Seminar report

on

“Network Security”

SUBMITTED TO:
DR. SANDHYA MAITRA
INSTITUTE OF INFORMATION TECHNOLOGY & MANAGEMENT,
JANAKPURI

SUBMITTED BY:
Anuvind Singh & Shikhar Mattoo
(Enrollment No: 00413702018 & 03213702018)
BCA(M)-II
 TABLE OF CONTENTS

S.NO TITLE PAGE NO.

1 Introduction 1

2 What is Network Security 2

3 History 4

4 Basic Network Security 6

5 Need for Network Security 9

6 Types 11

7 Technology for Network Security 13

8 Network Attacks Methods 15

9 Advantages 18

10 Network Security Architecture 20

11 Problems 24

12 Current & Future Developments 25

13 Conclusion 28

14 References 29
 INTRODUCTION
Network security is a complicated subject, historically only tackled by well-trained
and experienced experts. However, as more and more people become “wired”, an
increasing number of people need to understand the basics of security in a
networked world. This document was written with the basic computer user and
information systems manager in mind, explaining the concepts needed to read
through the hype in the marketplace and understand risks and how to deal with
them.
Some history of networking is included, as well as an introduction to TCP/IP and
internetworking. We go on to consider risk management, network threats,
firewalls, and more special-purpose secure networking devices.
This is not intended to be a “frequently asked questions” reference, nor is it a
“hands-on” document describing how to accomplish specific functionality.
It is hoped that the reader will have a wider perspective on security in general, and
better understand how to reduce and manage risk personally, at home, and in the
workplace.
The world is becoming more interconnected with the advent of the Internet and
new networking technology. There is a large amount of personal, commercial,
military, and government information on networking infrastructures worldwide.
Network security is becoming of great importance because of intellectual property
that can be easily acquired through the internet.
There are currently two fundamentally different networks, data networks and
synchronous network comprised of switches. The internet is considered a data
network. Since the current data network consists of computer‐based routers,
information can be obtained by special programs, such as “Trojan horses,” planted
in the routers. The synchronous network that consists of switches does not buffer
data and therefore are not threatened by attackers. That is why security is
emphasized in data networks, such as the internet, and other networks that link to
the internet.

1
 WHAT IS NETWORK SECURITY?
Network security is a level of guarantee that all the machines in a network are
working optimally and the users of these machines only possess the rights that
were granted to them.
This can include:
 Preventing unauthorized people from acting on the system maliciously
 Preventing users from performing involuntary operations that are capable
of harming the system
 Securing data by anticipating failures
 Guaranteeing that services are not interrupted
System and network technology are a key technology for a wide variety of
applications. Security is crucial to networks and applications. Although, network
security is a critical requirement in emerging networks, there is a significant lack of
security methods that can be easily implemented.

There exists a “communication gap” between the developers of security technology

and developers of networks. Network design is a well‐developed process that is
based on the Open Systems Interface (OSI) model. The OSI model has several
advantages when designing networks. It offers modularity, flexibility, ease‐of‐use,
and standardization of protocols. The protocols of different layers can be easily
combined to create stacks which allow modular development. The implementation
of individual layers can be changed later without making other adjustments,
allowing flexibility in development. In contrast to network design, secure network
design is not a well‐ developed process. There isn’t a methodology to manage the
complexity of security requirements. Secure network design does not contain the
same advantages as network design.

When considering network security, it must be emphasized that the whole network
is secure. Network security does not only concern the security in the computers at
each end of the communication chain. When transmitting data, the communication
channel should not be vulnerable to attack. A possible hacker could target the
communication channel, obtain the data, decrypt it and re‐insert a false message.

2
Securing the network is just as important as securing the computers and encrypting
the message. When developing a secure network, the following need to be
considered:

1. Access – authorized users are provided the means to communicate to

and from a network.
2. Confidentiality – Information in the network remains private.
3. Authentication – Ensure the users of the network are who they say they
are.
4. Integrity – Ensure the message has not been modified in transit.
5. Non‐repudiation – Ensure the user does not refute that he used the
network.

An effective network security plan is developed with the understanding of security

issues, potential attackers, needed level of security, and factors that make a
network vulnerable to attack. The steps involved in understanding the composition
of a secure network, internet or otherwise, is followed throughout this research
endeavour.

To lessen the vulnerability of the computer to the network there are many products
available. These tools are encryption, authentication mechanisms, intrusion‐
detection, security management and firewalls. Businesses throughout the world are
using a combination of some of these tools. “Intranets” are both connected to the
internet and reasonably protected from it. The internet architecture itself leads to
vulnerabilities in the network. Understanding the security issues of the internet
greatly assists in developing new security technologies and approaches for
networks with internet access and internet security itself.

