism is right for the organization and for an individual? There

have been many new developments with network security and cryptography that sometimes

make it hard to decide which path to follow. So how does one determine the best course of action

in protecting themselves and the data that needs to be private?

NETWORK SECURITY AND CRYPTOGRAPHY 6

2. Problem Statement

Today, almost everything is done on a digital device from a cellphone to a personal

computer. Shopping, making reservations, paying bills and even socializing is done online.

Human interaction is no longer personal, it is all digital, and with that comes the concern on how

to protect yourself and the information that is shared on the network. Just several years ago, to

keep an individual’s house secure all that was needed was to lock the front door and secure all

the windows, but with more and more people digitizing their home just locking the front door

will not suffice. Your refrigerator, stove and even dishwasher are connected to the internet, and

people have now become vulnerable to a different type of attack. Technology has advanced so

much in the past ten years, that you can now order products online from merchants and they can

deliver right to a person’s living room without them even having to be there to open the door.

New measures must be taken to protect not only the individual, but their family and their

network. Can network security provide that piece of mind? What about implementing

cryptography to protect account information, user-id and password. Cryptography can be broken,

and not all networks are one hundred percent secure. There are many different types of security

methods out there, and each one has a different use as well as a different layer of security. How

to decide which one would best fit an organization is what we will be looking at. The cost,

benefits and deficiencies if any, are just some of the things to consider when looking into the

implementation of a good security package.

3. Networks and Services

When thinking of networks and the services they provide, some think of television, cable

television or satellite television and the services they provide; in this case it is far from that. Here
NETWORK SECURITY AND CRYPTOGRAPHY 7

what is being discussed is digital networks, or Information Technology (IT) networks, and the

services that are provided when they are being utilized. There are a variety of communication

networks and each type offers different services, also known as applications. Some of these

networks have made life a little simpler, but sometimes at a price, that price being an individual’s

identity, finances and even their sense of security.

There are methods and tools out there that can help mitigate some of these losses, but with

so many variations out there, the question is which one is best suited for the individual or the

network? The next few paragraphs will discuss the different types of networks, security

platforms and depending on the situation which method of protection is ideal for the network and

the individual user.

3.1 Popular Networks

Communication today is held on a variety of communication platforms such as: e-mail,

Instant Messaging (IM), social media, video conferencing and Short Message Service (SMS). All

of these different types of communication platforms are utilized on a variety of communication

networks. These networks can consist of the following: Local Area Network (LAN),

Metropolitan Area Network (MAN), Wide Area Network (WAN), Wireless and Inter Network

(Internet). There are two networks in specific that are used in regard to telecommunications,

these two networks are: switched communications network and broadcast network, they will be

discussed in further detail.

A switched communications network transmits data from one point to another point via the

use of a series of network nodes. The transmission of data can be performed in one of two ways:

a circuit-switched network and a packet-switched network. In a circuit-switched network, which

establishes a reserved route on the network and is held for the duration of communication, best
NETWORK SECURITY AND CRYPTOGRAPHY 8

resembles the traditional analog phone system. On a packet-switched network, digital data is

broken into small packets and is then forwarded independently through the network. This process

is known as store-and-forward, in which packets are briefly kept at each transitional node, then

sent on when a slot is available (Morrow, n.d.).

In a connection-oriented communication structure, each packet will take the same path

through the network, and eventually arrive to their destination the same way they were

transmitted, even if each packet has taken a different route within the network in a

connectionless or datagram structure. Although datagrams may not arrive in the order they were

sent, they have sequential numbers attached to them, so that at their destination they are

accurately reassembled. The latter is the technique that is utilized for conveying data through the

Internet (Morrow, n.d.).

A broadcast network sidesteps the intricate routing techniques of a switched network by

confirming that each node’s broadcasts are acknowledged by all other nodes in the network.

Hence, a broadcast network has but one communication channel. A wired local area network

(LAN), for instance, may be configured as a broadcast network, with only a single user linked to

each node and the nodes usually arranged in a bus, ring, or star topology (Morrow, n.d.). Nodes

linked collectively in a wireless LAN may possibly broadcast thru a radio or optical links. On a

greater scale, various satellite radio systems are broadcast networks, subsequently each Earth

station inside the system can usually hear all messages transmitted by a satellite (Morrow, n.d.).

