A survival study of security attacks, security mechanisms and security challenges in network security. (2024)

Link/Page Citation

INTRODUCTION

Network Security is the most crucial module in information securitybecause it is answerable for securing all information dissipated throughnetworked computers. Network Security refers to all hardware andsoftware exerts, characteristics, features, operational procedures,accountability, measures, access control, and administrative andmanagement policy essential to afford an tolerable rank of fortificationfor Hardware and Software, and information in a network. Networksecurity evils can be separated approximately into four stronglyentangled areas: secrecy, authentication, no repudiation, and integritycontrol. Secrecy, also called confidentiality, has to do withmaintaining information away from the hands of illegal users. This iswhat typically comes to people's mind when they think about networksecurity. Authentication accords with paramounting whom you are chattingto before proclaiming perceptive information or entering into a businessdeal. No repudiation deals with signatures. Message Integrity: Even ifthe sender and receiver are able to authenticate one another, they alsodesire to cover that the data of their communication is not distorted,either maliciously or by disaster, in transference. Expansion to themake sure reckoning procedures that we sustained in trustworthy transferand data link protocols. Cryptography is an emerging technology, whichis important for network security. The widespread use of computerizeddata storage, processing and transmission makes sensitive, valuable andprivate information exposed to unauthorized access while in storage ortransmission. Due to long-lasting encroachment in communications andsnooping technologies, business organizations and private folks arestarting to defend their information in computer systems and networksusing cryptographic techniques, which, freshly and solely used by themilitary and diplomatic group of people. Cryptography is the essence oftoday's computer and communications networks, protecting the wholething from business e-mail to bank transactions and internet shopping.While conventional and contemporary cryptography make use of variousarithmetical techniques to stay away from eavesdroppers who are learningthe stuffings of encrypted messages. Computer systems and networks whichare storing, processing and communicating responsive or valuableinformation entail safety against such unauthorized access

A. Cryptography Principles:

Cryptography has some principles while mounting a secure networkthe following principles should be followed. The cryptographic goals arelisted and explained as below:

a. Authentication: The practice of identifying an individualusually based on username and password.

b. Confidentiality: Information in the network remains private

c. Integrity: Assurance that information can only be accessed ormodified by those authorized to do so.

d. Non-repudiation: Assurance that someone cannot deny somethingand ensure that a transferred message has been sent and received by theparties claiming to have sent and received the message.

e. Access: Authorized users are provided the means to communicateto and fro from a particular network

B. Primordial Concepts And Mechanisms:

a. Computer security: Computer Security is the process of hinderingand discovering unauthorized use of the computer. It involves theprocess of stewarding against intruders from using the computerresources for malicious intents.

b. Network security: Protecting the data during the transmission ona network.

c. Information security: The practice of prohibiting illicitadmission, usage, accession, cataclysm, fickle, assay, track mark ordestruction of information.

d. Plain text: Message in its original-human readable-form. Plaintext is the input of an encryption process.

e. Cipher text: Cipher text is data that has been encrypted. Ciphertext is unreadable until it has been converted into plain text.

f. Encryption: Encryption is the method of indoctrinating messagesor ammo in such a way that only certified parties can access it.

g. Decryption: Decryption is generally the reverse process ofencryption. It is the course of decoding the data which has beenencrypted into a covert design. An endorsed user can only decrypt databecause decryption requires a secret key or password.

Cryptography involves three patent mechanisms: Symmetric-KeyEncipherment, Asymmetric-Key Encipherment, and Hashing. Symmetric-KeyEncipherment uses a solitary undisclosed key for both encryption anddecryption whereas Asymmetric-Key Encipherment uses two keys: onecommunity key and one confidential key. The sender encrypts the datausing the public key and the receiver decrypts the message using a privykey. In Hashing, a fixed-length memo digest is composed out of avolatile-length message, and both the message and digest are transmittedwhich ensures data integrity.

Literature Survey:

This section discusses about the literature survey on somefollowing papers in cryptography and network security.

