CIS608 - Week6 - Common threats to Computer Network

Network Security:
            A group of computers connected together to form to be a Network.  All of those interconnected devices communicate with each other to perform the tasks assigned to them. These networks form the hubs and the life for many of the software giants as they deal with the accessing of the corporate information and the confidential data. Authentication is the procedure in which the user is asked to provide the details like his username and the password. After he tries to login with those details he is then allowed to access a certain part of the database or the system only if his authentication is successful. This normal and simple form of the authentication is called one-time authentication. There are also several other forms of authentication like two-factor authentication in which the user also has something to use like his card or swipe cards to obtain permissions in addition to his login details also there is another three-factor authentication in which it involves handprints and other biometric forms of authentications. After a successful authentication of the user, the firewall assigned is then turned on to allow the limited access that the user was assigned by the administrator2. However, there are also a majority of the problems that need to be considered in the networks, they need to be continuously monitored by the administrators to check for any viruses or any other eavesdroppers trying to penetrate into the networks which might prove harmful for the companies’ confidential matters3.
Common Threats to a Network:
            These are the very common threats we can expect to a network. These may include software viruses and other vulnerabilities. First one is Virus and worm attacks and the second one is Zombie/Drone computer4.
i)                 Virus and worm attacks: 
      A virus is basically a piece of written code that has the capability to self-replicate and spread itself over a network or from a host to target computers. It is mostly written in the form of an executable file (.exe) this file is executed and runs in the background when the user works on his machine5. This code is mostly written to interrupt the users with their normal performance on their computers.
            A Trojan horse is a most malicious program, it has caused several millions of dollars lost to the software companies so far by completely corrupting the networks and the device connected to them. They are so powerfully threatening that they can even cripple the memory storage devices and eat into the confidential data of the company by sending a replicating copy to the unauthorized persons6.
II)  A zombie/ Drone computer:
            A zombie or a drone computer is also a part of a network. It is a third-party computer that is loaded with some hacking tools and stuff, its security is compromised. This terminal can be operated with a third party or unauthenticated person from outside the network. These computers can possess a serious threat to the network as they keep grabbing the data packets in a network that is the communication or the exchange of the confidential data. They also keep on sending some malicious codes and software in the network7. An unsuspecting user or a terminal that is accessing that program is directly affected by this software and his computers control is also slowly transferred to the third person who tries to eavesdrop into the network. A zombie computer and the bots are almost the same in the way that they operate. They are attacked by the intruder without the knowledge of the user and their controls are slowly transferred to that intruder who then tries to use them for various malicious purposes and also to mostly spam the networks. These zombie computers are the major source of the spam electronic mails.

 Techniques to protect the Network:
            Here are the few techniques to protect the transferring data in a network. These techniques are different from encryption and encoding techniques.
i)                 FIREWALLS : 
      A firewall basically a device or a group of devices together which decide whether the data has to be allowed to pass through a network based upon the rules and the permissions. A firewall is the most common and basic way of providing security to the network. Every device in a network can have a firewall put on them. This concept of firewall emerged in the late 80’s with the increasing popularity of the internet8
Some of the terms associated with the firewalls are:
PROXY:
       It is basically a host that acts on behalf of the actual server. This is another way in which the security can be provided to the network to the device without actually connecting it to the internet. A local client in the network if he wishes to connect to a webpage, then the request that he makes through to the browser is redirected to the proxy server. The proxy is a collection of the web caches, and with a hit to the server the required webpage is accessible. In this way, the device in an intranet connection can access the internet without actually connecting to the internet thereby considerably reducing the risk of being infected with a virus and other malware.
                
                        ROUTER: 
                        A router is a device which is used to interconnect two different networks for the purpose of communication. The router carries many important functions like routing, traffic control and certain protocols of communications. It is an intelligent device that actually controls and monitors the traffic control in a network by routing the packets through a different source if in case the actual path is overloaded. Routers carry several routing algorithms to route the data through networks depending on the traffic in the network9.
iiI)  INSTALLING A BACKUP SYSTEM:
            Several companies handle the huge amount of data in their servers, databases. These devices form the heart of the organization.  If in case there exists a problem in the network or the device being attacked by hackers. Then the company cannot afford to lose their productive periods by staying idle until the problem is fixed. Hence they must have an additional backup measure like other replicating devices which carry the exact facsimile of the data that they contain in one device6. All the changes that are made in the primary device are very immediately reflected in the secondary devices. Here the primary device is the normal and the plain functioning device, and the secondary device is the backup device. Or else when the traffic on the server is abnormally high then both the primary and the secondary server can be allowed to take part in processing customer requests as they have the capability to take request from multiple clients and process their requests. Also ,different backup devices can be put up with different permissions and access controls to identify any malwares and they are also provided with the firewalls and with anti-virus software’s to keep the devices free from any virus activity. Some of the widely used open-source back-up software are Bakt, Back it up and Syncbank10. These software when installed on the primary and secondary device create an exact replica of the data stored in the primary device into the secondary device. The period when back up takes place generally varies some of them allow for changes in them as soon as some changes were made in the primary devices and some of them allow for duplication in a fixed time interval in a day that time period is generally decided by the network administrator.  Replication provides a security to the data and does not allow the productivity of the company if in case there are some troubles with the network11.