3.2 Cellphone Networks

Cellphone networks are something that we use on a constant basis. Nearly every time you

look at your cell phone or utilize it in any way, you are depending on the cellphone networks to

put you in communication with the rest of the world. As remarkable as smartphones have gotten
NETWORK SECURITY AND CRYPTOGRAPHY 9

today, they are minute in comparison to the enormous accomplishment of cellphone networks.

Although our mobile phones are essentially walkie-talkies tied into small personal computers

(Wang, 2014), the networks that they depend on traverse nations and function using an

abundance of overwhelming display of installations, protocols, and various technologies.

A cellphone works utilizing radio waves to communicate, the radio waves transfer digitized

voice or data in the form of fluctuating electric and magnetic fields, known as an electromagnetic

field (EMF). The radio waves transmit the data through the air from one point to the other at a

high rate of speed. A cell phone transmits its signal in an omnidirectional pattern, they are then

either bounced from surrounding areas or absorbed while trying to get to the nearest cell phone

tower (Wang, 2014).

3.3 VoIP networks

VoIP, also known as Voice over Internet Protocol, is another Internet-based

communication method. VoIP utilizes hardware and software that functions concurrently to

employ the Internet to convey telephone calls by transmitting voice data in packets using IP

rather than by old-style circuit communications, called PSTN (Public Switched Telephone

Network) (Johnson, 2018). The voice traffic is transformed into data packets then transmitted

over the Internet, or any IP network, just like ordinary data packets would be conveyed. When

the data packets arrive at their destination, they are changed back to voice data again for the

addressee. The telephone is associated to a VoIP phone converter. This converter is linked to

your broadband Internet connection. The call is transmitted through the Internet to an ordinary

phone jack, which is hook up to the receiver's phone. Unique hardware is essential only for the

sender (Johnson, 2018).

VoIP communication permits for different types of connections to accommodate the

NETWORK SECURITY AND CRYPTOGRAPHY 10

individuals’ needs. These different types of services permit users to communicate without

purchasing any additional equipment, all that is needed is an Internet connection. Although all

approaches of VoIP communications will need registration with an Internet Service Provider

(ISP), there are alternatives that do not involve supplementary devices/hardware, like an IP

Phone. However, in its place, these device-less connections offer VoIP service with nominal

risks and without forgoing extra cost, efficiency and quality. Even if price and performance

fluctuate between techniques, these connections are perfect for skeptical consumers who are still

uncertain of VoIP (Ventimigilia, 2013).

3.4 Security Services

Security service is a service that is provided on a network or device to warrant acceptable

security to the network or communication being broadcast. The following security services

augments the security of voice communication and data transmission: Data Integrity, Data

Confidentiality, Authenticity, Nonrepudiation, and Access Control (Kumar, 2015).

3.5 Security Program

A security program is as important to an organization as the lock that keeps the server room

of an organization secure. For this paper, the focus is on a communication security program that

will assist in guiding end-users how to protect the information that is being sent through the

network, whether by voice or data. A security program should outline the what type of method is

to be used to transmit data through the Internet and should define the various levels of

information being processed, including the cryptography that will be utilized if needed (Harris,

2006).

3.6 Security Policy

A security policy is the organization’s guidelines to ensure telecommunication security. A

NETWORK SECURITY AND CRYPTOGRAPHY 11

well written security policy is the foundation of an effective security program; it is where all

other guidelines will come from, the do’s and don’ts of the organization. It is comprised of the

organizations principles, ambitions and objectives (Peltier, 2014, p. 2). The security policy will

have outlined how employees should conduct themselves while at the organization and defined

what information cannot be discussed on and off the job site. The responsibilities of everyone

within the organization should be identified from the janitor to management.

3.7 Risk management

Identifying possible threats and determining if there is a risk is what is known as risk

assessment. Not all threats pose a risk to either the organization or the individual, but none the

less there is still a risk. Risk assessment is utilized to identify possible threats that could put

networks and end-users in jeopardy. Once the risk assessment is done, then action will be taken

accordingly to harden the network and/or mobile devices with access to the organization’s

network (Peltier, 2014). Risk assessment plays a vital role in regard to network security.

Whether it is a cell network or VoIP network, incorporating risk management can help mitigate

unauthorized access to a network.

