UNIVERSITY OF MAURITIUS

FACULTY OF ENGINEERING
MSC ENTERPRISE RESOURCE PLANNING SYSTEMS AND DEVELOPMENT
CSE 6084- ENTERPRISE NETWORKING

Academic Paper

“Network security is becoming increasingly important as people spend more

and more time connected.” Discuss the main security issues and threats that
exist today and the measures that are taken to counteract these threats.

Mooruth Ashwina
25th March 2011

Abstract

One of the most critical problems on today’s Internet is the lack of security. This gives rise to a
plethora of different ways in which the confidentiality, integrity, and availability of data is
compromised. As more and more people have become “wired”, it is clear that security must be a first-
class design consideration. To be able to cater for security, it is first necessary to obtain a thorough
understanding of the threats and adversaries that the system must defend against. As a first step
toward this understanding, this paper introduce a number of emerging security threats that need to
be considered and security solutions which can help to alleviate those issues.
Table of Contents
1.0 Introduction...........................................................................................................................................3

2. 0 Importance of Network Security...........................................................................................................4

3.0 Network Security Issues.........................................................................................................................4

4.0 Threats to Network Security and their solutions...................................................................................5

Denial of Service attack.........................................................................................................................5

Spoofing Attacks....................................................................................................................................6

Malware..................................................................................................................................................6

Password Attacks...................................................................................................................................7

Spam.......................................................................................................................................................7

Unauthorised access..............................................................................................................................8

Nature of Connecting devices to the internet.......................................................................................8

5.0 Threats to wireless network and their solutions...................................................................................9

5.1 The Threats......................................................................................................................................9

5.2 Solutions to wireless security.......................................................................................................10

6.0 Security Policy......................................................................................................................................11

7.0 Conclusion...........................................................................................................................................12

8.0 References...........................................................................................................................................13
1.0 Introduction

Over the last 10 years, our world has become interconnected in ways not previously imaginable.
Today, more than ever, computer networks are utilized for sharing services and resources.
Although the history of internet is relatively short, its growth has been dynamically explosive. The
number of Internet users worldwide has doubled between 2005 and 2010 and it is projected that
the number will surpass the two billion mark by the end of 2010 (ITU World
Telecommunications/ICT indicators database) [1].

When a network is connected to internet to increase information sharing, communications or

productivity, the network is vulnerable to potential intrusions and attacks. Security attacks
compromises the information-system security and the need to protect one or more aspects of the
network’s operation and permitted use is therefore crucial. Fortunately, there are several
mechanisms that can protect any information that can be sent over the network. This paper
introduces security threats to computer networks and explains available security mechanisms to
prevent such threats from happening.
2. 0 Importance of Network Security
[2]
The purpose of network security is essentially to prevent loss, through misuse of data . There are
a number of potential pitfalls that may arise if network security is not implemented properly such
as breaches of confidentiality, data destruction and data manipulation.

Network security is important because it can provide the opportunity for the users to protect their
important information present on the network and also in the system. It also helps in defending the
computer system against different types of destructive technologies and protects the PC from
damage. It aids in monitoring the network and protect it also from different threats. However, there
still remain many potential threats that can cripple a system.

3.0 Network Security Issues

Security issues can no longer be ignored. Network security issues are critical to every information
infrastructure. Due to insecurity of the current Internet, users are susceptible to various attacks
that are very easy to launch. This problem exists on many levels; not only are attacks easy to launch,
but stopping or limiting the attack quickly is difficult from the victim's point of view [3]. Finally, the
culprits behind those attacks are rarely caught, allowing them to continue attacks in the future
without fear of retribution.

Some examples of security issues are:

 Abundant vulnerabilities - weak design, “feature-rich” implementation, & compromised

components.

 Heterogeneous networking technologies adds to security complexity

 Higher-speed communication puts more information at risk in a given time period

 Ubiquitous access increases risk exposure

4.0 Threats to Network Security and their solutions

“A security threat is a condition of vulnerability that may lead to an information security being
compromised.” (Kumar, Park, and Subramaniam, 2008) [4].

There exist several types of attacks that can be launched against Internet's users, servers, and
infrastructure. A detailed description of these attacks, concentrating on attacks that target the
Internet's infrastructure and their preventive solutions follows below:

Denial of Service attack

In a denial-of-service (DoS) attack, the attacker disturbs the victim in a such way that the
victim is unable to continue normal operation. This can be accomplished using flooding: the
attacker sends a large number of meaningless packets to the victim and these packets will
use all or a majority of the victim's bandwidth or computing power, making it difficult or
impossible for the victim to communicate with legitimate nodes. Statistics of the Finnish
national Computer Emergency Response Team (CERT-FI) [5] show that the number of DoS
attacks has increased fivefold between years 2006 and 2008.

