International Journal of Scientific Research in Science, Engineering and Technology
Print ISSN: 2395-1990 | Online ISSN : 2394-4099 ([Link])
doi : [Link]
Network Security Issues and Protection Against Attacks
Sanchita Kuldeep Jedhe, Nikita Joshi, Aparna Mote
Department of Computer Engineering, Zeal College of Engineering & Research, Pune, Maharashtra, India
ABSTRACT
Article Info Network Security Secure Network has now become a need of any organization.
Volume 9, Issue 2 The security threats are increasing day by day and making high speed
Page Number : 432-436 wired/wireless network and internet services, insecure and unreliable. The
need is also induced in to the areas like defence, where secure and
Publication Issue : authenticated access of resources are the key issues related to information
March-April-2022 security. The security measures should be designed and provided, first a
company should know its need of security on the different levels of the
Article History organization and then it should be
Accepted : 15 March 2022 implemented for different levels. Security policies should be designed first
Published: 30 March 2022 before its implementation in such a way, so that future
alteration and adoption can be acceptable and easily manageable.
Keyword: - Network security, Concept and Specification, benefits of network
security
I. INTRODUCTION employees. It encompasses everything from the most
basic practices, such creating strong passwords and
Network security is a complicated subject, historically fully logging out of community computers, to the most
only tackled by well-trained and experienced experts. complex, high-level processes that keep networks,
However, as more and more people become “wired”, devices and their users safe. More and more sensitive
an increasing number of people need to understand information is
the basics of security in a networked world. stored online and in these various devices, and if an
network security is the role of the global network unauthorized user gains access to that data, it could
today a brief overview of various attacks on the lead to disastrous results.
network. A network attack is an attempt to gain
unauthorized access to an organization’s network, 1.1.1 Importance of Network Security
with the objective of stealing data or perform other Network security is the key to keeping that sensitive
malicious activity. information safe, and as more private data is stored and
shared on vulnerable devices, network security will
1.1 Basics Network Security only grow in importance and necessity.
Network security is vital to maintaining the integrity • While each and every member of your
of your data and the privacy of your organization and organization can take strides to help keep things
Copyright: © the author(s), publisher and licensee Technoscience Academy. This is an open-access article distributed under the
terms of the Creative Commons Attribution Non-Commercial License, which permits unrestricted non-commercial use,
432
distribution, and reproduction in any medium, provided the original work is properly cited
� Sanchita Kuldeep Jedhe et al Int J Sci Res Sci Eng Technol, March-April-2022, 9 (2) : 432-436
secure, network security has become more plain text attacks, where both plain text and cipher
complex in recent years. Adequately protecting text are already known to the attacker.
networks and their connected devices requires • Active Attacks This type of attack requires the
comprehensive network training, a thorough attacker to send data to one or both of the parties,
understanding of how networks actually work and or block the data stream in one or both directions
the skills to put that knowledge into practice. It’s
crucial for networks to be thoroughly and 1.4 Need for Network Security
properly set up, secured and monitored to fully In the past, hackers were highly skilled programmers
preserve privacy. who understood the details of computer
• Network security is a smaller subset that falls communications and how to exploit vulnerabilities.
under the larger umbrella of cybersecurity, and it Today almost anyone can become a hacker by
refers to the practice of preventing unauthorized downloading tools from the Internet. These
users from accessing computer networks and their complicated attack tools and generally open networks
associated devices. It involves physically have generated an increased need for network security
protecting network servers and devices from and dynamic security policies. The easiest way to
external threats, as well as taking steps to secure protect a network from an outside attack is to close it
the digital network. In an age of increasingly off completely from the outside world. A closed
sophisticated and frequent counter-attacks, network provides connectivity only to trusted known
network security matters more now than ever parties and sites; a closed network does not allow a
before. connection to public networks.
1.2 Network Attacks Methods 1.5 Network Security Tools
Eavesdropping – Interception of communications by • N-map Security Scanner is a free and open source
an unauthorized party Data Modification –Data utility for network exploration or security
altering, reading from unauthorized party Identity auditing.
Spoofing (IP Address Spoofing) – IP address to be • ssus is the best free network vulnerability scanner
falsely assumed— identity spoofing and the attacker available.
can modify, reroute, or delete your data Password- • Wire shark or Ethereal is an open source network
Based Attacks – By gaining your access rights to a protocol analyser for UNIX and Windows.
computer and network resources are determined by • Snort is light-weight network intrusion detection
who you are, that is, your user name and your and prevention system excels at traffic analysis
password Denial-of-Service Attack(DOS) – Prevents and packet logging on IP networks.
normal use of your computer or network by valid users, • Net Cat is a simple utility that reads and writes
and it could be used for sending invalid data to data across TCP or UDP network connections.
application, to flood the computer, block traffic, etc. a • Kismet is a powerful wireless sniffer
simple network attack example to understand the
difference between active and passive attack. 1.6 Types of Network Security Protections
Firewall Network Segmentation Access Control
1.3 Security Attacks Remote Access VPN Zero Trust Network Access
• Passive Attacks This type of attacks includes (ZTNA) Email Security Data Loss Prevention (DLP)
attempts to break the system by using observed Intrusion Prevention Systems (IPS) Sandboxing
data. One of the example of the passive attack is
International Journal of Scientific Research in Science, Engineering and Technology | [Link] | Vol 9 | Issue 2 433
� Sanchita Kuldeep Jedhe et al Int J Sci Res Sci Eng Technol, March-April-2022, 9 (2) : 432-436
1.6.1 Authentication name—i.e., the password—this is sometimes termed
One-factor authentication – this is “something a user one-factor authentication. With two-factor
knows.” The most recognized type of one factor authentication, something the user ’has’ is also used
authentication method is the password. Two-factor (e.g., a security token or ’dongle’, an ATM card, or a
authentication – in addition to the first factor, the mobile phone); and with three-factor authentication,
second factor is “something a user has.” Three-factor something the user ’is’ is also used (e.g., a fingerprint
authentication – in addition to the previous two or retinal scan).