Dr. G. Padmavathi, Mrs. D. Shanmugapriya [1] focused on the attacksand their classifications in wireless sensor networks and also anattempt has been made to explore the security mechanism widely used tohandle those attacks. The challenges of Wireless Sensor Networks arealso briefly discussed.

Khaleel Ahmad, Shikha Verma, Nitesh Kumar and Jayant Shekhar [2]worked on Internet security threats and offers a classification and fewsecurity solutions for Internet security attack.

Shio Kumar Singh, M P Singh and D K Singh [3] worked on varioussecurity schemes of wireless sensor network have introduced somesecurity issues, threats, and attacks in WSNs and some of the solutions.

Sumedha Kaushik, Ankur Singh [4] studied various cryptographictechniques to increase the security of the network.

Vikas Lokesh, Srivathsan Jayaraman, Dr. H S Guruprasad [5] describesome of the recent research going on in the field of cryptography andnetwork security. Classify the research topics based on theirimplementation across the seven layers of the familiar OSI referencemodel.

Anupriya Shrivastava, M A Rizvi [6] analyzed the variousauthentication techniques such as Knowledge-based, Token-based andBiometric-based techniques.

Syed Muhammad Jamil Shah, Ammar Nasir, Hafeez Ahmed [7] exploredthe importance of security, trivial and currently deployed securitytools, and the limitations to be considered while deploying suchsecurity techniques and protocols for securing satellite communication.

Madhumita Panda [8] wireless sensor network suffers from manyconstraints such as limited energy, processing capability, and storagecapacity, etc. There are many ways to provide security, one iscryptography. Selecting the appropriate cryptography method for sensornodes is fundamental to provide security services in WSNs. Public Keybased cryptographic schemes were introduced to remove the drawbacks ofsymmetric based approaches. compared two schemes in this paper ECC, andRSA and found out that ECC is more advantageous compared to RSA, due tolow memory usage, low CPU consumption and shorter key size compared toRSA. ECC 160 bits is two times better than RSA 1024 bits when code sizeand power consumption are the factors of consideration.

Kritika Acharya, Manisha Sajwan, Sanjay Bhargava [9] well-knowncryptographic algorithms have been analyzed in this paper to demonstratethe basic differences between the existing encryption techniques.Regardless of the mathematical theory behind an algorithm, the bestalgorithm are those that are well-known and well-documented because theyare well-tested and well studied.

Kartikey Agarwal, Dr. Sanjay Kumar Dubey [10] focused on differenttypes of network security and defense against security attacks andrecent advances in network security.

Blessy Rajra, A J Deepa [11] summarizes the attacks and theirclassifications in wireless sensor networks and also an attempt has beenmade to explore the security mechanism widely used to handle thoseattacks.

Rajesh R Mane[12] reviewed three basic cryptography algorithmsdifferent types of attacks to slow down network are defined. Basic toolsof encryption for secure messaging, transactions and connectivity arepointed out.

M. Guru Vimal Kumar, U.S. Ragupathy [14] worked on some of thebasic concepts of cryptography performance metrics and some of theimportant parameters that are used in cryptography. Some of theimportant points which contribute to cryptography system such as keyselection for security and encryption, decryption process are focused.

Cryptography Attacks:

Attack:

An attack is an premeditated hazard and is an operation performedby an dude with the motive to abuse security. Examples of attacks aredestruction, modification, fabrication, interruption or interception ofdata. An attack is a negligence of data modesty and often results inrevealment of information, a violation of the confidentiality of theinformation, or in modification of the data. An attacker can hike accessto hyper sensitive information by striking in a number of steps, whereeach step involves an illegal access to the system. An intentionalthreat can be caused by an abettor or invader can be a undercover agent,techie, corporate hijacker, or a sulky employee. Any attack on thesecurity of a system can be a direct and indirect attack. A directattack targets directly at the appropriate sector of the facts orassets. A couple of peripherals in a frame of reference may be attackedbefore the intended (final) information can be accessed. In an indirectattack, information is acknowledged from or about the preferreddata/resource without straightly attacking that resource. Indirectattacks are often troublesome in database systems where it is possibleto obtain hushed information by posturing crooked query to thedirectory. Such an devious attack is often called inference.

