CS406: Information Security

Network Security has turned out to be a more complicated and challenging area in nowadays network world. When we think of designing a network, a key issue to be taken into account is protecting it from intruders. Intruders may be classified as inside and outside intruders. Inside intruders who belong to the same corporation, access the files of other persons by cracking that person's password, which leads to a heavy loss in network security. Outside intruders are those who don't belong to the corporation but they somehow try to access the important files of the corporation.

Apart, from the general classification of the intruders, we have three more classes of intruders classification namely masquerader, misfeasor, and clandestine user.

• A masquerader is an individual who is not authorized to use the computer and who penetrates a system's access controls to exploit a legitimate user's account.
• Misfeasors are those legitimate users who access data, programs, or resources for which such access is not authorized, or who is authorized for such access but misuses his or her privileges.
• Clandestine users are those who seize supervisory control of the system and use this control to evade auditing and access controls or to suppress audit collection.

Some of the examples of intrusion attempts are:

• attempts to copy the password file at a rate exceeding once every other day;
• suspicious remote procedure call (RPC) request at a rate exceeding once per week; and
• attempts to connect to non-existent bait machines at least every two weeks.

Firewalls generally don't detect the inside intruders because of which we go for the intrusion detection system. This system works based on the predefined set of rules, which are set by the network administrator. So we have to prevent this unauthorized access and increase network security. To do so we have various tools available like firewalls, Intrusion Detection Systems (IDS).