H.K.E.

Society’s
POOJYA DODDAPPA APPA COLLEGE OF ENGINEERING
Kalaburagi -585 102
(An Autonomous Institution, Affiliated to VTU Belagavi, and Approved by AICTE)

A
SEMINAR REPORT
ON

“NETWORK SECURITY”
Submitted to the
H.K.E. Society’s
POOJYA DODDAPPA APPA COLLEGE OF ENGINEERING, KALABURAGI
(An Autonomous Institution, Affiliated to VTU Belagavi, and Approved by AICTE)
In partial fulfillment of the requirement for the award of the Degree of

BACHELOR OF ENGINEERING
IN
INFORMATION SCIENCE AND ENGINEERING
Submitted by

SNEHAJYOTI (3PD20IS048)

Under the Guidance of

Prof. ASHWINI HATTI

DEPARTMENT OF INFORMATION SCIENCE & ENGINEERING

POOJYA DODDAPPA APPA COLLEGE OF ENGINEERING,
KALABURAGI-585 102
2023-2024
 H.K.E. Society’s
POOJYA DODDAPPA APPA COLLEGE OF ENGINEERING
Kalaburagi -585 102
(An Autonomous Institution, Affiliated to VTU Belagavi, and Approved by AICTE)

DEPARTMENT OF INFORMATION SCIENCE & ENGINEERING

Certificate
This is to certify that Seminar work entitled “NETWORK SECURITY” carried out by
SNEHAJYOTI (USN: 3PD20IS048), is Bonafide student of INFORMATION SCIENCE AND
ENGINEERING in partial fulfillment for the award of bachelor of engineering in POOJYA
DODDAPPA APPA COLLEGE OF ENGINEERING, KALABURAGI an autonomous
Institution, affiliated to Visvesvaraya Technological University, Belagavi during the year2023-2024. It is
certified that all corrections/ suggestions indicated have been incorporated. The Seminar report has been
approved as it satisfies the academic requirements in respect of Seminar report prescribed for the said
degree.

Name & Signature of the Name & Signature of the Name & Signature of the
Guide Head of the Department Principal
Prof. ASHWINI HATTI Dr. VISHWANATH BURKPALLI Dr. S.R. MISE

Name of Examiners: Signature with date

1.

2.
 Acknowledgement
I express my deep sense of gratitude and indebtedness to our esteemed institute
“PDA COLLEGE OF ENGINEERING”, KALABURAGI which has provided me
an opportunity to fulfill the most cherished desire to reach my goal.

I express my foremost gratitude to our principal, Dr. S.R. MISE for his constant
support and valuable guidance.

I am thankful to Dr. VISHWANATH BURKPALLI Professor and Head of the

Department of information science engineering, for giving permission and constant
support to carry out this seminar in the college.

My special gratitude to my guide Prof. ASHWINI HATTI for inspiration,

guidance, constant supervision, direction and discussions in successful completion of
the seminar.

I express my heartfelt thanks to the staff members of information science

engineering department, who helped me in completion of this seminar directly and
indirectly within the schedule period.

SNEHAJYOTI (3PD20IS048)
 CONTENTS
SL NO. PARTICULARS PAGE NO.

1. INTRODUCTION 01-03

2. OBJECTIVES 04

3. ARCHITECTURE 05-09

4. METHODOLOGY 10

5. APPLICATIONS 11-12

6. MERITS 13

7. DEMERITS 14

8. CONCLUSION 15

REFERENCE 16
 NETWORK SECURITY
``

1. INTRODUCTION

Network security is any activity designed to protect the usability and integrity of your network and
data. It includes both hardware and software technologies. It targets a variety of threats. It stops
them from entering or spreading on your network. Effective network security manages access to
the network. It is a crucial component in the realm of information technology, focused on
safeguarding the integrity, confidentiality, and availability of data transmitted across computer
networks. With the increasing reliance on digital communication and the interconnected nature of
modern systems, the importance of network security cannot be overstated. This discipline
encompasses a range of strategies and technologies designed to detect, prevent, and respond to
unauthorized access, cyberattacks, and data breaches. As organizations and individuals navigate
an evolving landscape of cyber threats, implementing robust network security measures becomes
paramount to ensure the protection of sensitive information and maintain the trust of users. It is a
set of rules and configurations designed to protect the integrity, confidentiality and accessibility of
computer networks and data using both software and hardware technologies.