Countermeasures
Individuals should conscientiously apply security patches to operating systems and install
effective firewalls and update them when necessary. IT Experts recommend the adoption of
IPSec (IP Security Protocol) and DNSSec (Domain Name System Security Protocol) which
offer authentication services which would help identify packets with spoofed return IP
addresses before they cause problems.
Spoofing Attacks

In spoofing attacks, forged packets are used to attack the network. Spoofing is attempting to
gain access to a system by using false identity. This can be accomplished using stolen user
credentials or false IP address

Countermeasures
Users should make use of strong authentication and should not store secrets such as
passwords in plaintext. Also, credentials should never be sent in plaintext over the wire.
Authentication cookies should be protected with SSL(Secure Sockets Layer).

Malware

Malware (viruses, worms, etc.) are pieces of disguised code that are typically designed to
cause an undesirable event, such as altering existing computer files or making the computer
inoperable. They can be transmitted by disk, email or other communications vehicles.

Countermeasures
Internet users should stay current with the latest operating system service packs and
software patches . Also, blocking of unnecessary ports at the firewall and host will go a very
long way to keep the network free of viruses. It should be an essential priority of every
individual to use virus protection software and disable unused functionalities to limit the
incoming malware.
Password Attacks

A 'Password Attack' is a general term that describes a variety of techniques used to steal
passwords to accounts. Automated testing such as dictionary scanning, lack of diversity in
usernames and passwords and other security flaws make it easier for password attackers to
succeed.

Countermeasures

To prevent hackers from compromising accounts, passwords need to be as long and

complex as possible. Regular change of passwords especially for highly sensitive logins
should be adopted by individuals. In business, hardware-based security methods, such as
tokens providing one-time passwords can help provide a higher level of security.

Spam

Spam is another threat that is increasing each year. Spam email takes a variety of forms,
ranging from unsolicited emails promoting products like Pharmaceuticals, to coordinated
spam attacks designed to take up so much bandwidth on a network so as to cause it to
crash. Another brand new technique that spammers are using is called "news service" spam,
[6]
which uses legitimate headlines such as "Howard Stern Earns $83M Bonus" to trick
recipients into opening spam emails that are filled with spammy drug advertisements.

Countermeasures
Spams can be filtered out by a good email filter and also by staying current on the latest
techniques that spammers use. Captcha [7] ( Completely Automated Public Turing Test To
Tell Computers and Humans Apart) is a good measure for preventing comment spams .
Unauthorised access

Inadequate access controls could allow an unauthorized user to access restricted

information or perform restricted operations. Common vulnerabilities include weak IIS web
access controls, including web permissions.

Countermeasures
Unauthorized access can be prevented via access controls enhanced with biometric
systems, a type of access control mechanism used to verify an individual’s identity. Voice
authorization products are becoming popular because they allow remote authentication
[8]
(Vaughan-Nichols, 2004) , but the technology is the least accurate and network
administrators have to use it cautiously until researchers improve it.

Nature of Connecting devices to the internet

The nature of devices connected to the Internet is changing [9]. In addition to traditional
computer equipment, smartphones, PDAs, security cameras, and different sorts of other
sensors now latch onto a common infrastructure. As a consequence, new security threats
arise. Modern Malware- such as Conficker and Stuxnet [10] exploit USB drives to
automatically run when inserted into a target computer. Plug and play devices are a subtle
way sneaking contraband data past normal security checks and are less likely to be
analysed than more recognizable forms of moving data around.

Countermeasures
Rules should be enforced on which systems and devices can connect to networks to ensure
network integrity. Networks should be isolated from all potential sources of infection and
from methods of data theft.
5.0 Threats to wireless network and their solutions
The rapid growth and deployment of wireless systems into a wide range of networks and for a
wide variety of applications drives the need to support security solution as with wireless
systems communications take place “through the air” using radio frequencies and hence the
risk of interception is greater than that with wired networks.

5.1 The Threats

 Roaming Attackers[11]: Attackers don't have to be physically located on a business's

premises in order to access data on its wireless network. Criminals use network scanners,
such as NetStumbler, with a laptop or other portable device to sniff out wireless networks
from a moving vehicle — an activity called "wardriving”.

 Rogue Access Points: A rouge access point is one that exists without the permission or
knowledge of the wireless network's owner. Employees often install rogue access points to
create hidden wireless networks that circumvent the installed security measures. Such
stealth networks, while fundamentally innocuous, can create an unprotected gateway that
serves as an open door to intruders.

 The Evil Twin: Sometimes referred to as WiPhishing, an evil twin is a rogue access point
that hides under a nearby network's name. The Evil Twin waits for an unsuspecting user to
sign into the wrong access point and then steals the individual's network data or attacks the
computer.

