Get help now

Home | Life | Personality | Character Traits | Integrity

Analysis and Research of Computer Network Security Based On Authentication Techniques

Updated August 29, 2022
dovnload

Download Paper

File format: .pdf, .doc, available for editing

Analysis and Research of Computer Network Security Based On Authentication Techniques essay

Get help to write your own 100% unique essay

Get custom paper

78 writers are online and ready to chat

This essay has been submitted to us by a student. This is not an example of the work written by our writers.

With the rapid development of computer technology, the computer network continues to expand the scope of the application with more and more users. The security of the network gradually attracts people’s attention. This document briefly introduces the concept of computer security, focuses on the security threats of the computer network and analyzes the basic techniques. It proposes effective measures to improve the security of the computer network. Network security issues are now becoming important as society moves towards the era of digital information.

Data security is the most important component to ensure the secure transmission of information over the Internet. It includes the authorization of access to information in a network, controlled by the administrator of the network. The security task of the network not only requires the security of the final systems, but of the entire network. Authentication is one of the main and most common ways to determine and guarantee network security. In this document, we have tried to analyze the various authentication techniques, such as knowledge-based, based on tokens and based on biometrics, etc.

In addition, we consider the authentication of multiple factors by choosing a combination of the previous techniques and try to compare them. Keywords— Authentication; Denial of service; Virtual Private Network; Passcode; Smart card; RSA; SecureID; Biometric.

I. INTRODUCTION

In this digital age more and more people are activated on the Internet for their personal and professional, because the Internet is growing rapidly. But, along with the evolution of Networking and the Internet, several threats such as denial of service (DOS) attacks and Trojan horses have also increased dramatically. The security of the computer network is the first line of defense to achieve the assurance of information.

The computer network is at risk without a well-designed network security policy and without failures. The main problem is that network administrators can not verify the security policy of the network. Although more research has been carried out, it is mainly about small specific parts of the general problem. This document presents different approaches from literature and high-level lights, where they show that they are correlated and can work together.

This work summarizes the solutions proposed in the literature, points out its advantages, Disadvantages and limitations. To conclude, he proposes solutions for future research in this area. Then the task of securing the Internet or even the Local area networks are now at the forefront of problems related to the computer network. By being in a public network, serious security threats can be presented to the personal information of a person and also to the resources of the companies and the government. Providing confidentiality, maintaining integrity and ensuring the availability of correct information are the main objectives. These threats are mainly present due to the ignorance shown by the users, the weak technology and the poor design of the network.

Sometimes there are many network services that are enabled by default on a personal computer or a router. Hence, many services may not be necessary and an attacker can use them to gather information. Therefore, it is better to disable these unwanted services to protect them from hackers and crackers. More importantly, you should not only worry about security at each end of the network, but focus on protecting the entire network. When developing a secure network, you should consider the following 1. Access: Only authorized users can communicate to and from a particular network.

2. Authentication: This guarantees that the users of the network are who they say they are. The flow of real information can only begin after the user has been authenticated and allowed to communicate with other systems in the network. 3.

Confidentiality: The data in the network remain private. This is done to ensure that information can only be seen by authenticated systems and can be achieved using various encryption techniques. 4. Integrity: This guarantees that the message has not been modified during transmission.

With the passage of time, computer technology has developed enormously and today’s network communication system has spread to all corners of the world, involving political, economic, military and all aspects of social life . Play an extremely important role. However, in addition to fun and convenience, the computer also brings us many security risks due to its openness and connectivity. Users now face a lot of security threats. Is the computer network secure? Criminal cases are frequently visitors of nationals.

II. DATA SECURITY AND AUTHENTICATION

Data security is a challenging problem in the field of data communications. To secure information from hackers and crackers, authentication is the main phase in network security. It is a concept to protect the network and the transmission of data through wired and wireless networks. Authentication is one of the main techniques to ensure that the person who transmits the information is who he claims to be. Therefore, it is the process of determining the real identity of the users, systems or any other entity in the network.

To verify someone’s identity, the password is used primarily. To authenticate users or machines, different techniques can be used to perform authentication between the user and the machine or machine and also with another machine. Different types of attacks are possible during authentication shown in Table I.

III. AUTHENTICATION TECHNIQUES

A. Password and pin based In this authentication technique, privacy and confidentiality can be maintained to a certain extent.

Users memorize passwords and, therefore, we can call them knowledge-based techniques. Passwords can be single words, numbers, phrases, any combination of these or personal identification number. But the problem with this technique is that memorized passwords can be easily guessed or randomly searched by hackers. Virtual private networks, such as the point-to-point tunnel protocol (PPTP), use clear text protocols such as password authentication protocol (PAP) and MD5-based protocols such as Challenge Recognition Protocol (CHAP). As is clear, MD5 should be preferred due to sniffing attacks. Simple passwords should be avoided as much as possible.

