Unit 4 network security

1. network security issues

Network security - Network security is the practice of

protecting a computer network from unauthorized
access, misuse, or attacks. It involves using tools,
technologies, and policies to ensure that data traveling
over the network is safe and secure, keeping sensitive
information away from hackers and other threats.
Network security issues –
Here are some common network security issues:
Malware
A serious threat to system security that can compromise networks
and systems.
Ransomware
A cyber threat that locks down data and computer systems until a
ransom is paid.
Insider threats
A difficult threat to manage that can come from employees,
contractors, or business partners.
DDoS
A significant security risk that uses standard protocols and services
to attack, making it hard to detect.

MITM attacks
 A well-known attack that targets the data flowing between
endpoints.
Social engineering
Exploits the human tendency to trust.
SQL injection
An attacker sends information to websites or web applications to
delete, modify, or add data to a database.
Cybersecurity skills gap
A challenge facing security teams, with research highlighting a
shortfall of cybersecurity workers.
Some preventive measures to help avoid network security
threats include:
 Using security devices like firewalls and anti-virus/anti-
malware software
 Using security settings in the router or operating system
 Regularly updating firmware and software
 Using data encryption systems for sensitive data
 Backing up data, including off-site backup
 Restricting access to the network infrastructure to
authorized personnel
 Training staff on how to use equipment safely and securely

2. traditional cryptography – substitution cipher,

transposition cipher

Cryptography is a technique of securing communication by

converting plain text into ciphertext. It involves various algorithms
and protocols to ensure data confidentiality, integrity,
authentication, and non-repudiation.
Cryptography is a technique of securing information and
communications through the use of codes so that only those persons
for whom the information is intended can understand and process it.
Thus preventing unauthorized access to information. The prefix
“crypt” means “hidden” and the suffix “graphy” means “writing”. In
Cryptography, the techniques that are used to protect information
are obtained from mathematical concepts and a set of rule-based
calculations known as algorithms to convert messages in ways that
make it hard to decode them. These algorithms are used for
cryptographic key generation, digital signing, and verification to
protect data privacy, web browsing on the internet and to protect
confidential transactions such as credit card and debit card
transactions.

Types Of Cryptography
1. Symmetric Key Cryptography
It is an encryption system where the sender and receiver of a
message use a single common key to encrypt and decrypt messages.
Symmetric Key cryptography is faster and simpler but the problem is
that the sender and receiver have to somehow exchange keys
securely. The most popular symmetric key cryptography systems are
Data Encryption Systems (DES) and Advanced Encryption Systems
(AES) .
2.Asymmetric Key Cryptography
In Asymmetric Key Cryptography, a pair of keys is used to encrypt
and decrypt information. A receiver’s public key is used for
encryption and a receiver’s private key is used for decryption. Public
keys and Private keys are different. Even if the public key is known by
everyone the intended receiver can only decode it because he alone
knows his private key.

substitution cipher
In a Substitution cipher, any character of plain text from the given
fixed set of characters is substituted by some other character from
the same set depending on a key. For example with a shift of 1, A
would be replaced by B, B would become C, and so on.
Some types of substitution ciphers are:
▪ Monoalphabetic substitution Each letter is represented by another
letter or character in a one-to-one relationship.

▪ Polyalphabetic substitution Different cipher-text characters can

represent the same plain-text letter, making it more difficult to
decrypt messages using the frequency analysis technique.
Example
Keys for a simple substitution cipher usually consists of 26 letters. An
example key is −

