1.4.1 IPv4 and IPv6 Architecture

IPv4 was designed in 1980 to replace the NCP protocol in ARPANET. Twenty years later, IPv4 has many limitations [6]. IPv6 defect protocol design IPv4 is required. IPv6 is not a complete IPv4 packet protocol; instead, it is a new design. Internet protocols are designed to be very broad and cannot be fully covered. A key part of the security architecture is discussed in detail.

1.4.2 Attack Through IPv4

Computer security has four main characteristics. The approach mentioned earlier is slightly different, but he rethinks comfort and attention. These security features are confidential, complete, private, and usable. Confidentiality and integrity remain the same. Availability means that authorized employees have access to computer assets [8]. Privacy is the right to protect personal secrets [8]. There are four attack methods associated with these four security features. Table 1.1 shows the attack methods and solutions.

A brief discussion of common attack techniques and security techniques will be provided. Not all methods are discussed in the table above. The current understanding of the techniques used to handle attacks is to understand the research and development of current secure hardware and software.

1.4.3 IPv6 IP Security Issues

From a security perspective, IPv6 has made significant progress in IPv4 IP. Although IPv6 has a strong security mechanism, it is still weak. There are still potential security issues with certain aspects of the IPv6 protocol.

The new Internet protocol does not prevent properly configured servers, poorly designed applications, or protected sites.

Security issues may occur for the following reasons:

1. Problems in the management process
2. Flood problem
3. Liquidity issues

Due to the built-in IPsec function, there is a problem with the spindle operation [7]. The extension header avoids some of the common sources of attack caused by head operations. The problem is that the steering guide must be processed through all the stacks, which can result in a long series of steering heads. A large number of attachments may be confused by a knot, which is a form of attack if deliberate. Tradition remains a threat to IPv6 security.

When the entire network portion is resolved while searching for a possible destination with an open service, an attack type called port check [5] occurs. The IPv6 protocol address space is large, but the protocol is not threatened by such attacks.

Navigation is a new feature integrated with IPv6. This feature requires special security measures. Network administrators should be aware of these security requirements when using IPv6 Mobility.

1.6.1 Understanding the Key Components of Network Security

Traditional firewalls have been the most important and important line of defense for decades. Most corporate structures require secure servers at the edge of the core network to connect to other networks, especially if other networks are managed by a third party or are considered less centralized and secure.

This typically involves using a firewall to partition Internet connections, external networks, and remote WAN sites. The original firewall has no state, which means the firewall has no intelligence to monitor the data flow. As a result, the first wall of the fire was hit by a suicide bomber, and the attackers indicated that they were entering the rules allowed by the firewall.

Powerful firewalls are becoming common because they can monitor and track traffic between two devices that communicate with each other through a firewall. The state table not only controls the correct transport stream, but also ensures that the transmitted and received packets are connected to the original device. This is done by examining the network layer, the packets on OSI Layers 3 and 4, and tracking the IP address data. The TCP serial number and port number are processed. When transmitting a confirmed firewall packet, this information falsifies the hardware firewall to receive more harmful packets in the perimeter.

Although traditional firewalls are only designed to allow certain ports and protocols, they are not sure whether the visited site is harmful or inappropriate. This leaves a big gap, especially in terms of network traffic. The firewall can only allow or deny any traffic; it cannot selectively or see the upper layer protocol. This led to the creation of the SWG.

The first generation of SWGs had only one feature: filtering URLs. In most applications, Web Gateway is used to block access to websites that are included in a predefined blacklist. The company is responsible for maintaining SWG manufacturers, usually a blacklist database that is regularly updated on the gateway’s network equipment. The administrator can choose which blacklist category to apply. There are some blacklist categories that include sites that include pornography, gambling, and hate groups, as well as sites that are often referred to as malware.