They should be used only with SSL certificates. System catalogs such as “pg-authid” are used to store the password of each user in the database where we issue commands such as CREATE, CREATE USER and ALTER ROLE to manage passwords. For example, CREATE USER jacks WITH PASSWORD info. If a password has not been configured for a user, the stored password will be NULL and password authentication will always fail for that user. B. Token based This is a physical device that performs authentication and, therefore, can be referred to as object-based.

Tokens can be compared to the physical keys of houses that are used as a token, but in digital tokens there are many other factors to provide information security. In the digital world, security tokens are used. The tokens themselves have a password, so even if they are lost, the hackers can not modify the vital information. Bank cards and smart cards are security token storage devices with passwords and access codes. The pass codes are the same as those of the password, except that the first ones are generated and stored in the machine. There are security tokens and one-time smart cards, as shown in Fig.

2. C. Biometric Based: Biometric authentication is the process of verifying if a user is who he claims to be, using the user’s digitized biological signatures. Biometric authentication can be classified into two groups: physiological and behavioral. In physiological authentication, the faces, the fingerprints, the hands, the iris and the retina follow. And in the case of behavior, voice impressions, signatures and keys are used.

This technique can be called based on ID. This technique is more secure compared to password and token-based techniques. The biometric authentication techniques are currently in operation in several companies. They are used for passports, visas, personal identification cards, access to banking machines, access control at the entrance and general access to computers at the desk.

IV. BASIC TECHNOLOGIES OF COMPUTER NETWORK SECURITY A.

A. Firewall technology Firewall technology is a series of security applications to exercise mandatory access to the external network through the use of predetermined security installations between network systems. The transfer of data between two or more networks must follow certain security measures to monitor performance, determine if communication between networks is allowed and monitor the operation of the network. B. Data encryption technology The data encryption technology categories can be divided into techniques of data storage, data transfer, data integrity, authentication and key management.

Data encryption is stored in memory to prevent data loss and destruction. The transmission process in the encrypted information is commonly done in the form of circuit encryption and port encryption. The technology of identification of data integrity is to protect the transfer of information, storage, access, identification and confidential treatment of people and data. In this process, the system is characterized by the judgment of the value of the parameter on whether the entry is in line with the established value.

Data is subject to validation and encryption improves protection. The administration of keys is a common encryption in many cases. Key management techniques include key generation, distribution, storage and destruction, etc. C.

Intrusion detection technology Intrusion detection technology is to ensure design safety and rational allocation. Intrusion detection technology can quickly find anomalies in the system and the condition authorized in the report. It can address and resolve system vulnerabilities in a timely manner. Technologies that are not in line with security policies are frequently used.

Anti-virus technology Antivirus technology does not simply refer to antivirus software technology. From the effects of its use, it can be classified as network antivirus software and independent antivirus software. Online antivirus software focuses on the network connection against viruses. Once the virus has invaded the network or has spread to other network data, it will be quickly detected by the online virus software, it will be deleted and it will be deleted.

V. THREATS OF COMPUTER NETWORK A.

Online virus and its features The computer network allows to transfer and exchange information, but it also causes computer viruses to spread and endangers the security and privacy of people. Every day, dozens of viruses are found and spread rapidly, peering into the privacy of others. B. Threats of hackers In addition to viruses, there is also a security risk, namely the program of hackers and hackers. Hacker refers mainly to the illegal invaders to the computer system, who have powerful skills and talents and are obsessed with computers.

Hackers can secretly access some restricted areas without consent and sneak into other people’s computer systems. Currently, hackers are grouped into groups, whose development trend is amazing. The hacker causes extensive damage, including theft and misappropriation of funds in the financial and economic fields. They also spread false advertisements to defraud money, steal military, commercial and political secrets, attack other people’s copyrights and make new virus software to spread yellow information.

According to the FBI investigation, the network’s loss of security registered $ 7.6 billion in the United States. The intrusion of the computer network occurs every 20 minutes. Big losses are inevitable TECHNICAL BACKGROUND A. Network Security Policy A network security policy is a special type of policy that focuses on the security aspects of a computer network. Network security policies can be written in different formats and at different levels of abstraction. On the one hand, there are very abstract high level policies that are written in natural language, which express security objectives throughout the network.

On the other hand, the specific configuration of the individual security controls is written in a configuration language specific to the device. High-level policies are easy to write and understand by humans but difficult to explain in machines; Concrete configurations that are difficult to read and write for humans are easily interpretable by machines. B. Security controls Security controls are device devices or software modules within a computer network.

