e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science Volume:03/Issue:03/March-2021
Impact Factor- 5.354
www.irjmets.com
A REVIEW ON DIFFERENT ATTACKS AND WAYS TO MITIGATE THEM IN ORDER TO ENHANCE NETWORK SECURITY Roman Noori*1, Er. Jasdeep Singh*2 *1RIMT
*2Assistant
University, Mandi Gobindgarh, Punjab, India
Professor, Computer Science and Engineering, RIMT University, Mandi Gobindgarh,
Punjab, India.
ABSTRACT Network Security is becoming very important in today's world, as a result of which different methods are used to exploit it. Network engineers need to keep up with recent advances in both hardware and software fields to prevent them from being used, along with user data. Network security is increasingly drawing people's attention. This paper briefly discusses the idea about network security and the need for network security, but also the different methods of attack and defence against it. Keywords: Network Security, Network Security Factor, Security Risks, DOS Attacks, MITM, Spoofing, Firewalls, Encryption, Port Scanning, SSL, HTTPS, VPN.
I.
INTRODUCTION
Fast access to information on the Internet has become increasingly essential for rising businesses. As businesses continue to disperse different business functions to the generic network, measures are required to ensure that their network has not been tampered with or has not collapsed. If a network is accessed by a hacker or a disgruntled employee, it may demolish confidential data for the corporation, adversely impact the competitiveness of the company and delay the ability to compete with other companies. Unauthorized access to the network may also damage the relationship between the company and customers and business associates, who may doubt the company's ability to protect their confidential information. In addition, any part of the network may be vulnerable to attacks or unauthorized actions, as indicated above. Company competitors or even company staff may break all switches and hosts of routers. In order to decide on the best ways to protect the assets of an organization from attackers, the Information Technology Manager of that company should consider the threats. that may be triggered and the damage that may be caused to the business infrastructure. A network contains many vulnerabilities, but most of them can be addressed by following very basic procedures, such as upgrading software and correctly configuring network and firewall rules, using good anti-virus software, etc. Figure 1: Mobile Ad hoc Network [1]
Figure 1: Mobile Ad hoc Network [1]
II. NEED OF NETWORK SECURITY Today, the network model requires protection from attackers and hackers. Network security consists of two specific securities. 1. Data Security-Securing information from security breaches and loss. www.irjmets.com
@International Research Journal of Modernization in Engineering, Technology and Science
[337]
e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science Volume:03/Issue:03/March-2021
Impact Factor- 5.354
www.irjmets.com
2. Computer protection – to protect data from security. Network protection means not just security in a particular network and in any device or network.
III. NETWORK SECURITY HAZARDS 1. Passive attacks “Passive attack is an information security event or occurrence that is focused on the surveillance or scanning of emails, information flows or networks. In certain situations, passive threats are impossible to track when surveillance is the opposite of attempting to log in. Passive assault includes: 1. Study of traffic. 2. Monitoring of unprotected communications. 3. The decryption of weekly encrypted traffic.”[2] 2. Active attacks “An active attack is a network operation in which a hacker tries to alter the data on the target or the data on the way to the target.[2]” 3. Buffer overflow The buffer overflow attack is where the attacker sends more data to the application then the application goes down. A buffer overflow attack normally results in an attacker having administrative access to the system via a command prompt or shell. 4. Dos Attack Nowadays, DOS threats have been a major threat to network security around the world. They can be quickly started by anyone with a simple knowledge of network protection. They don't take as much time and planning as any other threats, in short, they're an inexpensive and efficient way to hit networks. They will shut down the company network by overwhelming it with demands and thereby disrupting the availability of the network. With support for easy-to-use network services such as Torino, which can be quickly downloaded from the Internet, an attack can be launched by any everyday user. DOS attacks usually run by exhausting the desired bandwidth network, the TCP connection buffer, the application/service buffer. CPU loops, and so forth. DOS attacks are used by certain network users known as zombies, most of the time the users are unaware that their computer is compromised. 5. Viruses Viruses are self-replication mechanisms that use files to infect and spread the virus. If the file is opened, the virus will be enabled on the system. 6. Worms The worm is identical to the virus, all of which replicate on their own, except the worm does not require a file to propagate. There are two major classes of worms, mass worms, and worms that are network-conscious. Mass mail worms use e-mail as a means to infect other users. Network-conscious worms are a big concern for the Internet. A network-aware worm chooses a destination, and when the target is controlled by the host worm, it will infect it with a Trojan or something else.[3] 7. Trojans Trojans appear to be innocuously coded to the user, but they secretly have a sinister motive. Trojans typically bear some kind of payload like a virus. 8. Phishing Phishing is an attempt to collect classified information from individuals, institutions or organizations. Fisher people are involved in the sharing of personal documents, such as credit card numbers, online bank credit and other secret material.
www.irjmets.com
@International Research Journal of Modernization in Engineering, Technology and Science
[338]
e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science Volume:03/Issue:03/March-2021
Impact Factor- 5.354
www.irjmets.com
V. IP SPOOFING OF THE ATTACK Spoofing means that the address of the user is matched by the address of the trustworthy computer in order to gain access to other devices. The identity of the perpetrator is hidden by a number of means, making detection and protection impossible. With current IP protocol technologies, packets spoofed by IP cannot be deleted. 1. Denial of service Denial of Service is an intrusion when a system that accepts so many requests cannot return communication to the requester. The computer then collects the resources awaiting completion of the handshake. Eventually, the system will not be able to respond to any more demands without having to act.
