2. 1. There is a Hacker Attack Every 39 Seconds. Security
Magazine
2. According to Mcafee, 300,000 New Malwares are
created everyday.
3. According to FBI report in 2019 Cybercriminals
earned about $3.5 Billion. bbc.com
4. 75 Records are stolen every second by Hackers.
Breach Level Index
5. 66% of Businesses attacked by hackers were not
confident of recovery. hostingtibunal.com
6. In 2019, 187.9Million ransomware attacks took place
worldwide. statista.com
7. According to selfkey.org about 16 Billion records
have been exposed through Data breaches
between 2019 and June 2020
8. According to data from Juniper Research,
the average cost of a data breach will exceed $150
million by 2020
2
WHY IS THIS IMPORTANT?
3. DEFINITIONS
WHAT IS NETWORK SECURITY?
Network security consists of the policies and
practices adopted to prevent and monitor
unauthorized access, misuse, modification, or denial
of a computer network and network-accessible
resources.
Network security involves the authorization of
access to data in a network, which is controlled by
the network administrator. Users choose or are
assigned an ID and password or other
authenticating information that allows them access
to information and programs within their authority.
Network security covers a variety of computer
networks, both public and private, that are used in
everyday jobs: conducting transactions and
communications among businesses, government
agencies and individuals.
Networks can be private, such as within a company,
and others which might be open to public access.
Network security is involved in organizations,
enterprises, and other types of institutions
3
4. DEFINITIONS
WHAT IS DATA PROTECTION?
Data protection is the process of safeguarding
important information from corruption,
compromise or loss.
The importance of data protection increases
as the amount of data created and stored
continues to grow at unprecedented rates.
The context of data protection varies and the
methods and extent also vary for each; there
is data protection on the personal level,
business or public entities, and that of data so
highly classified that it should never fall into
the hands of others aside from its owners.
Consequently, a large part of a data protection
strategy is ensuring that data can be restored
quickly after any corruption or loss.
4
5. HOW CAN NETWORK SECURITY IMPROVE DATA SECURITY 5
CONVENTIONAL SOLUTIONS
Firewalls put up a barrier between your
trusted internal network and untrusted
outside networks, such as the Internet.
They use a set of defined rules to allow or
block traffic. A firewall can be hardware,
software, or both
Email gateways are the number one threat vector for a security
breach. Attackers use personal information and social engineering
tactics to build sophisticated phishing campaigns to deceive recipients
and send them to sites serving up malware. An email security
application blocks incoming attacks and controls outbound messages
to prevent the loss of sensitive data.
"Malware," short for "malicious software,"
includes viruses, worms, Trojans,
ransomware, and spyware. Sometimes
malware will infect a network but lie dormant
for days or even weeks. Good Anti-Malwares
not only scan for malware upon entry, but
also continuously track files afterward to find
anomalies, remove malware, and fix damage.
FIREWALLS EMAIL GATEWAYS
ANTI-VIRUS & ANIT-MALWARES
Cloud security is a broad set of technologies, policies, and
applications applied to defend online IP, services, applications,
and other imperative data. It helps you better manage your
security by shielding users against threats anywhere they
access the Internet and securing your data and applications in
the cloud.
CLOUD SECURITY
6. HOW CAN NETWORK SECURITY IMPROVE DATA SECURITY 6
CONVENTIONAL SOLUTIONS
Not every user should have access to your
network. To keep out potential attackers, you
need to recognize each user and each device.
Then you can enforce your security policies. You
can block noncompliant endpoint devices or give
them only limited access
Cybercriminals are increasingly targeting mobile devices and apps.
