Modern Internet Security Issues - Research Paper Example

? Internet Security and Section # of Internet Security As the global world get smaller and our relevance of function spans over countries, transgressing any physical borders, the need for direct, frequent and immediate communication has made communication over the internet far more than popular: it has made it a necessity. Almost every aspect of our dealing, whether it is work related, academics related or personal, involves the internet in some way or the other. Sadly, owing to the unimaginably high traffic of information exchange conducted over the internet it is only natural and inevitable that security threats emerge, whether they are related to the medium of communication, i.e. the computers being used to access the internet, or the user. The subjects pertaining to the security against these threats are internet safety and internet security. There is a slight difference in internet security and internet safety, with the most basic one being that the former focuses more on the direct safety of a computer network from threats that can attack through the internet, such as viruses or data corruption, while internet safety relates more to the security and safety of the user, such as identity fraud, money scams, false information etc. Although both forms of security threats can are important to understand and counter, this paper will concentrate mostly on the more technical aspect of internet security, and will focus on the various threats that are encountered and the preventative measures taken against them. As mentioned, internet security is the necessary measures taken and rules laid out which make the use of the internet more secure for a user in terms of the safety of their computer from various threats. To understand where these threats rise from it is first important to understand the basic working of the internet. The ‘internet’ is basically a system of a great many networks, all linked together to form one major network. It does so through a set of communication protocols that allows information to be transferred across these networks, from the most basic level to the most complex. The most important of these protocols is TCP (Transmission Control Protocol) and IP (Internet Protocol). IP transfers the required bits of data, firs within each individual network, then between secondary levels of networks, starting from the most basic level, and then progressing regionally and then globally, thus allowing the information to reach from one point to another. TCP checks these bits of data, ensuring they are correctly being transferred and offering corrective feedback measures when they aren’t (Reed, 2004). Data threats enter this system of information management when at any of these many levels data is encrypted and corrupted. To prevent this, a number of measures are taken, which include SSL (Secure Sockets Layer), TLS (Transport Layer Security) and IPsec, with the most effective one being the IPsec protocol, which in turn further uses the AH (Authentication Header) and ESP (Encapsulating Security Payload) protocols as the mechanism for its protection. AP authenticates the data and then sends it further on, and ESP provides confidentiality. All three protocols basically revolve around the same principal of securing communication by authenticating the sender at each level where these protocols are implemented, and by encrypting the data so that in case of unwanted interception, it is not altered. Internet security threats are also widely transferred through email messages. Again, understanding how email messages work greatly explains the reason for this. Email messages can also be considered bits of data that are transferred through the many networks of internet, with the main difference being that users can easily edit and change this data at the various levels it is transmitted to. How email messages basically work is that first a user composes a message. This message is converted into a certain standard form and is transferred to the mail server. From there, the server intercepts the identity of the sender, identifies the identity of the intended receiver, establishes a connection and transmits the message. The receiver receives the message through a similar reverse process. How threats are transferred is obvious. It is on the same principal as any other threats transmitted during data transfer across the internet, i.e. corruption of intercepted data. (Schneier, 1995) These threats are mainly and most commonly prevented using PGP (Pretty Good Privacy). How PGP works is that it encrypts the data to be sent using certain predefined algorithms. Again, as with IPsec, the protocol both confirms the identity and security of the sender, as well as validating the content of the message and then encrypts it so that in case it is intercepted unnecessarily, it is not easily decrypted and therefore not corrupted. This is normally sufficient for most users, but for an added level of security, used mainly by organizations that require added privacy, VPNs (Virtual Private Networks) may also be employed. In this method, a network is set up solely between the two organizations so that apart from the content of the messages being encrypted, so is the sender, the recipient and transmission. The previous threats and preventative measures discussed were user specific, which means that they were concerned with information that a user himself wishes to transmit or receive. However the most general form of internet security is through firewalls, which directly restricts or controls communication between networks on the internet, at all time (Cheswick, 2003). These are of various sorts and securities, with each allowing varying privileges, depending upon the nature of security and allowance required. How firewalls work