The types of attacks through the internet need to also be studied to be able to
detect and guard against them. Intrusion detection systems are established based
on the types of attacks most commonly used.

3
 HISTORY
Internet security has been an issue since the Internet rose to an international
phenomenon. By 1996, the Internet already connected 13 million computers, so
early security protocols were required.

These protocols required computer information to be confidential, available, and

have integrity. Because the Internet made information available to everyone, people
needed network security to make their information confidential. Because otherwise
harmless information can expose a computer network to compromise, network
security was developed to close all loops.

The birth of the interne takes place in 1969 when Advanced Research Projects Agency
Network (ARPANet) is commissioned by the department of defence (DOD) for
research in networking.

The ARPANET is a success from the very beginning. Although originally designed to
allow scientists to share data and access remote computers, e‐mail quickly becomes
the most popular application. The ARPANET becomes a high‐speed digital post office
as people use it to collaborate on research projects and discuss topics of various
interests. The InterNetworking Working Group becomes the first of several
standards‐setting entities to govern the growing network. Vinton Cerf is elected the
first chairman of the INWG, and later becomes known as a "Father of the Internet."

In the 1980s, Bob Kahn and Vinton Cerf are key members of a team that create
TCP/IP, the common language of all Internet computers. For the first time the loose
collection of networks which made up the ARPANET is seen as an "Internet", and the
Internet as we know it today is born. The mid‐80s marks a boom in the personal
computer and super‐minicomputer industries. The combination of inexpensive
desktop machines and powerful, network‐ready servers allows many companies to
join the Internet for the first time. Corporations begin to use the Internet to
communicate with each other and with their customers.

In the 1990s, the internet began to become available to the public. The World Wide
Web was born. Netscape and Microsoft were both competing on developing a
browser for the internet. Internet continues to grow and surfing the internet has
become equivalent to TV viewing for many users.
4
Several key events contributed to the birth and evolution of computer and network
security. The timeline can be started as far back as the 1930s.

Polish cryptographers created an enigma machine in 1918 that converted plain

messages to encrypted text. In 1930, Alan Turing, a brilliant mathematician broke the
code for the Enigma. Securing communications was essential in World War II.

In the 1960s, the term “hacker” is coined by a couple of Massachusetts Institute of

Technology (MIT) students. The Department of Defence began the ARPANet, which
gains popularity as a conduit for the electronic exchange of data and information.
This paves the way for the creation of the carrier network known today as the
Internet. During the 1970s, the Telnet protocol was developed. This opened the door
for public use of data networks that were originally restricted to government
contractors and academic researchers.

During the 1980s, the hackers and crimes relating to computers were beginning to
emerge. The 414 gang are raided by authorities after a nine‐day cracking spree where
they break into top‐secret systems. The Computer Fraud and Abuse Act of 1986 was
created because of Ian Murphy’s crime of stealing information from military
computers. A graduate student, Robert Morris, was convicted for unleashing the
Morris Worm to over 6,000 vulnerable computers connected to the Internet. Based
on concerns that the Morris Worm ordeal could be replicated, the Computer
Emergency Response Team (CERT) was created to alert computer users of network
security issues.

In the 1990s, Internet became public and the security concerns increased
tremendously. Approximately 950 million people use the internet today worldwide.
On any day, there are approximately 225 major incidences of a security breach. These
security breaches could also result in monetary losses of a large degree. Investment
in proper security should be a priority for large organizations as well as common
users.

5
 BASIC NETWORK SECURITY
When connecting a matching to a network, we need to make sure no one will easily
break in to it. Even if you don't think anyone will try to break into your machines -
chances are that someone might try.
Crackers often run network scan utilities that check a large range of IP
addresses, and automatically try to find machines running servers with security
holes.
To protect against that, one could simply disable any unnecessary network
service they are running.

network security is concentrated on configuring the firewall, or at least is built

around it, a compromised firewall can mean a disaster for a network. For smaller
companies, though, a firewall represents the best investment of time and money. All
things considered, a firewall is as indispensable as the Internet itself; however, you
should not rely on it exclusively for top-to-bottom network protection.

Increasingly, companies are also deploying firewalls outside the edges of networks,
as well as between network segments and even on individual machines, where
justified.

Three basic types of firewalls are available, in addition to one—the stateful

inspection firewall—that combines the features of the three basic types.