1.6.2 A Deep Defense Strategy

Over the years, network security systems such as traditional firewalls and secure web portals have run independently and performed different security functions [16]. Although this structure is better than nothing, it only provides a layer of defense for any threat. In order to add some extra layers of protection, there are some concepts of deep defense strategies. Our idea is to implement an interlocking security system to expose risks to multiple security measures designed to prevent malicious behavior.

Firewalls and traditional security gates are used for the Internet, email, and intrusion prevention systems (IPS). Protecting the infrastructure boundaries of an infrastructure company typically involves accessing cloud resources. All data entering and exiting the network is filtered through firewalls and IPS. All traffic and email on the Internet will then be sent to the relevant security portal for further review to identify possible attachments contained in email attachments and malware.

With proper tuning and maintenance, deep defense engineering strategies using these components provide strong security. However, hackers began to discover that the network could find cracks between each system it entered. There are three main reasons for this. First of all, some security systems are difficult to fully implement. Usually, only some of the security features available in production are implemented.

Second, the security system cannot be maintained and updated correctly. For example, you must periodically update your firewall software to fix newly discovered vulnerabilities. Security portals and databases are often reviewed and sometimes require manual intervention updates.

Finally, while these systems overlap and provide multiple layers of protection, they work independently and are not shared and can be used to discover information between systems that have difficulty detecting threats.

1.6.3 How Does the Next Generation Network Security System Work Best

The next generation of security tools not only goes deeper into defense strategies, but goes further with tightly integrated and improved systems. Integrated with next-generation firewall capabilities to monitor and detect legacy firewalls, revealing regular IPS functionality by identifying signatures that contain known attack patterns. It is also known as NGFW for applications that use the firewall feature to check the deep technology package you are using. This allows the firewall to check the package not only by loading the subsidiary but also by the application to which the package belongs. This policy allows NGFW to securely interact with IPS and web portals by providing multiple layers of protection.

The web security gateway uses standard URL filtering for standards and direct protection against malware. The SWG acts as an IPS, focusing on web-based exceptions and virus signatures. When the new company discovers these signatures, it is automatically sent to the SWG device. Another new feature of most WWG groups is the ability to access global threat sensor networks. The threat of these sensors is typically maintained through security, identifying new threats and SWG groups locally and globally to better protect against real-time web threats. This type of security is an effective blow to increase rescue attacks.

Malware protection is a relatively new security tool for security administrators in many organizations. A limited number of malware environments are designed to create an isolated environment simulation test environment that allows the system to perform multiple tests on suspicious packets. This approach sets a serious burden and hinders access to the production environment. The protective case can detect other tools such as NGFW and SWG. You can ignore this threat. Some malware installations require a sandbox filter. All data sandboxes are responsible for repairing suspicious downloads. In other designs, the limited malware environment relies on NGFW and SWG to classify the load as suspicious and then move it to the basement for further testing.

Next-generation networks are also beginning to rely on greater control over network access than their predecessors. I created a BYOD explosion. Concerns about cyber security vulnerabilities, rather than security personnel in the network, are very serious in identifying, evaluating, approving, and monitoring personnel who have access to network resources for production.

The NAC user and the correct device must be properly selected before allowing access to the network. If authenticated, the user or device receives a user access policy. Access policies provide access to resources that are accessible in the production network. In addition, you can access and follow resources. This is used to understand potential theft. In fact suspicious behavior refers to intellectual property or may be another harmful behavior.

The Internet was born in a military and academic environment. In this environment, users are always reliable and work together to make technology mutually beneficial. Therefore, IP and standard IP applications are safe from the start. Today, unsecure IP is still at the heart of Internet operations, with a range of long-term IP services such as:

1. Search Name—DNS Domain Name Service
2. File Transfer—FTP (FTP)
3. Email: SMTP Simple Mail Transfer Protocol (SMTP)
4. Web browsing: Hypertext Transfer Protocol (HTTP)

When the Internet was first developed, the basic technology running on the Internet was more secure than the trust era. However, the Internet has grown tremendously, with millions of people, many of whom are unreliable. Internet crime, corruption, espionage, extortion, etc., are getting bigger and bigger.