Within the next 3 years, 90 percent of IT organizations may
support corporate applications on personal mobile devices. Of
course, you need to control which devices can access your
network. You will also need to configure their connections to keep
network traffic private
A virtual private network encrypts the connection
from an endpoint to a network, often over the
Internet. Typically, a remote-access VPN uses
IPsec or Secure Sockets Layer to authenticate the
communication between device and network
ACCESS CONTROL MOBILE DEVICE SECURITY
VIRTUAL PRIVATE NETWORK
Wireless networks are not as secure as wired ones. Without
stringent security measures, installing a wireless LAN can be
like putting Ethernet ports everywhere. To prevent an exploit
from taking hold, you need products specifically designed to
protect a wireless network
WIRELESS SECURITY
7. SECURITY FOCUS-1
ORGANIZATIONAL BEHAVIOUR
Individuals make up every Organization. Therefore
their individual responses to security protocols will
collectively determine how secured or porous an
organizational network will be and consequently,
the security of Data.
Irrespective of the investment an organization make
in securing its Data, as long as employers and
employees do not recognize the need to
intentionally follow Security Protocols, it will be a
daunting task to win this Cyber War.
Therefore Network Administrators, Data Managers
and end user employees MUST engage in frequent
trainings, both in Data Security and Management
and to be individually responsible in looking out for
the Safety of the Organizations’ Data Base.
Remember, “HACKERS ARE HUNTERS WHO
OBSERVE THEIR PREYS DAILY BEHAVIOURS UNTIL
THEY FIND A WEAKNESS TO ATTACK”
7
8. SECURITY FOCUS-2
ETHICAL HACKING
Ethical Hacking is an authorized practice of
bypassing system security to identify potential
data breaches and threats in a network. .
Remember the Saying: “It takes a thief to Catch a
thief”?
Its time Organizations take serious, engaging the
services of Ethical Hackers. Ethical Hackers aim to
investigate the system or network for weak points
that malicious hackers can exploit or destroy.
They collect and analyse the information to
figure out ways to strengthen the security of the
system, network and applications. By doing
so, they can improve the security footprint so
that it can better withstand attacks or divert
them.
NOTE: Before engaging Ethical Hackers, the
Organization MUST go into a Non Disclosure
Agreement and any other Data Protection Policy
in order to safeguard their Data Privacy and
Integrity.
8
9. SECURITY FOCUS-3
BAN USE OF PIRATED SOFTWARE
Do you know that every Pirated Software Installed is
embedded with Malwares?.
Cybercriminals are increasingly using this medium
to infect computers, steal information, create
botnets and carry out other illegal activities. The
means through which people acquire pirated
software has changed over time, with downloads
from peer-to-peer networks such as BitTorrent
becoming increasingly popular. Therefore the
temptation to acquire them is high.
Organizations must therefore take the bold step in
getting rid of any sharp practices of using Pirated
Software for their businesses because it’s a case of
“Penny Wise Pound Foolish” The Cost of Data
breaches can in no way justify the Cost of Acquiring
counterfeit application programs.
One of the most effective way for users to stay safe is
to use genuine application programs, operating
system and anti-virus software, which are updated
and patched regularly.
9
10. SECURITY FOCUS-4
NEXT-GENERATION ALL-IN-ONE
ENDPOINT SOLUTIONS
A Next-Generation Anti-Virus, Endpoint Detection and Response and a 24/7
Managed Threat Hunting Service running on One Platform is the Future to
Combat Cyber Threats.
These Endpoint Solutions are built around behavioral-based proprietary
machine learning and Indicator-of-Attack (IOA) methodology, the
solution prevents attacks pre-execution and is particularly effective at
stopping new, polymorphic or obfuscated malware, which is often missed by
legacy Anti-Virus solutions.
These Endpoint Solutions are embedded with features that acts like a DVR
on the endpoint, recording activity to catch incidents that evaded
prevention measures. It ensures customers have comprehensive, real-time
visibility into everything that is happening on their endpoints from a security
perspective — eliminating the risk of “silent failure,” which allows intruders
to remain in your environment undetected.
Best of all, this technology can be fully deployed and operational in hours with
zero maintenance costs or end-user impact. Some of these Solutions takes up
just 40Mb disk storage and less than 3% CPU, with no rebooting or scanning
required
10
11. TECHNICAL ISSUES THAT CAN INTERFERE WITH
THE WIRELESS NETWORK’S PERFORMANCE.
