Introduction
When it comes to network attacks, we often think of computer viruses, account theft, web page tampering, and even personal information leakage and other issues. With the rapid development of the Internet, computer networks have permeated every aspect of our life, study and work, and the issue of network security has become increasingly prominent. There are various threat sources including software bugs mostly as the operating systems and software used becomes more functional and larger in size [1]. Attacks could be recognized as the attempts to bypass security policies of the system, which gives attackers easier access to obtain or modify information, even destroying the system [2]. Malicious programs represented by Trojan programs, network worms,and computer viruses constantly threaten the security of computer networks.Â
Common Threats to Network Security
In November 1988, the Internet worm incident occurred, also known as the Morris Worm case. Robert Tepan Morris, 22, is a graduate student in the computer science department of Cornell University in the United States. His father, Bob Morris, is the chief security expert of the US Security Agency. Robert has been fond of computers since childhood and is very familiar with the UNIX system. Under the manipulation of a mischievous mentality, Robert exploited the security vulnerabilities of Sendmail, Finger and FTP in the UNIX system to write a worm virus program. On the evening of November 2nd, Robert placed the virus program on the network of the Massachusetts Institute of Technology, which was connected to ARPANET (the predecessor of the Internet). Due to a parameter setting error in the virus program, the virus rapidly spread across almost all the computers connected to the ARPANET network and was wildly replicated, eroding a large amount of computer resources and causing tens of thousands of computers in the United States to crash overnight. On April 26, 1999, the CIH virus broke out, causing over 100,000 computers in Russia to crash, more than 240,000 computers in South Korea to be affected, and 12 stock exchanges in Malaysia to be compromised. Analysis of network activity associated with problems such as worm infections could complement other system security work in determining which machines are infected [3].Â
Two Types of Network Attacks
There are many factors that pose a threat to computer network security. The damage to computer networks caused by human factors is also called human attacks on computer networks. There are many classifications among them, and the two main classifications are active attacks and passive attacks.
Passive attacks mainly involve monitoring the information transmitted over public media such as radio, satellite, microwave and public switching networks. Typical passive attacks include monitoring plaintext and obtaining unencrypted information through the monitoring network. Decrypt communication data and crack the encrypted data transmitted in the network through cryptographic analysis. Password sniffing, using protocol analysis tools, captures passwords used for various system accesses. Traffic analysis does not decrypt encrypted data but acquires key information by observing external communication patterns. For instance, a change in communication mode can imply urgent action. Having learned about passive attacks on computer networks by humans, let’s now explore active attacks together.
Active attacks mainly involve evading or breaking through security protection, introducing malicious code (such as computer viruses), and damaging the integrity of data and systems. There are also many typical examples of active attacks. For example, modifying the data in transmission Intercept and modify the data transmitted in the network, such as modifying electronic transaction data, thereby changing the number of transactions or transferring transactions to other accounts. Replay, which involves repeatedly sending old messages, leads to a decrease in network efficiency. Session interception: Unauthorized use of an established session. Posing as authorized users or servers, these attackers disguise themselves as others, thereby accessing resources and information without authorization. The general process is to first obtain user/administrator information through sniffing or other means, and then log in as an authorized user. This type of attack also includes spoofing servers used to obtain sensitive data, which carry out attacks by establishing trust service relationships with users who have not developed suspicion. By taking advantage of the vulnerabilities in system software, attackers explore the vulnerabilities existing in software running with system privileges. New vulnerabilities in software and hardware platforms can be discovered almost every day. By taking advantage of host or network trust, attackers manipulate files to make virtual/remote hosts provide services, thereby gaining trust. Typical attacks include rhost and rlogin. By exploiting malicious code, attackers can enter users’ systems through the vulnerabilities of the systems and implant malicious code into them. Alternatively, malicious code can be implanted into seemingly harmless software or emails available for download, thereby enabling users to execute the malicious code. By taking advantage of system flaws in protocols or infrastructure, attackers exploit flaws in protocols to deceive users or redirect traffic.
Consideration
This paper mainly talks about different threats to computer network security, such as software bugs, malicious programs, and human attacks. By introducing the Morris Worm and the CIH virus, it shows that malicious programs can cause very serious damage to computers and networks. This paper also explains two main types of human attacks, which are passive attacks and active attacks. Passive attacks focus on stealing information, while active attacks directly damage the system and data. These attacks strongly threaten the safety of network information. So, computer network security has become a very important problem in todayâs information society, and it is necessary to strengthen network security protection.
References
[1] M. A. Aydın, A. H. Zaim, and K. G. Ceylan, âA hybrid intrusion detection system design for computer network security,â Computers & Electrical Engineering, vol. 35, no. 3, pp. 517â526, 2009.
[2] Y. Wu, D. Wei, and J. Feng, âNetwork attacks detection methods based on deep learning techniques: A survey,â Security and Communication Networks, vol. 2020, no. 1, Art. no. 8872923, 2020.
[3] G. A. Marin, âNetwork security basics,â IEEE Security & Privacy, vol. 3, no. 6, pp. 68â72, 2005.
About Author