They implement the necessary functionalities to enforce a network security policy. Security controls can control network traffic by blocking certain packets or modifying it by changing the header information of certain packets. As an example, packet fi lters, stateful firewalls, and application-level firewalls are used to control.

C. Policy Analysis Each of the three main types of policy analysis focuses on a part of the analysis process, but they have overlapping functions and common steps to achieve their objective. Conflict analysis looks for possible errors within a single set of security policies. Look for possible semantic errors within the correlated policy rules. Conflict analysis can also be used to identify possible policy optimizations. Conflict analysis can be applied to a single policy (IntraPolicy analysis) or to the set of policies of interconnected security controls (inter-policy analysis).

The accessibility analysis evaluates the communications allowed within a computer network. In addition, you can determine if a particular host can reach a service or set of services. In general, the accessibility analysis is carried out online using tools such as “ping” or “traceroute”. By using an accurate representation of the network and its security policies, the accessibility analysis of the line can also be performed during the design phase. The policy comparison compares two or more network security policies and represents the differences between them in an intuitive way. The network security policies involved can include unique concrete security control configurations, configuration sets, and high-level policies of a complete network.

One of the best use cases of policy comparison is to verify that a desired network security policy is implemented correctly by comparing the high-level policy designed with the specific network configuration.

VI. MEASURES TO IMPROVE NETWORK SECURITY A.

Online anti-virus measures: According to the characteristics of the computer network virus, the effective prevention of the virus is difficult and complex.

It is a daunting task for network administrators to monitor prevention work. The previous work is only limited to each client computer, in which each user needs to install an antivirus software and on their machine, such as the KV300 system, or Rising antivirus software, etc. However, due to the limited ability of users with the computer, this approach is difficult to guarantee the security of the entire network system. As an effective solution to prevent the, the basic requirement is to meet the following demands: 1. Install anti-virus software on computers 2. Update the virus database in users’ machines 3. Released the latest virus database upgrade file from the WAN connection 4. Coordination and management of remote users’ virus scanning 5. Address user-reported problems timely 6. Download and preview scan report provided by users 7. Remote control user options 8. Improve the execution speed and zooming ability in large-scale networks B. Measure to prevent hackers. Invasion and attack can be divided into subjective and objective security problems. The issue of the security of subjectivity refers mainly to errors made by network management personnel. The problem of the security of objectivity refers mainly to gaps in computers and in the network where hackers exploit these vulnerabilities to carry out various forms of attack.

C. Use safety tool The basic techniques mentioned above for computer network security can collect security problems from host computers. The network administration staff identifies these problems in a timely manner and installs the patch. Network administrators take advantage of scanning tools (such as the NAL Cyber Cop scanner) to scan host computers, know links of weakness take appropriate preventive and repair measures. D. Firewall technology This document has described firewall technology. In summary, firewall technology is to prevent others from accessing your network device as a shield. There are three types of firewall technology, namely packet filtering technology, agent technology and state monitoring technology. The packet filtering technology is to verify the IP address by configuring it.

IP addresses that do not match those settings will be filtered by the firewall. But this is the first layer of protection. The technology of the agent is to verify the legitimacy of the requests sent by the proxy server acceptance client. This technology also involves user authentication, login, simplified filtering criteria and protection of internal IP addresses.

State monitoring technology is the third generation of network security technologies, which is effective for all levels of network monitoring. It makes it possible to make timely security decisions. Firewall technology can successfully prevent hackers from intruding into the local network and protecting the network. 1. Measures about switch When designing a large-scale regional computer network, we must ensure that the switch is connected to a separate network or network, so that the switch can form a separate management network. This will effectively reduce the number of network switches and reduce the scope of the failure.

When using search and location, it is also convenient for network administrators to quickly handle remote network crashes.

FUTURE RESEARCH

As can be seen from the analysis of the research carried out so far, there is a lack of interoperability between the various models. This has three main disadvantages. First, a security control modeled for a research approach cannot be used in another. Second, the execution time dedicated to instantiating a model is repeated for each analysis performed in the network’s security policies.

Third, it is almost impossible to make a comparison of the performance of the different approaches, since they use different test scenarios or do not present a performance evaluation at all. By combining all the proposed analysis techniques in a single extensible model, all these disadvantages are eliminated and an adequate analysis framework is created for future research. First, after modeling, evaluating and implementing a security control, it can be used by all types of analysis techniques. Secondly, when a network administrator wants to perform different types of analysis, he must insert the required information and create an instance of the model.

Third, by having only one model, the new algorithms can be evaluated by comparing them directly with each other.

VII. CONCLUSION

The security of the network can be maintained by using various authentication techniques. The user has to use the authentication technique according to the requirements.