I. It can be a problem if
several employees in
the building are using
wireless networks.
II. Wired networks can
also interfere with a
wireless signal. While
rare, the interference
can result in the loss
of communication
capabilities over the
wireless network.
Coverage
Interference
I. It can be slower if
the organization
has a large
wireless network.
II. To prevent this,
many companies
also use a wired
or fiber-optic
network as a
“backbone”.
I. It isn’t always as broad
as you might need,
especially if the building
has a reinforced steel
structure. This can
cause “black spots”.
II. These are areas where
a wireless signal is not
available
Transmission speeds
11
12. WEP was developed by the Wi-Fi
Alliance in the late 1990s. It was the
first encryption algorithm developed
for the 802.11 standard, and it had
one primary goal – to prevent
hackers from accessing any data that
was transmitted.
Unfortunately, by 2001,
cybersecurity experts had found
several flaws in the algorithm’s
security.
This led to cybersecurity experts
recommending that consumers and
organizations phase out WEP from
their devices.
In 2009, it became apparent that
WEP was not as effective as
developers had stated when the
massive cyberattack against TJ.
Maxx was launched. The data
breached comprised customers’
credit card accounts and cost the
retailer $9.75 million in legal
To authenticate users, WEP uses the
Rivest Cipher 4 (RC4). The original
model used a 40-bit encryption key,
though it has been upgraded to a
104-bit key that is manually entered
by the administrator. The key is used
with a 24-bit IV (Initialization
Vector) that helps to strengthen the
password/encryption.
The problem that often occurs is that
due to the IV’s small size,
administrators are likely to use the
same keys. This makes the
encryption easier to hack.
WEP might have been the original
algorithm for wireless networks, but
over time it has shown that it is
vulnerable to cyberattacks.
This is why other security protocols
have been developed since the issues
with WEP were discovered.
12
WIRED EQUIVALENT PRIVACY (WEP)
13. WI-FI PROTECTED ACCESS (WPA)
Once the flaws were discovered, and made public, in WEP the
process to create a new wireless protocol was started.
It takes time to write a replacement. To ensure that wireless
network users still had protection, the Wi-Fi Alliance released
WPA as a temporary replacement in 2003.
This gave the Institute of Electrical and Electronics
Engineers Inc. (IEEE) time to create a viable replacement for
WEP.
Even though WPA is considered an interim security
algorithm, it is an improvement over WEP. It has discrete
modes for personal and business use for improved security.
In personal mode, preshared keys are used to make it easier
to implement and manage the network among employees and
consumers.
Business or enterprise mode requires an administrator to
authenticate a device before it can access the network.
This allows larger companies to have more control over who
has access to the data.
WPA is based on the RC4 cipher like its predecessor WEP,
only it uses TKIP (temporal key integrity protocol) to boost
wireless security. This includes,
Using 256-bit keys to reduce keys being reused Generating a
unique key for a packet by key mixing per packet
Automatically broadcasting updated keys and usage Integrity
checks of the system IV size increased to 48 bits
Since WPA was designed to be compatible with WEP, IT
professionals found that they could easily update to the
interim security protocol for their wireless network. All they
needed was a simple firmware update. While switching
protocols was simple this also created potential security risks
since it was not as comprehensive as developers and users
hoped it would be.
13
14. WI-FI PROTECTED ACCESS 2 (WPA2)
The replacement for the interim WPA, the IEEE released
WPA2 in 2004. There are still some security
vulnerabilities with WPA2, but it is still considered one
of the most secure wireless network protocols available
for personal and business use.
While like WPA, it also offers users personal and
enterprise/business modes. WPA2 also has several
security improvements.
These include replacing TKIP and the RC4 cipher with
stronger authentication and encryption mechanisms –
CCMP (Cipher Block Chaining Message Authentication
Code Protocol) and AES (Advanced Encryption
Standard).
If your device cannot support CCMP, the security
algorithm is still compatible with TKIP. This helps to
ensure that WPA2 is compatible with all devices and
wireless networks.