4. Security Threats

Security threats are all around us and in almost every industry, the telecommunications

industry is not immune. Here are just a few of the security threats that worry most organizations:

Social engineering, phishing or malware aimed at subscribers, Distributed Denial of Service

(DDoS) attacks, Insider threats and exploitation of vulnerabilities within a network and

consumer devices. The greatest threat to any organization may be the end-user and the actions

that they take when working or even in their leisure time. Most end-users are unaware that their
NETWORK SECURITY AND CRYPTOGRAPHY 12

actions can put an organization at risk, actions that can cost the organization great financial lost.

4.1 End-User

The end-user has been identified as the greatest threat to any organization; this is not due to

them being malicious, but instead not knowing. Most end-users lack the knowledge that is

required to reduce that threat. The network is not the only target of hackers, end-users are on the

top of the list as well. An end-user can be compromised from their home network or even their

mobile device—as more and more organizations adopt the Bring Your Own Device (BYOD)

program, they put their organization at risk.

To avoid the damaging situations that are usually caused by the end-user it is important to

educate them, and make sure that the end-users have an understanding, to what their role and

responsibilities are (Rossi, 2014). Further discussion on training will be mentioned in the

security awareness section of this paper.

4.2 Attacks

Telecommunication networks are prone to attacks, just like any other network.

Telecommunication networks have been subjected to DoS attacks, packet sniffing, spoofing and

man in the middle. They are vulnerable just like any other network, hackers are always looking

into ways of obtaining access to a network or disabling it (Taylor, 2003). Technology has made

substantial advances in security, making it a little more difficult for hackers to take advantage of

certain vulnerabilities that affect these networks.

Although most people believe that hacking is about trying to gain access to a network via

vulnerabilities they discovered on a network, it is not entirely true. Human behavior and habits

can be just as vulnerable and harmful to an organization’s security posture. Take for instance the

story of the Trojan Horse, and how they got into the city of Troy. Social engineers utilize the
NETWORK SECURITY AND CRYPTOGRAPHY 13

errors humans make and their complacent attitude to get pass certain security obstacles (Sienko,

2018).

4.3 Where are they initiated from?

Attacks can be initiated from anywhere and at any time; there are no specifics or

standardization for where an attack should take place. An attack can happen at your

neighborhood Starbucks, or even from the workplace. An individual can be subjected to an

attack and not even be aware that it is happening. Social engineering is an attack that can happen

to anyone and at any location. Social engineering functions because it relies on human nature to

provide the information that is being sought.

Some attacks can occur form anywhere in the world, for example when Sony Pictures was

hacked back in 2014, the method used was a phishing email (social engineering) that had asked

top executives to verify their Apple iPhone accounts. The executives not knowing that the e-mail

was fake willing put their credentials on the webpage giving the hackers what they needed to get

into the network (Sienko, 2018), this attack was believed to have originated from North Korea.

4.4 Mitigating Security Risk

How can the risk be mitigated? Some say education, others say get rid of the end-user;

unfortunately getting rid of the end-user currently is not an option. Christopher (2018) states that,

historically, there are four ways to address risk and they are: risk acceptance, risk tolerance, risk

transfer and risk mitigation. Anyone who has ever work in the IT security realm knows good and

well that there is no such thing as a secure network, and that there will always be risk. That does

not mean that there is nothing that we can do to limit the possibility of an intrusion; we need to

accept the risk that there is a chance a hacker will get in, analyze that risk and take the necessary

precautions to reduce it.

NETWORK SECURITY AND CRYPTOGRAPHY 14

Most IT security departments conduct a risk assessment by using the Facilitated Risk

Analysis and Assessment Process (FRAAP). FRAAP was designed as an effective and well-

organized process to make certain that threats to business operations are identified, examined,

and documented (Peltier, 2014). The process comprises of examining one complete system at a

time, to include the applications and platforms that are on the network.

5. Security Mechanisms

Security mechanisms are utilized to help protect the network from possible attacks, these

mechanisms include special tools like: intrusion detection systems, education like security

awareness training, security patches, physical security and firewalls. These are just a few, but by

no means are limited to, of the security mechanisms that can be used to guard against threats.

There are also network security monitoring tools that can be placed on the network that help

security analysts determine the best course of action to take in response to an intrusion.

5.1 Security Awareness Training

When considering the greatest security threats to an organization, some may be surprised to

learn that the end-user within the organization is frequently the first to jeopardize security. This

occurs more often than expected, but end-users are not always at fault, it is mainly due to the fact

that they lack awareness; employees often provide attackers with the means to access a network.