The password-based technique is better if you have to remember a single password. But problems occur when we have to remember many passwords, then we use those passwords that are easy to remember. Token-based techniques provide greater security against denial-of-service (DoS) attacks. Compared to the previous two, biometric techniques can not be stolen easily, so they provide more robust protection. As signals, attackers can easily copy biometric data, so they should not be deployed in single-factor mode.

In addition, we can choose a combination of the prior art as discussed above. All techniques have their pros and cons. We have to be smart to choose according to our network and information security requirement when also considering the cost factor. The security of the computer network is a complicated issue that involves many aspects of computer technology, network administration, network use and maintenance. To increase the security of the computer network, we must mix several types of applications for protection measures.

It is necessary to develop more effective security resolution measures, in order to improve the prevention of the security of the computer network. It is a long way to go to ensure the normal operation of the network system and large-scale communication and maintain a sustainable and efficient transport network. To build a safe and harmonious computer network security system, we must take advantage of a variety of integrated network security products and green networks to form an intelligent network protection system, and thus make the security of the computer network satisfy several needs.

REFERENCES

  1. Lawrence O?Gorman, “Comparing Passwords, Tokens, and Biometrics for User Authentication”, Vol. 91, No. 12, Dec. 2003, pp. 2019-2040 ã 2003 IEEE.
  2. Hafiz Zahid Ullah Khan, “Comparative Study of Authentication Techniques”, IJVIPNS-IJENS Vol: 10 No: 04.
  3. OnlineAvailable: http://www.authenticationworld.com/Token-Authentication.
  4. OnlineAvailable:http://www.authenticationworld.com/Authentication-Biometrics.
  5. Jae-Jung Kim and Seng-Phil Hong, “A Method of Risk Assessment for Multi-Factor Authentication”, Journal of Information Processing Systems, Vol.7, No.1, March 2011.
  6. Qinghua Li, Student Member, IEEE, and Guohong Cao, Fellow, IEEE “Multicast Authentication in the Smart Grid with One Time Signature”, IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011.
  7. OnlineAvailable: http://www.duosecurity.com.
  8. OnlineAvailable:http://ids.nic.in/technical_letter/TNL_JCES_JUL_2013/Advance%20Authentication%2 0Technique.pdf.
  9. Stamati Gkarafli, Anastasios A. Economides, “Comparing the Proof by Knowledge Authentication Techniques”, international Journal of Computer Science and Security (IJCSS), Volume (4): Issue (2).
  10. Roger Meyer, “Secure authentication on the internet”As the part of security reading room, SANS institute 2007.
  11. Translated by Cheng Peiqing, et al. Computer network security. Publishing House of Electronics Industry, 1994.9
  12. Li Wenlong. Face to face with a hacker. internet world.1999(2):2~8
  13. Xiao Ze. Research on computer network security analysis model J.Journal On Communications, 2012(3):269.
  14. Zhang Cheng. Research on computer network security analysis model J. Practical Electronics, 20l3(v)=148-149.
  15. Hong Yaling. Research on computer network security analysis model J. Computer CD Software and Applications, 2013(z):1-152.
  16. Wang Yuan. Quantitative Evaluation Method of Network Security Situation D. Ph.D. Dissertation, university of science and technology, 2003.
  17. Cui Jing, Liu Guangzhong, the basics of computer network J. Tsinghua University Press, 2010.07.01.
  18. Wang Wenbing, security of computer network J, Tsinghua University Press, 2010.06.01
Analysis and Research of Computer Network Security Based On Authentication Techniques essay

Remember. This is just a sample

You can get your custom paper from our expert writers

Get custom paper

Analysis and Research of Computer Network Security Based On Authentication Techniques. (2019, Jul 04). Retrieved from https://sunnypapers.com/analysis-and-research-of-computer-network-security-based-on-authentication-techniques/

More essays on Analysis and Research of Computer Network Security Based On Authentication Techniques

paper

ENHANCING MOBILITY CAPACITY AND NETWORK PERFORMANCE OF CLIENT-SERVER ARCHITECTURES USING MIPV6 HOST-BASED NETWORK PROTOCOL BY RUPHIN K

Pages : 177 (44118 words)

paper

Importance of Network Security

Pages : 3 (714 words)

paper

Criminal Justice Security Goals and Challenges

Pages : 9 (2098 words)

paper

Computer Based Systems

Pages : 4 (917 words)

paper

Computer Anti-forensics Methods and Their Impact on Computer Forensic InvestigationViewed generically

Pages : 2 (255 words)

paper

Control Techniques for Shunt Active Power Filters

Pages : 8 (1923 words)

paper

COMPUTER – BASED INSTRUCTION

Page : 1 (245 words)

paper

Network Mediums

Pages : 6 (1437 words)

paper

Conclusion Based on our research and analysis

Page : 1 (156 words)

Related essay Topics