Fig.1 Network security parameters

Department of Information Science And Engineering Page 1

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``
Difference between Cyber Security and Network Security

(a) (b)

Fig.2(a) & 2(b) Representation of the relation between cybersecurity and network security

Definition:

Cyber security is a subset of information security which refers to a set of techniques and
methodologies used to protect integrity of networks, devices, programs, and data from damage,
attack, or unauthorized access. In simple terms, cyber security is the practice of protecting
internet-connected systems and networks from digital attacks. Network security, on the other
hand, is the act of protecting files and directories in a network of computers against misuse,
hacking, and unauthorized access to the system. Network security is a subset of cyber security
which protects the integrity of your network and network-accessible resources from unauthorized
access.

Security:
While both the terms are synonymous with each other, they are very different in terms of security.
If you think of an organization as a fortified castle, network security is concerned about
maintaining peace within the walls of the castle and protecting the sovereignty of the organization
from network related threats. Cyber security, on the other hand, protects the organization from
outside threats such as from the cyber realm. It protects the systems, networks, and programs of an
organization from all kinds of digital attacks like phishing, baiting, baiting, etc. Network security
is all about protecting the organization’s IT infrastructure from all kinds of online threats such as
viruses.

Department of Information Science And Engineering Page 2

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

Data:

Cyber security is a broad term like information security, whereas network security is one aspect of
cyber security. While in both the cases, the most critical component is the integrity of data and
programs, cyber security takes monitoring and detection of threats to a greater degree.
The primary concern of network security is to safeguard organizations’ IT infrastructure from
within, whereas cyber security deals with safeguarding organizations’ information and security
technologies (ICT) from potential cyber threats that exploit vulnerabilities in the system.
Firewalls, ID and passwords, backup, encryption, come under network security.

Security professional:
Cyber security professionals or analysts are the individuals who take full responsibility of
protecting network infrastructure and interconnected systems through their expertise and
knowledge of databases, firewalls, internet security, and encryption. A cyber security professional
serves as an expert on cyber security protection, detection, and recovery. The main job of a
security professional is to monitor all incoming and outgoing traffic, and work in collaboration
with different departments in the organization to coordinate risk management tools and
technologies. The job of a network security professional revolves around protecting IT
infrastructure of the organization which includes securing information assets, financial
information and other confidential information.

Department of Information Science And Engineering Page 3

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``
2.OBJECTIVES

1. Confidentiality: Confidentiality part of Network Security makes sure that the data is
available only to intended and authorized persons. Access to data should be only for
those individuals who are permitted to use that data.

2. Integrity: The function of Integrity is to make sure that the data is accurate and is not
changed by unauthorized persons or hackers. The data received by the recipient must be
exactly same as the data sent from the sender, without change in even single bit of data.

3. Availability: The third goal of network security is Availability. The function of

Availability in Network Security is to make sure that the Data, Network Resources or
Network Services are continuously available to the legitimate users, whenever they
require it.

Fig.3 Objectives of Network security

Department of Information Science And Engineering Page 4

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

3. ARCHITECTURE

Fig.4Architecture of network security

How it works:

Network security architecture is a comprehensive framework designed to protect computer

networks from unauthorized access, cyber threats, and potential vulnerabilities. This structured
approach involves several key elements, starting with a thorough risk assessment to identify
potential risks and threats to the network. Security policies are then established, defining user
roles, access privileges, and compliance requirements. The network is often segmented to limit the
impact of potential breaches, with firewalls and routers controlling traffic flow between segments.
Perimeter defenses, including firewalls and intrusion prevention systems, are implemented to
safeguard against external threats. Access control mechanisms, such as authentication and
encryption, ensure that only authorized individuals have access to specific resources. Ongoing
security awareness training educates users on best practices, reducing the risk of human error and
social engineering attacks. Regular patch management, incident response planning, and
continuous monitoring contribute to a proactive security posture. Collaboration and information
sharing with relevant stakeholders help organizations stay vigilant and adapt to emerging threats.
In summary, network security architecture is a holistic strategy that combines technology,
policies, and awareness to create a robust defense against evolving cyber risks.

Department of Information Science And Engineering Page 5

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``
FIREWALL:

Fig.5 Working of a firewall

A firewall is a network security device or software that monitors and controls incoming and
outgoing network traffic based on predetermined security rules. The primary purpose of a firewall
is to establish a barrier between a trusted internal network and untrusted external networks, such
as the internet. Firewalls play a crucial role in enhancing the overall security of a network by
enforcing access policies and preventing unauthorized access or malicious activities.

Department of Information Science And Engineering Page 6

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``
INTRUSION DETECTION/PROTECTION SYSTEM:

Fig.6 Implementation of IDS/IPS

A system called an intrusion detection system (IDS) observes network traffic for malicious
transactions and sends immediate alerts when it is observed. It is software that checks a network
or system for malicious activities or policy violations. Each illegal activity or violation is often
recorded either centrally using a SIEM system or notified to an administration. IDS monitors a
network or system for malicious activity and protects a computer network from unauthorized
access from users, including perhaps insiders. The intrusion detector learning task is to build a
predictive model (i.e. a classifier) capable of distinguishing between ‘bad connections’
(intrusion/attacks) and ‘good (normal) connections’.