IPv4 was design in 1980 to replace the NCP protocol on the ARPANET. The IPv4
displayed many limitations after two decades [6]. The IPv6 protocol was designed
with IPv4’s shortcomings in mind. IPv6 is not a superset of the IPv4 protocol; instead
it is a new design.

The internet protocol’s design is so vast and cannot be covered fully. The main parts
of the architecture relating to security are discussed in detail.

6
1. IPv4 Architecture
The protocol contains a couple aspects which caused problems with its use. These
problems do not all relate to security. They are mentioned to gain a comprehensive
understanding of the internet protocol and its shortcomings. The causes of problems
with the protocol are:

1. Address Space
2. Routing
3. Configuration
4. Security
5. Quality of Service
The IPv4 architecture has an address that is 32-bits wide. This limits the maximum
number of computers that can be connected to the internet. The 32-bit address
provides for a maximum of two billion computers to be connected to the internet.
The problem of exceeding that number was not foreseen when the protocol was
created. The small address space of the IPv4 facilitates malicious code distribution.

Routing is a problem for this protocol because the routing tables are constantly
increasing in size. The maximum theoretical size of the global routing tables was 2.1
million entries. Methods have been adopted to reduce the number of entries in the
routing table. This is helpful for a short period of time, but drastic change needs to
be made to address this problem.

The TCP/IP‐based networking of IPv4 requires that the user supplies some data in
order to configure a network. Some of the information required is the IP address,
routing gateway address, subnet mask, and DNS server. The simplicity of configuring
the network is not evident in the IPv4 protocol. The user can request appropriate
network configuration from a central server. This eases configuration hassles for the
user but not the network’s administrators.

7
2. IPv6 Architecture
When IPv6 was being developed, emphasis was placed on aspects of the IPv4
protocol that needed to be improved. The development efforts were placed in the
following areas:

1. Routing and addressing

2. Multi‐protocol architecture
3. Security architecture
4. Traffic control
The IPv6 protocol’s address space was extended by supporting 128-bit addresses.
With 128 bit addresses, the protocol can support up to 3.4*(10)^38 machines. The
address bits are used less efficiently in this protocol because it simplifies addressing
configuration.

The IPv6 routing system is more efficient and enables smaller global routing tables.
The host configuration is also simplified. Hosts can automatically configure
themselves. This new design allows ease of configuration for the user as well as
network administrator.

The security architecture of the IPv6 protocol is of great interest. IPsec is embedded
within the IPv6 protocol. IPsec functionality is the same for IPv4 and IPv6. The only
difference is that IPv6 can utilize the security mechanism along the entire route.

The quality of service problem is handled with IPv6. The internet protocol allows for
special handling of certain packets with a higher quality of service.

From a high‐level view, the major benefits of IPv6 are its scalability and increased
security. IPv6 also offers other interesting features that are beyond the scope of this
paper. It must be emphasized that after researching IPv6 and its security features, it
is not necessarily more secure than IPv4. The approach to security is only slightly
better, not a radical improvement.

8
 NEED FOR NETWORK SECURITY
In the past, hackers were highly skilled programmers who understood the details of
computer communications and how to exploit vulnerabilities. Today almost anyone
can become a hacker by downloading tools from the Internet. These complicated
attack tools and generally open networks have generated an increased need for
network security and dynamic security policies.

The easiest way to protect a network from an outside attack is to close it off
completely from the outside world. A closed network provides connectivity only to
trusted known parties and sites; a closed network does not allow a connection to
public networks.

Because they have no Internet connectivity, networks designed in this way can be
considered safe from Internet attacks. However, internal threats still exist.

There is an estimate that 60 to 80 percent of network misuse comes from inside the
enterprise where the misuse has taken place.

With the development of large open networks, security threats have increased
significantly in the past 20 years. Hackers have discovered more network
vulnerabilities, and because you can now download applications that require little or
no hacking knowledge to implement, applications intended for troubleshooting and
maintaining and optimizing networks can, in the wrong hands, be used maliciously
and pose severe threats.

The network needs security against attackers and hackers. Network Security includes
two basic securities. The first is the security of data information i.e. to protect the
information from unauthorized access and loss. And the second is computer security
i.e. to protect data and to thwart hackers. Here network security not only means
security in a single network rather in any network or network of networks.

Now our need of network security has broken into two needs. One is the need of
information security and other is the need of computer security.

On internet or any network of an organization, thousands of important information

is exchanged daily. This information can be misused by attackers. The information
security is needed for the following given reasons.
9
 • To protect the secret information users on the net only. No other person should
see or access it.