References:

  1. Charney, T, and Greenberg, B. 2001. Uses and gratifications of the internet. In Communication Technology and Society. United Kingdom: Hampton Press.
  2. Chang, M. K. 1998. Predicting unethical behavior: a comparison of the theory of reasoned action and the theory of planned behavior. Journal of Business Ethics, 17: 1825-1834.
  3. Chang, M. K. 1998. Predicting unethical behavior: a comparison of the theory of reasoned action and the theory of planned behavior. Journal of Business Ethics, 17: 1825-1834.
  4. Christensen, A. and Eining, M. 1991. Factors influencing software piracy: Implications for accountants. Journal of Information Systems, 2: 70-78.
  5. Christensen, A. and Eining, M. 1991. Factors influencing software piracy: Implications for accountants. Journal of Information Systems, 2: 85-92.
  6. Cheng, H. K. 1995. Hacking, computer viruses and software piracy: the implications of modern computer fraud for corporations. In The Legal societal and management issues. Westport: Greenwood publishing group.
  7. Douglas, D. E., Cronan, T. P. and Behel, J.D. 2005. Equity perceptions as a deterrent to piracy behavior. Fayetteville: University of Arkansas.
  8. Glass, R. and Wood, W. 1996. Situational determinants of software piracy: An equity theory perspective. Journal of Business Ethics, 15: 1199-1200.
  9. Fishbein, M. and Ajzen, I. 1975. Attitude, intention and behavior: An Introduction to Theory and Research. MA: Addison-Wesley.
  10. Harrington, S. J. 2005. Why people copy software and create computer viruses: Individual characteristics or situational factors. Information Resource Management Journal, 3: 28-37.
  11. Harrington, S. J. 2005. Why people copy software and create computer viruses: Individual characteristics or situational factors. Information Resource Management Journal, 3: 40-47.



Comments

Post a Comment

Popular posts from this blog

CIS608 - Week5 - Enhancing Cyber Security with Artificial Intelligence

Cyber attackers are using more and more sophisticated technologies and automated tools to launch their attacks on the targets. As soon as they find a vulnerability in network, application, or simply anywhere, within minutes to hours, they intrude, compromise and steal the data. With this scenario, responding to attacks and time to remediation is essential for the organizations. This kind of quick response may not be possible with traditional methods. It may take several days for the IT/Security teams to collate the data, analyze traffic trends and to establish the type of data breach context.  According to a research conducted in IT industry, suggests it take 146 days for them to react to any Cybersecurity threats. For this reason, to address this time-critical challenge, IT industry is exploring Artificial Intelligence option. Using AI may be the best bet for organizations, especially for the companies deal with consumer data to protect their networks from Cyber attacks. AI and ma
Read more

CIS608 - Week4 - New trends in Financial Services

Image
Mobile and computer literacy is on the rise continuously. Smartphones play a vital role in everyone's daily life.  Mobile applications are trending topic among consumers, especially in youth,  daily. Consumers are able to get their services and goods with a push of a button via mobile phones. Mobile phones are shaping up all the industries one way or the other. Financial services are no exception. It has a strong influence of mobile phone on it. Banks are striving more to make the mobile banking services more frictionless, enhanced services and biometric validated applications services. In that context, a Canadian based startup called - Zoompass has developed a mobile phone-based platform that enables consumers can obtain financial services on the mobile phone. Zoompass mainly focuses on e-Payments. It has a strong partnership with Banks and other credit card institutions such as Visa and MasterCard. Along with these, it has the Candian government agency - First Global Data
Read more

CIS608 - Week8 - IDS Vs IPS Vs Firewall

Image
Intrusion Detection System (IDS) vs Intrusion Prevention System (IPS) vs Firewall IDS, IPS, and Firewall talk about providing security to network and are described as principal components of a Network especially Data Center Network.  Firewall : Firewall is a network security device that filters incoming and outgoing network traffic based on pre-determined security rules. Main working nature of firewall is it filters traffic based on IP address and port numbers. It is configured in layer3 mode or transparent mode. It would be placed inline at the perimeter of the network. Traffic patterns of Firewall are not analyzed. Firewall blocks the detected unauthorized traffic on the network. In brief, Firewall is a device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected. Intrusion Detection System (IDS) – It is a softwar
Read more