IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

Introduction to Network Security , Attacks and Services

Aruna Tiwari
arunatiwari30@gmail.com

Computer Science And Enginerring , RKDF University Bhopal M.P.

Abstract:- Network security is a complicated subject , historically only tackled by trained

and experienced experts. However as more and more people become wired an increasing
number of people need to understand the basic of security in a network world [1]. Network
security is a very important task today for access internet and for transformation of
information. In this paper , we focused mainly on network security levels issues rather than
implementation and we discus about security issues related to the security attack, services and
a model of network security.

Keywords:-

Network security, Network services , Security Attacks , Security Mechanisms ,

Model for network security.

I Introduction

A network has been defined [2] as “any set of interlinking lines resembling a net, a network of
roads an interconnected system , a network of alliances.” This definition suits our purpose
well: a computer network is simply a system of interconnected computers.

The requirements of information security within an organization have undergone two major
changes in the last several decades .Before the widespread use data processing equipment , the
security of information felt to be valuable to organization was provided primarily by physical
and administrative means. An example of the former is the use of rugged filling cabinets with a
combination lock for storing sensitive documents. [3]

With the introduction of computer, the need for automated tools for protecting files and other
information stored on the computer became evident. This is especially the case for a shared
system, such as a time- sharing system, and the need is even more acute for systems that can be
accessed over public telephone network , data network, or the Internet. The generic name for
the collection of tools designed to protect data and to thwart hackers is computer security.

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 73
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

The second major change that affected security is the introduction of distributed systems and
the use of networks and communications facilities for carrying data between terminal user and
computer and between computer and computer. Network security measures are needed to
protect data during their transmission. In fact, the term network security is somewhat
misleading, because virtually all business, government, and academic organizations
interconnection their data processing equipment with a collection with a collection of
interconnected networks. Such a collection is often referred to as an internet, and the term
internet security.

II Aspects of Security

Security involves four aspects:-

1. Privacy
2. Authentication
3. Integrity
4. Non- repudiation
1. Privacy:-Privacy means that the sender and the receiver expect confidentiality. The
transmitted message should make sense to only the intended receiver. To all others, the
message should be unintelligible.
2. Authentication:-Authentication means that the receiver is sure of the sender „s identify
and that an imposter has not sent the message.
3. Integrity:- Data integrity means that the data must arrive at the receiver exactly as it
was sent. There must be no changes during the transmission, either accidental or
malicious . As more and more monetary exchanges occur over the Internet, integrity is
crucial.
4. Non –Repudiation :- Non- repudiation means that a receiver must be able to prove that
a received message came from a specific sender . The sender must not be able to deny
sending a message that he, in fact, did send. The burden of proof falls on the receiver.

III Types of Attacks

1. Attacks :- A General View

From a common person‟s point of view , we can classify attacks
into three categories:
 Criminal Attacks : Criminal attacks are the simplest to understand. Here , the
sole aim of the attacks is to maximize financial gain by attacking computer
systems.
 Publicity Attacks: Publicity attacks occur because the attackers want to see their
names appear on television news channels and newspapers. History suggests
that these types of attacks are usually not hardcore criminals. They are people

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 74
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

such as students in universities or employees in large organizations, who seek

publicity by adopting a novel approach of attacking computer systems.[4]
 Legal Attacks: This form of attack is quite novel and unique. Here ,the attacker
tries to make the judge or the jury doubtful about security of a computer system.
This works as follows. The attacks the computer system and attacked party
manages to take the attacker tries to convince the judge and the jury that there is
inherent weakness in the computer system and that she has done nothing
wrongful. The aim of the attacker is to exploit the weakness of the judge and the
jury in technology matters.[4]
2. Attacks : A Technical View

There attacks are two types :-

 Passive Attacks: Passive attacks do not involves any modifications to

the contents of an original message. Passive attacks are two types:
Release of message contents and Traffic analysis.

Release of message contents is quite simple to understand .when we send a

confidential email message to our friend, we desire that only she be able to
access it. Other, the contents of the message are released against our wishes to
someone else. Using certain security mechanisms, we can prevent Release of
message contents. For example, we can encode message, using a code
language, so that only the desired parties understand the contents of a message,
because only they know the code language. However , if many message are
passing through , a passive attacker could try to figure out similarities between
them to come up with some sort of pattern the provides her some class
regarding the communication that is taking place. Such attempts of analyzing
message to come up with likely patterns are the work of the traffic analysis
attack.

 Active Attacks: In Active attacks , the contents of the original message

are modified in the same way. Active attacks are three types:
Interruption (Masquerade) , Modification ( Replay attacks and
Alterations) and Fabrication (DOS).

