Industrial cyber security


#1

Securing the modern industrial network and IT infrastructure requires a comprehensive approach and a firm understanding of the vulnerabilities and associated protective measures. Network security originally focused on algorithmic aspects such as encryption and hashing techniques.

Security problem becomes one of the main problems for computer network and internet developing. There is always fault management, fault software, abuse of resources connecting to computer networks. These are the main reasons which cause security problems for a Network

Technique that is used a secure network:

  • Attack Recognition: Find out the common attacks, such as spoofing, man-in-the-middle (distributed) denial of service, buffer overflow, etc.

  • Encryption techniques: Understand the techniques to guarantee the confidentiality, authenticity, integrity and non-repudiation of the data transfer. These must be understood in a protocol and at least partially on a mathematical or algorithmic level, to select and implement the algorithm that matches the needs of the organization.

  • Network Security Architecture: Configure a network with security appliances and software, such as placement of firewalls, Intrusion Detection Systems, and log management.

  • Protocol analysis: Recognize normal from abnormal protocol sequences, using sniffers. Protocols minimally include: IP, ARP, ICMP, TCP, UDP, HTTP, and encryption protocols: SSH, SSL, IPSec.

  • Access Control Lists (ACLs): Configure and audit routers and firewalls to filter packets accurately and efficiently, discarding, passing or protecting (via VPN) packets based on their IP and/or port addresses, and status.

  • Intrusion Detection/Prevention Systems (IDS/IPS): Set and test rules to recognize and report attacks in a timely manner.

  • Application Software Protection: Schedule and test secure software to avoid backdoor entry by SQL injection, buffer overflow, etc.

  • Incident response: Respond to an attack by escalating attention, collecting evidence, and performing computer forensics. The last three skills incorporate computer systems security since they are required to counteract internet hacking.
    Network security applies business decisions in a technical manner.

  • Security Evaluation: Use risk analysis to determine what should be protected and at what cost.

  • Security Planning: Prepare a security plan, including security policies and procedures.

Firewall:

Firewalls are used to protect the network boundary. A firewall is a mechanism by which a controlled barrier is used to control network traffic into AND out of an organizational intranet. Firewalls are basically application specific routers.

They run on dedicated embedded systems such as an internet appliance or they can be software programs running on a general server platform. There are firewalls such as Filtering firewall and Router Firewall.

Filtering Firewall: filters traffic based on rules that a system administrator creates and manages.

Router Firewall: It could be said that this firewall architecture does not have firewall devices. Instead, a simple router joins two networks. However, due to packet forwarding that looks at the source of the IP address, it avoids something known as IP Spoofing.