A computer network is a group of interconnected computers. A network is nothing, but a collection of computers and related devices connected through wired or wireless devices or other media. This network allows computers to exchange information with each other and share resources. It is consisting of millions of private and public, academic, business, and government networks of local to a global scope. The Internet is the network of networks.
It is a network of extremely fast network components and computers providing the backbone of such service. It is a global network of interconnected computers, allowing users or hosts alike to share information side by side with multiple channels. It offers a facility to connect to various sources of information from a vast array of accessible servers and computers by exchanging information from them to the computer. In the same way, this connection allows the host computer to send information to servers on the network. (Zhang & Ming 2007)
Computer users typically handle sent and received information with web browsers or other software with users’ interfaces with internet or computer networks, which include specialized programs like electronic mail, online chat, file transfer, file sharing, etc. This movement of information on the Internet is achieved with the help of a system of interconnected computer networks that share data by a method called packet switching using the standardized Internet Protocol Suite (TCP/IP).
This vast array of available resources also poses security risks as most of the data personal or confidential are maintained online using so-called secured computers. This vast array of information may include your identity-related information to personal details to tax details, almost nearly everything. These days this information be it be for business or personal use is in great demand, along with it comes the need for hijacking this information for fun or specific use. This is the reason for the last decade or so there have been so many attacks against networks around the world. This is where network security comes in. (Ammari 2007)
Goals of network security
A possible risk arises when our computer connects with a network and starts to communicate and download programs. Protecting the files and the Internet account of our computer from other users who can cause harm to it is known as Internet Security. Certain security measures, which help us to protect our computer, would be making backup copies of our important data, changing file permissions now and then, and assigning passwords, which only we know. (Chakraborty 2002)
The various IT systems, which are used in different businesses, view security concerns as an important aspect. Internet users need to be sure that their computers, which contain valuable information are completely secure. Cybercriminals can cause many damages and thus, effective security measures are necessary. The professionals who handle Internet security need to be confident about certain areas like penetration testing, audit or legal compliance, incidence response, and intrusion detection. The goal of the information security system is to stop these menaces. (Ammari 2007)
In this context, two terms are extremely vital. One is Digital Liability Management and the other is Vulnerability. Vulnerability means the chances of threats of the information security system and its information are exposed. On the other hand, Digital Liability Management indicates the exact amount of threats of the information security system and its information. This is a methodical computation and is a very essential part of the information security system. The indication of vulnerability and Digital Liability Management assessments help an organization to act against information threats.
The goal of securing an information system can be achieved by following certain norms. It is a set of an official statements of certain rules through which an organization or firm is made secure and its employees can access its technology, information, and system assets. It defines the various security and business objectives and goals of the management. It must be economically viable, consistent in its working, provide proper protection to the objectives and goals, easily understandable and its procedure should be tolerable. (Farmer 2004)
The following characters are necessary for an organization to implement in its security policy:
- Physical security – a person may be given physical access based on authorization or payment. People can be checked from entering an area by a ticket collector, door attendant, or guard. They can also be checked before they exit the premises of the secured place. (Rothke 2005)
- Authentication and access control – authentication is the process of finding the actual identity of a user who is attempting to access a secure system. The user’s identity is verified by using passwords, response calculators, or personal challenges. Access control refers to the capability to either deny or permit the usage of a resource by an entity. There can be physical access control or electronic access control. While the former controls the topic of when, where, and who, the latter utilizes a computer to resolve the restrictions of various mechanical keys and locks.
- Network security – refers to the different requirements of the infrastructure of a computer network, the various policies that have been adopted by the administrator to protect its resources and network from illegal access, and the steady and constant monitoring of the given procedures. We start network security by authenticating the user first by their password or username. Then the user is allowed access to certain services by the Stateful Firewall. In case there are Malwares, an Intrusion Prevention System or IPS helps to prevent and detect it and it monitors the network traffic for its volume, anomalies, and content. (Zia 2009)
- Auditing or accounting procedure – auditing or accounting is the process of data collection and analysis that allows the administrators and others, like the IT auditors, to verify that the users and the authorization rules have produced the intended results as defined by the organization’s business and security policies. To effectively analyze the security of a network and to respond to the security incidents procedures should be established for collecting network activity data. (Lazinger 2007)
Network security consists of the requirements made in a fundamental computer network infrastructure, policies adopted by the network administrator to defend the network, and the network-accessible resources from unauthorized access. It includes regular and uninterrupted monitoring and testing of its efficiency or its inefficiency (or its inability to sustain attack).
