NETWORK SECURITY : ATTACKS AND

DEFENSE

Presented By:
Emireddy, Mamatha Reddy
NimmaReddy, Vanitha
Sree, Venkata Lakshmi Geetha Swetha

INTRODUCTION

Network security refers to protecting the websites domains or servers

from various forms of attack.

Security Activities Are based on 3 Types of Actions:

Prevent: Put protection measures/system to protect assets and prevent
unauthorized access.
Detect: Detect if an asset has been compromised, when, by whom and
gather information on the type of breach committed, activities and
evidence logs.
Act/React: Take measure to recover from attack and prevent same type
of attacks or prevent attack in progress.

TYPES OF SECURITY ATTACKS

A. Passive Attacks:

Attacker attempts to break the system using observed data. Example is

plain text attack, where both the plain text and cipher text are already
known to the attacker.

Properties of passive attacks:

Interception

Traffic anaylsis

B. Active Attacks:

In this attack the attacker sends data stream to one or both the parties
involved or he can also completely cut off the data stream.

Properties of active attacks:

Interruption
Modification
Fabrication

C. DOS Attack:
Adenial of service(DoS)attackis a malicious attempt to make a server
or a network resource unavailable to users, usually by temporarily
interrupting or suspending the services of a host connected to the Internet.
Types of DOS Attacks:
TCPSYN Flooding
ICMP Smurf Flooding:
UDP Flooding:

DEFENCE AGAINST NETWORK

ATTACKS
1. First is management keeping your systems up-to-date and
configured
in ways that will minimize the attack surface;
2. Next is filtering the use of firewalls to stop bad things like Trojans
and
network exploits, and to detect signs of attack and compromise if anything
gets through;
3. Next is intrusion detection having programs monitoring your
networks
and machines for signs of malicious behavior;
4. Finally theres encryption protocols such as TLS and SSH that
enable
you to protect specific parts of the network against particular attacks.

DIFFERENT TYPES OF DEFENSE

METHODS
A)configuration management: As soon as a network setup is
completed all its default logins, Ids, address must be changed as soon as
possible ,as all these information is available on the internet for anyone to
view.

the security patches must be installed as soon as they are available.

configuration files must not have any known security holes.

all the data is backed up in a secure manner

FIREWALLS

Firewall stands between the local network and the internet and filters
the traffic ad prevents most of the network attacks.

There are three different types of firewalls depending on filtering at the

IP level, Packet level or at the TCP or application level.

Firewalls help preventing unauthorized network traffic through an

unsecured network to a private network.

They can notify the user when an untrusted application is requested

access to the internet.

ENCRYPTION

For the sake of privacy, confidentiality and availability our

communications on the web should always be encrypted

This reduces the number of attacks and prevents anyone to view the
ongoing transmissions.

These can be achieved by putting together a system of encryption and

employing a system of digital certificates. The most important way of
encryption is the SSL protocol.

method such as using HTTPS or SHTTP during the

transmission of data between the client and user, will prevent Man in
the middle attack

DEFENCE AGAINST DOS ATTACKS

To prevent DDoS attack many technologies have been developed such

as intrusion detection systems (IDSs), firewalls, and enhanced routers.

They monitor incoming connections as well as outgoing connections and

automatically take steps to protect the network.

INTRUSION DETECTION SYSTEMS:

IDSs are make a log of both the incoming and outgoing connections.
These logs can then be compared to baseline traffic to detect potential
Dos attacks.

If there is unusually high traffic on the server it can also alert of a

possible ongoing DOS attack

FIREWALLS AGAINST DOS ATTACKS:

Firewalls can also be used as defense against DOS attacks with the
required configuration. Firewalls can be used to allow or deny certain
packets, ports and IP addresses etc.

ENHANCED ROUTERS:

Security measures can also be employed in routers which can create

another defence line away from the target, so even if a DOS attack
takes place it wont affect the internal network.

Thank You