Introduction
With the development of our times and society, the Internet has become an indispensable part in our life and work. Everything has its pros and cons. The Internet is also not absolutely secure. The massive use of the communication networks for various purposes in the past few years has posed new serious security threats and increased the potential damage that violations may cause [1]. Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, modification in system, misuse, or denial of a computer network and network-accessible resources [2]. Starting from cases, this article will explain what typical cyber security threats are and common preventive measures for computer network security.
Case study
On January 15, 1990, the AT&T “January 15th” major outage occurred. This made the United States realize the serious threat posed by hackers to computer network systems, and in 1990, a nationwide “anti-hacking campaign” was launched in the United States. In April 2014, the Heartbleed vulnerability was exposed, affecting major online banks, portal websites, etc. This vulnerability can be used to steal sensitive information from servers and capture users’ account passwords in real time. During the period from when the vulnerability was made public to when the system was fixed, it had already been exploited, and some website user information might have been illegally obtained by hackers. In December 2014, SONY Pictures was hacked. Sensitive data such as production plans, star privacy and unpublished scripts were all stolen by hackers and gradually made public on the Internet. It is estimated that SONY Pictures suffered a loss of up to 100 million US dollars. The security threats to computer network systems are mainly manifested in the possibility that hosts may be attacked by illegal intruders, sensitive data in the network may be leaked or modified, and information transmitted from the internal network to the public network may be eavesdropped on or tampered with by others and so on.
Cyber security threat
There are many typical types of cyber security threats, such as eavesdropping, retransmission, forgery, tampering, unauthorized access, denial-of-service attacks, denial of behavior, bypass control, electromagnetic/radio frequency interception, APT (Advanced Persistent Threat) attacks, and human negligence and so on. The following will introduce and explain one by one from these aspects. Eavesdropping refers to the act of sensitive information transmitted over a network being eavesdropped on. This move will undoubtedly leak users’ personal information, and their privacy will be stolen by those with ulterior motives. Retransmission refers to the situation where an attacker acquires part or all of the information in advance and then sends it to the recipient later. Forgery refers to the situation where an attacker sends forged information to the recipient, causing the recipient to receive incorrect information, which may lead to mistakes. Tampering refers to the act where an attacker modifies, deletes or inserts the communication information between legitimate users and then sends it to the recipient, causing the recipient to receive incorrect information. This may also lead to the recipient making a wrong judgment. Unauthorized access refers to obtaining system access rights through means such as impersonation, identity attacks or system vulnerabilities, thereby allowing illegal users to enter the network system to read, delete, modify or insert information, etc. This can also lead to receiving incorrect information. Denial-of-service attacks involve attackers slowing down or even paralyzing system responses through certain methods, preventing legitimate users from accessing services, and thus preventing users from receiving the services they should have received.
Behavioral denial refers to the communication entity’s denial of an already occurred behavior and its denial of the behavior that has already occurred. Bypass control refers to the situation where attackers discover flaws or security vulnerabilities in a system. Electromagnetic or radio frequency interception refers to the process where attackers extract information from the radio frequency or other electromagnetic radiation emitted by electronic or electromechanical equipment. APT (Advanced Persistent Threat) attack refers to a form of attack that uses advanced attack methods to carry out long-term and continuous cyber attacks on specific targets. Before launching an attack, APT precisely collects the business processes and target systems of the attacked object, unearth vulnerabilities in the trusted systems and applications of the attacked object, and exploits 0-day vulnerabilities to carry out attacks. Personnel negligence refers to the situation where an authorized person, for the sake of personal gain or due to carelessness, discloses information to an unauthorized person, thereby causing errors.
Preventive measures
Of course, there are also preventive measures for cyber security. For example, common technologies such as firewall technology, intrusion detection technology, and data encryption technology and so on. Firewall technology is an applied security technology based on modern communication network technology and information security technology.
In a network, a firewall refers to a system that implements control policies between two networks, used to protect the internal network from being invaded by the Internet. If users of the internal network want to access the Internet, they must first connect to the firewall and use the Internet from there. Therefore, a firewall is a manifestation of a security strategy. The current firewall technologies generally can play the following security roles: centralized network security, security alarm, redeployment of network address translation, monitoring of Internet usage and information release to the outside. Firewalls are hardware or software systems placed in between two or more computer networks to stop the committed attacks, by isolating these networks using the rules and policies determined for them [3].
Data encryption technology is the most fundamental and core technical measure and theoretical basis for ensuring information security, and it is specifically implemented by encryption algorithms. Due to the possibility that confidential information may be lost due to eavesdropping by infringers during data transmission, for instance, when an enterprise transmits data involving its own business secrets, it must use ciphertext transmission, that is, use technical means to turn important data into garbled characters for transmission, and then restore it by the same or different means after reaching the destination.
Conclusion
With the rapid development of modern network technology, there are many network security threats. However, there are also many preventive measures for network security. With these preventive measures in place, the network can be made more secure and a safer network environment can be created.
References
[1] K. Shihab, “A backpropagation neural network for computer network security,” Journal of Computer Science, vol. 2, no. 9, pp. 710–715, 2006.
[2] M. V. Pawar and J. Anuradha, “Network security and types of attacks in network,” Procedia Computer Science, vol. 48, pp. 503–506, 2015.
[3] M. A. Aydın, A. H. Zaim, and K. G. Ceylan, “A hybrid intrusion detection system design for computer network security,” Computers & Electrical Engineering, vol. 35, no. 3, pp. 517–526, 2009.
About Author
