IPASJ International Journal of Computer Science (IIJCS)

Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm

A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

Different Type Network Security Threats and

Solutions, A Review
Shilpa Pareek1, Ashutosh Gautam 2 and Ratul Dey3
1
Dept of Computer Science and Engineering
University of Engineering & Management,Jaipur, Rajasthan 303807, India
2
Dept of Computer Science and Engineering
University of Engineering & Management, Jaipur, Rajasthan 303807, India
3
Dept of Computer Science and Engineering
University of Engineering & Management, Jaipur, Rajasthan 303807, India

ABSTRACT
Network security is one of the tough job because none of the routing protocol cant fully secure the path. For any
network there are few malicious node that can be make problem total network path also some time few nodes are
overloaded to transfer large scale of data packet. This paper illustrated few existing secured routing protocols to
identify how to recover this malicious node from the network and find out a secure data path.
Keywords: Attack, Malicious node, Secure Path

1. INTRODUCTION
The art of war teaches us to rely not on the likelihood of the enemys not coming, but on our own readiness to
receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.
Network security is a complicated subject. However, as more and more persons become ``wired'', an increasing number
of persons need to understand the basics of security in a networked world.

It is likely that these workstations may not be centrally managed, nor would they have perimeter protection. They
may have some variety of operating systems, hardware, software, and different protocols, with different level of cyber
awareness among users of all over world. Now imagine, these thousands of workstations from all over world are
directly connected to company network from the Internet. This sort of unsecured network becomes a target for an attack
which holds and change valuable information and displays vulnerabilities.

Network security starts from authenticating any user most likely as username and a password. Once authenticated, a
firewall enforces access policies such as what services are allowed to be accessed by the users. Though effective to
prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or
Trojans being transmitted over the network. Antivirus software or an intrusion prevention system (IPS) helps to detect
and inhibit the action of such malware. An anomaly based intrusion detection system may also monitor the network
like wires traffic and may be logged for audit purposes and for later high level analysis. Communication between two
host using a network may be encrypted to maintain the privacy. With the development of large open networks, security
threats are increased significantly within 20 years. So to get secure access from these threats preventions should be
taken before hand. However instead of closing the network from outside world there are some alternative solutions for
these network attacks.

Volume 5, Issue 4, April 2017 Page 1

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

Fig. 1 Security Model

2. DIFFERENT TYPES OF ATTACK

If you do not have a security plan in place then your networks and data are vulnerable to any of the following types of
attacks because without security controls and measure in place, your data might be subjected to an attack. Attacks will
be passive or active, passive meaning information is monitored and others are active meaning the information is altered
with intent to corrupt or destroy some data or the network itself.
In general we send the data in plain text that is an unsecured way, which allows an attacker(want to access our
information) who has gained access to data paths in your network to "listen in" or interpret (read) the traffic. When an
attacker is eavesdropping on your communications, it is referred to as sniffing (Data modification) or snooping (IP
Address snooping).
There are many types of attack:
Passive Attack
Passive Attack attempts to make or learn use of information from the system from some outer persons but does not
affect system resources. That means attacker can get the system information but cant access system resources .Passive
attacks are in the nature of eavesdropping on, or monitoring of transmissions. The goal of the opponent is to obtain
information that is being transmitted from one end to another end.
There are 2 types of passive attacks they are

Fig.2.1 Release of Message Contents Fig.2.2 Traffic analysis

It is very difficult to detect a passive attack because there is no type of data alteration. Typically, in passive the message
traffic is not sent and received in an apparently normal fashion and the sender and receiver is not aware that a third
party has read the messages or observed the traffic pattern used by transmission media.
However, it is possible to prevent the success of these type of attacks, usually by using encryption. Thus the emphasis in
dealing with passive attacks is on prevention rather than detection.

Active Attack
Active attacks involve some modification and alteration of the data stream or the creation of a false data stream and can
be subdivided into four categories:

A. Masquerade: It takes place when one entity pretends to be a different entity.

Volume 5, Issue 4, April 2017 Page 2

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

In this part authentication sequences can be captured and replayed again and again when a valid authentication
sequences has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by
interpersonating an entity that has those privileges.