factors, the third factor is “something a user is.” Once authenticated, a firewall enforces access
The main objective of authentication is to allow policies such as what services are allowed to be
authorized users to access the computer and to deny accessed by the network users.[3] Though effective to
access to the unauthorized users. Operating Systems prevent unauthorized access, this component may fail
generally identifies/authenticates users using to check potentially harmful content such as computer
following 3 ways: Passwords, Physical identification, worms or Trojans being transmitted over the network.
and Biometrics. These are explained as following Anti-virus software or an intrusion prevention system
below. (IPS)[4] help detect and inhibit the action of such
1) Passwords: Passwords verification is the most malware. An anomaly-based intrusion detection
popular and commonly used authentication system may also monitor the network like wire shark
technique. A password is a secret text that is traffic and may be logged for audit purposes and for
supposed to be known only to a user. later high-level analysis. Newer systems combining
2) Physical Identification: This technique include unsupervised machine learning with full network
machine readable badges(symbols), card or smart traffic analysis can detect active network attackers
cards. In some companies, badges are required for from malicious insiders or targeted external attackers
employees to gain access to the organization’s gate. that have compromised a user machine or account.
In many system, identification is combined with
the use of password i.e the user must insert the
card and then supply his /her password. This kind
of authentication is commonly used with ATM.
3) Biometrics: This method of authentication is based
on the unique biological characteristics of each
user such as finger prints, voice or face
recognition, signatures and eyes. Biometric
devices often consist of – A scanner or other
devices to gather the necessary data about user.
Software to convert the data into a form that can
be compared and stored. A database that stores
information for all authorized users.
III. BENEFITS OF NETWORK SECURITY
II. CONCEPT AND SPECIFICATION
• Secure and reliable networks protect not just
organizational interests and operations, but also
Network security starts with authentication,
any client or customer who exchanges
commonly with a username and a password. Since this
information with the organization, in addition to
requires just one detail authenticating the user
International Journal of Scientific Research in Science, Engineering and Technology | [Link] | Vol 9 | Issue 2 434
� Sanchita Kuldeep Jedhe et al Int J Sci Res Sci Eng Technol, March-April-2022, 9 (2) : 432-436
the general public. And if information protection V. FUTURE WORK
isn’t cause enough to invest in network security,
consider the cost: according to SolarWinds MSP, The scope of network security consist of two main
the global cost of dealing with damage caused by sub-scopes: users awareness: If you a very
cybercrime is estimated to reach 6 trillion by 2021, sophisticated security system but your employee’s are
with the average cause of a cyber attack to tiling not aware of security risks that might occur because of
upwards of 1 million. If this isn’t motivation an action they might do and compromise the whole
enough, here’s a reminder of the top benefits your system. security levels: Includes S/W and H/W
company stands to gain from improved network security from securing the operating system on each
security. machine alone up to securing the whole network
1. Builds trust Security for large systems translates to traffic inside and outside the network
security for everyone. Network security boosts
client and consumer confidence, and it protects VI. APPLICATIONS
your business from the reputational and legal
fallout of a security breach. Below are the applications of Network Security:
2. Mitigates risk The right network security solution 1. Defence Pro: It is a mitigation device that protects
will help your business stay compliant with the infrastructure against network and application
business and government regulations, and it will downtime.
minimize the business and financial impact of a 2. Defence Flow: Network-wide, multivendor
breach if it does occur. attacks can be detected and mitigated by using
3. Protects proprietary information Your clients and Defence Flow.
customers rely on you to protect their sensitive 3. App Wall: To ensure the fast, reliable and secure
information. Your business relies on that same delivery of critical applications, we use App Wall.
protection, too. Network security ensures the 4. Emergency Response Team: Emergency Response
protection of information and data shared across Team is used by the companies facing denial of
the network. service attacks as it provides twenty-four cross
4. Enables a more modern workplace From allowing seven security services.
employees to work securely from any location 5. Inflight: Inflight is a monitoring application using
using VPN to encouraging collaboration with which all the user transactions are captured from
secure network access, network security provides inflight network traffic and real-time intelligence
options to enable the future of work. is delivered for business applications.
6. Cloud WAF Service: Web application security is
IV. CONCLUSION provided by the application and it protects from
the evolving threats.
network security is an important field that is 7. Cloud DDOS Protection Service: Enterprise-grade
increasingly gaining attention as the Internet usage DDOS protection in the cloud is provided by cloud
increases. The security threats and Internet protocols DDOS protection service.
were analysed to determine the necessary security 8. Cloud Malware Protection Service: Unknown
technology. However, the current development in malware is detected based on their unique
network security is not very impressive and significant. behaviour patterns by using patented algorithms
on the data collected from a community of two
million users and this collected data is analysed to
International Journal of Scientific Research in Science, Engineering and Technology | [Link] | Vol 9 | Issue 2 435
� Sanchita Kuldeep Jedhe et al Int J Sci Res Sci Eng Technol, March-April-2022, 9 (2) : 432-436
provide a defence to the organizations against the
malware by cloud malware protection service.
VII. REFERENCES
[1]. Jangid, J., & Malhotra, S. (2022). Optimizing
software upgrades in optical transport networks:
Challenges and best practices. Nanotechnology
Perceptions, 18(2), 194–206.
[Link]
69
[2].[Link]
[3]. [Link]
International Journal of Scientific Research in Science, Engineering and Technology | [Link] | Vol 9 | Issue 2 436