How does an IDS work?

• An IDS (Intrusion Detection System) monitors the traffic on a computer network to
detect any suspicious activity.
• It analyses the data flowing through the network to look for patterns and signs of
abnormal behavior.
• The IDS compares the network activity to a set of predefined rules and patterns to
identify any activity that might indicate an attack or intrusion.
• If the IDS detects something that matches one of these rules or patterns, it sends an
alert to the system administrator.
• The system administrator can then investigate the alert and take action to prevent any
damage or further intrusion.

Department of Information Science And Engineering Page 7

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

NETWORK SEGEMENTATION:

Fig.7 Working of network segmentation

How does segmentation work?

Segmentation works by controlling how traffic flows among the parts. You could choose to stop
all traffic in one part from reaching another, or you can limit the flow by traffic type, source,
destination, and many other options. How you decide to segment your network is called a
segmentation policy.

What is an example of segmentation?

Imagine a large bank with several branch offices. The bank's security policy restricts branch
employees from accessing its financial reporting system. Network segmentation can enforce the
security policy by preventing all branch traffic from reaching the financial system. And by
reducing overall network traffic, the financial system will work better for the financial analysts
who use it.

What enforces segmentation policy?

Some traditional technologies for segmentation included internal firewalls, and Access Control
List (ACL) and Virtual Local Area Network (VLAN) configurations on networking equipment.
However, these approaches are costly and difficult. Today, software-defined access technology
simplifies segmentation by grouping and tagging network traffic. It then uses traffic tags to
enforce segmentation policy directly on the network equipment, yet without the complexity of
traditional approaches.

Department of Information Science And Engineering Page 8

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

ENDPOINT SECURITY:

Fig.8 Implementation of end point security

Endpoint security is the practice of safeguarding the data and workflows associated with the
individual devices that connect to your network. Endpoint protection platforms (EPP) work by
examining files as they enter the network. Modern EPPs harness the power of the cloud to hold an
ever-growing database of threat information, freeing endpoints of the bloat associated with storing
all this information locally and the maintenance required to keep these databases up to date.

The EPP provides system administrators a centralized console, which is installed on a network
gateway or server and allows cybersecurity professionals to control security for each device
remotely. The client software is then assigned to each endpoint—it can either be delivered as a SaaS
and managed remotely, or it can be installed directly on the device. Once the endpoint has been set
up, the client software can push updates to the endpoints when necessary, authenticate log-in
attempts from each device, and administer corporate policies from one location. EPPs secure
endpoints through application control—which blocks the use of applications that are unsafe or
unauthorized—and through encryption, which helps prevent data loss.

When the EPP is set up, it can quickly detect malware and other threats. Some solutions also include
an Endpoint Detection and Response (EDR) component. EDR capabilities allow for the detection of
more advanced threats, such as polymorphic attacks, fileless malware, and zero-day attacks. By
employing continuous monitoring, the EDR solution can offer better visibility and a variety of
response options.

Department of Information Science And Engineering Page 9

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

4. METHODOLOGY

Network security requires a comprehensive methodology to safeguard digital assets and sensitive
information. A fundamental step involves conducting a thorough risk assessment to identify
potential threats and vulnerabilities. Access control measures, employing the principle of least
privilege, are crucial to limit unauthorized entry. Firewalls and Intrusion Detection/Prevention
Systems (IDS/IPS) play a pivotal role in monitoring and responding to suspicious activities.
Encryption, both in transit and at rest, ensures the confidentiality of data. Regular updates and
patch management are essential to address known vulnerabilities. Establishing and enforcing
security policies, coupled with ongoing employee training, create a security-aware culture.
Network segmentation helps contain breaches, while a well-defined incident response plan
enables swift and effective action during security incidents. Continuous monitoring, detailed
logging, and periodic audits contribute to proactive threat detection and mitigation. Physical
security measures, backup protocols, and secure configurations further fortify the network against
potential risks. Endpoint security, vendor management, and adherence to regulatory compliance
standards complete the holistic approach, recognizing that network security is an ongoing,
adaptive process.

Department of Information Science And Engineering Page 10

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

5. APPLICATIONS

Fig.9 Applications of Network Security

1. Authentication: Verifying the identity of users or devices is essential for controlling

access to network resources. Authentication methods include passwords, biometrics,
smart cards, and two-factor authentication.

2. Access Control: Implementing access controls limits the permissions and privileges of
users and devices within a network. This helps prevent unauthorized access and restricts
users to only the resources they need.