Due to the increasing nature of cybercrime, it is important that organizations implement a

security awareness program. An organization’s first line of defense is the end-user, and ensuring

that they are made aware of the threats and risks that an organization faces daily can help

mitigate the dangers hackers pose to the organization.

Security awareness training should include various topics and should be implemented in
NETWORK SECURITY AND CRYPTOGRAPHY 15

various ways. The communication should entail Phishing, how to generate strong passwords, e-

mail scams, social networks, cellphone use (BYOD) and current policies to name a few. The best

security awareness training is one that is tailored to the organization; for example, a small

company that does not employ the use of the bring your own device will not have a need to go

over such a topic, because it does not apply to the organization (Rossi, 2014).

Most end-users just need to be informed that when all else fails, to use common sense. If an

end-user receives an email from an unknown source, common sense should dictate it is not

legitimate. The end-user should do one of two things, delete the e-mail, report it or do both.

When an end-user reports the email, it puts the IT security department on alert and they can

forward information (alerts) to warn other end-users. Remind the end-user to reboot their

computer if an issue arises, sometimes just rebooting it can solve a variety of issues. Also,

shutting down the computer at the end of the day will prevent it from being compromised and

helps to save on energy cost as well (Wallen, 2013). Frankly put, the best line of defense an

organization has is an educated end-user that is aware of the potential risk and what they can do

to mitigate it.

5.2 Tools

Who has not heard the phrase “nothing works better than a well-oiled machine.” Well, the

same message can apply to a network. For a network to function properly, it needs to incorporate

the right tools for the job, and in reference to security there are quite a few tools out there to help

keep the network protected and running. There are all sorts of tools out there and each one has a

specific function, some of these tools work hand-in-hand with other, and some just do specific

things.

IT security software has various functions, from scanning remotely to packet sniffing.
NETWORK SECURITY AND CRYPTOGRAPHY 16

These tools help IT security determine if there is anything happening on the network that should

not be happening. Kemp (2017) talks about the top eight tools that can bolster network security

for an organization, such as Wireshark, a packet analyzer that helps determine if there is

something going on within the network. As well as Nessus, which is used for remote scanning to

determine the vulnerabilities on the network from applications or hardware. The list of IT

security tools is a long one, but rest assure there is at least one out there that fits almost every

organization’s needs.

5.3 Smartphone OS security

Everywhere you look, it is more than likely that there is someone using a smartphone.

Whether if it is for online shopping, conducting business or just social media, you can’t help but

notice someone using a mobile device. The concern with smartphones is, how safe are they? Is

security up to par? How secure is the operating system on these miniature computers? These

devices are handy, but are they safe?

In an article written by John Knight, he states that “Smartphones are inherently bad for

privacy” (Knight, 2018). Smartphones come with a built-in GPS that is constantly

communicating with satellites and tracking every location you have been too. Basically, it is the

commercial version of a tracking device, keeping a record of your movements, browsing habits

and even some providers keep records of text messages. In the age of information, the most

important thing on user’s minds is how secure is their privacy?

When it comes to a smartphone, most users do not think about security or, if the OS is up to

date, the thought process is how cool the camera is and the functions it has. Most smartphone

users go for the luxury of the item but not the security of it. When it comes down to which

smartphone offers the best security, one has to look at all the possible vulnerabilities; for
NETWORK SECURITY AND CRYPTOGRAPHY 17

example, the apps that are downloaded, the biometrics used if any and how often the security

updates are distributed.

If an organization incorporated the BYOD program, the criteria changes and the

organization may insist on certain security apps be installed as well as a mobile device

management app. The organization’s stand is to protect their network and resources, and this at

times can prove to be difficult, but if an employee wants to participate in the BYOD, then they

need to consider the organization’s position. Incorporating a VPN app on a smartphone can

reduce the risk of the end-user’s privacy being violated. Just a few things to consider when

owning a smartphone or participating in the BYOD program.

5.4 SMS Security

When SMS is used to communicate, does the thought of security ever cross the mind? How

secure is SMS? The simple answer is, it is not (Stump, 2018). SMS messages usually go out in

plain text and are hardly ever encrypted. If you want to ensure that the SMS message being sent

is secure, then the use of a third-party app is recommended. There are several on the market

today that can be utilized to send secure SMS from point A to point B. There are many online

articles discussing the best secure chat app to use and some that always seem to be on top are

Signal, WhatsApp, Viber, and Telegram, to name a few.