Fig 3.1 Masquerade Massage

B. Replay: Involves the passive capture of a data stream and its subsequent retransmission to produce an unauthorized
effect by third party.

Fig 3.2 Replay Massage

C. Modification of Messages: The some part of a legitimate message or a data stream is altered or that messages are
delayed or reordered, to produce an unauthorized effect at that time or in future.

Suppose a message meaning Allow Fred Smith to read confidential file accounts details is modified to mean
Allow John Smith to read the confidential file accounts.

Fig 3.3 Modification of Messages

3) Distributed Attack
A distributed attack requires that the adversary introduce code, such as a back-door program or Trojan horse, to
trusted software that will later be distributed to many other companies and users of those companies. Distribution
attacks focus on the malicious modification alteration of hardware or software at the factory or time of distribution.
These attacks introduce malicious code such as a back door to a product to gain unauthorized access to information or

Volume 5, Issue 4, April 2017 Page 3

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

to a system function at a later date.

Fig.4 Distributed Attack

4) Insider Attack
An insider attack involves someone from the inside, such as an authorize employee, attacking the network Insider
attacks can be malicious or no malicious. An insider attack is a malicious attack perpetrated on a network or computer
system by a person with authorized system access. Insiders that perform attacks (insiders attacks) have a distinct
advantage over external attackers because they have authentications to system access and also may be familiar with
network architecture and system policies and procedures. In addition, there may be less security against insiders (that
perform attack) because many organizations focus on protection from external attacks and cant focus on insider
attackers.
An insider attack is also known as an insider threat.

5) Close in Attack
A close-in attack involves someone attempting to get physically close to network data, components, and systems in
order to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity to
networks, systems, or facilities for the purpose of gathering and modifying or denying access to information. Close
physical proximity is achieved through surreptitious entry into the network, open access, or both. In other word into
Close in attack a attackers are physically closed to the target system and take advantages with physical closed by
retrieved the useful informations like password and security code etc.
One popular form of close in attack is social engineering in a social engineering attacks, the attacker compromises the
network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be
used by the individual to revealing information about the security of company. The information that the victim reveals
to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.

6) Phishing Attack
A phishing attack is popular at this time in this attack the hacker creates a fake web site (to communicate the people)
that looks exactly like a popular site such as the SBBJ bank, Pay TM or PayPal. The phishing part of the attack is that
the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the
user attempts to sign up with their Personal information and account information, the hacker records the
username/user_id and password and then tries that information on the real site.
When you access internet on that time you get some message its say for clicking on a particular link an then ask for
your email id and password once you entered your id password then it is automatically save your information and then
use it on your behalf.

Volume 5, Issue 4, April 2017 Page 4

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

Fig.5 Phishing Attack

7) Hijack Attack
In hijack attack a hacker takes over a session (Hijack session) between innocent user and server individual and
disconnects the other individual from the communication. Innocent user still believes that he/she are talking to the
original party and may send some private information to the hacker by accident.

Fig.6 Session Attack

8) Spoof Attack
In a spoof attack, the hacker modifies/change the source IP address of the packets (sanded by the sander) so that they
appear to be coming from someone else, and receiver thought that packets coming from actual source address. This
may be an attempt to bypass your firewall rules.

Fig.7 Spoof Attack

Volume 5, Issue 4, April 2017 Page 5

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

9) Buffer Overflow
Buffer overflow are same as stack overflow, a buffer overflow attack accrues when the attacker sends more data to an
application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to
the system in a command prompt or shell.

10) Exploit attack

Meaning of exploit is Using something to ones own advantage, An Exploit is a piece of software and sequence of
some command or chunk of data, In this type of attack, the attacker knows of actually security problem within an
operating system or a piece of software and leverages that knowledge by exploiting the vulnerability in order to occurs
on computer hardware and software or something electronics that is usually computerized. Some things are frequently
includes into it like gaining control of computer system and allowing privilege escalation and denial of service related
attack.