Passive Attacks:

Passive attacks are formed by observing a system undertaking itstasks and capturing propaganda. Worldwide, it is very tough to determinepassive attacks since they do not interweave or annoy normal systemfunctions. Inspecting network traffic, CPU and disk usage, etc areexamples of passive attacks. Encryption of network traffic can onlypartly solve the problem since even the existence of traffic on ameshwork may exhibit some intelligence. Traffic investigation such ascalibrating the length, time and frequency of emissions can be veryproductive to discover peculiar activities

Active Attack:

An active attack swaps the systems course of action in some mode.Exemplars of an active attack can be to enclose unique data, to remodel,replicate or eliminate subsisting data in a database, to intentionallyharm system software provoking it to decline and to pirate magnetictapes, etc. A elementary operation such as the transition of a negativeacknowledgment (NACK) from a database server into a positiveacknowledgment (ACK) could arise in great mess and/or wreck. Activeattacks are promptly easier to sense if suitable foresights are taken.

Routing attack: Network layer attacks like routing data spoofing,alteration or replay, black hole and selective forwarding attacks,depression attacks, Sybil attacks, hole attacks flood attacks, andacknowledgement spoofing.

Denial of Service attack: A denial of service attack (Dos attack)Could be a cyber attack where ever the offender seeks to form a machineor network resource in accessible to its supposed users by briefly orindefinitely disrupting services of a bunch connected to the web. Denialof service is usually accomplished by flooding the targeted machine orresource with superfluous requests in an endeavor to overload systemsand forestall some or all legitimate requests from being consummated.

Fabrication: In this attack users use some accessing service, thatthey are not eligible for its attainable within the absence of correctauthentication mechanisms.

Eavesdropping: Eavesdropping is that the unauthorized time periodinterception of a non public communication like telephony instantmessage, videoconference or fax transmission. The term listen drivesfrom the observe of truly standing beneath the overhang of a house,taking note o conversations

Cryptography Denominations:

Cryptography is largely divided into 2 mechanisms. They are a)Bilateral Cryptography b) Uneven Cryptography

A. Bilateral coding: A single key is employed for encrypting anddecrypting the message .There are some bilateral algorithms like DES,3DES, AES, RC2, RC6.

B. Uneven Cryptography: In this type of cryptography 2 keys areused for secret writing and decoding of message. There are manyasymmetric algorithms they are Rivest Shamir Adleman (RSA),Diffie--Hellman, Digital Signature algorithm (DSA).

The principal aspects of the two encryption methods (symmetric andAsymmetric key) are compared in the table below

Security Mechanism:

The security mechanism is a mechanism that is designed to detect,prevent or recover from a security attack. A vast variety of securityschemes can be improvised to mischievous attacks and these can be putdown as high-level and low-level

A. Low-Level Mechanism:

Low-level security primitives for securing networks consist of:

1. Key establishment and trust setup

2. Secrecy and authentication

3. Privacy

4. Robustness to communication denial of service

5. Secure routing

6. Resilience to node capture

1) Key Establishment And Trust Setup:

The crucial imperatives of mounting up the sensor network are buythe enactment of cryptographic keys. Predominantly the sensor deviceshave narrow data processing capability and the public key cryptographicnatives are too steep to follow. Key-formulation skills need to reach tonetworks with hundreds or thousands of knots. In extension, theutterance template of sensor networks differ from conventional networks;sensor nodes may need to set up keys with their bystander and with dataheap nodes. The prejudice of this afflux is that rivals who negotiateddecently and many nodes could also renovate the entire key group andcrack the method.

