UNIT II – NETWORK SECURITY FUNDAMENTALS

Understanding the need for network security-Common security threats:

malware, phishing, DoS attacks-Vulnerability assessment and risk
management-Security policies and best practices-Principles of
cryptography: encryption, decryption, hashing-Types of encryption
algorithms: symmetric, asymmetric-Public Key Infrastructure (PKI)-Digital
signatures and certificates

N.Jayapratha M.Tech
AP/AI&DS
Smvec. 1
 Network Security:

Definition: Measures to protect networks, systems, and data from unauthorized

access, misuse, or cyberattacks.

Key Advantages:
• Data Protection: Safeguards sensitive information.
• Reliable Performance: Prevents disruptions.
• Cost Efficiency: Reduces breach-related losses.
• Continuity: Ensures smooth operations.

Key Aspects:
• Privacy: Protects data with encryption.
• Integrity: Prevents data alterations.
• Authentication: Verifies user identity.
• Non-Repudiation: Ensures accountability.

N.Jayapratha AP/AI&DS 2
 Cryptographic Techniques:
• Secret Key Cryptography: Shared key encryption (e.g., DES).
• Public Key Cryptography: Public/private key pair (e.g., RSA).
• Message Digest: Hashing for data integrity (e.g., MD5).

Security Tools:
• Firewalls, VPNs, IPS, Access Control, Behavioral Analysis.

Challenges:
• Evolving cyber threats (e.g., ransomware).
• User compliance.
• Remote work and BYOD.

Types of Attacks:
• Virus: Corrupts system files.
• Malware: Enables unauthorized access.

N.Jayapratha AP/AI&DS 3
 Need for Network Security
In today’s interconnected digital world, network security plays a
critical role in safeguarding systems, data, and operations from cyber
threats.
Why It Matters:
• Protects systems, data, and operations from cyber threats.
• Ensures data protection, business continuity, and trust.

Key Reasons:
1.Protect Sensitive Data: Prevent theft, leaks, or alterations.
2.Prevent Unauthorized Access: Use firewalls and authentication.
3.Defend Against Threats: Mitigates malware, ransomware, and DoS
attacks.
4.Ensure Business Continuity: Minimizes downtime and financial losses.
5.Support Remote Work: Secures remote access with VPNs and
endpoint protection.
6.Meet Compliance: Adheres to laws like GDPR, HIPAA, PCI-DSS.
7.Build Trust: Fosters customer and stakeholder confidence.

N.Jayapratha AP/AI&DS 4
Common Security Threats
1. Malware
2. Phishing
3. DoS attacks:

1. Malware
Malicious software exploiting vulnerabilities, leading to data theft or system
damage.
Types:
• Ransomware: Encrypts files, demands ransom (e.g., DMA Locker).
• Worms: Self-replicating (e.g., ILOVEYOU).
• Trojans: Disguised as legitimate software (e.g., Tinba).
• Rootkits: Hides malware, grants unauthorized access (e.g., Flame).
Prevention:
• Use Firewalls, 2FA, and Backdoor Protection tools.

N.Jayapratha AP/AI&DS 5
 2. Phishing

• Social engineering attacks trick users into revealing sensitive data.

Techniques:
• Email Phishing: Mass emails with fake links.
• Spear Phishing: Targeted attacks with customized content.

Prevention:
• Educate users, use 2FA, and implement strong password
policies.

N.Jayapratha AP/AI&DS 6
3. DoS attacks:

• Overwhelm servers to disrupt services.

Types:
1.Volumetric: High traffic floods (e.g., DNS amplification).
2.Protocol: Exploits network protocols (e.g., SYN Floods).
3.Application Layer: Mimics legitimate requests to exhaust resources.

Motivations:
• Ideology, extortion, rivalries, or cyber warfare.

Prevention:
• Deploy firewalls, traffic monitoring, and load balancers.

N.Jayapratha AP/AI&DS 7
Vulnerability Assessment

Overview
• Identifies and rates potential risks in systems.
• Ensures data confidentiality, integrity, and availability.
• Detects vulnerabilities like XSS and SQL injection before exploitation.
Importance
• Prevents Data Breaches: Identifies and addresses threats early.
• Ensures Compliance: Meets regulatory standards.
• Manages Risks: Prioritizes and controls risks.
• Enhances Security: Adapts to emerging threats.
• Cost-Effective: Reduces costs from security incidents.
Types
1.Host Assessment: Analyzes servers and backend systems.
2.Database Assessment: Secures database access.
3.Network Assessment: Evaluates network security.
4.Application Assessment: Scans code for vulnerabilities.
N.Jayapratha AP/AI&DS 8
 Process
1.Planning: Define scope and objectives.
2.Discovery: Gather system info (hosts, ports, software).
3.Scanning: Detect open ports and configuration issues.
4.Analysis: Identify root causes of vulnerabilities.
5.Reporting: Record issues and provide recommendations.
6.Remediation: Apply fixes and strengthen architecture.
7.Follow-Up: Verify fixes and monitor for new vulnerabilities.
Tools
• Web application simulators.
• Network service and protocol scanners.
• IP and packet analysis tools.
Advantages
• Detects weaknesses early.
• Provides a detailed vulnerability list.
• Creates a security record for future assessments.
Disadvantages
• May miss advanced vulnerabilities.
• Tools
N.Jayapratha might produce inaccurate results.
AP/AI&DS 9
Risk Management

A Risk Management Strategy focuses on identifying, assessing, and addressing

risks to information systems, protecting sensitive data, and preventing unauthorized
access. According to the International Organization for Standardization (ISO), risk is “the
effect of uncertainty on objectives,” but for cybersecurity, it’s more specifically about
risks to systems and data.