WhatsApp has permitted and implemented end-to-end encryption, allowing users to

communicate securely. The good thing about WhatsApp is they do not store any of your SMS on

their server, and because of the encryption used, hackers will have a tough time deciphering

them (Rijnetu, 2018). Viber, a private chat app, has many useful characteristics that offers a good

secure and safe mode of communication. As long as the sharing technique, that is recommended

by Viber, has utilized your information, it will be encrypted from endpoint to endpoint (Rijnetu,
NETWORK SECURITY AND CRYPTOGRAPHY 18

2018).

There are numerous amounts of Apps out there that offer end to end encryption for SMS

messaging. All that needs to be done is to open a browser and do a search for secure SMS Apps,

do the research, decide which is the best fit and install it.

5.5 VoIP Security

Voice over Internet Protocol (VoIP) is the latest and most modern form of communication

today. VoIP has revolutionized the way we communicate and conduct business. It is currently the

most used form of business communication, and it is cost effective as well. A VoIP network

permits video conferencing and face to face communication from vast distances, all relatively

low in cost and free in some cases if the Internet is involved. This fantastic form of

communication medium does have its issues, and just like every other digital device out there, it

is prone to attacks.

When VoIP was first introduced, security was not a concern; it was more about cost,

functionality and reliability than anything else (Unuth, 2018). That was short lived. Now that

VoIP is becoming popular and is widely used as a communication medium between

organizations, security has made it to the forefront. VoIP is vulnerable to a variety of attacks,

like man-in-the-middle attacks, DoS, call tampering, vishing and even malware and viruses.

VoIP uses protocols to establish communications, but these protocols are prone to attacks. The

protocols are Session Initiation Protocol (SIP), Cisco’s Skinny Client Control Protocol (SCCP)

and the H225 Protocol (Grech, 2017).

According to Grech, there are methods to help mitigate these attacks from being successful,

the use of strong passwords, encrypting the communication, utilizing a VPN, performing security

test on the network, and of course training everyone (Grech, 2017). Strong passwords should be
NETWORK SECURITY AND CRYPTOGRAPHY 19

a no brainer, but most end-users have more than one account that requires a password, and most

of them use the same password for more than one account. A definite vulnerability, encrypting

the communication medium is a step in the right direction; if the attacker gains access to certain

packets, you want to make sure they cannot read it. Using a VPN within the network to

communicate abroad will keep pesky hackers from getting to vital communications. Last but not

least, train the team. This cannot be iterated enough, the more the team is aware, the safer the

organization.

5.6 Hardware

Hardware is the equipment that is utilized to send communication back and forth

throughout the network and the Internet. Hardware on the network can comprise of various

servers, routers, switches smart and dumb. Cabling, fiber optics and/or satellites, wireless

modems, wireless routers. Laptops and Desktop computers. All of which work hand in hand to

keep the network operational.

There are times when not only does software needs updating but so does the hardware that

is housed on the network. The older the equipment gets, the less likely it will perform to an

optimal standard and protect the network. Some even reach their life expectancy and will not

accept any more updates. It is good to keep track of these devices and incorporate a lifecycle

tracking sheet; this assists in keeping the network security posture aligned with the upgrades.

5.7 Software

Software is a universal term for the several kinds of programs utilized to operate PCs,

mainframes and other hardware devices. Just like hardware, there is a variety of software that sits

on the network, each one with a particular function. There is software that is used to protect

networks, end-user information and corporate resources. There is software that is used also for
NETWORK SECURITY AND CRYPTOGRAPHY 20

businesses, like Kronos—a software application that keeps track of employee’s hours and

benefits. There is also software to create presentations, like Microsoft PowerPoint, Adobe

photoshop and even to create webpages like Dreamweaver (Rouse, 2006).

Here, we are concerned with software that provides protection to the network, helps deter

unauthorized access, and also collects data for analysis. Some of these are an open source and

free and others can cost up to hundreds of dollars, depending on the organization or the

individual; the software acquired should be, in part, the need of the individual or organization.

5.8 Firewalls

Firewalls are vital to IT security as any anti-virus software is to computers. In the simplest

term, firewalls are like security guards or gatekeepers; they are placed at the front end of a

corporate network protecting it, its applications, databases and other resources, inspecting

inbound and outbound traffic, and determining what will be allowed to enter or what will be

discarded. Firewalls come is many variations and each variation has a different function. The one

common factor is that they are designed to protect information (Rubens, 2018).

