Network Security, A short overview
Introduction
There is no such
thing as a secure network! Once we are connected to some network, we are not
100 % safe! There is no such thing as 100 % security. Each year Million of
Dollars are lost to different sorts of network exploits and vulnerabilities.
The attackers and attacking technologies have become so sophisticated that at
any instant we can become a victim of identity theft, our sensitive information
could be stolen, our credit card could be hacked or someone can use our social
security number.
According to
FORTINET recent report of Cyber Crimes for 2013, “Gone are the days when when
cybercrime was tantamount to teenage miscreants causing mischief in their
parents’ basement. Today, as any commercial enterprise, cybercrime has evolved
into a complex, highly organized hierarchy involving leaders, engineers,
infantry, and hired money mules”. So Network Engineers are facing more complex
challenges as the problems and systems are evolving in complexity. With each
year, the number of security breaches into high profile networks are
increasing, one of the recent example is in the form of Stuxnet, which attacked
Iran Atomic power plant SCADA systems. Viruses like Suxnet/Duqu (a Stuxnet like
virus) are so sophisticated that they can take control of the automatic
industrial systems and Power Grids, hence can cause unimaginable damage. In
this research paper we will cover the following areas of Network Security:
- • Critical Infrastructure Protection
- • Wireless Sensor Network Security
- • Secure and Trustworthy Composite Services
A
comprehensive overview of different approaches is given regarding above mentioned
security methodologies. Our major focus is on Critical infrastructure
Protection. In the modern world, no company can afford creating a network like
Fort Knox, but if proper precautions are taken, real damage could be avoided.
Critical Infrastructure
Protection
According to US
Homeland Security Presidential Directive HSPD-7 CIP ( Critical Infrastruction
Protection) covers all the systems that are “so vital to the United States that
the incapacity or destruction of such systems and assets would have a
debilitating impact on security, national economic security, national public
health or safety.” Critical Infrastructure includes all the physical and virtual
systems which are like backbone for a country survival, protection and
progress. These are such critical elements, which are usually attacked during
wars to cripple a country. A virus attack on an Atomic power plant can cause a
blazing impact on a country, enough to kick back a nation in the stone age.
Critical Infrastructure includes:
- Atomic Assets
- Banking/Finance
- Department of Energy
- Emergency Services/Fire departments
- Transportation
- Space/Logistics/Defense Industries
In the past most of
the physical infrastructures were totally isolated, but advancements in
technology and communications have increased the interconnectednes. This interconnectedenes
has opened many new frontiers of cyber attacks and vulnerabilities never seen
before. The famous DoD critical infrastructure protection model is :
- Analysis and Assessment
- Remediation
- Indications and Warning
- Mitigation
- Incident response
- Reconstitution
to be continued...
Categories:
Network Security,
Security Research
0 comments:
Post a Comment