 Network Resource Theft: Cheapskates like to get free Internet access from nearby wireless
networks. Even if these individuals intend no direct harm, they still hijack network
bandwidth to surf the Web and perform other online activities, draining network
performance. More nefarious freeloaders will exploit the connection to send email from a
company's domain or to download pirated content — exposing the host business to legal
action.
5.2 Solutions to wireless security

With wireless providing so many opportunities for attackers to enter and harm networks
and business systems, it's no surprise that a wide array of security tools and techniques
have arrived to help businesses secure their networks. Here are some of the protection
methods:

 Firewalls: A strong network firewall can effectively block intruders trying to enter a
business's network via a wireless device.

 Security Standards: The first wireless-network security standard — WEP (Wired Equivalent
Privacy) — was highly insecure and easily compromised. Newer specifications, such as WPA
(Wifi Protected Access), WPA2 and IEEE 802.11i are much stronger security tools.
Businesses with wireless networks should take full advantage of a least one of these
technologies.

 Encryption and Authentication: WPA, WPA2 and IEEE 802.11i supply built-in advanced
encryption and authentication technologies. WPA2 and 802.11i both support AES
(Advanced Encryption Standard), the specification used by many U.S. government agencies.

 Vulnerability Scanning: Many attackers use network scanners that actively send messages
to probe nearby access points for information, such as SSID (service set identifier) and MAC
(machine access code) names and numbers. Businesses can use this same approach to
uncover attacker-exploitable weaknesses in their wireless network, such as unsecured
access points.
6.0 Security Policy
The IT system security is generally limited to guaranteeing the right to access a system’s data
and resources by setting up authentication and control mechanisms that ensure that the users
of these resources only have the rights that were granted to them. A security policy identifies
the rules and procedures that all persons accessing computer resources must adhere to in order
to ensure that the availability of the network is not compromised.

With a good security, we can ensure that the computer resources and related used of
applications are being done in a proper way thus avoiding the number of threats that could be
generated. The old adage is – “good fences make good neighbors.” That holds true today for
businesses, though the fences in this case are security policies. Strong security policies coupled
with the use of antivirus and good security tools should minimize the danger for business
networks.
7.0 Conclusion
Most people do not know they are at risk until an attack occurs. Understanding of the threats,
the threats methods and the tools we can use to protect ourselves now and in the future is the
best way to minimize the danger. For continuous security, implementation of a DMZ in the site,
and configuring firewalls that prevent access to dangerous services are the easiest solutions.
Network segregation, data encryption, and intrusion detection will provide further security for
network systems. Also a network security policy, an auditing procedure and a violation
response plan must all be in place to deal with any breach or breakdown of network security
before it occurs.
8.0 References
[1] Itu world telecommuications/Ict indicators database[online]. Available
from:http://www.itu.int/ITU-D/ict/statistics/ [Accessed 25th February2011].

[2] http://www.brighthub.com/computing/enterprise-security/articles/69275.aspx [Accessed on

25th February 2011]

[3] http://lib.tkk.fi/Diss/2010/isbn9789526034652 [Accessed on 26th February 2011]

[4] Kumar, R. L., Park, S., and Subramaniam, C.: Understanding the value of countermeasures
portfolios in information systems security. Journal on Management Information Systems, 25, 241-
279, 2008.

[5] M. Eyrich, A. Hess, G. Sch¨afer, L. Wartenberg: Proactive Distributed Denial of Service Protection
FrameworkTelecommunication Networks Group, Technical University Berlin Einsteinufer 25,
10587 Berlin, Germany, 2004.

[6] http://sayedo.com/Italy/S.html[Accessed on 3rd March 2011]

[7] http://www.captcha.net/ [Accessed on 25th March 2011]

[8] Information Security Management - OVERVIEW, SECURITY THREATS IMPACT, EMERGING

SECURITY TECHNOLOGIES, SOLUTIONS, SEM MODEL REQUIREMENTS, CONCLUSION. Available at:
http://encyclopedia.jrank.org/articles/pages/6625/Information-Security-Management.html
[ Accessed on 24th March 2011]

[9] H. Bos (VU Amsterdam), E. Jonsson (Chalmers University),E. Djambazova (IPP-BAS), K. Dimitrov
(IPP-BAS), S. Ioannidis (FORTH),E. Kirda (Institue Eurecom), and C. Kruegel (Technical University
Vienna): Anticipating Security Threats to a Future Internet FORWARD Consortium. Available from:
http://www.ict-forward.eu/media/publications/fia-whitepaper.pdf [Accessed on 15th March
2011]

[10] Sophos Security Threat Report, 2011. Available at: www.sophos.com [Accessed on 7th March
2011]
[11]John Edwards, The essential guide to network security- IT Security, 2011. Available from:
http://www.itsecurity.com/features/essential-guide-wireless-security-071708 [Accessed on 25th
March 2011]