Session details: Session 3: Cyber Attacks & Network Security

This chapter is a literature review of intermediate system to intermediate system (IS-IS) routing protocol to provide basic security mechanisms against cyber-attacks and enhance network security. IS-IS was originally developed by the International Organization for Standardization (ISO) as a link state routing protocol. It was first built with the ability to route CLNPs or connectionless network protocols according to the OSI standard equal to IP. IS-IS is also developed so that it can accommodate routing for any layer three-based protocol. Internet Engineering Task Force (IETF) in 1990 specified the support for IP and introduced IPv6 extensions in 2000. IS-IS protocol implementation was written as modules in order for it to be distributed freely and easily installed on the GNU routing software. SourceForge.net supported the project and gave access for developers to easily contribute to the project. The chapter elaborates the ISIS routing protocol for network security and proposes a critical survey on security routing protocols.

Download Full-text

Changing Mechanisms of Enterprise Security (Comparing Beyond Corp with Prevalent Network Security Mechanisms)

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i3.12.15867 ◽

2018 ◽

Vol 7 (3.12) ◽

pp. 81

Author(s):

B Amutha ◽

Swasti Saxena ◽

Abhinaba Das

Keyword(s):

Network Security ◽

New Technology ◽

Cyber Attacks ◽

Brute Force ◽

Security Breach ◽

The Times ◽

Enterprise Security

War driving, camp out etc. are common methodologies of gaining access of a company’s network and resources illegally. Packet capturing, out of thin air, brute force etc. are common mechanisms to gain key or password access to any company’s applications. In the times where hacking and cyber-attacks have become prevalent, companies are deploying various network security mechanisms to counter these attacks and to safe guard company’s applications and data. Beyond Corp is a new technology that is being used by Google these days to safe guard its applications. In this paper we will compare some of the network security mechanisms that many companies use to avoid cyber-attacks with Beyond Corp technology which is being used by Google to avoid security breach in the company’s network and applications.

Download Full-text

A Model for Estimating the Benefits from Network Security Systems

International Journal of Business Analytics ◽

10.4018/ijban.2014070101 ◽

2014 ◽

Vol 1 (3) ◽

pp. 1-20

Author(s):

Soumyo D. Moitra

Keyword(s):

Network Security ◽

Cyber Attacks ◽

Sensitivity Analyses ◽

Sensitive Information ◽

Security Systems ◽

Response Process ◽

Factors Affecting ◽

Linear Relationships ◽

Damage Type

Estimating the benefits of network security systems is important for security decisions since considerable resources are spent on them and organizations need to know the returns on their investments. The objective of the model presented here is to improve management decisions. Better decisions imply greater security for the budget. This model has a number of novel features such as a probabilistic sub-model for the detection and response process, a new attack/damage matrix based on damage-type and cyber-attacks by category, and extensive sensitivity analyses. The results suggest a number of insights into the factors affecting the benefits from sensors such as the effects of non-linear relationships between the rate of attacks and the damages caused. The key role of the value of sensitive information is identified. The model helps identify the conditions under which a new security system provides enough benefits to justify its purchase.

Download Full-text

BOTNET ATTACK IN COMPUTER NETWORK SECURITY

EPRA International Journal of Multidisciplinary Research (IJMR) ◽

10.36713/epra4905 ◽

2020 ◽

pp. 94-100

Author(s):

S.Nagendra Prabhu ◽

D.Shanthi

Keyword(s):

Network Security ◽

Computer Network ◽

Communication Protocols ◽

Command And Control ◽

Cyber Attacks ◽

Botnet Detection ◽

Online Searching ◽

Channel Information ◽

Cyber Crimes ◽

And Control

Among the various forms of malware, Botnet is the serious threat which occurs commonly in today’s cyber attacks and cyber crimes. Botnet are designed to perform predefined functions in an automated fashion, where these malicious activities ranges from online searching of data, accessing lists, moving files sharing channel information to DDoS attacks against critical targets, phishing, click fraud etc. Existence of command and control(C&C) infrastructure makes the functioning of Botnet unique; in turn throws challenges in the mitigation of Botnet attacks. Hence Botnet detection has been an interesting research topic related to cyber-threat and cyber-crime prevention in network security. Various types of techniques and approaches have been proposed for detection, mitigation and preventation to Botnet attack. Here I discusses in detail about Botnet and related research including Botnet evolution, life-cycle, command and control models, communication protocols, Botnet detection, and Botnet mitigation mechanism etc. Also an overview of research on Botnets which describe the possible attacks performed by various types of Botnet communication technologies in future. KEYWORDS— Bot; Botnet; C&C mechanism; communication protocols; honeynet; passive traffic; attacks; defense; preventaation; mitigation

Download Full-text

Security in Computer Networks

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2018.01.05 ◽

2018 ◽

Vol 7 (1) ◽

pp. 45-52

Author(s):

Ana-Maria CERNOV

Keyword(s):

Network Security ◽

Personal Computer ◽

Internet Security ◽

Cyber Attacks ◽

Computer Users ◽

The Internet ◽

Security Technology ◽

Security Issues ◽

History Of ◽

The Military

Network security has become more important to personal computer users, organizations, and the military. With the advent of the internet, security became a major concern and the history of security allows a better understanding of the emergence of security technology. This paper presents the main issues regarding the network security issues and solutions to fight back the cyber-attacks.

