1. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 1
Network Security
And
Privacy

2. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 2
Abstract
We live in an age of information. Businesses these days are more digitally advanced than ever,
and as technology improves, organizations security measures must be enhanced as well. Now,
with many devices communicating with each other over wired, wireless, or cellular networks,
network security is an important concept. Software system are increasingly assembled from
components that are buy from or purchase from third parties for technical and economic
gains. Therefore issues in privacy of network security occurred. Network security is becoming of
great importance because of intellectual property that can be easily acquired through the internet.
There are different kinds of attack that can be when sent across the network. By knowing the
attack methods, allows for the appropriate security to emerge. Many businesses secure
themselves from the internet by means of firewalls and encryption mechanisms. There is a large
amount of personal, commercial, military, and government information on networking
infrastructures worldwide and all of these required different security mechanisms. In this report,
we have discussed about network security, its aspects , types of attacks ,etc .

3. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 3
Introduction
Network security consists of the policies and practices adopted to forestall and monitor
unauthorized access, misuse, modification, or denial of a network and network-accessible
resources. Network security involves the authorization of access to information in an
exceedingly} terribly very network, that is controlled by the network administrator. Users select
or ar allotted associate ID and parole or different authenticating info that allows them access to
info and programs inside their authority. Network security covers a selection of pc networks,
each public and personal, that ar utilised in everyday jobs; conducting transactions and
communications among businesses, government agencies and people. Networks may even be
non-public, like inside an organization, et al. which can be receptive public access. Network
security is concerned in organizations, enterprises, and different forms of establishments. It will
as its title explains: it secures the network, still as protective and overseeing operations being
done. the foremost common and straightforward method of protective a network resource is by
distribution it a novel name and a corresponding parole.
Internet privacy involves the proper or mandate of non-public privacy regarding the storing,
repurposing, provision to 3rd parties, and displaying of knowledge referring to oneself via the
net. net privacy may be a set of information privacy. Privacy issues are articulated from the
beginnings of large-scale pc sharing. Privacy will entail either in person acknowledgeable info
(PII) or non-PII info like a website visitor's behavior on a web site. PII refers to any info that
may be wont to determine a personal. for instance, age and physical address alone may
determine UN agency a personal is while not expressly revealing their name, as these 2 factors ar
distinctive enough to spot a particular person generally. different types of PII might presently
embody GPS pursuit information utilized by apps, because the daily commute and routine info
will be enough to spot a personal.Some specialists like Steve Rambam, a personal investigator
specializing in net privacy cases, believe that privacy not exists; spoken language, "Privacy is
dead – live through it". indeed, it's been advised that the "appeal of on-line services is to
broadcast personal info designedly." On the opposite hand, in his essay "The price of Privacy",
security skilled Bruce Schneier says, "Privacy protects North American nation from abuses by
those in power, though we're doing nothing wrong at the time of police investigation."

4. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 4
Computer Network Security
Computer network security consists of measures taken by business or some organizations to
observe and stop unauthorized access from the skin attackers.
Different approaches to electronic network security management have completely
different necessities counting on the dimensions of the pc network. as an example, a home
base needs basic network security whereas massive businesses need high maintenance to
forestall the network from malicious attacks.
Network Administrator controls access to the information and software package on the network.
A network administrator assigns the user ID and positive identification to the approved person.
Aspects of Network Security:
Following are the desirable properties to achieve secure communication:
o Privacy: Privacy suggests that each the sender and therefore the receiver expects
confidentiality. The transmitted message ought to be sent solely to
the supposed receiver whereas the message ought to be opaque for alternative users. solely the
sender and receiver ought to be able to perceive the transmitted message as
eavesdroppers will intercept the message. Therefore, there's a demand to cypher the
message so the message can not be intercepted. This side of confidentiality is
often accustomed deliver the goods secure communication.
o Message Integrity: information integrity implies that the information should reach the
receiver specifically because it was sent. There should be no changes within
the information content throughout transmission, either maliciously or accident, in an
exceedingly transit. As there square measure additional and additional financial exchanges
over the web, information integrity is additional crucial. the information integrity should be
preserved for secure communication.
o End-point authentication: Authentication implies that the receiver is certain of the sender?s
identity, i.e., no slicker has sent the message.

5. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 5
o Non-Repudiation: Non-Repudiation implies that the receiver should be able to prove that the
received message has return from a selected sender. The sender should not deny causing a
message that he or she send. The burden of proving the identity comes on the receiver. for
instance, if a client sends asking to transfer the money from one account to a different account,
then the bank should have an indication that the client has requested for the group action.
How does network security work?
There are many layers to think about when addressing network security across a corporation .
Attacks can happen at any layer within the network security layers model, so your network
security hardware, software and policies must be designed to deal with each area.
Network security typically consists of three different controls: physical, technical and
administrative. Here may be a brief description of the various sorts of network security and the
way each control works.
Physical Network Security
Physical security controls are designed to stop unauthorized personnel from gaining physical
access to network components like routers, cabling cupboards then on. Controlled access, like
locks, biometric identification and other devices, is important in any organization.
Technical Network Security
Technical security controls protect data that's stored on the network or which is in transit across,
into or out of the network. Protection is twofold; it must protect data and systems from
unauthorized personnel, and it also must protect against malicious activities from employees.
Administrative Network Security
Administrative security controls contains security policies and processes that control user
behavior, including how users are authenticated, their level of access and also how IT staff
members implement changes to the infrastructure.

6. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 6
Wireless sensor network
The security in wireless sensor networks (WSNs) is a critical issue due to the inherent
limitations of computational capacity and power usage. While a variety of security
techniques are being developed and a lot of research is going on in security field at a
brisk pace but the field lacks a common integrated platform which provides a
comprehensive comparison of the seemingly unconnected but linked issues. In this paper
we attempt to comparatively analyse the various available security approaches
highlighting their advantages and weaknesses. This will surely ease the implementers’
burden of choosing between various available modes of defence
The security in wireless sensor networks (WSNs) is a critical issue due to the inherent
limitations of computational capacity and power usage. While a variety of security
techniques are being developed and a lot of research is going on in security field at a
brisk pace but the field lacks a common integrated platform which provides a
comprehensive comparison of the seemingly unconnected but linked issues. In this paper
we attempt to comparatively analyse the various available security approaches
highlighting their advantages and weaknesses. This will surely ease the implementers’
burden of choosing between various available modes of defence.
The security in wireless networks (WSNs) may be a vital issue due to the inherent limitations
of process capability and power usage. whereas a selection of security techniques area unit being
developed and a ton of analysis is going on in security field at a brisk pace however the field
lacks a common integrated platform that provides a comprehensive comparison of
the apparently unconnected however connected problems. In this paper we tend
to try to relatively analyse the varied out there security approaches lightness their blessings and
weaknesses. This can sure enough ease the implementers’ burden of selecting between varied out
there modes of defence.
Issues in WSN security
Security mechanisms in WSN are developed in view of certain constraints. Among
these, some are pre-defined security strategies; whereas some are direct consequences of
the hardware limitations of sensor nodes. Some of the issues described here pave way for

7. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 7
the guidelines in the next section:
1) Energy efficiency: The requirement for energy efficiency suggests that in most cases
computation is favoured over communication, as communication is three orders of
magnitude more expensive than computation . The requirement also suggests that
security should never be overdone - on the contrary, tolerance is generally preferred to
overaggressive prevention . More computationally intensive algorithms can not be used
to incorporate security due to energy considerations.
2) No public-key cryptography: Public-key algorithms remain prohibitively expensive
on sensor nodes both in terms of storage and energy . No security schemes should rely
on public-key cryptography. However it has been shown that authentication and key
exchange protocols using optimized software implementations of public-key-
cryptography is very much viable for smaller networks .
3) Physically tamperable: Since sensor nodes are low-cost hardware that are not built
with tamper-resistance in mind, their strength has to lie in their number. Even if a few
nodes go down, the network survives. The network should instead be resilient to attacks.
The concept of resilience, or equivalently, redundancy-based defence is widely
demonstrated .
4) Multiple layers of defence: Security becomes an important concern because attacks
can occur on different layers of a networking stack (as defined in the Open System
Interconnect model). Naturally it is evident that a multiple layer of defence is required,
i.e. a separate defence for each layer . The issues mentioned here are in general
applicable to almost all sorts of domain irrespective of their traits.

8. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 8
Various types of threats & attacks in different layers & preferable
modes of defence

9. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 9

10. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 10
Internet privacy
Internet privacy is cause for concern for any user attending to build an internet purchase, visit a
social networking web site, participate in on-line games or attend forums. If a countersign is
compromised and disclosed, a victim's identity is also fraudulently used or purloined.
Internet privacy risks include:
• Phishing: an online hacking activity accustomed steal secure user information, as well
as username, password, checking account range, security PIN or mastercard range.

11. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 11
• Pharming: an online hacking activity accustomed send a legitimate web site visitant to a
special science address.
• Spyware: associate degree offline application that obtains information while not a user's
consent. once the pc is on-line, antecedently nonheritable information is shipped to the
spyware supply.
• Malware: associate degree application accustomed lawlessly harm on-line and
offline laptop users through Trojans, viruses and spyware.
Internet privacy violation risks is also reduced, as follows:
• Always use preventative package applications, like anti-virus, anti-malware, anti-spam and
firewalls
• Avoid looking on unreliable websites
• Avoid exposing personal information on websites with lower security levels
• Clear the browser's cache and browsing history on a regular basis
• Always use terribly sturdy passwords consisting of letters, numerals and special characters

12. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 12
Encryption/Decryption
Encryption: cryptography implies that the sender converts the initial data into another kind and
sends the unintelligible message over the network.
Decryption: coding reverses the cryptography method so as to rework the message back to the
initial kind.
The data that is to be encrypted at the sender website is understood as plaintext, and therefore
the encrypted information is understood as ciphertext. the info is decrypted at the
receiver website.
There are two types of Encryption/Decryption techniques:
Privacy with secret key Encryption/Decryption
Privacy with public key Encryption/Decryption

13. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 13
Secret Key Encryption/Decryption technique
o In Secret Key Encryption/Decryption technique, a similar secret's utilized by each the parties,
i.e., the sender and receiver.
o The sender uses the key key and coding algorithmic program to cipher knowledge|the info|the
information}; the receiver uses this key and decoding algorithmic program to decipher the data.
o In Secret Key Encryption/Decryption technique, the algorithmic program used for coding is
that the inverse of the algorithmic program used for decoding. It means if the coding algorithmic
program uses a mixture of addition and multiplication, then the decoding algorithmic
program uses a mixture of subtraction and division.
o The secret key coding algorithmic program is additionally referred to
as stellate coding algorithmic program as a result of a similar secret secret's employed in two-
way communication.
o In secret key encryption/decryption algorithmic program, the key code is
employed by laptop|the pc} to cipher the knowledge before it's sent over the network to a
different computer.
o The secret key needs that we should always recognize that pcs ar speech one another in order
that we are able to install the key on every computer.
Data Encryption normal (DES)
o The encryption normal (DES) was designed by IBM and adopted by the U.S.
government because the normal coding methodology for unsoldierly and nonclassified use.
o Standard is a standard used for encryption, and it is a form of Secret Key Cryptography.

14. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 14
Public Key Encryption/Decryption technique
o There square measure 2 keys publicly key encryption: a personal key and a public key.
o The non-public secret is given to the receiver whereas the general public secret is provided
to the general public.
In the on top of figure, we tend to see that A is causation the message to user B. 'A' uses the
general public key to inscribe the information whereas 'B' uses the non-public key to rewrite the
information.
o In public key Encryption/Decryption, the general public key utilized by the sender
is completely different from the non-public key utilized by the receiver.
o The public secret is offered to the general public whereas the non-public secret
is unbroken by every individual.
o The most ordinarily used public key formula is thought as RSA.

15. CE348 (I.S.) 17ce026,17ce029,17ce030,
17ce41,17ce046,17ce047
C.S.P.I.T.(C.E.) 15
Reference
https://www.proofpoint.com/us/glossary/encryption
https://blog.storagecraft.com/5-common-encryption-algorithms/
https://www.javatpoint.com/computer-network-security
https://www.javatpoint.com/computer-network-privacy
https://www.techopedia.com/definition/24954/internet-privacy
https://en.wikipedia.org/wiki/Internet_privacy
https://en.wikipedia.org/wiki/Network_security
https://www.csoonline.com/article/3285651/what-is-network-security-definition-methods-jobs-and-
salaries.html
https://www.tutorialspoint.com/information_security_cyber_law/network_security.htm
https://www.edureka.co/blog/what-is-network-security/
https://www.sciencedirect.com/topics/computer-science/network-security
http://pubs.sciepub.com/iteces/3/1/1/index.html
https://new.siemens.com/global/en/products/automation/topic-areas/industrial-
security.html?stc=wwdi100560&s_kwcid=AL!462!3!425862157816!p!!g!!security%20in%20networks&ef
_id=EAIaIQobChMInaqyl8Cw6AIVQoaPCh1i9wxeEAMYASAAEgKjjPD_BwE:G:s
https://epic.org/privacy/socialnet/
https://thenextweb.com/insider/2015/08/18/7-ways-to-protect-your-privacy-on-the-internet/
https://www.techopedia.com/definition/24954/internet-privacy
https://theconversation.com/global/topics/online-privacy-110