• To protect the information from unwanted editing, accidently or intentionally

by unauthorized users.

• To protect the information from loss and make it to be delivered to its

destination properly.

• To manage for acknowledgement of message received by any node in order to

protect from denial by sender in specific situations.

• To restrict a user to send some message to another user with name of a third
one.

• To protect the message from unwanted delay in the transmission lines/route in

order to deliver it to required destination in time, in case of urgency.

• To protect the data from wandering the data packets or information packets in
the network for infinitely long time and thus increasing congestion in the line
in case destination machine fails to capture it because of some internal faults.
Another part of network security includes the computer security. Computer security
means to protect your computer system from unwanted damages caused due to
network. One of the major reasons for such damages are the viruses and spywares
that can wipe off all the information from your hard disk or sometimes they may be
enough destructive and may cause hardware problems too. Certainly, the network
must be protected from such type of damaging software. The people who
intentionally put such software on the network are called Hackers. As the network
computers are part of it, so the computer security from Hackers is also a part of
network security. The needs of computer security from Hackers are as follows:

 It should be protected from replicating and capturing viruses from infected files.
 It needs a proper protection from worms and bombs.
 There is a need of protection from Trojan Horses as they are enough dangerous
for your computer.

10
 TYPES
Wi-Fi Protected Access (WPA)
WPA encrypts information, and checks to make sure that the network security key
has not been modified.

WPA also authenticates users to help ensure that only authorized people can
access the network. There are two types of WPA authentication: WPA and
WPA2.

WPA is designed to work with all wireless network adapters, but it might not work
with older routers or access points.

WPA2 is more secure than WPA, but it will not work with some older network
adapters. WPA is designed to be used with an 802.1X authentication server,
which distributes different keys to each user. This is referred to as WPA-
Enterprise or WPA2-Enterprise.
It can also be used in a pre-shared key (PSK) mode, where every user is given the
same password. This is referred to as WPA-Personal or WPA2-Personal.

11
Wired Equivalent Privacy (WEP)
WEP is an older network security method that is still available to support older
devices, but it is no longer recommended.

When you enable WEP, you set up a network security key. This key encrypts the
information that one computer sends to another computer across your
network. However, WEP security is relatively easy to crack.

802.1X authentication
802.1X authentication can help enhance security for 802.11 wireless networks
and wired Ethernet networks. 802.1X uses an authentication server to validate
users and provide network access. On wireless networks, 802.1X can work with
WEP or WPA keys. This type of authentication is typically used when connecting
to a workplace network.

MAC Address
A Media Access Control address is a unique identifier assigned to network
interfaces for communications on the physical network segment. Can be described
as Ethernet hardware address (EHA), hardware address or physical address. It is
assigned by the manufacturer of a network interface card (NIC) and are stored in its
hardware, the card's read-only memory, or some other firmware mechanism.

The advantage to MAC filtering is that there is no attachment cost to devices that
connect to the network. The policy is set on a router or switch, and the equipment
attached is either permitted or it is not. The person attaching the equipment has
nothing to do with it.

The disadvantage to MAC filtering is that it is easy to spoof due to broadcast nature
of LAN and WLAN; an advisory can sit on the wire and just listen to traffic to and
from permitted MAC addresses. Then, the advisory can change his MAC address to
a permitted one, and in most cases obtain access to the network.

12
 TECHNOLOGY FOR INTERNET SECURITY
• Authentication

1. One-factor authentication – this is “something a user knows.” The most

recognized type of one-factor authentication method is the password.

2. Two-factor authentication – in addition to the first factor, the second

factor is “something a user has.” Examples of something a user has are a
device that generates a pre-determined code, a signed digital certificate
or even a bio-metric such as a fingerprint.

3. Three-factor authentication – in addition to the previous two factors, the

third factor is “something a user is.” Examples of a third factor are all bio-
metric such as the user’s voice, hand configuration, a fingerprint, a retina
scan or similar.

The advantage of using a 3-factor authentication is that it's made

reassuringly sure that the person who is authenticating is the person who is
authenticating through multiple layers of security.

The disadvantage is that there is a possibility that the person trying to

authenticate loses first or the second authentication, the process can also
take time.

• Firewall
A firewall is a typical border control mechanism or perimeter defense. The
purpose of a firewall is to block traffic from the outside, but it could also be used
to block traffic from the inside. A firewall is the frontline defense mechanism
against intruders. It is a system designed to prevent unauthorized access to or
from a private network. Firewalls can be implemented in both hardware and
software, or a combination of both.