3. Security Auditing and Monitoring: Regularly auditing and monitoring network

activities help identify and respond to security incidents, anomalies, or potential
vulnerabilities. This proactive approach is crucial for maintaining a secure network
environment.

4. Encryption: Encrypting data both in transit and at rest ensures that even if unauthorized
parties gain access to the data, they cannot understand or use it without the appropriate
decryption keys.

Department of Information Science And Engineering Page 11

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

5. Security Patch Management: Keeping software, operating systems, and network

devices up-to-date with the latest security patches is essential for addressing known
vulnerabilities and minimizing the risk of exploitation.

6. Incident Response Planning: Developing and implementing an incident response plan

helps organizations respond effectively to security incidents. This includes procedures
for identifying, managing, and mitigating security breaches.

7. Network Stability: Contributes to the overall stability of networked environments by

identifying and addressing vulnerabilities that could lead to system failures or instability.

8. Compliance with Regulations: Helps organizations comply with data protection

regulations and industry standards, ensuring legal and regulatory adherence.
Implementing robust network security measures is essential in today's interconnected
world to safeguard digital assets and maintain the trust of users and stakeholders.

Department of Information Science And Engineering Page 12

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

6. MERITS

1. Unauthorized Access Prevention: Network security safeguards against unauthorized

access to sensitive information, protecting data from unauthorized users.

2. Data Confidentiality: Ensures the confidentiality of data by encrypting it, making it

difficult for unauthorized parties to understand or misuse.

3. Integrity Preservation: Guarantees the integrity of data by preventing unauthorized

modifications, ensuring that information remains accurate and unaltered.

4. Availability Assurance: Enhances the availability of network resources by preventing

and mitigating attacks that could disrupt services or cause downtime.

5. Prevention of Data Breaches: Helps in preventing data breaches by implementing

measures such as firewalls, intrusion detection systems, and other security protocols.

6. Threat Detection and Response: Enables the detection of potential threats in real-time,
allowing for prompt response and mitigation to minimize the impact of security
incidents.

7. Protection Against Malware: Guards against malware, viruses, and other malicious
software that can compromise the security and functionality of a network.

8. User Authentication and Authorization: Ensures that only authorized users have
access to specific resources through robust authentication and authorization
mechanisms.

Department of Information Science And Engineering Page 13

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

7. DEMERITS

1. Cost: Implementing and maintaining robust network security measures can be

expensive, including the costs of hardware, software, and ongoing monitoring and
updates.

2. Complexity: Security measures can introduce complexity to network configurations,

making it challenging to manage and troubleshoot issues.

3. User Inconvenience: Stringent security measures such as complex passwords or multi-

factor authentication can be inconvenient for users, potentially leading to resistance in
compliance.

4. Performance Impact: Intensive security protocols, such as encryption and deep packet
inspection, can impact network performance, leading to slower data transfer speeds.

5. Resource Consumption: Security solutions can consume significant system resources,

affecting the overall efficiency of networked systems.

6. Resistance to Change: Implementing new security measures might face resistance from
users or employees accustomed to less secure but more convenient practices.

7. Human Error: Security measures are only as effective as their implementation, and
human error, such as misconfigurations or lapses in judgment, can compromise the
security of a network.

8. Balancing Act: Striking the right balance between a secure network and user
convenience can be challenging, as overly restrictive measures may hinder productivity.

Department of Information Science And Engineering Page 14

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

8. CONCLUSION

In conclusion, the network security seminar provided valuable insights into the ever-evolving
landscape of cyber threats and the imperative measures to safeguard digital infrastructures.
Delving into topics such as encryption protocols, intrusion detection systems, and the emerging
challenges posed by sophisticated attacks, the seminar underscored the critical importance of a
proactive and multi-layered approach to network security. As technology advances, so do the
intricacies of potential vulnerabilities, necessitating a continual commitment to stay abreast of
emerging threats. The session served as a reminder that fostering a culture of cybersecurity
awareness and implementing robust defense mechanisms are pivotal in fortifying networks against
the relentless tide of cyber threats in our interconnected world.

Department of Information Science And Engineering Page 15

PDA College Of Engineering, Kalaburagi
 NETWORK SECURITY
``

REFERENCES

1. Primary goals of network security https://www.omnisecu.com/ccna-security/primary-

goals-of-network-security.php

2. Protection methods for network security https://www.geeksforgeeks.org/protection-

methods-for-network-security/

3. Computer Network Security and Technology Research Published by : IEEE, Authors: Fan
Yan, Yang Jian Wen, Cheng Lin.(2017)

4. Analysis & Protection of Computer Network Security- J Jinquan(2020)

5. Cybersecurity Architecture Fundamentals – www.Udemy.com

Department of Information Science And Engineering Page 16

PDA College Of Engineering, Kalaburagi