NAME: Yusuf Abdisalam Yusuf ID:4590 HORMUUD UNIVERSITY

CLASS: BDS1 FACULTY: COMPUTER SCIENCE AND IT

SUBJECT: NETWORKING FOUNDMENTAL DEPARTMENT: DATA SCIENCE

ASSIGNMENT 1: NETWORK SECURITY

INRODUCTION
Overview and Importance of Network Security
The term network security refers to securing the network from malicious attacks executed
by the hackers to gain illegal access to the network, presume the password to exploit the
sensitive packets by using the methods of spoofing, eavesdropping, etc.

“Network Security builds a soundproof wall against Eavesdropping.”

It prevents the network from hacker’s intention to harm the network, and securing the
messages and message infrastructure that we are using is to share information or sensitive
data. The network security tools intend to secure user privacy, network integration and
authenticity, controlling access, etc.

GOALS OF NETWORK SECURITY

 Controlling access

 Reliability and Verification

 Privacy

 Securing the infrastructure of communication

Overall, cryptography and network security main objectives are based on the functions of
preventing unauthorized use of the network, DoS attacks, Spoofing or Man-in-the-Middle
attacks, Network Traffic Attacks, etc.

Threats

1. Malware (Viruses, Worms, Trojans)

Malware, or malicious software, is any program or file that is intentionally harmful to a

computer, network or server.

Types of malwares include computer viruses, worms, Trojan horses, ransomware and
spyware. These malicious programs steal, encrypt and delete sensitive data; alter or hijack
core computing functions and monitor end users' computer activity.
 Malware can infect networks and devices and is designed to harm those devices, networks
and/or their users in some way.

Depending on the type of malware and its goal, this harm may present itself differently to the
user or endpoint. In some cases, the effect malware has is relatively mild and benign, and in
others, it can be disastrous.

No matter the method, all types of malware are designed to exploit devices at the expense of
the user and to the benefit of the hacker (the person who has designed and/or deployed the
malware).

types of malware

some of different types of malware have unique traits and characteristics. Types of malware
include the following:

 A virus is the most common type of malware that can execute itself and spread by
infecting other programs or files.
 A worm can self-replicate without a host program and typically spreads without
any interaction from the malware authors.
 A Trojan horse is designed to appear as a legitimate software program to gain
access to a system. Once activated following installation, Trojans can execute their
malicious functions.
Phishing, DoS, MitM Attacks
Phishing, DoS (Denial of Service), and MitM (Man-in-the-Middle) attacks are distinct cyber
threats with different methodologies and objectives:

1. Phishing:
Definition: Phishing is a type of cyber-attack that targets individuals through deceptive
communication channels, such as emails, text messages, or phone calls.
Objective: The goal is to trick recipients into divulging sensitive information, such as
passwords, financial details, or login credentials, by masquerading as a trustworthy entity.
Methods: Involves psychological manipulation and deception, often leading users to click on
malicious links, download harmful files, or disclose confidential information.

2. DoS (Denial of Service):

 Definition: Denial of Service is an attack that aims to disrupt or disable a network, service, or
website, making it inaccessible to its intended users.
Objective: The primary goal is to overwhelm the target system's resources, causing it to
become slow, unresponsive, or completely unavailable.
Methods: Involves flooding the target with an excessive volume of traffic, exploiting
vulnerabilities, or consuming system resources to the point of exhaustion.

3.MitM (Man-in-the-Middle):
Definition: A Man-in-the-Middle attack occurs when a malicious actor intercepts and possibly
alters the communication between two parties without their knowledge.
Objective: The attacker aims to eavesdrop on sensitive information, modify communication,
or impersonate one of the parties involved.
Methods: Common techniques include sniffing unencrypted data, session hijacking, and DNS
spoofing. Attackers position themselves between the communicating parties, allowing them
to intercept and manipulate the data flow.

In summary, while phishing focuses on deceiving individuals to obtain sensitive information,

DoS disrupts the availability of a service by overwhelming its resources, and MitM involves
intercepting and potentially altering communication between two parties. Each attack poses
unique challenges for cybersecurity, and effective defense often requires a combination of
technical measures and user awareness training.
Network Security Protocols
Network security protocols are a type network protocol that ensures the security and
integrity of data in transit over a network connection. Network security protocols define the
processes and methodology to secure network data from any illegitimate attempt to review
or extract the contents of data.