Fig.8 Exploit Attack

11) Password Attack

An attacker tries to crack the passwords stored in a network account database or a password: protected file. There are
three major types of password attacks: a dictionary attack, a brute: force attack, and a hybrid attack. A dictionary attack
uses a word list file, which is a list of potential passwords. A brute: force attack is when the attacker tries every possible
combination characters.

Fig.9 Password Attack

Volume 5, Issue 4, April 2017 Page 6

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

12) Denial of Service Attack

Denial of service (DOS)attack, a type of attack on a network that is designed to bring the network to its knees by
flooding it with useless traffic. In computing network denial of service attack is an attempt to make a machine or
network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services
of a host connected to the internet. DOS Attack can be initiated in many ways: 1)transmission failure 2)traffic
redirection 3)DNS attack 4)Connection flooding.

Fig.10 Denial of Service Attack

3. Trust Oriented Secured Routing Protocols:

Choi et al.(WAP-Wormhole Attack Prevention) [4] have presented a protocol which not only detects the fake route, but
also adopts preventive measures against action wormhole nodes from reappearing during the route discovery phase.
This has been achieved through the use of the neighbour node monitoring method of each node and wormhole route
detection method of the source node on the selected route. This mechanism is implemented based on the DSR protocol.
The advantage is it can mitigate wormhole attack and has no hardware requirement. The disadvantage is, it cannot
mitigate other attacks and has high overhead.
Jain and Jain [5] have presented a trust-based model which based on identifying and isolating nodes that create a
wormhole in the network without engaging any cryptographic means. In this method, trust levels are derived in
neighboring nodes based upon their sincerity in execution of the routing protocol. This derived trust is then used to
influence the routing decisions, which in turn guides a node to avoid communication through the wormholes. The
advantage is that packet dropping is reduced without the use of any cryptography mechanism. The disadvantage is, it
cannot mitigate blackmail.
Saha. et.al: In a mobile ad hoc network, all the nodes cooperate with each other to forward the packets in the network,
and hence each node is effectively a router. The process of forwarding network traffic from source to destination is
termed as routing. Consider, the scenario in Fig. 11,if node S sends data to node D, which is three hops away, the data
traffic will get to its destination only if A and B forward it.

Fig. 11 Routing in MANET

Volume 5, Issue 4, April 2017 Page 7

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

Traditional link-state and distance-vector approaches do not scale well in large and dense MANET. A number of
routing protocols have been proposed to address the problems associated with the link-state and distance-vector
approaches in MANET. These protocols can be classified into three different groups reactive (or on-demand), proactive
(or table-driven) and hybrid. Reactive protocols obtain the necessary route when it is required, by using route discovery
process. In proactive protocols, nodes periodically exchange information to maintain up-to-date routing information.
Hybrid routing protocols combine basic properties of both approaches. The process of forwarding network traffic from
source to destination, such that data traffic is not hampered by active and passive attacks [6], is called secure routing.

Hu et al.(Leash Mechanism)[8] have presented a mechanism called packet leashes for detecting and defending against
wormhole attacks. It uses two types of packet leashes, geographical leashes and temporal leashes. Geographical leashes
require a node to know its own geographical location and all nodes must have loosely synchronized clocks, whereas
temporal leashes require all nodes to have tightly synchronized clocks. The leash mechanisms add necessary fields to a
packet, for example the time the packet was sent and the senders geographical location, which allows the receivers to
discover whether a node is in its transmission range or not. The advantage is that it uses location and synchronized
clocks, but this demands extra hardware which is a disadvantage.

Yu et al.[10] have presented a scheme that is secure against Byzantine attacks, and even works in adversarial
environments. The trustworthiness on a node (say) nby another node (say) x is measured as the probability that n will
perform a particular action expected by x, and is denoted as Tx(n), irrespective of the ability to monitor or control n.
The trustworthiness can be evaluated by x in terms of its knowledge accumulated during a specific operation period by
using weighted average over the trust on each category of actions, including route request, route reply, route error, and
data transmission. The advantage is that it can effectively combat byzantine attack. But the disadvantage is that the
overhead incurred is high and the battery consumption is not considered.