AES was originally developed by the United States
government to protect classified data from foreign and
domestic hackers. It uses three symmetric block ciphers
with each one encrypting and decrypting incoming and
outgoing data using 128, 192, and 256-bit keys.
This security protocol for wireless networks does use
CCMP prevents everyone except for authorized users to
receive data by using cipher block chaining. This helps
to ensure the integrity of the message.
WPA2 also allows for more seamless roaming from one
access point to another without having to reauthenticate
user access. This can improve productivity and client
relations. Data can be transferred seamlessly, without
having to take extra authentication steps.
After reviewing the three security protocols for wireless
networks, WPA2 is a welcome replacement for WEP and
the temporary algorithm WPA. Knowing which protocol
provides the best wireless security is helpful, but so is
knowing exactly how it works. If you know how threats
are being blocked, you’ll be better equipped at
recognizing any issues that might get through
14
15. HOW SECURITY PROTOCOLS FOR WI-FI WORK
When WPA2 was created to replace WEP and WAP, it was thought that this security protocol was
almost impossible for hackers to crack.
With its larger IV size to prevent key reuse and other improvements, companies and individuals
began to believe that their wireless networks were safe.
In 2017, this changed when a vulnerability in the protocol was discovered. Hackers could take
advantage of a system weakness by posing as an access point.
This would allow them to access the data and this breach is known as a Key Reinstallation
Attack (KRACK). This vulnerability did cause concern with wireless network uses, and patches
were created to prevent data from being stolen.
The only problem with this remedy is that not everyone may have gotten the patches installed in
time or even be aware that their wireless network might be at risk.
This particularly applies to public wi-fi hotspots and companies with older networks. To
understand how wireless security protocols can be vulnerable, it’s helpful to know how
encryption codes work.
15
16. UNDERSTANDING ENCRYPTION
WEP:
I. As previously mentioned, WEP has the weakest security since it uses radio waves to transmit messages.
II. This already makes it easy for hackers to steal the information as it travels.
III. It will still be encrypted when it reaches an unauthorized party, but WEP uses the same encryption key for all messages
making it easy for hackers to crack.
IV. There is software available that can crack WEP encryption in minutes.
WPA:
I. This interim security protocol uses TKIP (temporal key integrity protocol) for wireless protection.
II. It is an improvement over WEP since it resolved two problems associated with the old protocol. The key length is
increased and a unique 48-bit number is assigned to each message.
III. This makes it more difficult for hackers to break the encryption code.
IV. While TKIP did fix some of the security issues with WEP, it was still vulnerable since it was only created to be a
temporary patch.
WPA2:
I. The replacement for WEP and WPA, this security protocol is compatible with TKIP and the stronger AES encryption.
II. Older computer systems might not be compatible with AES, so TKIP can be back-ended for encryption.
III. The main security issue with TKIP is that any authorized computer can access messages. 16
18. 18
3. Findings and Conclusion
Need to develop a human induced sinkhole risk index (SRI).
Use of a WSN system to find a method more reliable, energy efficient, and time-saving.
Application of previous WSN method for underground pipeline monitoring for sinkhole monitoring,
detection, and prevention.
Pipeline property measuring sensors must replace soil property measuring sensors: water content, soil
bearing capacity, and pH.
Sewer pipelines need more concentration to prevent sinkhole.
A lot of water distribution system management methods actual field implementation is less than
consideration.
So to find out the real field implementation, water providing agencies, and research institutes must
collaborate to overcome this gap.
The findings from each analysis and literature review show that previous researchers have not
contributed considerably to overcome the issue of the sinkhole caused by the fault in the underground
water distribution system.
19. 19
Steps
Instructions
Concept/Main
Purpose[Abstract/Introduction]
Problem[technological
significance or any problem
solved→ look in the Introduction
part of this paper]
Solutions[Experiment/Methodology+
Discussion]
Discussion[Conclusion]
o C1;P2;L3;S4
Review Paper