Professional Documents
Culture Documents
NAME ID
FUAD AL PARVEZ 17-35187-2
RIFFAT SHADMAN SAKI 17-35189-2
SUPERVISED BY:
DR. AFROZA NAHAR
ASSOCIATEPROFESSOR
DEPARTMENT OF CSE
AMERICAN INTERNATIONAL UNIVERSITY-BANGLADESH
2020
NETWORK SECURITY WITH FIREWALL
TABLE OF CONTENTS
1. Abstract ............................................................................................................... 4
2. Introduction ........................................................................................................ 4
3. Methodology ...................................................................................................... 5
4. Possible outcome............................................................................................... 12
7. References ......................................................................................................... 14
1. Abstract
Network firewalls act as the first line of defense against unwanted and
malicious traffic targeting Internet servers. Predicting the overall firewall
performance is crucial to network security engineers and designers in
assessing the effectiveness and resiliency of network firewalls against
DDoS (Distributed Denial of Service) attacks as those commonly
launched by today's Botnets. In this paper, we present an analytical
approaches to secure the network.
2. Introduction
Information security is a critical need for individuals as well as society
and all countries around the world. Since invented, computer network has
brought along tremendous effectiveness in every aspect of life. Besides
that, users also have to face threats from all kinds of attack from hackers.
Network security includes protection methods for all information that is
stored and transferred through a system network. This is also a special
field of interest and a difficult and complex work at the same time. Reality
has proved that attack ways are more advanced than before and hackers
aim to attack information during the storing, processing and transferring
phases.
A firewall is not only software but also can be a dedicated hardware in
network security. A firewall as dedicated hardware helps computers in
network to analyze data ensuring that malware cannot penetrate into the
system. It also allows network administrators to control activities on
users’ computers, filter and restrict data access and transfer data from
inside out and vice versa.
2.1 Problem Statement
• Network error detection
• Block unwanted data
• Filtering the traffic
• Malware analysis & get rid of it
• Building wall for security issues in network
2.2 Objective
There is no absolute safety solution so in order to secure the data on a
network, we need to construct many layers of protection. A firewall is the
outermost layer of that system.
The goal of this research is to-
• Study the basic concepts of a firewall,
• Threats to computer network security,
• Firewall methods, how they work for the security.
3. Methodology
The research methodology adopted in the present research is a
combination of simulation and experimental investigation. The
major research activities have been discussed in subsequent
sections.
3.1 Packet-Filtering Firewalls
Packet-filtering firewalls operate at the network layer (Layer 3) of the OSI model.
Packet-filtering firewalls make processing decisions based on network addresses,
ports, or protocols.
Packet-filtering firewalls are very fast because there is not much logic going behind
the decisions they make. They do not do any internal inspection of the traffic. They
also do not store any state information. You have to manually open ports for all
traffic that will flow through the firewall.
Packet-filtering firewalls are considered not to be very secure. This is because they
will forward any traffic that is flowing on an approved port. So there could be
malicious traffic being sent, but as long as it’s on an acceptable port, it will not be
blocked.
Figure 1: Packet-filtering
3.2 Circuit-Level Gateways
As another simplistic firewall type that is meant to quickly and easily approve or
deny traffic without consuming significant computing resources, circuit-level
gateways work by verifying the transmission control protocol (TCP) handshake.
This TCP handshake check is designed to make sure that the session the packet is
from is legitimate.
While extremely resource-efficient, these firewalls do not check the packet itself.
So, if a packet held malware, but had the right TCP handshake, it would pass right
through. This is why circuit-level gateways are not enough to protect your business
by themselves.
5. Cost estimation