The world is becoming more interconnected with the advent of the Internet and new networking technology. There is a large amount of personal, commercial, military, and government information on networking infrastructures worldwide. Network security is becoming of great importance because of intellectual property that can be easily acquired through the internet. There are currently two fundamentally different networks, data networks and synchronous network comprised of switches. The internet is considered a data network. Since the current data network consists of computer‐based routers, information can be obtained by special programs, such as “Trojan horses,” planted in the routers. The synchronous network that consists of switches does not buffer data and therefore are not threatened by attackers. That is why security is emphasized in data networks, such as the internet, and other networks that link to the internet.
The vast topic of network security is analyzed by researching the following:
- History of security in networks
- Internet architecture and vulnerable security aspects of the Internet
- Types of internet attacks and security methods
- Security for networks with internet access
- Current development in network security hardware and software
Future of network security is forecasted. New trends that are emerging will also be considered to understand where network security is heading.
1.1. Network Security
System and network technology is a key technology for a wide variety of applications. Security is crucial to networks and applications. Although, network security is a critical requirement in emerging networks, there is a significant lack of security methods that can be easily implemented.
When developing a secure network, the following need to be considered :
- Access – authorized users are provided the means to communicate to and from a particular network.
- Confidentiality – Information in the network remains private
- Authentication – Ensure the users of the network are who they say they are
- Integrity – Ensure the message has not been modified in transit
- Non‐repudiation – Ensure the user does not refute that he used the network The types of attacks through the internet need to also be studied to be able to detect and guard against them. Intrusion detection systems are established based on the types of attacks most commonly used.
Network intrusions consist of packets that are introduced to cause problems for the following reasons:
- To consume resources uselessly
- To interfere with any system resource’s intended function
- To gain system knowledge that can be exploited in later attacks
1.2. Differentiating Data Security and Network Security
Data security is the aspect of security that allows a client’s data to be transformed into unintelligible data for transmission. Even if this unintelligible data is intercepted, a key is needed to decode the message. This method of security is effective to a certain degree. Strong cryptography in the past can be easily broken today. Cryptographic methods have to continue to advance due to the advancement of the hackers as well.
Figure 1: Based on the OSI model, data security and network security have a different security function .
1.3. Attack Methods and Security Technology
Table 1: Attack Methods and Security Technology