Project Abstract

<p> Network Security is essential to any organization. This has been previously<br>done by manual method. But this project is aimed at computerized Network<br>Security to make the work easier. This is possible because of the advance<br>improvement in information technology as pertaining programming language;<br>because this is achieved by the help of visual basic programming language and<br>other programming language. For the first few decades of their existence,<br>computer\ networks were primarily used by university researchers for sending<br>e-mail and by corporate employees for sharing printers. Under these conditions,<br>security did not get a lot of attention. But now, as millions of ordinary citizens<br>are using networks for banking, shopping, and filing their tax returns, network<br>security is looming on the horizon as a potentially massive problem. The<br>requirements of information security within an organization have undergone<br>two major changes in the last several decades before the widespread use of data<br>processing equipment the security of information felt to be valuable to an<br>organization was provided primarily by physical and administrative means with<br>the introduction of computer the need for automated tools for protecting files<br>and other information stored on the computer became an evident .this is<br>especially the case for a shared system such as time sharing system and the need<br>is even more acute for systems that can be accessed for a public telephone or a<br>data network the generic name for the collection of tools to protect data and to<br>thwart hackers is ―computer security‖. Network Security is a broad topic and<br>covers a multitude of sins. In its simplest form, it is concerned with making sure<br>that nosy people cannot read, or worse yet, secretly modify messages intended<br>for other recipients. It is concerned with people trying to access remote services<br>that they are not authorized to use. Most security problems are intentionally<br>caused by malicious people trying to gain some benefit, get attention, or to harm<br>someone. Network security problems can be divided roughly into four closely<br>intertwined areas secrecy, authentication, non repudiation, and integrity<br>control. Secrecy, also called confidentiality, has to do with keeping information<br>out of the hands of unauthorized users. This is what usually comes to mind<br>when people think about network security. Authentication deals with<br>determining whom you are talking to before revealing sensitive information or<br>entering into a business deal. Non repudiation deals with signatures.<br>7 <br></p>