Masquerade is caused when an unauthorized entity pretends to be another

entity. In this attacks, an entity poses an another entity. In this attacks, usually
some other forms of active attacks are also embedded .As an instance, the
attack may involve capturing the user‟s authentication sequence. In a Replay
attacks , a user captures a sequence of events or some data units and re-sends
them. Alteration of message involves some change to the original message.
Denial Of Services (DOS) attacks make an attempt to prevent legitimate users

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 75
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

from accessing some services, which they are eligible for. For instance , an
unauthorized user might send too many login requests to a server using random
user ids one after the other quick succession, so as to flood the network and
deny other legitimate user from using the network facilities.

3. The Practical Side of Attacks:

Security attacks can happen at the application level or network level.

Application level attacks: These attacks happen at an application level

in the sense that the attacker attempts to access, modify or prevent to
information of a particular application or to the application itself.
Examples of this are trying to obtain someone‟s credit card information
on the internet or changing the contents of a message to change the
amount in a transaction, etc.
 Network level attacks: These attacks generally aim at reducing the
capabilities of a network by a number of possible means. These attacks
generally make attempt to either slow down or completely bring to halt,
a computer network. Note that this automatically can lead to application
level attacks, because once someone is able to gain access to a network ,
usually she is able to access/ modify at least some sensitive information
, causing havoc
4. Program That Attacks:

Let us discuss a few programs that attacks computer systems to cause

damage or to create confusion.

 Virus : A virus is a computer program that attaches itself to another

legitimate program and causes damage to the computer system or to
the network .
 Worm : Similar in concept to a virus, a worm is actually different in
implementation. A worm does not perform any destructive actions
and instead, only consumes system resources to bring it down.
 Trojan Horse: A Trojan Horse is a hidden piece of code, like a virus.
However, the purpose of a Trojan horse is different. A Trojan horse
allows an attacker to obtain some confidential information about a
computer or a network.
 Java Applet: Java applets and ActiveX controls are small client-side
programs that might cause security problems, if used by attackers
with a malicious intention.[4]
5. Specific Attacks :

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 76
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

On the internet, computers exchange messages with each other in the

form of small blocks of data , called as packets. A packet, like a postal envelope contains
the actual data to be sent and the addressing information. Attackers target these packets , as
they travel from the source computer to the destination computer over the internet. These
attacks take two forms.

 Packet Sniffing:-

Packet sniffing is a passive attack on an ongoing conversation.

An attacker need not hijack a conversation, but instead, can simply observe packets
needs to be protected in some ways. This can be done at two level :

1. The data that is traveling can be encoded some ways.

2. The transmission link itself can be can be encoded.

To read a packet , the computer via which the traffic goes through. Usually, this is a router.
However , routers are highly protected resources. Therefore , an attacker might not be able to
attack a less protected computer on the same path.

 Packet spoofing:

In this technique, an attacker sends packets with a false source

address. When this happens, the receiver would inadvertently send replies back to this
forged address are not to the attacker. This can lead to three possible cases:

1. The attacker can intercept the reply- If the attacker is between the
destination and forged source, the attacker can see the reply and use that
information for hijacking attacks.
2. The attacker need not see reply- If the attacker‟s intention was a Denial Of
Services (DOS) attack, the attacker need not bother about the reply.
3. The attacker does not want the reply- The attacker could simply be angry
with the host, so it may put that host‟s address as forged source address and
send the packet to the destination, as it wants the host with the forged address
to receive it and get confused.

IV Security Services
There following categories of security services:
1. Authentication: The assurance that the communicating entity is the one that is
claims to be.
 Peer Entity Authentication: Used in association with a logical connection to
provide confidence in the identity of the entities connected.
 Data Origin Authentication: In a connectionless transfer , provides assurance
that the source of received data is as claimed.

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 77
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

2. Access Control : In the context of network security , access control is the ability to
limit and control the access to host systems and application via communications
links. To achieve this , each entity trying to gain access must first be identified , or
authenticated ,so that access rights can be tailored to the individual.
3. Data Confidentiality : The protection of data from unauthorized disclosure.
 Connection Confidentiality : The protection of all user data on a
connection.
 Connectionless Confidentiality : The protection of all user data in single
data block.
 Selective –Field Confidentiality : The confidentiality of selected fields
within the user data on a connection or in a single data block.
 Traffic Flow Confidentiality : The protection of the information that might
be derived from observation of traffic flows.
4. Data Integrity : The assurance that data received are exactly as sent by an
authorized entity (i.e. , contain no modification, insertion , deletion , or replay)
 Connection Integrity with Recovery : Provides for the integrity of all
user data on a connection and detects any modification, insertion ,
deletion , or replay of any data within recovery attempted.
 Connection Integrity Within Recovery: As above , but provides only
detection without recovery.
 Selective- Field connection Integrity: Provides for the integrity of
selected fields within the user data of data block transferred over a
connection and takes the form of determination of whether the selected
fields have been modified, inserted , deleted or replayed.
 Connectionless Integrity: Provides for the integrity of a single
connectionless data block and may take the form of detection of data
modification. Additionally , a limited form of replay detection may be
provided.
 Selective- Field Connectionless Integrity: Provides for the integrity of
selected fields connectionless data block; takes the form of
determination of whether the selected fields have been modified.
5. Non-repudiation : Provides protection against denial by one of the entities involved
in a communication of having participated in all or part of the communication.
 Non-repudiation , origin : Proof that the message was sent by
specified party.
 Non-repudiation , destination : Proof that the message was received
by the specified party.
V Security Mechanisms
1. Specific Security Mechanisms : May be incorporated into the appropriate
protocol layer in order to provide some of OSI security services.