13
 • Intrusion Detection Systems
An Intrusion Detection System (IDS) is an additional protection measure that
helps ward off computer intrusions. IDS systems can be software and hardware
devices used to detect an attack. IDS products are used to monitor connection in
determining whether attacks are been launched. Some IDS systems just monitor
and alert of an attack, whereas others try to block the attack.

• Anti‐Malware Software and scanners

Viruses, worms and Trojan horses are all examples of malicious software, or
Malware for short. Special so‐called anti‐Malware tools are used to detect them
and cure an infected system.

• Secure Socket Layer (SSL)

The Secure Socket Layer (SSL) is a suite of protocols that is a standard way to
achieve a good level of security between a web browser and a website. SSL is
designed to create a secure channel, or tunnel, between a web browser and the
web server, so that any information exchanged is protected within the secured
tunnel.

• Cryptographic systems
Cryptography is a useful and widely used tool in security engineering today. It
involved the use of codes and ciphers to transform information into unintelligible
data.

14
 NETWORK ATTACKS METHODS
Whiteout implemented security measures and controls in place, your network and
data might be subjected to an attack. Some attacks for instance could be passive,
meaning that information is monitored; other could be active, meaning the
information is varying within intent to destroy or corrupt the data or the network
itself.
Likelihood your networks and data are vulnerable to any of the following types of
attacks if you do not have a security plan in place.
• Eavesdropping – Interception of communications by an
unauthorized party
• Data Modification – Data altering, reading from unauthorized party
• Identity Spoofing (IP Address Spoofing) – IP address to be falsely
assumed— identity spoofing and the attacker can modify, reroute, or
delete your data
• Password-Based Attacks – By gaining your access rights to a
computer and network resources are determined by who you are,
that is, your user name and your password
• Denial-of-Service Attack – Prevents normal use of your computer or
network by valid users, and it could be used for sending invalid data
to application, to flood the computer, block traffic, etc.
• Man-in-the-Middle Attack – Is when someone between you and the
person with whom you are communicating is actively monitoring,
capturing, and controlling your communication transparently
• Application-Layer Attack – It targets application servers by
deliberately causing a fault in a server’s operating system or
applications and the attacker gaining the ability to bypass normal
access controls

Anyhow, this is just a most commonly known network attacks method, and
indeed there plenty of more.

15
1. Eavesdropping
Interception of communications by an unauthorized party is called
eavesdropping. Passive eavesdropping is when the person only secretly listens to
the networked messages. On the other hand, active eavesdropping is when the
intruder listens and inserts something into the communication stream. This can
lead to the messages being distorted. Sensitive information can be stolen this
way.

2. Viruses
Viruses are self‐replication programs that use files to infect and propagate. Once
a file is opened, the virus will activate within the system.

3. Worms
A worm is like a virus because they both are self‐replicating, but the worm does
not require a file to allow it to propagate. There are two main types of worms,
mass‐mailing worms and network‐ aware worms. Mass mailing worms use email
to infect other computers. Network‐aware worms are a major problem for the
Internet. A network‐aware worm selects a target and once the worm accesses the
target host, it can infect it by means of a Trojan or otherwise.

4. Trojans
Trojans appear to be benign programs to the user but will have some malicious
purpose. Trojans usually carry some payload such as a virus.

16
5. Phishing
Phishing is an attempt to obtain confidential information from an individual,
group, or organization. Phishers trick users into disclosing personal data, such as
credit card numbers, online banking credentials, and other sensitive information.

6. IP Spoofing Attacks
Spoofing means to have the address of the computer mirror the address of a
trusted computer in order to gain access to other computers. The identity of the
intruder is hidden by different means making detection and prevention difficult.
With the current IP protocol technology, IP‐ spoofed packets cannot be
eliminated.

7. Denial of Service
Denial of Service is an attack when the system receiving too many requests
cannot return communication with the requestors. The system then consumes
resources waiting for the handshake to complete. Eventually, the system cannot
respond to any more requests rendering it without service.

17
 ADVANTAGES & DISADVANTAGES
OF NETWORK SECURITY
 Advantages of Network Security

Protect data
As discussed, network security keeps a check on unauthorized access. A network
contains a lot of confidential data like the personal client data. Anybody who breaks
into the network may hamper these sensitive data. So, network security should be
there in place to protect them.

Prevents cyber attack

Most of the attack on the network comes from internet. There are hackers who are
experts in this and then there are virus attacks. If careless, they can play with a lot
of information available in the network. The network security can prevent these
attacks from harming the computers.