A traditional network firewall offers basic network protection by filtering packets that are

either coming or going throughout the network. This kind of firewall is configured with certain

security policies that allow the filtering process to function. Some of these rules will indicate

what type of traffic will be allowed to use specific ports, it can also be configured to restrict

access to a certain range of IP addresses (Rubens, 2018).

A web application firewall is typically a proxy server that is positioned between an

application operating on a server and the application's end-user that accesses the application from

an external location. The proxy server receives inbound data and then creates its own connection

to the application on the external end-user’s behalf. A major advantage of this arrangement is
NETWORK SECURITY AND CRYPTOGRAPHY 21

that the application is safeguarded from port scans, efforts to ascertain the software is running on

the application server, or other malicious actions. The proxy server also examines the data to

filter malevolent requests, like abnormal demands intended to result in the implementation of a

malicious code (Rubens, 2018).

Regardless of the choice in firewall, their purpose is to protect the network. Configuring

the firewall should be planned out in advance; if not properly executed, the firewall may prevent

all traffic inbound and out from going anywhere. This could cost the organization dearly.

6. Cryptography

Cryptography is a technique used to protect information and/or communications done with

the use of codes so that only the intended parties are able to view or listen to the context (Rouse,

2018). Cryptography in computer science means securing the information by means of a

mathematical equation, also known as algorithms. Algorithms are utilized to create a

cryptographic key that will encode and decode a message.

6.1 Variations of Cryptography

There are a variety of cryptographic techniques utilized today, and they each have their

own distinctive advantages and disadvantages. They are called hashing, symmetric cryptography,

asymmetric cryptography. They can be implemented to suit the needs of anyone who uses them.

6.1.1 Symmetric Cryptography

Symmetric Cryptography is probably the most customary form of cryptography; it also the

technique that may be the most familiar to anyone who uses cryptography. It is the single key

technique that is incorporated to encode and decode messages. Because symmetric cryptography

necessitates that you possess a secure channel for distributing the crypto key to the receiver, this
NETWORK SECURITY AND CRYPTOGRAPHY 22

sort of cryptography is all but impractical for broadcasting data. In reality, if you have the

capability to send the key to the receiver securely, then why not just send the message the same

way? However, the primary purpose is to protect data at rest, like a typical hard drive (Mason,

2018).  

6.1.2 Asymmetric Cryptography

Asymmetric cryptography utilizes two distinctive keys—encrypting and decrypting—

unlike the single key method utilized in symmetric cryptography. The first key is usually the

public key, which is utilized to encode the message, and the other key, known as the private key,

is utilized to decode the message. This system is ideal, because the private key is the only key

that can be used to decode the message that was sent encoded utilizing the public key. While this

method of cryptography may be somewhat complex, it may seem recognizable, because it is

utilized to send e-mails, connecting to servers remotely, and is even used to sign certain PDF

documents (Mason, 2018).

6.1.3 Hashing

Hashing is a form of cryptography that alters a message into an indecipherable string of text

with the intention of validating the message’s contents, not concealing the message itself. This

kind of cryptography is most frequently used to defend the communication of software and huge

files where the originator of the files or software presents them for download. The purpose for

this is that, although it is simple to estimate the hash, it is particularly difficult to discover an

original input that will offer an exact match for the anticipated value (Mason, 2018).
NETWORK SECURITY AND CRYPTOGRAPHY 23

7. Conclusion

Throughout history, there has always been a need to secrecy, and the same holds true

today. Today is a little different, today it is not just about keeping secrets, it is about privacy. It

has become a difficult task to protect the privacy of others, whether it is an organization or even

an individual. We have become our own worst enemy; hackers no longer need to attack our

mobile devices or even our networks. All they have to do these days is just wait patiently, and

because they know we will provide what they need to obtain access, we put ourselves in

jeopardy.

The excuse of not knowing in a few decades, maybe sooner, will no longer be a good

defense, because from the moment a child is born today they are exposed to digital devices,

children as young as two years old have their own mobile device, or as some would consider the

“electronic baby-sitter.” Training should still be offered; it is probably the best line of defense for

an organization, apart from getting rid of the end-user, which is not happening anytime soon.