Therefore, Internet users must pay attention to managing their data security needs. Various unwelcome people roam the streets of the Internet without protection, so they must have strong defenses, valuable data, and services. Over the years, as the value of data and services on the Internet has grown, so does the current threat and the network industry has developed a range of hardware and security software to address threats for network security in three eras.

1.7.1 Application Layer

1. PGP
2. S / MIME
3. S-HTTP
4. HTTPS
5. SET
6. Kerberos

1.7.1.2 Email/Multipurpose Security (S/MIME)

Expand Multipurpose Internet Mail Extensions/Security Protocol Multipurpose Internet Mail Extensions (MIME) when adding digital signatures and encryption. MIME is communication protocols for transmission of multimedia data, which includes sound, images, and video. The reader must be interested in RFC protocol. MIME returns RFC 1521. Because web content (files), including hyperlinks to other hypertext links, describe the protocol message as MIME, you must state any type of relationship. This is what the MIME server does every time a client requests a web document. When the web server sends the requested file to the client browser, it adds a MIME header to the document and moves it. So, online email consists of following two parts, i.e., the “address” and the “body”. In “address” part, there is information about MIME type and subtype. The MIME type describes the type of file that transfers the content type, such as images, sounds, applications, etc. Subtypes contain certain types of files, such as jpeg/GIF/tiff.

The development of S/MIME is the most lack of security services. Add two encryption elements: Encrypt and Encrypt Digital Encryption S/MIME. It supports three types of encryption algorithms, using common encryption keys for message navigation: Davey–Holman, RSA, and Triple DES. Digital signatures generate summary messages for SHA-1 or MD5 decentralized functions.

1.7.1.3 HTTP Secure (S-HTTP)

Secure HTTP (HTTP S-HTTP) is very simple for web development when developing HTTP. I do not have dynamic graphics. I did not need to encrypt the hard drive at the time. From end to end, it was developed for trading.

As the network becomes more popular in the company, users realize that if HTTP Current still represents the backbone of e-commerce, it needs additional improvements in encryption and graphics.

Each encrypted file of S-HTTP contains a digital certificate. A secure connection between the client and the HTTP server, especially business transactions is done through a various mechanisms to provide security when separating policies from mechanisms. It consists of a two-part HTTP message: the message title and text. This address contains a description of how the message text (browser and server) is processed in the transaction, client, and browser. HTTP negotiation will be used to transfer the actual format of the desired information.

It uses other S-HTTP headers to encrypt digital mail, certificates, and HTTP authentication, and provides instructions about how to decrypt the text of the message.

1.7.1.4 Hypertext Transfer Protocol (HTTPS) in Secure Sockets Layer

Secure Sockets Layer (SSL) uses HTTPS as a subset of HTTP commonly used in the application layer. Also known as a protocol that transfers hypertext documents to HTTPS (HTTPS) or HTTP-based HTTP protocols.

A web protocol named HTTPS developed by Netscape. To encrypt and decrypt requests for user/web pages, it is integrated with the browser software. Port 443 in place of HTTP 80 port uses by the HTTPS protocol to interact with lower layer TCP/IP.

1.7.1.5 Secure E-Commerce (SET)

SET is an encryption protocol developed by companies such as Visa, Microsoft, IBM, RSA, Netscape, and MasterCard. These complex specifications are contained in three books on book introduction, a highly specialized system, and a programmer’s guide, giving three formal instructions to the Convention. The SET sends services for each transaction, i.e. authentication, confidentiality, message integrity, and SET connection. Use public key cryptography and certificate signing to identify everyone involved in the transaction and allow each communication between them to be private.

