Network Security and

Software Security
Urwa Bukhari (23251)
Shifa Khalid (23252)
Hamna (23248)
Tooba (23249)
Maryam Shabaz (23250)
What is Network Security?
 Network security refers to the policies, practices, and technologies used to
protect the integrity, confidentiality, availability of computer networks and
data. It involves preventing unauthorized access, misuse, modification, or
denial of a network and its resources. Network security includes tools like
firewalls, antivirus software, intrusion detection systems (IDS), encryption,
and secure network protocols to defend against cyber threats and ensure
safe data communication.
Briefly State Why its important (e.g, rise in Cyber
Threats).
 Network security is important due to the rise in cyber threats such as
hacking, malware, phishing, and data breaches. As more businesses and
individuals rely on digital communication and data storage, protecting
networks ensures the safety of sensitive information, maintains privacy,
and prevents financial and reputational damage.

 Goals of Network Security

1. Confidentiality
2. Integrity
3. Availability
1.Confidentiality:
Ensures that sensitive data is only accessible to authorized individuals. This
protects personal, financial, or classified information from being disclosed to
unauthorized users. Methods include encryption, access controls, and
authentication.
2. Integrity:
Ensures that data is accurate and has not been tampered with or altered by
unauthorized parties. This means the information remains trustworthy. Techniques
like hashing, checksums, and digital signatures help maintain integrity.
3. Availability:
Ensures that data and network resources are accessible when needed by authorized
users. It involves maintaining hardware, updating software, and protecting against
attacks like Distributed Denial of Service (DDoS) that can disrupt access. Together,
the CIA Triad provides a balanced approach to securing information systems.
Common Threats
 Malware (Malicious Software):
Malware is any software designed to harm, exploit, or disable computers, networks,
or devices. Common types include viruses, worms, trojans, ransomware, and
spyware. For example, ransomware encrypts files and demands payment for access.
 Phishing:
Phishing is a type of social engineering attack where attackers trick users into
revealing sensitive information, such as passwords or credit card numbers. It often
comes in the form of fake emails or messages that appear to be from trusted
sources.
 DDoS (Distributed Denial of Service) Attack:
A DDoS attack floods a network, server, or website with excessive traffic from
multiple sources, overwhelming the system and making it unavailable to legitimate
users. It's often used to disrupt services or distract from other malicious activities.
Security Best Practices
 Strong Password
Policies Encourage users to create complex, unique passwords and use multi-
factor authentication. Password managers can help users maintain secure
credentials.
 Regular Software Updates
Outdated software often has known vulnerabilities. Applying patches and
updates regularly closes these security gaps.
 Network Segmentation
Divide the network into segments or zones (e.g., separating guest Wi-Fi from
internal systems). If one segment is compromised, others remain protected.
Security Technologies
1. Firewalls
A firewall acts as a barrier between a trusted internal network and untrusted external
networks (like the internet).Types: Hardware, software, or cloud-based firewalls.
Example: Blocks unauthorized access while allowing legitimate traffic (e.g., web
browsing, email).
2. Intrusion Detection/Prevention Systems (IDS/IPS)
These systems monitor network traffic for suspicious activity.IDS (Intrusion
Detection System): Detects and alerts when a potential threat is found.IPS
(Intrusion Prevention System): Detects threats and actively blocks or
prevents them in real time.
Example: Detects port scanning, malware signatures, or unusual traffic patterns.
3. Antivirus/Antimalware Software
Software that scans for, detects, and removes malicious software
(malware).Example: Windows Defender, Norton, Bitdefender.
Software Security
 Software security means protecting software (apps, websites,
programs) from being attacked or misused. It makes sure that
only the right people can use it, and it keeps data safe from
hackers, viruses, or other dangers. The goal is to prevent
problems like data theft, system crashes, or unauthorized
access.
Software Security Threats
 Weak Password:
Weak passwords like "123456" or "password" are easy for hackers to guess. They make it simple
to break into personal or organizational accounts. Using strong passwords with a mix of letters,
numbers, and symbols helps prevent unauthorized access. Enabling two-factor authentication
adds an extra layer of security.
 Data Breach:
A data breach occurs when an unauthorized person gains access to confidential or
sensitive data. This can include personal details, passwords, financial records, or
medical information. Data breaches often happen due to poor security or system
vulnerabilities. They can damage a company’s reputation and result in legal
consequences.
 Insider Threat:

An insider threat comes from within an organization—like an employee or contractor.

This person may misuse their access to steal, leak, or damage data, either intentionally
or accidentally. Insider threats are harder to detect because the person already has
access. Monitoring user activity and limiting permissions helps reduce this risk
 Unpatched Software:
Unpatched software contains security flaws that haven’t been fixed by
updates. Hackers exploit these vulnerabilities to attack systems. Software
companies regularly release patches to fix bugs and security issues. Failing to
update software puts the system at serious risk of being compromised.
Regular updates are essential for protection.---Let me know if you'd like
these in slide format or simplified for a specific audience.
Principles:
1. Availability:
Availability means that systems, services, or data are accessible when
users need them. It ensures minimal downtime so that users can
perform tasks without interruption. For example, an online banking
app should be accessible 24/7. High availability is achieved through
backup systems, regular maintenance, and monitoring. It's a key part
of information security and user satisfaction.
2.Authentication & Authorization:
Authentication is the process of verifying a user's identity—like logging in
with a username and password. Authorization happens after authentication
and determines what the user is allowed to do. For example, a user may log
in (authentication) but only have permission to view data, not edit it
(authorization).
Tools for Software Security?

 Simple Explanation:
These are special programs that help find and fix problems in software to
keep it safe.

Examples:
Antivirus software
Firewalls Code
Best Practices for Developers?
These are smart and safe ways that developers should follow when writing
software.
Examples:
 Don’t write passwords directly in code Always

 check the user’s input (to stop hackers)

 Keep the software updated Work in teams and review each other’s code

These habits help keep software secure.

Role of Organization?
The company or organization should also help in keeping software safe.

They can:
 Give training to their workers
 Make rules for safe work
 Use security tools Check software regularly
 So, not only developers but the whole company is responsible.
Case Studies?
 A company got hacked because they didn’t update their
software
 Another company found problems early and fixed them
with the help of tools Case studies help us learn from past
mistakes or successes.
Software Security Advantages:
 Application Safety:
Keeps applications secure and free from bugs.
 User Data Protection:
Safeguards personal and confidential data.
 System Stability:
Reduces chances of crashes and errors.
 Builds Trust:
Increases user confidence in the software.
Disadvantages:
 Higher Development Cost:
Secure software takes more time and resources to build.
 Performance Issues:
Security layers can slow down the software.
 Frequent Maintenance:
Requires regular updates and monitoring.
 Compatibility Problems:
May not work well with all systems or software.