PowerPoint Presentation

NETWORK SECURITY : ATTACKS AND DEFENSEPresented By:Emireddy, Mamatha ReddyNimmaReddy, VanithaSree, Venkata Lakshmi Geetha Swetha

INTRODUCTIONNetwork security refers to protecting the websites domains or servers from various forms of attack.Security Activities Are based on 3 Types of Actions:Prevent: Put protection measures/system to protect assets and prevent unauthorized access.Detect:Detect if an asset has been compromised, when, by whom and gather information on the type of breach committed, activities and evidence logs.Act/React: Take measure to recover from attack and prevent same type of attacks or prevent attack in progress.

TYPES OF SECURITY ATTACKSA. Passive Attacks:Attacker attempts to break the system using observed data. Example is plain text attack, where both the plain text and cipher text are already known to the attacker.Properties of passive attacks:InterceptionTraffic anaylsis

B. Active Attacks:In this attack the attacker sends data stream to one or both the parties involved or he can also completely cut off the data stream.Properties of active attacks:InterruptionModificationFabrication

C. DOS Attack: Adenial of service(DoS)attackis a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.Types of DOS Attacks:TCPSYN FloodingICMP Smurf Flooding:UDP Flooding:

DEFENCE AGAINST NETWORK ATTACKS1. First is management keeping your systems up-to-date and configuredin ways that will minimize the attack surface;2. Next is filtering the use of firewalls to stop bad things like Trojans andnetwork exploits, and to detect signs of attack and compromise if anythinggets through;3. Next is intrusion detection having programs monitoring your networksand machines for signs of malicious behavior;4. Finally theres encryption protocols such as TLS and SSH that enableyou to protect specific parts of the network against particular attacks.

DIFFERENT TYPES OF DEFENSE METHODSA)configuration management: As soon as a network setup iscompleted all its default logins, Ids, address must be changed as soon as possible ,as all these information is available on the internet for anyone to view.the security patches must be installed as soon as they are available.configuration files must not have any known security holes.all the data is backed up in a secure manner

FIREWALLSFirewall stands between the local network and the internet and filters the traffic ad prevents most of the network attacks.There are three different types of firewalls depending on filtering at the IP level, Packet level or at the TCP or application level.Firewalls help preventing unauthorized network traffic through an unsecured network to a private network. They can notify the user when an untrusted application is requested access to the internet.

ENCRYPTIONFor the sake of privacy, confidentiality and availability our communications on the web should always be encrypted This reduces the number of attacks and prevents anyone to view the ongoing transmissions.These can be achieved by putting together a system of encryption and employing a system of digital certificates. The most important way of encryption is the SSL protocol.method such as using HTTPS or SHTTP during thetransmission of data between the client and user, will prevent Man in the middle attack

DEFENCE AGAINST DOS ATTACKSTo prevent DDoS attack many technologies have been developed such as intrusion detection systems (IDSs), firewalls, and enhanced routers.They monitor incoming connections as well as outgoing connections and automatically take steps to protect the network.INTRUSION DETECTION SYSTEMS:IDSs are make a log of both the incoming and outgoing connections. These logs can then be compared to baseline traffic to detect potential Dos attacks. If there is unusually high traffic on the server it can also alert of a possible ongoing DOS attack

FIREWALLS AGAINST DOS ATTACKS:Firewalls can also be used as defense against DOS attacks with the required configuration. Firewalls can be used to allow or deny certain packets, ports and IP addresses etc.

ENHANCED ROUTERS:Security measures can also be employed in routers which can create another defence line away from the target, so even if a DOS attack takes place it wont affect the internal network.

Thank You