Network Security

Presented by:
1. Abdullah Younas
(22-ARID-4404)
2. Muhammad Ahsan
(22-ARID-4421)
3. Muhammad Umer
(22-ARID-4425)
Introduction:

• Network security is the practice of protecting networks and their data from
unauthorized access, misuse, and disruption.
• Effective network security measures are critical for businesses to protect
sensitive information and maintain operational continuity.
Difference between network security and information
security:
Network security
• It Focuses on protecting the integrity,
confidentiality and availability of data
• It involves technologies like firewalls,
intrusion detection system, and secure
network protocols.
Information security
• It encompasses a broader spectrum,
including securing data at rest, in transit,
and during processing irrespective of the
medium
• It involves broader range of components,
including access controls, encryption, and
data loss prevention.
Importance of network security:

• Following three principles forms the foundation of network security.

1. Confidentiality:
• Ensuring that information is accessible only to authorized individuals,
preventing unauthorized disclosure.
2. Integrity:
• Assures that the information and programs are changed only in a specified and
authorized manner.
3. Availability:
• Assures that system works promptly and services is not denied to authorized
users.
 Common threats to network security:

1. Malware:
• Malware, short for malicious software, includes viruses, worms, trojans, ransomware, and other
harmful programs designed to disrupt, damage, or gain unauthorized access to computer systems.
• Malware can lead to data loss, system malfunctions, unauthorized access, and financial losses.

2. Phishing Attacks:
• Phishing involves tricking individuals into divulging sensitive information such as passwords,
credit card numbers, or other personal data by posing as a trustworthy entity in electronic
communication.
• Examples: Email phishing, spear phishing, and vishing (voice phishing).
3. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks:

• DoS:
• A DoS attack is an attempt to make a computer resource (such as a website, server, or
network) unavailable to its intended users by overwhelming it with a flood of
illegitimate requests or traffic.
• DDoS:
• A DDoS attack is an extension of a DoS attack where multiple compromised computers
(a botnet) are used to flood a target with a massive volume of traffic, making it difficult
to mitigate and trace the source.
 Network security technologies:

1. Firewalls:
• Firewalls are security devices or software that monitor and control incoming and outgoing
network traffic based on predetermined security rules, acting as a barrier between trusted internal
networks and untrusted external networks.

2. Intrusion Detection Systems (IDS):

• IDS monitors network or system activities, analyzing events for signs of security incidents or
policy violations, and alerts administrators when suspicious behavior is detected.

3. Intrusion Prevention Systems (IPS):

• IPS builds on IDS by not only detecting potential security threats but also taking automated
actions to prevent or block malicious activities, offering proactive protection.
Network security Best practices:

• Use strong and unique passwords for network devices and regularly update them.
• Implement firewalls to control incoming and outgoing network traffic, allowing
only authorized connections.
• Regularly update network devices and software with the latest security patches
and firmware.
Cryptography:

• Cryptography is a fundamental aspect of network security, providing

techniques for securing communication and protecting sensitive
information.
• Following are key components:
1. Encryption Algorithms:
• Encrypts data to make it unreadable to unauthorized parties during transmission or
storage.
• Ensures confidentiality by converting plaintext into ciphertext using mathematical
algorithms.
2. Public Key Infrastructure (PKI):
• PKI is a framework that manages digital keys and certificates to facilitate secure
communication.
• Involves the use of a Certificate Authority (CA) to issue digital certificates.

3. Digital Signatures:
• Provides a way to verify the authenticity and integrity of digital messages or
documents.
• Uses a private key to generate a digital signature, which can be verified using the
corresponding public key.
Secure Network Architecture:

• Segmentation divides a network into smaller, isolated subnetworks to limit

the impact of a security breach.

• Implementing Virtual Private Networks (VPNs) allows secure remote

access to the network for employees working remotely.

• Intrusion Detection and Prevention Systems (IDPS) monitor network

traffic for malicious activities and take action to prevent them.
Wireless Network Security:

• Change default wireless router passwords and use strong encryption

protocols, such as WPA2, for secure wireless communication.

• Disable SSID broadcasting to make the network less visible to potential

attackers.

• Implement MAC address filtering to allow only authorized devices to

connect to the wireless network.
Data Encryption:

• Encrypting sensitive data ensures that even if it is intercepted, it remains

unreadable and useless to unauthorized individuals.

• Use strong encryption algorithms, such as AES (Advanced Encryption

Standard), for secure data transmission and storage.

• Implement secure protocols, such as HTTPS, for secure communication

over the internet.
Employee Awareness and Training:

• Educate employees about best practices for network security, including

password hygiene, recognizing phishing attempts, and safe browsing
habits.

• Regularly train employees on the potential risks and consequences of

negligent or malicious actions that could compromise network security.

• Implement strict access control policies, granting employees only the

necessary privileges to perform their duties.
Network Monitoring and Logging:

• Implement network monitoring tools to continuously monitor network

traffic and detect any suspicious activities.

• Maintain logs of network events and activities to aid in identifying and

investigating security incidents.

• Regularly review and analyze logs to identify potential security breaches

and take appropriate action.
Emerging trends in network security:

1. Zero Trust Architecture:

• The Zero Trust model assumes that threats may exist both inside and outside the
network, and no entity (user, device, or system) should be trusted by default.
Verification is required from everyone trying to access resources in the network.

2. Artificial Intelligence (AI) and Machine Learning (ML):

• The use of AI and ML in network security has been increasing. These technologies
can help in identifying patterns, anomalies, and potential threats more efficiently
than traditional methods.
3. Cloud Security:
• As more organizations migrate to cloud services, securing cloud environments
becomes crucial. This involves not only protecting data in transit but also
ensuring the security of data stored in the cloud.

4. IoT Security:
• As the number of Internet of Things (IoT) devices continues to grow, securing
these devices and the data they generate has become a significant
concImplementing security measures for IoT ecosystems is an ongoing challenge.
Incident Response and Disaster Recovery:

• Develop an incident response plan outlining steps to be taken in case of a

security breach or network incident.

• Regularly backup critical data and test the restoration process to ensure
data integrity and availability in case of a disaster.

• Conduct periodic drills and simulations to test the effectiveness of the

incident response plan and identify areas for improvement.
Conclusion:

• Network security is crucial to protect sensitive

data, maintain operational continuity, and
safeguard against potential threats.

• Implementing a combination of technical

measures, employee awareness and training, and
robust incident response plans is essential for
effective network security.

• Continuously evaluate and update network

security measures to stay ahead of evolving
threats and ensure the ongoing protection of
networks and data.