is that once set up, all information entering or leaving a network must pass through them. The varying degrees of security of a firewall basically rely on the amount of traffic that is allowed and the nature of traffic that is restricted. If a certain packet of data is restricted for that particular firewall, it will not be allowed to enter or leave the network, thus creating a barrier between the network and the intended destination of the information. Firewalls can work on both directions of traffic, i.e. it can control the information entering a network, and it can also control the amount or type of information of the network visible or accessible to other networks. Thus firewalls are the most general form of security, covering generally every aspect of the previous mentioned specific forms of security. At the various levels of information transmission, different firewalls may be implemented, which can act according to the special level of security required at that point. Firewalls may be added to a system as separate software or the routers used to offer network access may contain default firewalls. A proxy or proxy server may also be viewed as a certain sort of firewall. How a proxy works is that when a user wish to access a certain network or resource, or vice versa, the proxy is requested for access first. The proxy then either approves or forbids this access. Proxy servers may be used as security in certain schools or organizations but they function more in the sense of preventing access to certain content, rather than directly functioning as protecting a system from certain security risks or threats, though it can be implemented to do the latter as well. It is assumed up to this point that security threats generally enter a system without the knowledge of a user, or that they enter the system through a backhand level not superficially visible or known. Although that is generally true, the most common sort of internet security threats are encountered through the intentional yet misguided activities of a user himself. Internet security also aims to deal with these security threats. These threats are mainly encountered when a user tries to access an infested website, or more commonly, tries to unknowingly download a threat. For example, a user may intend to download or open a certain file that appear to be one thing but in reality contains viruses or spyware threats disguised to appear as something useful. These threats are called malware and the most useful tools in combating these threats are anti-virus software, which allow controlling the spread of these threats and are responsible for the destruction of these threats once they have entered a computer system. Malware is further divided, but not limited into, two main types: spyware and viruses, with the former intercepting a user’s private information and system usage and transmitting it to other servers, and the latter disrupting normal activity within the computer. Viruses and spyware both are of a countless variety with varying functionalities and levels of disruption. Malware can also be intercepted from specific websites, which upon accessing immediately initiate a specific malicious download. They can also enter a system when they make a user enter private information such as credit numbers or passwords by posing to be a website that they actually are not. Websites that steal private information of users by being disguised as other websites are phishing websites. Phishing scams can also be spread through email. Browsers have inbuilt defenses against these websites with a specific database that generates a security caution measure when suspicious or known devious websites are accessed but they do not have a hundred percent accuracy rate as such websites are created by the thousands every day. In summary, internet threats are basically transmitted either when intercepted data is altered and corrupted, or when they are unknowingly transferred onto a system through the user’s activity, with the result being unwanted access of a certain network by another (Kaufman, Perlman and Speciner, 2003) or unpredictable behavior by a system. These threats have a wide range of characteristics and result in various levels of disruption, depending on the level of security invasion. These effects can range from total system failure, or creating targeted or localized disorder within a network, to adversely affecting a system by silently spying on a user’s activity, collecting or giving out private information, all depending on the nature of the threat encountered. Internet security aims to prevent a system from falling victim to these threats and to minimize the resulting effects when they unfortunately do. Although security threats are widespread and commonly encountered, with appropriate and effective security measures, systems can remain safe and secure and can transmit large amounts of data without fear of being intercepted by unwanted receivers. Therefore, it is necessary to examine the expected activity of a system, accordingly predict the level and type of security required to keep it secure, and then to implement it. In a nutshell, it is always better to undertake preventative and protective measures, rather than corrective, which is what the subject of internet security aims to control. Bibliography Cheswick, W. (2003) Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Professional; 2nd edition Kaufman, C. & Perlman, R. & Speciner, M. (2002) Network Security: Private Communication in a Public World. Prentice Hall; 2nd edition Reed, K. (2004) Introduction to TCP/IP: Understanding Data Communications Across the Internet. Westnet Learning; Schneier, B (1995) E-mail Security: How to Keep Your Electronic Messages Private. Wiley; Vacca, J. (2010) Practical Internet Security. Springer; 1st edition Read More