VI. TECHNOLOGY FOR INTERNET SECURITY Threats to the Internet will continue to be a major issue in the world as long as information is accessible and distributed over the Internet. Several defence and monitoring systems have been established to deal with these threats. 1. Cryptographic systems Cryptography is today a valuable and widely used tool for security engineering. It involved the use of codes and ciphertext to translate information to unintelligible data. As a consequence, these unintelligible data are sent safely to the network. 2. Firewalls. A firewall is a common boundary or perimeter security system. The aim of a firewall is to block traffic from outside, but it can also be used to block traffic from inside. Firewall is a frontline protection against intruders. This is a device intended to block allowed entry to, or connection to, a private network. Firewalls may be mounted on both software and hardware, or a mix of both.[5] 3. Systems Intrusion Detection The Intrusion Detection System (IDS) is an additional protection feature that helps deter computer intrusion. The IDS systems can be software and hardware equipment used to detect an attack. The IDS items are used to monitor the connection in order to decide if the attacks have been started. Some IDS systems only detect and warn the attack, while others are attempting to stop the attack. 4. Anti-malware tools and scanners Viruses, spiders, and Trojan horses are both forms of viruses or, in short, malware. Special anti-malware methods are used to detect and cure the infected computer. 5. Secure Socket Layer (SSL) The Secure Socket Layer (SSL) is a set of protocols that is a standard way of achieving a high degree of security between a web browser and a website. SSL is designed to provide a communication connection or tunnel between a web server and the web server in such a way that all information exchanged is secured within a secure tunnel. SSL provides client authentication to a server through the use of certificates. Clients are sending a certificate to the server to confirm their identity.
V. NATURE OF SECURITY HAZARDS Computer network protection is required to meet the standards of computer network integrity and user confidentiality. With various system use, the need for data safety can be separated into different use-related risk levels to secure the security of the computer network and to assess unique security features based on specific specifications.
VI. DEFENCE AGAINST NETWORK ATTACKS The underlying failure of the system may be the architecture, setup, or execution that places it at risk. But most glitches are not due to faulty programming, but some may be caused by natural and man-made disasters, or some will be caused by the same people attempting to protect the system. Most vulnerabilities due to bad architecture, poor implementation, poor management, physical weaknesses, software and hardware, information interception, and people weaknesses. A number of network threats can easily be stopped by the www.irjmets.com
@International Research Journal of Modernization in Engineering, Technology and Science
[339]
e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science Volume:03/Issue:03/March-2021
Impact Factor- 5.354
www.irjmets.com
network administrator watching his network carefully and adding the latest fix available from the vendor to his programmer. However, this cannot avoid most attacks, in order to prevent them, the network needs configurations such as:[8] 1. Configuration Management It's as important as having a firewall to protect your computer. As soon as all of the default login Ids have been done, the address has to be modified as quickly as possible because all of this info can be accessed on the internet. Anyone will use the default password to enter the network and place the whole network at risk. Machines within the network must run up - to - date copies and all fixes, in particular security fixes, must be deployed as soon though they are accessible, configuration files must not contain any documented security gaps, all data must be safely backed up, enabling us to address nine of the top ten threats. 2. Encryption Using encryption techniques, hackers can be prevented from listening to the files, because without the right key, it's all garbage. A different encryption process, like using HTTPS or SHTTP during transmitting data between both the client and a server, prevents Man in the middle attack (MITM) and prevents any data from sniffing and, therefore, any eavesdropping. Using VPN encrypts all data over the network, it also improves the safety of the customer. Encryption however has its downsides, since both encrypted mail and web pages are firewall allowed and can also include malware. Encrypting data eliminates computing power from the CPU.[9]
VII. CONCLUSION As the Internet is becoming an important part of our daily lives, the need for information security has multiplied over the past decade. As more and more users are connected to the Internet, a lot of criminals are drawn to it. Nowadays, everything is connected to the Internet, so even a slight flaw to network protection might pose a huge problem for consumers. Today, everything from easy to basic is connected to the Internet.
VIII. REFERENCES [1] [2]
[3] [4] [5] [6] [7] [8]
Singh, J. and Sharma S. 2014, “A Survey On Routing Protocol In Manet” A Survey On Routing Protocol In Manet Vol. 2, No. 6, pp 2320-5083. Rains, T., 2020. Cybersecurity Threats, Malware Trends, and Strategies. 1st ed. Livery Place 35 Livery Street Birmingham B3 2PB UK: Packet Publishing. https://www.google.co.in/books/edition/_/8YLoDwAAQBAJ?hl=en&kptab=getbook&gbpv=1 Bidou, R. 2019. Denial of service attacks. Retrieved: May 10 2018. Available at:http://www.docstoc.com/docs/85149779/Denial-of-Service-Attacks Jamal, Raiyn,2014 “A survey of the cyber attack detection strategies” International Journal of Security and Its Applications Vol.8, No.1 Nithya, S., S. Prema, and G. Sindhu. "Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)." (2016). A report for CPNI “Cyber-attacks: Effects on UK Companies July 2014”. Fast-Growing Market Economy”. Vinit Kumar Gunjan, Amit Kumar “A Survey of Cyber Crime in India” IEEE 2013. Santos, O., 2020. Implementing and Operating Cisco Security Core Technologies (350-701). 1st ed. San Francisco: Pearson.
www.irjmets.com
@International Research Journal of Modernization in Engineering, Technology and Science
[340]