Chhabra et al. [14] proposed a protocol to prevent and handle Distributed Denial of Service (DDoS) attacks in the
networks as early as possible and before reaching the victim. Dealing with DDoS attacks is difficult due to their
properties such as dynamic attack rates, various kinds of targets, big scale of botnet, etc. Therefore, it is better to
prevent the distributed denial of service attack rather than allowing it to occur and then taking the necessary steps to
handle it. The advantage is that, after the victim node is removed from all the network tables, the paths through which
this node sends packets are traced and those broadcast ids are nullified. The disadvantage is that it cannot mitigate
other attacks.

4. Conclusion: From the above discussions, it is clear that existing network protocols are not sufficient to eliminate
the malicious nodes which causes the dropping of packets in network system and as a result there are severe problems
in the communication through networks. Most of the protocols are more specifically focused on mitigating certain
attacks, while others show a drop in performance, pertaining to packet delivery fraction, normalized routing load and
end to end delay. Besides we have seen that some of the protocols fail to judge the energy consumption of the nodes
present in trustworthy route. Analysis shows that making a protocol more secured, we have to make other QoS
parameters compromised, implying a requirement of trade off. In the above work, we have distributed the secured
protocols indifferent parts with specific cause and reasons.

References
[1] A. Kundu, R. Misra, A. Kar, S. Debchoudhury, S. Pareek, S. Nayak, R. Dey On Demand Secure Routing
Protocol Using Convex-Hull & K-Mean Approach In Manet in proc. of 7th International Conference and
Workshop on Computing and Communication (UEMCON -2016), New York City, USA.,IEEE Xplore Digital
Library, October 2016, pp. 1-5.
[2] R. Dey, H. N. Saha, Different Routing Threats and its Mitigations Schemes for Mobile ad-hoc Networks
(MANETs) A Review, IPASJ International Journal of Electronics & Communication (IIJEC) Vol.4 No.3
pp.27-34, March2016
[3] R. Dey, H. N. Saha, Secure Routing Protocols For Mobile Ad-Hoc Network (Manets) A Review International
Journal of Emerging Trends & Technology in Computer Science (IJETTCS) Vol.5, No. 1, pp74-79, February
2016,