Every day, there are new threats out there and hackers are always devising ingenious

methods to obtain access to your network, mobile device and most importantly your personal

information. Even though there are tools out there to help keep people safe, the best defense is

knowledge, the more they know the more cautious they may become. Optimistically speaking,

there may come a time where there will be no need to train anymore, people will just know.
NETWORK SECURITY AND CRYPTOGRAPHY 24

8. References

Bejtlich, R. (2005). The Tao of network security monitoring: Beyond intrusion detection.

Boston, MA: Addison-Wesley.

Gardezi, A. (2006, April 23). Security in Wireless Cellular Networks. Retrieved from

[Link]

Harris, S. (2006, September). Key elements when building an information security

program. Retrieved from [Link]

when-building-an-information-security-program

Hayslip, G. (2018, September 7). Ask a Security Expert: 'When End-User Security

Awareness Fails, What's Next?'. Retrieved from

[Link]

security-awareness-fails-what-s-next

How to Protect Your Voice: Tips on IP Phone Security. (n.d.). Retrieved October 8, 2018,

from [Link]

security/[Link]

Howarth, F. (2014, September 2). The Role of Human Error in Successful Security

Attacks. Retrieved from [Link]

successful-security-attacks/

Johnson, C. (2018, September 6). How Does VoIP Work? The Complete Guide to VoIP |

Nextiva. Retrieved from [Link]

Kemp, J. (2017, February 1). Top 8 Tools that Will Bolster Network Security in 2017.
NETWORK SECURITY AND CRYPTOGRAPHY 25

Retrieved October 21, 2018, from

[Link]

network-security-2017-01768712

Kumar, S. N. (2015, January 23). Review on Network Security and Cryptography.

Retrieved from [Link]

Leech, D. P., Ferris, S., & Scott, J. T. (2018, September). The Economic Impacts of the

Advanced Encryption Standard, 1996 - 2017. Retrieved from

[Link]

Morrow, R. K. (n.d.). Telecommunications network. Retrieved October 20, 2018, from

[Link]

Nnorchiri, D. (2017, February 28). The Importance of Layered Network Security

| Network Wrangler - Tech Blog. Retrieved from

[Link]

Peltier, T. R. (2014). Information security fundamentals. Boca Raton, FL: CRC Press.

Petri, D. (2009, April 30). Removing End Users from the Local Administrators Group.

Retrieved from [Link]

administrators-group

Piscitello, D. (2006, May 15). How to protect your VoIP network. Retrieved from

[Link]

[Link]

Rijnetu, I. (2018, September 4). The Best Encrypted Messaging Apps You Should Use

Today [Updated]. Retrieved from [Link]

encrypted-messaging-apps/
NETWORK SECURITY AND CRYPTOGRAPHY 26

Rossi, B. (2014, June 19). Educating the end user and eliminating the biggest security risk

- Information Age. Retrieved from [Link]

end-user-and-eliminating-biggest-security-risk-123458150/

Rouse, M. (2006, April). What is software? - Definition from [Link].

Retrieved October 21, 2018, from

[Link]

Shepard, D. (2015, March 16). 84 Fascinating & Scary IT Security Statistics | Cool

Solutions. Retrieved from [Link]

views/84-fascinating-it-security-statistics/

Sienko, C. (2018, July 26). The Top Ten Most Famous Social Engineering Attacks.

Retrieved from [Link]

social-engineering-attacks/#gref

Stump, P. (2018, September 20). Are Text Messages Encrypted? | Rokacom. Retrieved from

[Link]

Taylor, S. (2003, April). VoIP network security protocols: Is VoIP secure? Retrieved from

[Link]

secure

Traynor, P., McDaniel, P., & La, P. T. (2008). Security for Telecommunications Networks.

Dordrecht, NY: Springer.

Unuth, N. (2006, June 12). Security Threats in VoIP. Retrieved October 8, 2018, from

[Link]

Ventimigilia, M. (2013, February 26). 4 Types of VoIP Connections Without IP Phones |

NETWORK SECURITY AND CRYPTOGRAPHY 27

GetVoIP. Retrieved from [Link]

connections-without-ip-phones/

Wallen, J. (2013, September 25). 10 common-sense rules for end users and those who

support them. Retrieved from [Link]

common-sense-rules-for-end-users-and-those-who-support-them/

Wang, R. (2014, December 20). How Do Cell Phones Work? – Pong Pulse. Retrieved

from [Link]