Computer technology has revolutionized the way we go about our lives both professionally and socially. Nearly every organization has installed a computer network for purposes of storing, receiving and sending information. Computer usage requires a fundamental approach to security.
Networks containing personal, confidential and sensitive information place great emphasis on their security. Even simple computer usage, like the exchange of emails and storage documents, would require a digital network security system.
Importance of Secure Systems
Network security is an important aspect of government organizations as well as small and large organizations. Intruders can cause a lot of damage to a network should they breach the security buffer. Such concerns call for great awareness among all computer network users.
Computer security systems have to be constantly updated if hackers are to be kept at bay. Each new day comes with its own security flaws. According to the International Journal of Electronic Security and Digital Forensics (IJESDF) 2010 Vol. 3, everyday sees the sprouting of 1 million security threats on the Internet.
• The very first focal area is deterrence. The aim here is to discourage hackers from breaking into systems for malicious and illegal reasons.
• Prevention: Have measures in place that would prevent any unauthorized access. This is achieved through communication encryption, security systems update and authorizing special access.
• Detection of security breaches as they arise. This is done through the setting up of logs that record any access of the system as well as its usage.
• Correction of system flaws. The security system can be used to put measures in place to prevent reoccurrence of the flaw.
• According to the National Institute of Standards and Technology (NIST), there are four main aims of a network attacker. He or she might aim to do any of the following:
• Intercept: This is a form of system attack where the attacker attempts unauthorized entry. This might take the form of information copying or packet sniffing which entails communication eavesdropping.
• Interrupt: This aims to deny the availability of services. The end result is that resources become unavailable.
• Fabrication: This is a counterfeiting attack. Fabrication attacks leads to bypassing of authenticity checks which eventually leads to information impersonation and mimicking.
• Modification: This is an attack that reroutes information intended for a particular user.
Finally, digital network security systems analysts handle two main cyber attacks. These are active attacks and passive attacks. Active attacks are easy to detect since they result in system disruption and they take the form of:
• Service denial
•Masquerade- impersonation of an authorized user
Passive attacks are hard to detect as they do not alter or interrupt information flow. They take the form of traffic analysis and transmission monitoring.