plain alphabet : abcdefghijklmnopqrstuvwxyz

cipher alphabet: phqgiumeaylnofdxjkrcvstzwb

transposition cipher
Transposition Ciphers are an essential part of cryptography that uses
systematic shuffling of plain text characters or bits to secure data by
altering their positions based on some defined way or algorithm.
The Transposition Cipher Technique is an encryption method used to
encrypt a message or information. This encryption method is done
by playing with the position of letters of the plain text. The positions
of the characters present in the plaintext are rearranged or shifted to
form the ciphertext. It makes use of some kind of permutation
function to achieve the encryption purpose. It is very easy to use and
so simple to implement.
 3. Two fundamental cryptography principals
1. Redundancy
Some redundancy must be there in all the encrypted messages. By
redundancy here, we mean the information that is not required for
understanding the message reducing the chances for a passive
intruder to make attacks. Passive intruder attacks involve putting the
stolen information to misuse without understanding it. This can be
more easily understood by an example of a credit card. The credit
card number is not alone sent over the internet rather it is
accompanied by other side info such as the DOB of the card holder,
its validity date and so on. Including such info with the card number
cuts down on the changes for making up the number. Adding a good
amount of redundancy prevents the active intruders from sending
garbage values and then getting it verified as some valid message.
The recipient must be capable of determining whether the message
is valid or not by doing some inspection and simple calculation.
Without redundancy the attackers would simply send junk message
and the recipient will decode it as a valid message. Repetition of the
message twice is a crude form of redundancy.If the two copies are
found to be identical, the bob states that somebody is interfering
with the transmission or there is a lot of noise.
2. Update
Measures must be compulsorily taken for the prevention of the
attacks by active intruders who might play back the old messages.
The longer an encrypted message is held by an active intruder, the
more is the possibility that he can break in to it. One good example
of this is the UNIX password file.A copy of this file can be obtained by
the intruders and they can then easily de-crypt the password. It must
be checked whether the message has been sent recently or is an old
one. One measure for doing so is including a time stamp of few
seconds in the message. This message then can be saved by the
recipient for that many seconds and can be used for comparing with
the incoming messages and filtering the duplicates. Messages which
exceed this time period will be rejected as being too old.
4. DES
The Data Encryption Standard (DES) is a symmetric-key block cipher
published by the National Institute of Standards and Technology
(NIST).
DES is an implementation of a Feistel Cipher. It uses 16 round Feistel
structure. The block size is 64-bit. Though, key length is 64-bit, DES
has an effective key length of 56 bits, since 8 of the 64 bits of the key
are not used by the encryption algorithm (function as check bits
only). General Structure of DES is depicted in the following
illustration –
Since DES is based on the Feistel Cipher, all that is required to specify
DES is −
Round function
Key schedule
Any additional processing − Initial and final permutation
Initial and Final Permutation
The initial and final permutations are straight Permutation boxes (P-
boxes) that are inverses of each other. They have no cryptography
significance in DES. The initial and final permutations are shown as
follows –
Round Function
The heart of this cipher is the DES function, f. The DES function
applies a 48-bit key to the rightmost 32 bits to produce a 32-bit
output.
Key Generation
The round-key generator creates sixteen 48-bit keys out of a 56-bit
cipher key. The process of key generation is depicted in the following
illustration −

The logic for Parity drop, shifting, and Compression P-box is given in
the DES description.
5. digital signature
A digital signature is a mathematical technique used to validate
the authenticity and integrity of a digital document, message or
software. It's the digital equivalent of a handwritten signature
or stamped seal, but it offers far more inherent security. A
digital signature is intended to solve the problem of tampering
and impersonation in digital communications.

Digital signatures can provide evidence of origin, identity and

status of electronic documents, transactions and digital
messages. Signers can also use them to acknowledge informed
consent.

How do digital signatures work?

Digital signatures are based on public key cryptography, also

known as asymmetric cryptography. Using a public key
algorithm, such as Rivest-Shamir-Adleman, or RSA, two keys are
generated, creating a mathematically linked pair of keys: one
private and one public.

Digital signatures work through public key cryptography's

two mutually authenticating cryptographic keys.
For encryption and decryption, the person who creates the
digital signature uses a private key to encrypt signature-related
data. The only way to decrypt that data is with the signer's
public key.

If the recipient can't open the document with the signer's

public key, that indicates there's a problem with the document
or the signature. This is how digital signatures are
authenticated.

Digital signing certificates, also called public key certificates, are

used to verify that the public key belongs to the issuer. Signing
certificates are sent with the public key; they contain
 information about the certificate's owner, expiration dates and
the digital signature of the certificate's issuer. Trusted third-
party certificate authorities (CAs), such as DocuSign or
GlobalSign, issue signing certificates.

Digital signature technology requires all parties to trust that the

person who creates the signature image has kept the private
key secret. If someone else has access to the private signing
key, that party could create fraudulent digital signatures in the
name of the private key holder.

6. firewall
In the world of computer networks, a firewall acts like a security
guard. Its job is to watch over the flow of information between
your computer or network and the internet. It’s designed to
block unauthorized access while allowing safe data to pass
through. It monitors both incoming and outgoing traffic using a
predefined set of security to detect and prevent threats.
A firewall is a type of network security device that filters
incoming and outgoing network traffic with security policies that
have previously been set up inside an organization. A firewall is
essentially the wall that separates a private internal network
from the open Internet at its very basic level.
Working of Firewall
Firewall match the network traffic against the rule set defined in its
table. Once the rule is matched, associate action is applied to the
network traffic. For example, Rules are defined as any employee
from Human Resources department cannot access the data from
code server and at the same time another rule is defined like
system administrator can access the data from both Human
Resource and technical department. Rules can be defined on the
firewall based on the necessity and security policies of the
organization. From the perspective of a server, network traffic can
be either outgoing or incoming.

Firewall maintains a distinct set of rules for both the cases. Mostly
the outgoing traffic, originated from the server itself, allowed to
pass. Still, setting a rule on outgoing traffic is always better in order
to achieve more security and prevent unwanted communication.
Incoming traffic is treated differently.

Advantages of Using Firewall

 Protection From Unauthorized Access: Firewalls can be set up to
restrict incoming traffic from particular IP addresses or networks,
preventing hackers or other malicious actors from easily
accessing a network or system. Protection from unwanted
access.
 Prevention of Malware and Other Threats: Malware and other
threat prevention: Firewalls can be set up to block traffic linked
to known malware or other security concerns, assisting in the
defense against these kinds of attacks.
 Control of Network Access: By limiting access to specified
individuals or groups for particular servers or applications,
firewalls can be used to restrict access to particular network
resources or services.