2) Secrecy And Authentication:

Nearly every single sensor network functions entail shield againstintermeddling, infusion, and amendment of packets. Cryptography is theestablished defense. Incredible system trade-offs arise when aggregatingcryptography into sensor networks. For point-to-point communicationend-to-end cryptography score a high level of security but depend uponthat keys be set up along with all end points and be incoherent withinert involvement and regional publication. Link-layer cryptography witha network wide shared key shortens key setup and urge passiveconcurrence and regional publication, but transitional nodes might snoopor modify messages. The most basic sensor networks are likely to uselink coat cryptography, because this loom affords the greatest ease ofgrouping with presently vacant network cryptographic approaches

3) Privacy:

Similar to other habitual networks, the sensor networks have alsopushed concealment. At the beginning the sensor networks are extendedfor reasonable purpose might latterly be used in precipitous ways.Contributing aliveness of the presence of sensor nodes and dataaccretion is distinctly essential.

4) Robustness To Communication Denial Of Service:

An attacker tries to mess up with the network's activity bytelecasting a high-energy signal. If the transference is vigorousenough, the entire system's utterance could be barred. Most refinedattacks are also possible; the opponent might arrest communication byresisting the802.11 medium access control (MAC) protocol by,transmitting while a neighbor is also forwarding or by steadilydemanding channel access with a request-to send signal.

5) Secure Routing:

Routing and knowledge forwarding is a critical service forsanctioning communication in device networks. Miserably, existingrouting protocols undergo many security obligations. For example, aninvader might start denial of-service attacks on the routing protocol,prohibiting communication. The effortless attacks involve infusingmalicious routing information into the network, ensuing in routinginequality. Simple certification might safeguard against injectionattacks, but some routing protocols are prone to repeat by the attackerof genuine routing messages.

6) Resilience To Node Capture:

One of the most demanding topics in sensor networks is pliancyagainst node capture attacks. In most operation, sensor nodes are likelyto be placed in position easily reached to attackers. Such coverageset-up the liability that an invader might hook sensor nodes, dissociatecryptographic secrets, vary their program, or put back them withmalicious nodes under the power of the invader. Tamper-opposing wrappingmay be one guard, but it's costly, since present technology doesnot offer a high level of security. Algorithmic key to the problem ofnode detain is desirable.

B. High-Level Mechanism:

High-level security methods for securing sensor networks, includesecure group management, intrusion detection, and secure dataaggregation.

1) Secure Group Management:

Each and every node in a network is narrow in its computing andcommunication means. However, fascinating in-network data collection andscrutiny can be done by groups of nodes. For example, a group of nodesmight be in charge for mutually tracking a action through the network.The actual nodes containing the group may change frequently and rapidly.As a result, secure protocols for group management are necessary;strongly accept new group members and aiding secure group communication.The effect of the group key computation is usually conveyed to a basestation. The output must be authenticated to guarantee that it comesfrom a legal group.

2) Intrusion Detection:

Networks are prone to many forms of infringement. Networks entail asolution that is totally scattered and economical in terms ofcommunication, energy, and memory necessities. The use of secure groupsmay be a gifted move towards decentralized intrusion detection.

3) Secure Data Aggregation:

One gain of a network is the top grain sense that hefty and opaquesets of nodes can provide. The sensed values must be a pile to avoidamazing quantity of traffic back to the pedestal position. Relaying onthe structural design of the network, gathering may take place indifferent places in the network. All accumulation locations must besecured

Challenges of Network Security:

The networks present noteworthy challenges in crafting securityschemes. Let's review this list of challenges and evaluate how toreduce risks.

1. State-sponsored espionage

2. Distributed denial of service (DDoS) attacks

3. Password Management

4. Sabotage

5. Botnets

6. Insider threat

7. Mobility

8. Internet

The detailed description of security challenges is listed as below:

1. State-sponsored espionage: This challenge draws attention to theneed to protect critical data from governmentally or economicallyaggravated threats. Critical data includes the information needed to runnetwork appended infrastructure as well as the cerebral assets used tomanage business and drive pioneering solutions.

2. Distributed denial of service (DDoS) attacks: Securityspecialists in the economic services industry are likely to concur toour subsequent challenge: attacks. We can look forward to see a superiorthreat of business embed threats with the swing from computer-basedattacks, producing huge number of lower bandwidth trial, to virtualserver or cloud-based attacks, spawning ultra-high bandwidth events.With these new attack vectors it becomes even more advantageous toidentify and moderate large DDoS events while traffic is in the networkcloud.