Levels of access
The security software gives different levels of access to different users. The
authentication of the user is followed by the authorization technique where it is
checked whether the user is authorized to access certain resource. You may have
seen certain shared documents password protected for security. The software
clearly knows which resources are accessible by whom.

Centrally controlled
Unlike the desktop security software, the network security software is controlled by
a central user called network administrator. While the former is prone to worms
and virus attacks, the latter can prevent the hackers before they damage anything.
This is because the software is installed in a machine having no internet.

Centralized updates
It is very important that the anti-virus software is timely updated. An old version
may not offer you enough security against attackers. But it is not guaranteed that
every user of the network follows it religiously. A network security system which is
centralized offers this advantage of timely updates without even the knowledge of
the individuals.

18
  Disadvantages of Network Security
Network security is a real boon to the users to ensure the security of their data.
While it has many advantages, it has lesser disadvantages. Let us discuss some of
them.

Costly set up
The setup of a network security system can be a bit expensive. Purchasing the
software, installing it etc. can become costly especially for smaller networks. Here
we are not talking about a single computer, but a network of computers storing
massive data. So, the security being of prime importance will cost more. It cannot
be ignored at any cost!

Time consuming
The software installed on some networks is difficult to work with. It needs
authentication using two passwords to ensure double security which must be
entered every time you edit a document. It also requires the passwords to be
unique with numbers, special characters and alphabets. The user may have to type
several sample passwords before one is finalized which takes a lot of time.

Requires skilled staff

To manage large networks is not an easy task. It requires highly skilled technicians
who can handle any security issue that arises. A network administrator needs to be
employed to ensure smooth working of the network. He must be trained
adequately to meet the requirement.

Careless admin
When the best software is installed and everything required is done, it is natural for
the admin to be careless at times. It is his job to check the logs regularly to keep a
check on the malicious users. But sometimes, he just trusts the system and that is
when the attack happens. So, it is very important that the admin remains vigilant
always.

19
 NETWORK SECURITY ARCHITECTURE

 What & Why?

An organization's network infrastructure evolves over many years. Although this
evolution is in direct response to the changing business needs, in many cases
security has been an afterthought. Network and Systems changes, like any other
change, will result in some or the other fault due to misconfigurations, deviations
from industry best practices to quickly resolve irritants faced during the making the
changes. All of this happens due a "for now" tactical approach to the change being
implemented. Even implementing the most advanced security technologies of the
day won't help if the underlying security architecture is flawed.

 How?
Our systematic approach to the evaluation of the current state ensures a detailed
review of the current architecture, technology & security policy of the
organization, management practices and planned changes. Our highly qualified and
experienced consultants will identify network and design architectural weaknesses
in security, performance, scalability. Our team of security experts will recommend
improvements to better align the security architecture with business objectives,
your organization's security policy and industry best practices.

Some of the aspects that will be examined are:

 Review latest Threat Risk Analysis report

 Analysis of current IT network, information flow according to business

requirements and points of access to information
 Analysis of current security controls and procedures for various security
management areas
 Analysis existing network security architecture, including topology /
configuration, and security components / features

20
 IPv4 and IPv6 Architectures
IPv4 was design in 1980 to replace the NCP protocol on the ARPANET. The IPv4
displayed many limitations after two decades. The IPv6 protocol was designed with
IPv4’s shortcomings in mind. IPv6 is not a superset of the IPv4 protocol; instead it is
a new design. The internet protocol’s design is so vast and cannot be covered fully.
The main parts of the architecture relating to security are discussed in detail.

1. IPv4 Architecture
The protocol contains a couple aspects which caused problems with its use. These
problems do not all relate to security. They are mentioned to gain a comprehensive
understanding of the internet protocol and its shortcomings. The causes of
problems with the protocol are:

1. Address Space
2. Routing
3. Configuration
4. Security
5. Quality of Service

The IPv4 architecture has an address that is 32 bits wide. This limits the maximum
number of computers that can be connected to the internet. The 32-bit address
provides for a maximum of two billion computers to be connected to the internet.
The problem of exceeding that number was not foreseen when the protocol was
created. The small address space of the IPv4 facilitates malicious code distribution.

Routing is a problem for this protocol because the routing tables are constantly
increasing in size. The maximum theoretical size of the global routing tables was 2.1
million entries. Methods have been adopted to reduce the number of entries in the
routing table. This is helpful for a short period of time, but drastic change needs to
be made to address this problem.