Overview
• Identifies, assesses, and addresses risks to information systems.
• Protects sensitive data and prevents unauthorized access.
• Focuses on detecting, preventing, and remediating risks.

N.Jayapratha AP/AI&DS 10
Key Strategies
1.Cultivate Security Culture: Train employees to recognize and respond to
risks (e.g., phishing).
2.Use Risk Registers: Categorize, assess, and prioritize risks effectively.
3.Proactive Remediation: Address simple, high-impact risks like password
policies.
4.Ongoing Process: Continuously adapt to emerging threats (e.g., AI-
enhanced phishing).
5.Penetration Testing: Identify vulnerabilities and fix gaps.
6.NIST Framework: Structure practices with categorization, controls, and
monitoring.
7.Account for False Positives: Avoid unnecessary measures and focus on real
risks.

N.Jayapratha AP/AI&DS 11
Network Security Policies
Defines practices for controlling network access, architecture, and security enforcement.
Complemented by regular vulnerability assessments and penetration tests.
Key Policies
1.Account Management: Guidelines for creating, using, and removing accounts.
2.Clean Desk: Ensures confidential data is secured in the workspace.
3.Email Security: Sets standards for handling secure emails.
4.Incident Management: Procedures for reporting and addressing security incidents.
5.Log Management: Guidelines for log management to improve security and compliance.
6.Network Security & VPN: Standards for secure network access.
7.BYOD Policy: Rules for accessing corporate data on personal devices.
8.Password Policy: Enforces strong password creation and updates.
9.Patch Management: Ensures timely application of security patches.
10.Server Security: Configures internal servers securely.
11.System Monitoring: Audits to detect inappropriate actions.
12.Vulnerability Assessment: Standards for regular risk assessments.
13.Workstation Security: Secures and configures workstations.
14.Telecommuting: Secures remote IT equipment and devices.
N.Jayapratha AP/AI&DS 12
Principles of Cryptography: Encryption, Decryption, Hashing

Encryption
Transforms readable data (plaintext) into unreadable ciphertext using algorithms and keys.
• Symmetric Encryption: Same key for encryption and decryption (e.g., AES).
• Asymmetric Encryption: Uses public and private keys (e.g., RSA).

Decryption
Reverses encryption to convert ciphertext back to plaintext using decryption keys.
• Symmetric Decryption: Same key for both encryption and decryption.
• Asymmetric Decryption: Private key decrypts data encrypted with the public key.

Hashing
Converts data into a fixed-length hash value for integrity and authentication.
• One-Way Function: Irreversible process.
• Examples: SHA-256 for secure hashing, MD5 (now outdated).

N.Jayapratha AP/AI&DS 13
What is Encryption?

Encryption in cryptography is a process by which plain text or a piece of

information is converted into cipher text or text that can only be decoded by the
receiver for whom the information was intended.

Types of Encryption

1. Symmetric Key Encryption

2. Asymmetric Key Encryption

N.Jayapratha AP/AI&DS 14
1. Symmetric Key Encryption
• Description: Same key used for both encryption and decryption.
• Process:
• Key Generation: Shared secret key is created and exchanged.
• Encryption: Plaintext is converted to ciphertext using the shared key.
• Transfer: Ciphertext is sent over the network.
• Decryption: Receiver uses the shared key to decrypt the ciphertext.
• Challenges:
• Securely sharing and storing the key.
• Key management becomes complex as users increase.

N.Jayapratha AP/AI&DS 15
Common Encryption Algorithms
• Symmetric: AES, Triple DES, Twofish, Blowfish.
• Asymmetric: RSA, Diffie-Hellman, ECC.

Encryption Features
• Confidentiality: Only the intended recipient can read data.
• Integrity: Ensures data is unchanged during transfer.
• Non-Repudiation: Sender cannot deny sending data.
• Authentication: Confirms the sender's identity.

Advantages & Disadvantages

• Advantages: Improves data security, ensures confidentiality.
• Disadvantages: Requires resources, loss of key = data loss.

Future of Encryption
As technology advances, encryption algorithms continue to evolve to meet new
security challenges. Neural networks and machine learning are being explored for creating
more secure and efficient encryption methods. Additionally, cryptographers are working on
preventing vulnerabilities, such as those that arise from brute-force attacks, to safeguard
sensitive data against unauthorized access in the future. With the rise of quantum 16
N.Jayapratha AP/AI&DS
computing, encryption techniques may also undergo significant transformations to maintain
data security.
Public Key Infrastructure (PKI)

Definition
PKI is a framework for managing digital certificates and public-key encryption, ensuring secure communications and authentic
identities in the digital world. PKI remains essential for securing digital communications and data.