Volume 5, Issue 4, April 2017 Page 8

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992

[4] S. Choi, D. Y. Kim, D.Y. Lee and J.I.Jung. Attack Prevention Algorithm in Mobile Ad Hoc Networks,in porc.
of IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, June 2008, pp
343-348.
[5] S. Jain and S. Jain, Detection and prevention of wormhole attack in mobile adhoc networks International
Journal of Computer Theory and Engineering, vol.2, no.1, February 2010.
[6] H. N. Saha, D. Bhattacharyya, P. K. Banerjee, A. Bhattacharyya , A. Banerjee and D.Bose, Study of Different
Attacks in MANET with its Detection & Mitigation Schemes, International Journal of Advanced Engineering
Technology (IJAET), vol. 3, no. 1, pp.383-389, January 2012.
[7] H. N. Saha, D. Bhattacharyya, B. Banerjee,S. Mukherjee, R. Singh and D. Ghosh, A Review On Attacks And
Secure Routing Protocols In Manet, International Journal of Innovative Research and Review (JIRR), vol. 1,
no. 2, pp.12-36 December 2013.
[8] Y. C. Hu, A. Perrig and D. Johnson,Packet leashes: a defense against wormhole attacks in wireless networks, in
proc. of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies,vol.3, April
2003,pp.19761986.
[9] M. Yu, M. Zhouand W and Su, A Secure Routing Protocol Against Byzantine Attacks for MANET in
Adversarial Environments, Ieee Transactions on Vehicular Technology, vol. 58, no. 1, pp.449-460, January
2009.
[10] S. Choi, D. Y. Kim, D.Y. Lee and J.I.Jung. Attack Prevention Algorithm in Mobile Ad Hoc Networks,in porc.
of IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, June 2008, pp
343-348.
[11] P. Jaiswal and R. Kumar, Prevention of Black Hole Attack in MANET, International Journal of Computer
Networks and Wireless Communications (IJCNWC), vol.2, no5, October 2012.
[12] K. Gupta, M. Gujral and Nidhi, Secure Detection Technique Against Blackhole Attack For Zone Routing
Protocol in MANET, International Journal of Application or Innovation in Engineering & Management
(IJAIEM),vol.2, no. 6, pp.444-448, June 2013.
[13] M. Gajera and S. K. Sowmya, Prevention of Black Hole Attack in Secure Routing Protocol, International
Journal of Science and Research (IJSR), vol. 2 no. 6, pp 221-224, June 2013.
[14] M. Chhabra, B. Gupta and A. Almomani, A Novel Solution to Handle DDOS Attack in MANET, Journal of
Information Security, pp.165-179, June 2013.
[15] A. Jain, A. Jain and P. K. Sagar," Various Security Attacks and Trust Based Security Architecture for MANET,"
Global journal of Computer Science and Technology, vol.10, no. 14, pp 32-36, November 2010.
[16] B. Wu, C. Jianmin and J. Wu, M. Cardei, "A Survey on Attacks and Countermeasures in Mobile Ad Hoc
Networks,"wireless/mobile network security, Springer,Part II, pp.103-135, 2007.
[17] I. Ullah and S. U. Rahaman, Analysis of Black Hole Attack on MANET Using Different MANET Routing
Protocols, in Master Thesis Electrical Engineering Thesis no: MEE 10:62, June 2010.
[18] K. Vishnu and A. J. Paul, Detection and removal of Cooperative Black/Gray hole attack in Mobile Adhoc
Networks International Journal of Computer Application (IJCA), vol.1, no.22 January 2010.
[19] V. Mahajan and M. Natu,A. Sethi, Analysis of wormhole intrusion attacks in MANET. In proc. of IEEE
Military Communications Conference (MILCOM), November 2008, pp. 1-7.
[20] A. Kaur and D. S. Wadhwa "Effects of Jelly Fish Attack on Mobile Ad-Hoc Networks Routing Protocols,"
International Journal of Engineering Research and Applications, vol. 3, no 5, pp.1694-1700, Octobor 2013.
[21] K. Konate and A. Gaye, A Proposal Mechanism Againstthe Attacks: Cooperative Blackhole, Blackmail,
Overflow and Selfish in Routing Protocol of Mobile AdHoc Network, International Journal of Future
Generation Communication and Networking. vol.4, no. 2, pp.69-80, 2011.
[22] H. P. Singh, V. P. Singh and R. Singh, Cooperative Blackhole/ Grayhole Attack Detection and Prevention in
Mobile Ad hoc Network: A Review, International Journal of Computer Application (IJCA), vol.64, no 3, pp.16-
22, 2013.

Volume 5, Issue 4, April 2017 Page 9

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 4, April 2017 ISSN 2321-5992
AUTHOR
Shilpa Pareek received the B.C.A. degree from Biyani Girl College, Jaipur Rajasthan in 2010 and M.C.A. degree From
Rajasthan Technical University in 2013 and Pursuing M.Tech in Computer Science Engineering from University of
Engineering and Management, Jaipur (2015-2017).During 2015 to present; she stayed in University of Engineering &
Management, Jaipur Rajasthan. She now with University of Engineering & Management, Jaipur Rajasthan.

Ashutosh Gautam received the B.C.A degrees in computer application from University of Rajasthan and M.C.A degrees
in Computer Application from Rajasthan Technical University in 2010 and 2013, respectively. During 2015 to present,
he stayed in University of Engineering & Management, Jaipur Rajasthan. He now with University of Engineering &
Management, Jaipur Rajasthan.

Ratul Dey has completed his Bachelor of Technology from West Bengal University of Technology, India on Computer
Science & Engineering from CSET and completed Master of Technology form West Bengal University of Technology,
India on Computer Science & Engineering from Institute of Engineering & Management, Kolkata. He is now with
University of Engineering & Management, Jaipur, India. His area of interests is Wireless sensor networks, Data Mining,
Image Processing.

Volume 5, Issue 4, April 2017 Page 10