3. Password Management: Our challenge is putting in place andreinforcing stronger user-controlled countersign that are less likely tobe broken. This enlightening and secretarial challenge requiresingenious key and imposed strategies. Or, we can look at options tousual passwords, such as the use of a syndicatedID.

4. Sabotage: Sabotage of computer networks can stir criticgroundwork and eventually bang corporate and vertebrae networks. Thischallenge is so probably wicked because it bunch up social engineeringwith software based tools to supply a complex multi-vectored attacksilhouette.

5. Botnets: Botnets are present all over the place. The challengeis that many botnet owners design systems that are more flexible andsuperfluous than many corporate and government networks. Controllingthis nimble attack vector before it can be used as an advancedpersistent threat (APT) and emigrates into smart mobile devices ispivotal.

6. Insider threat: A disgruntled employee base yields a vector forinsider security events, while the unintentional inoculation of malwarethrough detachable medium or web interconnections can make any employeethe commencing point for a network security abuse.

7. Mobility: Administration and security of mobile networks andsmart mobile devices becomes even more demanding when employees want touse their personal devices for business purposes. Thebring-your-owndevice drift aggravate this challenge when we look atshielding the significant information desired to handle the organizationand the network without immolating the aloofness of employee'sprivate information and behavior.

8. Internet: One of the utmost confront to security proficient isthe insight that the internet, a preeminent shot network, is a secureanalytical framework. The internet is an unlock correlation of assortednetworks.

Conclusion:

In this survey paper, the deliberations are made for some of thebasic concepts in cryptography, and some of the essential parametersthat are used in cryptography ... These are some different looms tosecure the system to achieve high level of security. Some of the attacksare also been discussed. Thus by picking a suitable encryption algorithmwill result in secured information system that may beat several attacks.As the significance and magnitude of privacy of data is continuouslyincreasing, the value of network security and cryptography is increasinglaterally. Furnishing Network Security is never an sheer process, butrather an cyclic one. And so, Network Security and Cryptography are onthe spiteful edge of research today. This survey will hopefully promptfuture researchers to come up with adequate and more vigorous securitymechanisms and make their network free from danger.

REFERENCES

[1.] Dr. Padmavathi, G and D. Mrs Shanmugapriya, 2009. 'ASurvey of Attacks, Security Mechanisms, and Challenges in WSN,'IJCSIS 4: 1&2.

[2.] Khaleel Ahmad, Shika Verna, Nitesh Kumar and Jayant Shekar,2011. 'Classification of Internet Security Attack,'Proceedings of the 5th National Conference.

[3.] Shio Kumar Singh, Singh M.P and D.K. Singh, 2011. ' ASurvey on Network Security and Attack Defense Mechanism in WSN,'International Journal Of Computer Trends and Technology.

[4.] Sumedha Kaushik, and Ankur Singhal, 2012. 'NetworkSecurity Using Cryptography Techniques, 'International Journal OfAdvanced Research in Computer Science and Software Engineering, 2(12):2277 128X.

[5.] Vikas lokesh, Srivathsan Jayaraman and Dr.Guruprasad H.S.,2014. 'A Survey on Network security and cryptography' IJARSE,3(10): 2319-8354.

[6.] Anupriya Shrivastava and Rizvi M.A., 2014. 'NetworkSecurity Analysis Based on Authentication Technique,' IJCSMC, 3(6):2320-088X.

[7.] Syed Muhammad Jamil Shah, Ammar Nasir and HAfeez Ahmed, 2014.'A Survey Paper on Security Issue inSatellite Communication NetworkInfrastructure,' International Journal of Engineering Research andGeneral Science., 2(6): 2091-2730.

[8.] Madhumita Panda, 2014. 'Security in Wireless Sensor usingCryptographic Techniques,' AJER 3(1): 50-56 ISSN: 2320-0936.

[9.] Kirtika Archarya, Manisha Sajwan, and Sanjay Bhargava, 2014.'Analysis of Cryptographic Algorithms for Network Security,'IJCATR 3: 2.