In 1983, the U.S. Department of defense made the Trusted Computing System Evaluation Criteria (TCSEC), known as the orange book defined computer systems according to the following scale
D Minimal protection or unrated
C1 Discretionary security protection
C2 Controlled access protection
B1 Labelled security protection
B2 Structured protection
B3 Security domains
A1 Verified design (Yuan 2008)
The orange book defined functional requirements as well as assurance requirements, for each requirement. However, these rules never defined criteria for network security. (Chakraborty, 59-63)
Network security starts from authenticating any user, usually with a username and a password. Other than physically giving a username and password there are other methods used in conjunction like using a security token or ‘dongle’, an ATM card, mobile phone, etc. Other devices like a fingerprint scanner or retinal scanner, radio-operated devices are also used for authentication. After authentication, there are administrative policies that govern the access or the level of access to the resources of the network the authenticated user has over the network.
In some cases, external devices like software or hardware firewalls are also employed. Though deemed effective to prevent unauthorized access, this security element or service often fails to check potentially harmful content such as computer worms or Trojans being broadcasted over the network. For this very purpose, an intrusion prevention system (IPS) helps in ensuring detection and inhibition or alienation of such malware or destructive software. (Ammari 2007)
Even this is just not enough for securing a network from determined users. Some of the network threats are IP spoofing, IP Session hijacking, denial of service (DOS), unauthorized access, executing commands illicitly, confidentiality Breaches, destructive behavior, data diddling, data destruction, etc. In addition, a. there are attacks like hijacking a webcam, pinpointing a person’s location with a cellphone, reading a person’s email and following someone’s movements.
IP Spoofing is where one host claims to have the IP address of another. Here the hacker creates IP packets with a forged or spoofed source IP address with the sole intent of hiding the identity of the sender of packets or through impersonating another computing system by using the fake IP address of the intended sender of packets. Internet is commonly accessed by the use of browsers, in browsers cookies are used to store session information like that of the authentication and session details. (Lazinger 2007)
This session cookie of the user’s session is being taken control over. If the user was in the middle of an email or any monetary transaction, the attacker is going through the email and learns the user’s detail or knows of the transaction details taking place. The attacked user finds session dropped when he might log in again, while the attacker is still logged in doing mollified jobs. (Podolski 2006)
Webcam is one of the widely used devices on the internet. This device is used to transmit images and sounds of the user working on the internet. This device can be taken control over be Trojans like malware or some software can be remotely installed on the user’s computer and time sliced images can be sent to remote computer, to watch the user movements.
This was demonstrated by researcher Grossman, method known as clickjacking, and any computer with a microphone and/or a web camera attached can be invisibly coaxed into being a remote surveillance device, exploiting the Flash component usually used for see videos on YouTube. Details can be seen here http://www.securecomputing.net.au/News/124967,clickjacking-exploits-enable-hackers-to-hijack-webcams.aspx.
Now a day’s even personal identity to pinpointing a person location with cell phone is coming within the ambit of hackers. There are services available offered by companies for the very purpose. Hackers can very well use or hack these services to find location on the internet. There many cell phones that use services like blackberry and as well as GPS devices. It would not hard to imagine how this exploited using a Trojans or worms on the devices can read the GPS device or the cell phone info of the nearest tower location and send the into to net to the hacker. (Vasireddy 2007)
Emails one of the most used applications on the internet, typically used via software like email clients or hosted emails. These programs are often forced open by hackers by using user’s username and password. By open the email of the user, the hacker can now read the emails and modify it. Keylogger, a keystroke logger, or any kind of system monitor, is such device or program that is often used for this purpose. Keylogger as the name suggest reads keystrokes made by user on the computer and the username and passwords. For this purpose, even screenshots are taken as well as user’s webcam is also taken control of. There are also password crackers in use like brute-force, which essentially is password-guessing software, from its database of passwords.