Key Components of PKI

• Public Key: Accessible, used for encryption.
• Private Key: Confidential, used for decryption.
• Digital Certificates (X.509): Verify identity and bind a public key to an entity.
• Private Key Tokens: Secure private key storage.
• Registration Authority (RA): Verifies identity for certificates.
• Certification Authority (CA): Issues and validates digital certificates.
• Certification Management System (CMS): Manages certificate lifecycle.

PKI Process
1. PKI & Encryption: Public key encryption, mitigates MITM attacks using digital certificates for key validation.
2. Digital Certificate: Proves identity; contains public key, signed by CA for authenticity.
3. Certification Authorities (CAs):
1. Key Pair Generation: Public-private key creation.
2. Issuing Certificates: After identity validation.
3. Publishing Certificates: For verification.
4. Verification & Revocation: Validates and can revoke certificates.
N.Jayapratha AP/AI&DS 17
Digital Certificate Classes
• Class 1: Email address only.
• Class 2: Requires more personal info.
• Class 3: Involves identity verification.
• Class 4: Used by organizations and governments.

Creation of a Digital Certificate

1.Key Pair Generation: Create public and private keys.
2.CSR: Encode public key and identity attributes.
3.Signing: Key owner signs CSR.
4.CA Signing: CA validates and signs the certificate.

Trust Hierarchy in PKI

• Root CA: Self-signed, issues certificates to subordinate CAs.
• Subordinate CAs: Issue certificates under root CA’s trust.

PKI in the Digital Age

• Used for SSL/TLS, VPN Authentication, and securing IoT devices.
N.Jayapratha AP/AI&DS 18
Challenges and Use Cases
• Challenges: Speed (due to complex algorithms) and private key compromise.
Digital Signatures

Definition
A digital signature is a mathematical technique that validates the authenticity
and integrity of a message, document, or software.

Key Components
1.Key Generation Algorithms
Digital signatures assure the authenticity of the sender and the integrity of
the data.
2.Signing Algorithms
1. Creates a hash of the data.
2. Encrypts the hash using the sender’s private key.
3. The digital signature (encrypted hash) is sent with the data.
3.Signature Verification Algorithms
1. Verifier decrypts the signature using the sender’s public key.
2. Compares the decrypted hash with the hash of the received data to ensure
integrity.
N.Jayapratha AP/AI&DS 19

Process of Creating Digital Signature

4.Hashing: Message digest is computed using a hash function.
Assurances of Digital Signatures
• Authenticity: Verifies the signer's identity.
• Integrity: Ensures content has not been altered.
• Non-repudiation: Prevents denial of the signed content by the signer.
• Notarization: Digital signature with timestamp can serve as notarization.

Benefits
• Legally Binding Documents: Ensures authenticity and integrity in contracts.
• Sales Contracts & Finance: Ensures secure transactions and invoice authenticity.
• Health Data: Ensures secure transmission of sensitive information.

Drawbacks
N.Jayapratha AP/AI&DS 20

• Technology Dependency: Vulnerable to hacking; requires secure systems.

Digital Certificates

Definition
A digital certificate, issued by a trusted Certificate Authority (CA), verifies the
identity of an individual or entity and attaches their public key.

Components of a Digital Certificate

• Certificate Holder's Name
• Serial Number: Uniquely identifies the certificate.
• Expiration Dates
• Public Key: Used for decrypting messages and digital signatures.
• CA's Digital Signature: Verifies the certificate's authenticity.

Advantages
• Network Security: Defends against manipulation and man-in-the-middle attacks.
• Verification: Provides reliable identity authentication, enhancing cybersecurity.
• Buyer Confidence: Trusted by browsers, ensuring secure connections.

Disadvantages
• N.Jayapratha
Phishing Attacks: Fake websites can obtain bogus certificates to deceive users.
AP/AI&DS 21

• Weak Encryption: Older systems may use insecure encryption.

Digital certificate vs digital signature
Digital signature is used to verify authenticity, integrity, non-repudiation ,i.e. it
is assuring that the message is sent by the known user and not modified, while digital
certificate is used to verify the identity of the user, maybe sender or receiver. Thus,
digital signature and certificate are different kind of things but both are used for
security. Most websites
Feature
use digital certificate to enhance Digital
Digital Signature
trust Certificate
of their users
Basics / Definition A digital signature secures Digital certificate is a file
the integrity of a digital that ensures holder’s
document in a similar way identity and provides
as a fingerprint or security.
attachment.

Process / Steps Hashed value of original It is generated by CA

data is encrypted using (Certifying Authority) that
sender’s private key to involves four steps: Key
generate the digital Generation, Registration,
signature. Verification, Creation.

Security Services Authenticity of It provides security

Sender, integrity of the and authenticity of
document and non- certificate holder.
repudiation.

Standard It follows Digital Signature It follows X.509 Standard

Standard (DSS). Format

N.Jayapratha AP/AI&DS 22