SSL/TLS, IPsec, SSH & VPN

SSL/TLS, IPsec, SSH, and VPN are network security protocols and technologies designed to
secure communication and data transmission. Here's a brief overview of each:

1. SSL/TLS (Secure Sockets Layer/Transport Layer Security):

Functionality: SSL and its successor, TLS, are cryptographic protocols that provide secure
communication over a computer network.
Usage: Commonly used to secure web traffic (HTTPS) by encrypting data between a web
browser and a server, ensuring confidentiality and integrity.

Features: Provides encryption, data integrity, and authentication, creating a secure

communication channel.

2. IPsec (Internet Protocol Security):

Functionality: IPsec is a suite of protocols that secures Internet Protocol (IP)

communication by authenticating and encrypting each IP packet within a communication
session.

Usage: Often employed in Virtual Private Networks (VPNs) to secure communication

between devices over the internet.

Features: Offers a range of security services, including authentication, data integrity, and
confidentiality, at the IP layer.

3. SSH (Secure Shell):

Functionality: SSH is a cryptographic network protocol that allows secure communication

over an unsecured network. It provides a secure alternative to traditional protocols like
Telnet.

Usage: Commonly used for remote administration of systems and secure file transfers.

Features: Encrypts data during transmission, authenticates users using key pairs or
passwords, and ensures the integrity of the communication.

4. VPN (Virtual Private Network):

Functionality: VPNs establish secure and encrypted connections over an untrusted

network, such as the internet.

Usage: Used to create a private network over a public network, enabling secure remote
access, site-to-site connectivity, or bypassing geographic restrictions.

Features: Encryption of data in transit, authentication of users and devices, and tunneling
protocols for secure data transmission.
SSL/TLS, IPsec, SSH, and VPN are crucial components of network security, providing
mechanisms to ensure the confidentiality, integrity, and authenticity of data transmitted over
networks. They are widely utilized in various contexts to create secure communication
channels and protect sensitive information from unauthorized access or tampering.

NETWORK SECURITY PROTECTIONS

Network security protections involve a combination of technical, procedural, and
organizational measures to safeguard computer networks, systems, and data from
unauthorized access, attacks, and disruptions. Here are some key network security
protections:

1. Firewalls:
Firewalls act as a barrier between a secure internal network and untrusted external networks
(e.g., the internet), controlling incoming and outgoing network traffic based on
predetermined security rules.
Firewalls prevent unauthorized access, filter out malicious content, and help mitigate the
impact of various network threats.

2. Intrusion Detection and Prevention Systems (IDPS):

DPS monitors network and/or system activities for malicious behavior or policy violations,
with intrusion detection identifying suspicious activities and intrusion prevention taking
action to stop or mitigate threats.
Protection: Detects and responds to potential security incidents, providing real-time
monitoring and analysis of network traffic.

3. Antivirus and Anti-Malware Software:

These software applications are designed to detect, prevent, and remove malicious
software, including viruses, worms, and other types of malware.
Protection: Scans files and programs for known malware signatures, behavior patterns, or
heuristics to prevent or remove infections.

4. Network Segmentation:
Definition: Dividing a network into isolated segments to contain and limit the impact of
security incidents, reducing the attack surface.
 Protection: Minimizes lateral movement of attackers within the network, enhancing overall
security.

5. Encryption:
Encrypting data in transit and at rest to protect it from unauthorized access.
Protection: Ensures the confidentiality and integrity of sensitive information by making it
unreadable without the proper decryption key.

6. Access Control:
Implementing policies and mechanisms to control access to network resources based on
user identity, roles, and privileges.
Protection: Prevents unauthorized users from accessing sensitive data and systems, reducing
the risk of security breaches.

7. Virtual Private Networks (VPNs):

VPNs create secure, encrypted connections over untrusted networks (e.g., the internet),
allowing remote users or branch offices to connect to the corporate network securely.
Protection: Secures data in transit and protects communication over public networks.

8. Security Patch Management:

Definition: Regularly applying updates and patches to software, operating systems, and
network devices to address known vulnerabilities.
Protection: Mitigates the risk of exploitation by keeping systems up-to-date with the latest
security fixes.

9. Security Awareness Training:

Definition: Educating employees and users about security best practices, threats, and how
to recognize and respond to potential risks.
Protection: Enhances the human factor in security, reducing the likelihood of falling victim to
social engineering and phishing attacks.
10. Incident Response and Disaster Recovery Planning:
Developing and implementing plans and procedures to respond to and recover from security
incidents and disasters.
Protection: Minimizes downtime and data loss, ensuring a swift and organized response to
security events.

Implementing a multi-layered approach that combines these network security protections is

crucial for establishing a robust defense against evolving cyber threats. Regular updates,
monitoring, and user education are essential components of an effective network security
strategy.