1.7.1.6 Kerberos

The Kerberos network authentication protocol is designed to allow users, clients, and servers to authenticate each other. Verification process is accomplished by encrypting the keys because some keys are mutually authenticated over an insecure network connection. After verifying identity with the client and Kerberos server, the connection between both the parties can be secure. From this issue, you can communicate between future encryptions to ensure the privacy and integrity of your data.

Client/Server Authentication requirements are as follows,

1. Security: Kerberos is no longer powerful enough to prevent potential spies from seeing it as a weak link.
2. Reliability: The Kerberos server architecture is distributed in large quantities with the support of other servers. This means that the Kerberos system is secure, which means a slight deterioration.
3. Transparency: In addition to providing a password, the user does not know that the HE will be authenticated.
4. Scalability: Kerberos is accepted. It identifies new clients and servers.

To meet above mentioned requirements, the stylist came to Kerberos. It is a trusted external authentication service for arbitration when mutual authentication occurs between the client and the server.

1.7.2 Transport Layer

These protocols are located below the application layer. The SSET unit IETF is measured after the consortium Netscape, and the IETF Engineering. Engineering Working Group IETF is modified by TLS.

1.7.3 Network Layer

1. IP security
2. VPN

Above mentioned protocols are also address Internet communications security issues. These protocols include IPSec and VPN.

1.7.4 Data Link Layer

1. PPP
2. Radio
3. TACACS +

Link layer and LANS security There are several protocols used in the data link layer, such as PPP and RADIO AND TACAS +.

1.8.1 Hardware Development

The development of this device has not developed rapidly. Dynamic systems and smart cards are the only new hardware technologies that have a major impact on security.

The most obvious use of cyber security biometrics is to start recording secure workstations from networked workstations. Each workstation requires some software support to dynamically identify the user and identify some of the biometric devices used. Hardware costs are a cause of widespread use of biometric measurements, especially for companies and institutions that offer low budgets. The next step will be the next device, such as a computer mouse with a built-in fingerprint reader. Because each device requires its own device, deploying it to multiple computers is more expensive. The price of biometric mice and the software they support is about $120 in the United States. UU speech recognition programs are controlled to reduce the cost of implementation per device. At the top of the series, biometric bio packages cost $50,000, but you can manage secure registrations for up to 5,000 devices.

The primary use of biometric network security is to replace existing encryption systems. Keeping passwords safe is an important task even for small businesses. The password must be changed every few months, and people will forget the password or enter the password multiple times to remove the password from the system. People usually type in a password and store it near a computer. Of course, this completely undermines any effort in cyber security. Biometric technology can replace this method for secure identification. By using biometrics to solve this problem, although this is the first time cost-effective, these devices can provide management costs and user assistance.

Smart cards are usually digital electronic media-sized credit cards. The card itself is used to store encryption keys and other authentication and identity information. The main idea behind smart cards is to provide undeniable user identification. From logging in to your network to protect secure network connections and email transactions, smart cards can be used for a variety of purposes.

It seems that the smart card is just a repository for storing passwords. Someone can easily steal someone else’s smart card. Fortunately, smart cards include built-in security features that prevent anyone from using stolen cards. Smart cards require anyone to use a PIN before granting access to any level of the system. It looks like the PIN code used by ATM.

When the user inserts the smart card into the card reader, the smart card user is required to enter the PIN code. When the boss card is sent to the user, the administrator sets a password for the user. Because the PIN number is short and the number is pure, the user must not face any problems in the ticket sales, so it is impossible to write the PIN.

But what is interesting is what happens when the user enters a PIN. The PIN code is verified in the smart card. Since the PIN is not transmitted over the network, there is no risk of intercepting the PIN. However, the main benefit is that if there is no smart card, the PIN is inefficient and the smart card is used without code. There are other security issues with PIN smart cards. Smart cards are profitable, but they are not as secure as biometric devices.

1.8.2 Software Development

Every aspect of the cyber security program is very broad including firewall, anti-virus, VPN, intrusion detection, and so on. It is currently not possible to search all security software. The goal is to achieve the goals of the security plan based on current priorities [17].