Download Full-text

Cyber threat assessment via attack scenario simulation using an integrated adversary and network modeling approach

The Journal of Defense Modeling and Simulation Applications Methodology Technology ◽

10.1177/1548512917725408 ◽

2017 ◽

Vol 15 (1) ◽

pp. 13-29 ◽

Cited By ~ 5

Author(s):

Stephen Moskal ◽

Shanchieh Jay Yang ◽

Michael E Kuhl

Keyword(s):

Network Security ◽

Threat Assessment ◽

Cyber Attacks ◽

Cyber Attack ◽

Network Defense ◽

Knowledge Based ◽

Attack Scenario ◽

Cyber Threat ◽

Scenarios Simulation ◽

System Configurations

Existing research on cyber threat assessment focuses on analyzing the network vulnerabilities and producing possible attack graphs. Cyber attacks in real-world enterprise networks, however, vary significantly due to not only network and system configurations, but also the attacker’s strategies. This work proposes a cyber-based attacker behavior model (ABM) in conjunction with the Cyber Attack Scenario and Network Defense Simulator to model the interaction between the network and the attackers. The ABM leverages a knowledge-based design and factors in the capability, opportunity, intent, preference, and Cyber Attack Kill Chain integration to model various types of attackers. By varying the types of attackers and the network configurations, and simulating their interactions, we present a method to measure the overall network security against cyber attackers under different scenarios. Simulation results based on four attacker types on two network configurations are shown to demonstrate how different attacker behaviors may lead to different ways to penetrate a network, and how a single misconfiguration may impact network security.

Download Full-text

Hybrid Network Defense Model Based on Fuzzy Evaluation

The Scientific World JOURNAL ◽

10.1155/2014/178937 ◽

2014 ◽

Vol 2014 ◽

pp. 1-12 ◽

Cited By ~ 1

Author(s):

Ying-Chiang Cho ◽

Jen-Yi Pan

Keyword(s):

Network Security ◽

Test Subject ◽

Cyber Attacks ◽

Hybrid Network ◽

Security Architecture ◽

Fuzzy Evaluation ◽

Distributed Network ◽

Network Defense ◽

Security Technologies ◽

Defense Model

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network’s existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter’s inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture.

Download Full-text

APPLICATION OF ACCESS CONTROL LIST FOR NETWORK SECURITY AT CISCO ROUTER AS A FIREWALL

OISAA Journal of Indonesia Emas ◽

10.52162/jie.2019.002.02.3 ◽

2019 ◽

Vol 2 (2) ◽

pp. 71-76

Author(s):

Diky Heryanto ◽

Salma Azizah

Keyword(s):

Network Security ◽

Access Control ◽

Cyber Attacks ◽

Action System ◽

Access Control List ◽

Defensive Action

The provision limiting access to network users is one of the defensive action system from cyber attacks that can occur through a network connected to the user. Installation ACL device the router can be a firewall, where each incoming and outgoing packets will be matched with a list of existing entries, and then will proceed preconfigured actions.

Download Full-text

Network Security Assessment Using Internal Network Penetration Testing Methodology

JOIV International Journal on Informatics Visualization ◽

10.30630/joiv.2.4-2.190 ◽

2018 ◽

Vol 2 (4-2) ◽

pp. 360

Author(s):

Deni Satria ◽

Alde Alanda ◽

Aldo Erianda ◽

Deddy Prayama

Keyword(s):

Network Security ◽

Computer Network ◽

Cyber Attacks ◽

Security System ◽

Security Assessment ◽

Security Risk ◽

Security Systems ◽

Penetration Testing ◽

Internal Network ◽

The Stability

The development of information technology is a new challenge for computer network security systems and the information contained in it, the level of awareness of the importance of network security systems is still very low. according to a survey conducted by Symantec, the desire to renew an existing security system within a year within a company has the result that only 13% of respondents consider changes to the security system to be important from a total of 3,300 companies worldwide as respondents. This lack of awareness results in the emergence of security holes that can be used by crackers to enter and disrupt the stability of the system. Every year cyber attacks increase significantly, so that every year there is a need to improve the security of the existing system. Based on that, a method is needed to periodically assess system and network security by using penetrarion testing methods to obtain any vulnerabilities that exist on the network and on a system so as to increase security and minimize theft or loss of important data. Testing is carried out by using internal network penetration testing method which tests using 5 types of attacks. From the results of the tests, each system has a security risk of 20-80%. From the results of these tests it can be concluded that each system has a security vulnerability that can be attacked.

Download Full-text

Machine Learning Techniques for Network Intrusion Detection System (NIDS): A Survey

International Journal of Emerging Trends in Engineering Research ◽

10.30534/ijeter/2021/059122021 ◽

2021 ◽

Vol 9 (12) ◽

pp. 1477-1483

Keyword(s):

Machine Learning ◽

Network Security ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Computer Network ◽

Detection System ◽

Vital Role ◽

Cyber Attacks ◽

Machine Learning Techniques ◽

Network Intrusion

In computer network, security of the network is a major issue and intrusion is the most common threats to security. Cyber attacks detection is becoming more enlightened challenge in detecting these threats accurately. In network security, intrusion detection system (IDS) has played a vital role to detect intrusion. In recent years, numerous methods have been proposed for intrusion detection to detect these security threats. This survey paper study examines recent work in the topic of network security, machine learning based techniques as well as a discussion of the many datasets that are commonly used to evaluate IDS. It also explains how researchers employ Machine Learning Based Techniques to detect intrusions

Download Full-text