Project Overview

<p> 1.0 INTRODUCTION<br>Several recent proposals have argued for giving third parties and end-users<br>control over routing in the network infrastructure. Some examples of such<br>routing architectures include TRIAD [6], i3 [30], NIRA [39], Data Router [33],<br>and Network Pointers [34]. While exposing control over routing to third-parties<br>departs from conventional network architecture, these proposals have shown<br>that such control significantly increases the flexibility and extensibility of these<br>networks.<br>Using such control, hosts can achieve many functions that are difficult to<br>achieve in the Internet today. Examples of such functions include mobility,<br>multicast, content routing, and service composition. Another somewhat<br>surprising application is that such control can be used by hosts to protect<br>themselves from packet-level denial-of-service (DOS) attacks [18], since, at the<br>extreme, these hosts can remove the forwarding state that malicious hosts use to<br>forward packets to the hosts. While each of these specific functions can be<br>achieved using a specific mechanism—for example, mobile IP allows host<br>mobility— we believe that these forwarding infrastructures (FIs) provide<br>architectural simplicity and uniformity in providing several functions that makes<br>them worth exploring. Forwarding infrastructures typically provide user control<br>by either allowing source-routing (such as [6], [30], [39]) or allowing users to<br>insert forwarding state in the infrastructure (such as [30], [33], [34]). Allowing<br>10<br>forwarding entries enables functions like mobility and multicast that are hard to<br>achieve using source-routing alone.<br>While there seems to be a general agreement over the potential benefits of usercontrolled<br>routing architectures, the security vulnerabilities that they introduce<br>has been one of the important concerns that has been not addressed fully. The<br>flexibility that the FIs provide allows malicious entities to attack both the FI as<br>well as hosts connected to the FI.<br>For instance, consider i3 [30], an indirection-based FI which allows hosts to<br>insert forwarding entries of the form (id,R), so that all packets addressed to id<br>are forwarded to R. An attacker A can eavesdrop or subvert the traffic directed<br>to a victim V by inserting a forwarding entry (idV ,A); the attacker can<br>eavesdrop even when it does not have access to the physical links carrying the<br>victim’s traffic. Alternatively, consider an FI that provides multicast; an attacker<br>can use such an FI to amplify a flooding attack by replicating a packet several<br>times and directing all the replicas to a victim. These vulnerabilities should<br>come as no surprise; in general, the greater the flexibility of the infrastructure,<br>the harder it is to make it secure.<br>In this project, we improve the security that flexible communication<br>infrastructures which provide a diverse set of operations (such as packet<br>replication) allow. Our main goal in this project is to show that FIs are no more<br>vulnerable than traditional communication networks (such as IP networks) that<br>do not export control on forwarding. To this end, we present several<br>11<br>mechanisms that make these FIs achieve certain specific security properties, yet<br>retain the essential features and efficiency of their original design. Our main<br>defense technique, which is based on light-weight cryptographic constraints on<br>forwarding entries, prevents several attacks including eavesdropping, loops, and<br>traffic amplification. From earlier work, we leverage some techniques, such as<br>challenge-responses and erasure-coding, to thwart other attacks.<br>NETWORK SECURITY<br>(NS) is an important aspect of any system. NETWORK SECURITY is the act<br>of ensuring that an authenticated user accesses only what they are authorized to<br>and no more. The bad news is that security is rarely at the top of people’s lists,<br>although mention terms such as data confidentiality, sensitivity, and ownership<br>and they quickly become interested. The good news is that there is a wide range<br>of techniques that you can apply to help secure access to your system. The bad<br>news is that as Mitnick and Simon (2002) point out ―…the human factor is the<br>weakest link. Security is too often merely an illusion, an illusion sometimes<br>made even worse when gullibility, naivette, or ignorance come into play.‖ The<br>go on to say that ―security is not a technology problem – it’s a people and<br>management problem.‖ Having said that, my experience is that the ―technology<br>factor‖ and the ―people factor‖ go hand in hand; you need to address both issues<br>to succeed.<br>12<br>Access control is the ability to permit or deny the use of a particular resource by<br>a particular entity. Access control mechanisms can be used in managing<br>physical resources (such as a movie theater, to which only ticket holders should<br>be admitted), logical resources (a bank account, with a limited number of people<br>authorized to make a withdrawal), or digital resources (for example, a private<br>text document on a computer, which only certain users should be able to read).<br>Banks are secured financial institutions. They are often housed in large<br>buildings that are located in a commercial or residential area. Banks store<br>money and other financial information and goods.<br>Money and valuables have been stored in banks since ancient times. As a result<br>of the long history that banks have enjoyed, bank security has also been<br>important for a long time. Some of the oldest banks in the world have the best<br>security available. These banks include the Bank of Sweden, the Bank or<br>England, Bank of America, and Swiss Banking.<br>Bank security usually includes a staff of security guards, a security system, and<br>one or more vaults. Security guards are uniformed personnel that maintain high<br>visibility and watch cameras and alarms. Cameras and alarms are usually top of<br>the line systems in banks and other financial buildings. But these security<br>elements are not exclusive to banks. Some of these elements can be found in<br>other commercial buildings and even residential homes.<br>13<br>Basic security starts with the locks. For a high level of security, windows and<br>doors will need the best locks. After high quality locks are installed many<br>property owners opt for a security system or even security cameras.<br>Security cameras are often a small part of a larger security system. Systems<br>often include motion detectors, alarms, sensors, and cameras. Cameras are<br>arguably the most important because they allow the property owner to see and<br>record everything that happens in and around their building or property.<br>Cameras can be installed by a professional or by a property owner. For a large<br>and elaborate system it may be best for a professional to do the work. But for a<br>smaller and easy layout, a property owner should have no problem installing a<br>system by following the manufactures instructions. If he does than there is<br>usually a local installer that can be called to help finish the job.<br>1.1 STATEMENT OF THE PROBLEM<br>Owing to:<br>1. Fraudulent act of some customer/workers<br>2. Accessing the organizational data/information unauthorized<br>3. Sensitive nature of bank data/information<br>4. Valuable or costly items in bank<br>14<br>5. Increase in crime in our society<br>The need arise for the development of computerized NETWORK SECURITY<br>to eliminate such problems.<br>1.2 PURPOSE OF STUDY<br>The main purpose of this project is to design a NETWORK SECURITY that<br>will assist UBA in the area of ensuring effective security measures.<br>1.3 AIMS AND OBJECTIVES<br>This project will have the following aims and objectives:<br>Detecting security violations<br>Re-creating security incidents<br>To disallow unauthorized users<br>To safeguard the organizational data/information<br>To computerized the organizational security<br>To enhance the organizational security<br>To eliminate all forms of mistakes associated with security control<br>15<br>1.4 SCOPE OF STUDY<br>This research work will access the design and implementation of NETWORK<br>SECURITY in UBA Enugu. It will look into the operations of this bank in the<br>aspect of computerizing their security control system.<br>1.5 CONSTRAINTS<br>This project will be limited to the data available at hand, data outside the<br>researcher will not be made use of.<br>The limitations militating against this research are financial constraints, time<br>factor and other circumstances.<br>1.6 ASSUMPTIONS<br>Accuracy, efficiency and reliability is associated with Network Security.<br>For the purpose of this research, my assumptions can be stated as follows:<br>1. The application of computer related garget for security control<br>2. A computerized Network Security is effective and dependable<br>1.7 DEFINITION OF TERMS<br>Administration is an aspect of running the organization by devising systems<br>which will run smoothly.<br>2. Client: This any process that request specific services from server<br>processes.<br>16<br>3. Computer: This is an electrons machine that can accept; handle and<br>manipulate data by performing arithmetic and logic operations without<br>human intervention usually under the control of programmes.<br>4. Data: This is fore runner of information. It is unprocessed fact.<br>5. Database is a collection of information that is related to a particular<br>subject or purpose.<br>6. Hardware: This is the electromechanical part of computer system.<br>7. Information: This is data that have been processed, interpreted and<br>understood by the recipient of the message or report.<br>8. Internet is a collection of computer networks that operate to common<br>standards and enable the computes and the program they run to<br>communicate directly.<br>9. Server: This is a process that provides requested services for clients.<br>10. Software: This is a logically written program that hardware uses to<br>perform it’s operation.<br>11. System is the collection of hardware, software, data information,<br>procedures and people.<br>12. Website is a space or location customized by a company, organization or<br>an individual which is locatable within an address on the internet. <br></p>