Another kind of attack seen in recent times is tracking the user, making the profile of the user, and selling it to companies, which request it. Even some personal attacks are also done in recent times. When any user uses a browser, browses a website, each or most websites leave a trail on the hard disk. Most websites browsed makes user profiles on the site, which the user browses. This is done with help of a cookie. (Mukherjee 2004)
In addition, every site browsed by the user leaves information on the about the site visited, known as browser history. Other than that, these browsers cache some of the most visited sites so the display time is less than the first visit. This information can be accessed by any malware program and transmitted over the net giving the user’s internet behaviour and habits. This when followed in minute details will give the user trails, which can be exploited by malicious person. (Simkhada 2009)
Compound business applications, e-commerce and transaction automations demand tough and accurate security procedures. Corporations employing the Internet as a means to carry out business operation can be more productive and successful if their decisions uphold the requirements of the security-conscious consumers. At present Internet consumers insist on strict security protocols to safeguard their welfare, privacy, interactions, and resources. (Pant & Richman 2006)
Network is a difficult topic. This basic idea of network security is based on the requirements of the organization. Devices like hardware firewall routers can be implemented, even security experts include ethical hackers can be employed based on security requirement. With one word of caution ‘no security is good enough’, because hackers will always reinvent themselves, so should the network security experts.
Actions that can be taken by individual users as well as organizations to restrict spam emails are as such installing soft wares like Norton Spam Blocker, Best Spam Filter, Anti spam Mail, Spam Free, Lotus Anti Spam, Virus Spam, Free Spy ware, SMTP Filter, Mail Software, Spam Blacklist, etc.
These soft wares do away with spam and fraud automatically. Cloudmark Desktop is the only solution on the market that is proven to automatically protect the user from over ninety eight percent of spam, fraud and viruses, with zero false positives, before they cause any harm. These soft wares are easy to use with no configuration. Cloudmark Desktop doesn’t change the way the user uses his or her email, no configuration necessary for its installation, just after installing immediately the user is protected from email intimidation. (Miscaroni 2008)
In many anti-spam systems provide a safe senders list, which indicates that mail from those on the list is good and spam free. But any safe senders list is personal to each user, it is not possible to have a global safe senders list in view of the fact that one’s friend may be another’s enemy as far as the type of email one sends and another receives. In a spam control system which has a safe senders list and where subscribers can add email addresses to, but more significantly delete emails from for senders who are no longer active. Safe senders list should be examined at least monthly and redundant emails removed lest one have several known spammers on your safe senders list.
Various online groups have been created where users can join and counteract against spam emails. Spam attacks may be prevented up to some extent by the use of these measures. In this present world of prevailing dynamism computer system operate as the supreme authority. With the extensive use of computers in every aspect of life computer security has become very essential. Thus for securing privacy of the user’s computer security should be given more priority. (Sabbah 2008)
Ammari, H.M. (2007) Using group mobility and multihomed mobile gateways, International Journal of Communication Systems. 19, 10, 1137-1165.
Chakraborty, G. (2002) ‘An empirical investigation of antecedents of B2B Websites’ effectiveness’, Journal of Interactive Marketing, vol. 16 no. 4, pp. 51-72.
Farmer, D. (2004) Forensic Discovery, NY: Addison-Wesley.
Lazinger, S. (2007) ‘Internet use by faculty members in various disciplines: A comparative case study’, Journal of the American Society for Information Science, vol. 48, no. 6, pp. 508-518.
Mukherjee, S. (2004) Thought Strategies and human components, Wellington: IBL & Alliance Ltd.
Miscaroni, J. (2008) ‘Enforcing patient privacy in healthcare WSNs through key distribution algorithms’, Security and Communication Networks, vol. 1, no. 5, pp. 417-429.
Pant, H. & Richman, S. (2006) ‘Optimal availability and security for IMS-based VoIP networks’, Bell Labs Technical Journal, vol. 11, no. 3, pp. 211-223.
Podolski, V. (2006) IS Perceptions: An Approach Towards technological Intelligence, Auckland: IBL & Alliance Ltd.
Rothke, B. (2005) Computer security: 20 things every employee should know. NY: McGraw Hill Professional.
Sabbah, E. (2008) ‘An application-driven approach to designing secure wireless sensor networks’, Wireless Communications and Mobile Computing, vol. 8, no. 3, pp. 369-384.
Simkhada, T. (2009) ‘Combating against internet worms in large-scale networks: an autonomic signature-based solution’, Security and Communication Networks, vol. 2, no. 1, pp. 11-28.
Vasireddy, R. (2007) ‘Security posture for civilian and non-civilian networks’, Bell Labs Technical Journal, vol. 8, no. 4, pp. 187-202.
Yuan, S. (2008) ‘A secure business framework for file purchasing in vehicular networks’, Security and Communication Networks, vol. 1, no. 3, pp. 259-268.
Zia, T. (2009) Quality of security through triple key scheme in wireless sensor networks, Aus: Charles Sturt University.
Zhang, C. & Ming, Y. (2007) ‘Network routing and security: A review’, International Journal of Communication Systems, vol. 20, no. 8, pp. 909-925.