Improvements to the standard safety plan remain unchanged. Antivirus software is updated to protect against these threats when new viruses appear. The firewall process is the same as the intrusion detection system. Many of the research papers developed are based on an analysis of attack patterns to create smarter security programs [17].

When a security service enters biometrics, the program also needs to be able to use this information appropriately. Study safety procedures using neural networks. The purpose of this study was to use neural network face recognition software.

Many small and complex devices can connect to the Internet. Most security algorithms are currently highly computational and require a lot of processing power. However, this power is not suitable for small devices such as sensors. Therefore, it is necessary to design a lightweight security algorithm. Research in this area is ongoing.

1. 1. Dowd, P.W. and McHenry, J.T., Network security: It’s time to take it seriously. Computer, 31, 9, 24–28, 1998.
2. 2. Kartalopoulos, S.V., Differentiating Data Security and Network Security, Communications, ICC ‘08. IEEE International Conference on, 19–23, pp. 1469–1473, 2008.
3. 3. Security Overview, www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/security-guide/ch-sgs-ov.html, 2011.
4. 4. Molva, R. and Institut Eurecom, Internet Security Architecture. Computer Networks & ISDN Systems Journal, 31, 787–804, 1999.
5. 5. Sotillo, S. and East Carolina University, IPv6 security issues, www.infos-ecwriters.com/text_resources/pdf/IPv6_SSotillo.pdf, 2006.
6. 6. Andress, J., IPv6: The Next Iinternet Protocol, www.usenix.com/publications/login/2005-04/pdfs/andress0504.pdf, 2005.
7. 7. Warfield, M., Security Implications of IPv6, Internet Security Systems White Paper, documents.iss.net/whitepapers/IPv6.pdf, 2003.
8. 8. Adeyinka, O., Internet Attack Methods and Internet Security Technology, Modeling & Simulation, AICMS 08, Second Asia International Conference on, 13–15, pp. 77–82, 2008.
9. 9. Marin, G.A., Network security basics, Security & Privacy. IEEE, 3, 6, 68–72, 2005.
10. 10. Internet History Timeline, https://www.baylor.edu/cms/index.php?id=93716, 2011.
11. 11. Landwehr, C.E. and Goldschlag, D.M., Security issues in networks with Internet access. Proc. IEEE, 85, 12, 2034–2051, 1997.
12. 12. “Intranet” Wikipedia, The Free Encyclopedia. 23 Jun 2008, 10:43 UTC. Wikimedia Foundation, Inc. <http://en.wikipedia.org/w/index.php?title=Intranet&oldid=221174244>, 2008.
13. 13. Virtual private network. Wikipedia, The Free Encyclopedia. 30 Jun 2008, 19:32 UTC. Wikimedia Foundation, Inc. <http://en.wikipedia.org/w/index.php?title=Virtual_private_network&oldid=222715612>, 2008.
14. 14. Tyson, J., How Virtual private networks work, http://www.howstuffworks.com/vpn.htm, 2014.
15. 15. Al-Salqan, Y.Y., Future trends in Internet security, Distributed Computing Systems, Proceedings of the Sixth IEEE Computer Society Workshop on Future Trends of, 29–31, pp. 216–217, 1997.
16. 16. Curtin, M., Introduction to Network Security, http://www.interhack.net/pubs/network-security, 1997.
17. 17. Improving Security, http://www.cert.org/tech_tips, 2006.
18. 18. Serpanos, D.N. and Voyiatzis, A.G., Secure network design: A layered approach, Autonomous Decentralized System, The 2nd International Workshop on, 6–7, 2002, pp. 95–100, 2002.
19. 19. Ohta, T. and Chikaraishi, T., Network security model, Networks, International Conference on Information Engineering ‘93. ‘Communications and Networks for the Year 2000’, Proceedings of IEEE Singapore International Conference on, 2, 6–11, pp. 507–511, 1993.