The TCP/IP‐based networking of IPv4 requires that the user supplies some data in
order to configure a network. Some of the information required is the IP address,
routing gateway address, subnet mask, and DNS server. The simplicity of
configuring the network is not evident in the IPv4 protocol. The user can request
appropriate network configuration from a central server. This eases configuration
hassles for the user but not the network’s administrators.

21
The lack of embedded security within the IPv4 protocol has led to the many attacks
seen today. Mechanisms to secure IPv4 do exist, but there are no requirements for
their use. IPsec is a specific mechanism used to secure the protocol. IPsec secures
the packet payloads by means of cryptography. IPsec provides the services of
confidentiality, integrity, and authentication. This form of protection does not
account for the skilled hacker who may be able to break the encryption method and
obtain the key.

When internet was created, the quality of service (QoS) was standardized according
to the information that was transferred across the network. The original transfer of
information was mostly text‐based. As the internet expanded and technology
evolved, other forms of communication began to be transmitted across the
internet. The quality of service for streaming videos and music are much different
than the standard text. The protocol does not have the functionality of dynamic
QoS that changes based on the type of data being communicated.

2. IPv6 Architecture
When IPv6 was being developed, emphasis was placed on aspects of the IPv4
protocol that needed to be improved. The development efforts were placed in the
following areas:

1. Routing and addressing

2. Multi‐protocol architecture
3. Security architecture
4. Traffic control

The IPv6 protocol’s address space was extended by supporting 128-bit addresses.
With 128-bit addresses, the protocol can support up to 3.4*(10)^38 machines. The
address bits are used less efficiently in this protocol because it simplifies addressing
configuration.

The IPv6 routing system is more efficient and enables smaller global routing tables.
The host configuration is also simplified. Hosts can automatically configure
themselves. This new design allows ease of configuration for the user as well as
network administrator.

22
The security architecture of the IPv6 protocol is of great interest. IPsec is embedded
within the IPv6 protocol. IPsec functionality is the same for IPv4 and IPv6. The only
difference is that IPv6 can utilize the security mechanism along the entire route.

The quality of service problem is handled with IPv6. The internet protocol allows for
special handling of certain packets with a higher quality of service.

From a high‐level view, the major benefits of IPv6 are its scalability and increased
security. IPv6 also offers other interesting features that are beyond the scope of
this paper.

23
 PROBLEMS
 Computer networks are typically a shared resource used by many
applications representing different interests.
 The Internet is particularly widely shared, being used by competing
businesses, mutually antagonistic governments, and opportunistic
criminals.
 Unless security measures are taken, a network conversation or a
distributed application may be compromised by an adversary
 The owner of the website can be attacked as well. Some websites have
been defaced; the files that make up the website content have been
remotely accessed and modified without authorization.
 That is an issue of access control: enforcing the rules regarding who is
allowed to do what. Websites have also been subject to Denial of Service
(DoS) attacks, during which would-be customers are unable to access the
website because it is being overwhelmed by bogus requests.
 Ensuring a degree of access is called availability

24
 CURRENT & FUTURE DEVELOPMENTS

The network security field is continuing down the same route. The same
methodologies are being used with the addition of biometric identification.
Biometrics provides a better method of authentication than passwords. This
might greatly reduce the unauthorized access of secure systems. New
technology such as the smart card is surfacing in research on network security.
The software aspect of network security is very dynamic. Constantly new
firewalls and encryption schemes are being implemented.

The research being performed assists in understanding current development

and projecting the future developments of the field.

1. Hardware Developments
Hardware developments are not developing rapidly. Biometric systems and
smart cards are the only new hardware technologies that are widely impacting
security.

The most obvious use of biometrics for network security is for secure
workstation logons for a workstation connected to a network. Each workstation
requires some software support for biometric identification of the user as well
as, depending on the biometric being used, some hardware device. The cost of
hardware devices is one thing that may lead to the widespread use of voice
biometric security identification, especially among companies and organizations
on a low budget. Hardware device such as computer mice with built in
thumbprint readers would be the next step up. These devices would be more
expensive to implement on several computers, as each machine would require
its own hardware device. A biometric mouse, with the software to support it, is
available from around $120 in the U.S. The advantage of voice recognition
software is that it can be centralized, thus reducing the cost of implementation
per machine. At top of the range a centralized voice biometric package can cost
up to $50,000 but may be able to manage the secure log‐ in of up to 5000
machines.
The main use of Biometric network security will be to replace the current
password system. Maintaining password security can be a major task for even a
small organization. Passwords have to be changed every few months and
people forget their password or lock themselves out of the system by incorrectly

25
entering their password repeatedly. Very often people write their password
down and keep it near their computer. This is of course completely undermining
any effort at network security. Biometrics can replace this security identification
method. The use of biometric identification stops this problem and while it may
be expensive to set up at first, these devices save on administration and user
assistance costs.