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 78
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)


Encipherment: the use of mathematical algorithm to transform data
into a form that is not readily intelligible. The transformation and
subsequent recovery of the data depend on the algorithm and zero
or more encryption keys.
 Digital Signature: Data appended to , or a cryptographic
transformation of , a data unit that allows a recipient of the data unit
to prove the source and integrity of the data unit and protect against
forgery.
 Access Control : A variety of mechanisms that enforce access rights
to resources.
 Data Integrity : A variety of mechanisms used to assure the integrity
of a data unit of stream of data units.
 Authentication Exchange: A mechanisms intended to ensure the
identity of an entity by means of information exchange.
 Traffic Padding: The insertion of bits into gaps stream to frustrate
traffic analysis attempts.
 Routing control : Enables selection of particular physically secure routes for certain data
S.No. Services Encipherment Digital Access Data Authentication Traffic Routing Notarization
Signature Control Integrity Exchange Padding Control
1 Peer entity Y Y Y
authentication
2 Data origin Y Y
authentication
3 Access Y
Control
4 Confidentiality Y Y

5 Traffic flow Y Y
Confidentiality
6 Data Integrity Y Y Y Y

7 Non- Y Y Y
repudiation
8 Availability Y Y

and allows routing changes , especially when a breach of security is suspected.

 Notarization : The use of trusted third party to assure certain properties of a data exchange.

VI Relation Between Security And Mechanisms

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 79
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

VII A Model For Network Security

A model for much of what will be discussing is captured , in very general terms, in fig. A
message is to be transferred from one party to another across some sort of internet. The two
parties , who are principals in this transaction , must cooperate for the exchange to take place.
A logical information channel is established by defining a route through the internet from
source to destination by the cooperative use of communication protocols. (e.g. TCP/IP) by the
two principals.

Security aspects come into play with it is necessary or desirable to protect the
information transformation from san opponent who may present a threat to confidentiality ,
authenticity , and so on. All the techniques for providing security have two components.

 A security –related transformation on the information to sent. Examples include the

encryption of the message , which scrambles the message so that it is unreadable by the
opponent , and addition of a code based on the contents of the message, which can be
used to verify the identity of the sender.
 Some secret information shared by the two principals and , it is hoped , unknown to the
opponent . An example in encryption key used in conjunction with the transformation
to scramble the message before transformation to scramble the message before
transmission and unscramble it on reception.

Trusted third party

Sender Information Channel Recipient

Message Secure Secure

Message Messag
Message e

Secret information Opponent Secret information

Fig . 1

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 80
IRJMST Vol 5 Issue 5 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print)

A trusted third party may be needed to achieve secure transformation. For example a third
party may be responsible for distributing the secret information to the two principals which
keeping it from any opponent. Or a third party may be needed to arbitrate disputes between two
principals concerning the authenticity of a message transmission.

This general model shows that there are four basic tasks in designing a particular security
service.

1. Design an algorithm for performing the security-related transformation. The algorithm

should be such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use the security
algorithm and the secret information to achieve a particular security service.

VIII Conclusion

Network security is becoming more and more crucial as the volume of data being exchanged
on the Internet increases. When people use the internet, they have certain expectations. They
expect confidentially and data integrity. They want to be able to identify the sender of a
message. They want to be able to prove that a message has in fact been sent by a certain sender
even if the sender denies it. In this paper , we focused mainly on network security levels issues
rather than implementation and we discus about security issues related to the security attack,
services and a model of network security.

References :-

[1]. Matt Curtin “ Introduction to Network Security ” reprinted with the permission of kent
information services , Inc. March 1997.

[2]. The New Lexicon Webster‟s Encyclopedic Dictionary of the English language .New York:
Lexicon

[3]. William Stallings , Cryptography and Network Security , Fourth Edition.

[4]. Atul Kahate , Cryptography and network security , Second Edition

AUTHORS
Aruna Tiwari is Pursuing Ph. D from RKDF University Bhopal M.P. in Computer Science
And Engineering. Area of interests are Network Security and Wireless Networks

International Research Journal of Management Science & Technology

http://www.irjmst.com Page 81