[10.] Kartikey Agarwal, Dr. Sanjay Kumar Dubey, 2014. 'NetworkSecurity: Attack and Defence,'IJAFRSE 1: 3.

[11.] Blessy Rajra M.B. and A.J. Deepa, 2015., 'A Survey OnNetwork Security Attacks and Prevention Mechanism,'Journal ofCurrent Computer Science and Technology, pp: 231-5411.

[12.] Rajesh, R Mane, 2015. 'A Review on CryptographyAlgorithms, Attacks and Encryption Tools,'IJIRC 3(9): 2320-9801.

[13.] Joselin, J., S.J. Brintha and V. Magesh Babu, 2015.'Role of Digital Signature in Network Security andCryptgraphy,' IJCSIT 6: 0975-9646.

[14.] Guru Vimal Kumar, M and U.S. Ragupathy, 2016. ' A Surveyon Current Key Issues and Status in cryptography',IEEE Transactionson IEEE WiSPNET, 27: 6.

[15.] Mohammed AbuTaha, Mousa Farajallah, Radwan Tahboub andMohammad Odeh, 2011. 'Survey Paper: Cryptography is theScience,' IJCSS, 5: 3.

(1) Jayasmruthi. A, (2) Parthasarathi. P, (3) Sathishkumar

(1) Pg Scholar Akshaya College Of Engineering And TechnologyCoimbatore, Tamilnadu.

(2) Assistant Professor Akshaya College Of Engineering AndTechnology Coimbatore, Tamilnadu.

(3) Ap/Cse--Snsct

Received 28 January 2017; Accepted 22 April 2017; Available online1 May 2017

Address For Correspondence:

Jayasmruthi. A, Pg Scholar Akshaya College Of Engineering AndTechnology Coimbatore, Tamilnadu

E-mail: [emailprotected]

Caption: Fig. 1: Cryptography Pattern

Caption: Fig. 2: Security Goals

Caption: Fig. 3: Symmetric key encryption

Caption: Fig. 4: Asymmetric key encryption

Caption: Fig. 5: Hashing Algorithm

Caption: Fig. 6: Collection of general security attacks

Caption: Fig. 7: Security Mechanisms of Network security

Table. 1: Symmetric algorithm Vs Asymmetric algorithm Symmetric Encryption Asymmetric EncryptionFunctionality Allows efficient Enables security in communication between two settings in which parties in a closed symmetric encryption environment. simply does not work or is more difficult to implement.Computational Computes incredibly fast, Computes slowly, usingefficiency' since the relatively computationally heavy and simple operations used complex operations, based are executed very on the difficulty of efficiently. solving number-theoretic problems.Key size Uses 128-bit symmetric Employs key sizes of at keys, which are least 1000 bits to considered very secure. achieve sufficient, lasting security.Hardware Performs simple Implements complex and algorithms, requiring time-consuming algorithms relatively inexpensive that need more powerful hardware. hardware.Security No difference. Security is based on the strength of the algorithm and size of the key. Good algorithms exist for both encryption methods and key size effectiveness.

COPYRIGHT 2017 American-Eurasian Network for Scientific Information
No portion of this article can be reproduced without the express written permission from the copyright holder.

Copyright 2017 Gale, Cengage Learning. All rights reserved.


A survival study of security attacks, security mechanisms and security challenges in network security. (2024)

References

Top Articles
Latest Posts
Article information

Author: Mrs. Angelic Larkin

Last Updated:

Views: 6348

Rating: 4.7 / 5 (47 voted)

Reviews: 86% of readers found this page helpful

Author information

Name: Mrs. Angelic Larkin

Birthday: 1992-06-28

Address: Apt. 413 8275 Mueller Overpass, South Magnolia, IA 99527-6023

Phone: +6824704719725

Job: District Real-Estate Facilitator

Hobby: Letterboxing, Vacation, Poi, Homebrewing, Mountain biking, Slacklining, Cabaret

Introduction: My name is Mrs. Angelic Larkin, I am a cute, charming, funny, determined, inexpensive, joyous, cheerful person who loves writing and wants to share my knowledge and understanding with you.