Network Security Threats:

Threats can occur in a network in any way possible. From known vulnerabilities to basic human errors. Here are a list of most common Network Security Threats:

  1. Compromise with Intellectual Property

Access Controls:

Access control means that there is selective access to specific data depending on the role the user holds.

  1. Physical Security: A proper monitoring mechanism should be implemented inside the organization, to track the working of employees and check for any threat related activities. Few common means of physical security include: CCTV cameras, Security Personnel, etc.

Network Security Architecture:

VPNs:

VPN or Virtual Private Network has earned immense popularity in the world of network security. They provide an extra layer of security during network communications.

A VPN works by routing your device’s internet connection through your chosen VPN’s private server rather than your internet service provider (ISP) so that when your data is transmitted to the internet, it comes from the VPN rather than your computer. The VPN acts as an intermediary of sorts as you connect to the internet, thereby hiding your IP address — the string of numbers your ISP assigns your device — and protecting your identity. Furthermore, if your data is somehow intercepted, it will be unreadable until it reaches its final destination. A VPN creates a private “tunnel” from your device to the internet and hides your vital data through something that is known as encryption.

VPN acting as a Shield

Types of VPN Technologies:

  1. Point to Point Tunneling Protocols: PPTP uses a TCP control channel and a Generic Routing Encapsulation tunnel to encapsulate PPP packets. Many modern VPNs use various forms of UDP for this same functionality.

Security Mechanism: VPNs are planted in a network for their implementation of Confidentiality, Integrity and Authenticity. They provide an extra layer of security to the network.

Wireless Network Security:

Wireless Network Threats:

  1. Traffic Analysis: It is the kind of attack where the attacker listens on a communication in a network and analyses the route to locate the key nodes in the network.

There are innumerous number of threats, these are the most common ones.

Wireless Security Protocols:

  1. WEP/WEP2: The Wireless Equivalent Protocol is a security protocol that works using the RC4 cryptography. The key length is generally 40 or 104 bits, with a key life of 24 bits IV. The key is generated using concatenation technique and it is a open or shared key.

Firewalls:

Firewall is a wall between the client and the server

Firewall is a security system that monitors the incoming and outgoing traffic based on the predetermined security rules. It is like a semipermeable wall between a client and the server or internet. It filters out all the untrusted network from accessing the client’s data.

Based on how firewalls can be implemented there are two types:

  1. Rule Based Firewalls: Rules based firewall systems use rules to control communication between hosts inside and outside the firewall. These rules are a single line of text information containing network addresses and virtual port numbers of services that are permitted or denied. Example on how to implement this is: iptables -A INPUT -s 192.168.abc.xyz -j DROP.

I have used the iptables tool in Kali Linux to implement the firewalls, there are many more such tools that can perform these tasks.

Intrusion Detection System(IDS):

Intrusion is the attempt to enter into a network without authentication. Intrusion Detection Systems alarm the system of possible intrusions. Its basic functions are:

  1. Identity suspicious activities

Types of IDS:

Based on installation location:

  1. Network Intrusion Detection

Based on Detection:

  1. Signature Based Detection

Along with IDS there also exists IPS(Intrusion Prevention Systems) that prevents intrusion.

A very commonly used IDS is Security Onion. It is an open source Linux distribution, for intrusion detection, Enterprise security monitoring and Log Management.

It consists of:

NIDS: snort, suricata, squil, squert, bro.

HIDS: Wazuh/OSSEC(HIPS).

Log Management: Elasticsearch, Logstash, Kibana.

I am a B.Sc Computer science Student and an aspiring researcher. My research interests include Cyber Security, Information security and Cryptography.