Smart cards are usually a credit‐card‐sized digital electronic media. The card
itself is designed to store encryption keys and other information used in
authentication and other identification processes. The main idea behind smart
cards is to provide undeniable proof of a user’s identity. Smart cards can be used
for everything from logging in to the network to providing secure Web
communications and secure e‐mail transactions.

It may seem that smart cards are nothing more than a repository for storing
passwords. Obviously, someone can easily steal a smart card from someone
else. Fortunately, there are safety features built into smart cards to prevent
someone from using a stolen card. Smart cards require anyone who is using
them to enter a personal identification number (PIN) before they’ll be granted
any level of access into the system. The PIN is like the PIN used by ATM
machines.

When a user inserts the smart card into the card reader, the smart card prompts
the user for a PIN. This PIN was assigned to the user by the administrator at the
time the administrator issued the card to the user. Because the PIN is short and
purely numeric, the user should have no trouble remembering it and therefore
would be unlikely to write the PIN down.

But the interesting thing is what happens when the user inputs the PIN. The PIN
is verified from inside the smart card. Because the PIN is never transmitted
across the network, there’s absolutely no danger of it being intercepted. The
main benefit, though, is that the PIN is useless without the smart card, and the
smart card is useless without the PIN.

26
 2. Software Developments
The software aspect of network security is very vast. It includes firewalls,
antivirus, VPN, intrusion detection, and much more. The research development
of all security software is not feasible to study at this point. The goal is to
obtain a view of where the security software is heading based on emphasis
being placed now.

The improvement of the standard security software remains the same. When
new viruses emerge, the antivirus is updated to be able to guard against those
threats. This process is the same for firewalls and intrusion detection systems.
Many research papers that have been skimmed were based on analyzing
attack patterns in order to create smarter security software.

As the security hardware transitions to biometrics, the software also needs to

be able to use the information appropriately. Current research is being
performed on security software using neural networks. The objective of the
research is to use neural networks for the facial recognition software.

Many small and complex devices can be connected to the internet. Most of the
current security algorithms are computationally intensive and require
substantial processing power. This power, however, is not available in small
devices like sensors. Therefore, there is a need for designing light‐weight
security algorithms. Research in this area is currently being performed.

 Future Trends in Network Security

The future will possibly be that the security is like an immune system. The
immune system fights off attacks and builds itself to fight tougher enemies.
Similarly, the network security will be able to function as an immune system.

The trend towards biometrics could have taken place a while ago, but it seems
that it isn’t being actively pursued. Many security developments that are taking
place are within the same set of security technology that is being used today
with some minor adjustments.

27
 CONCLUSION
Network security is an important field that is increasingly gaining attention as
the internet expands. The security threats and internet protocol were
analyzed to determine the necessary security technology. The security
technology is mostly software based, but many common hardware devices
are used. The current development in network security is not very impressive.

Originally it was assumed that with the importance of the network security
field, new approaches to security, both hardware and software, would be
actively researched. It was a surprise to see most of the development taking
place in the same technologies being currently used. The embedded security
of the new internet protocol IPv6 may provide many benefits to internet
users. Although some security issues were observed, the IPv6 internet
protocol seems to evade many of the current popular attacks. Combined use
of IPv6 and security tools such as firewalls, intrusion detection, and
authentication mechanisms will prove effective in guarding intellectual
property for the near future. The network security field may have to evolve
more rapidly to deal with the threats further in the future.

28
 REFERENCES
1. RedHat- www.redhat.com/docs/manuals/enterprise/RHEL‐4-
Manual/security‐guide/ch‐sgs‐ov.html
2. www.infosecwriters.com/text_resources/pdf/IPv6_SSotillo.pdf
3. www.usenix.com/publications/login/2005‐04/pdfs/andress0504.pdf
4. IPv6- documents.iss.net/whitepapers/IPv6.pdf
5. History- www3.baylor.edu/~Sharon_P_Johnson/etg/inthistory.htm
6. Wikipedia-
1. http://en.wikipedia.org/w/index.php?title=Virtual_private_networ
k&oldid=222715612
2. http://en.wikipedia.org/w/index.php?title=Intranet&oldid=221174
244
7. Others-
1. http://www.howstuffworks.com/vpn.html
2. http://www.interhack.net/pubs/network‐security
3. http://www.cert.org/tech_tips

29