<a href="https://colab.research.google.com/github/guilhermelaviola/CybersecurityProblemSolvingWithDataScience/blob/main/Class10.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# **Network Security**
Network security is a multifaceted discipline focused on protecting networked systems, devices, and data from unauthorized access and cyber threats while ensuring confidentiality, integrity, and availability. It relies on security controls such as firewalls, IDS/IPS, VPNs, and encryption protocols like IPsec, SSL/TLS, and SSH to safeguard communications and monitor malicious activity. Wireless security best practices, regular updates, and traffic analysis tools further enhance protection by identifying vulnerabilities and performance issues. An effective incident response plan is essential for detecting, responding to, and recovering from security incidents. Overall, maintaining strong network security requires continuous monitoring, layered defenses, and staying current with evolving threats and best practices.

In [3]:
# Importing all the necessary libraries and resources:
import time
from cryptography.fernet import Fernet

## **Network Traffic Monitor & Incident Detection**
The example below demonstrates a basic network security concepts such as traffic monitoring, intrusion detection, and incident response.

In [4]:
# Simulated network traffic logs:
network_traffic = [
    {'ip': '192.168.1.10', 'port': 22, 'status': 'normal'},
    {'ip': '192.168.1.15', 'port': 443, 'status': 'normal'},
    {'ip': '10.0.0.5', 'port': 22, 'status': 'suspicious'},
    {'ip': '203.0.113.45', 'port': 23, 'status': 'malicious'},
]

# Security controls configuration:
BLOCKED_PORTS = [23]  # Telnet (insecure)
ALERT_STATUSES = ['suspicious', 'malicious']

def monitor_traffic(traffic):
    print('üîç Monitoring network traffic...\n')
    for packet in traffic:
        analyze_packet(packet)
        time.sleep(1)

def analyze_packet(packet):
    ip = packet['ip']
    port = packet['port']
    status = packet['status']

    print(f'Traffic from {ip} on port {port}')

    # IDS/IPS logic
    if port in BLOCKED_PORTS or status in ALERT_STATUSES:
        trigger_incident_response(ip, port, status)
    else:
        print('‚úÖ Traffic allowed\n')

def trigger_incident_response(ip, port, status):
    print('üö® SECURITY ALERT üö®')
    print(f'Source IP: {ip}')
    print(f'Port: {port}')
    print(f'Threat Level: {status}')
    print('Action: Connection blocked, incident logged\n')

# Running the simulation:
monitor_traffic(network_traffic)

üîç Monitoring network traffic...

Traffic from 192.168.1.10 on port 22
‚úÖ Traffic allowed

Traffic from 192.168.1.15 on port 443
‚úÖ Traffic allowed

Traffic from 10.0.0.5 on port 22
üö® SECURITY ALERT üö®
Source IP: 10.0.0.5
Port: 22
Threat Level: suspicious
Action: Connection blocked, incident logged

Traffic from 203.0.113.45 on port 23
üö® SECURITY ALERT üö®
Source IP: 203.0.113.45
Port: 23
Threat Level: malicious
Action: Connection blocked, incident logged



## **Secure Data Transmission Using Encryption**
The following example demonstrates how network security uses encryption to protect data before transmission and verifies integrity upon receipt.

In [5]:
# Generating a symmetric encryption key, similar concept to TLS session keys:
key = Fernet.generate_key()
cipher = Fernet(key)

# The sender encrypts data before transmission:
def send_secure_message(message):
    encrypted_message = cipher.encrypt(message.encode())
    print('üîê Encrypted Message Sent:')
    print(encrypted_message)
    return encrypted_message

# The receiver decrypts and verifies message integrity:
def receive_secure_message(encrypted_message):
    try:
        decrypted_message = cipher.decrypt(encrypted_message)
        print('\n‚úÖ Message Successfully Decrypted:')
        print(decrypted_message.decode())
    except Exception:
        print('\nüö® Integrity Check Failed! Possible tampering detected.')

# Simulated secure communication:
original_message = 'Network security ensures confidentiality, integrity, and availability.'
encrypted_data = send_secure_message(original_message)
receive_secure_message(encrypted_data)

üîê Encrypted Message Sent:
b'gAAAAABpQEKdJNtsI-aTIMXwGU-gu_iVoGr3hMZUDQggPEyvZmw43dROZzuJ9_cXlijLg6YTgH6RrvmvYn6PN8tNxcFry3BgoCbRYW2VaGCHacpNrbAuiJj6YWVDRYa56ZZM9zogX5Q-h9bEuaFp0kMv7fk1gYcRnzIwL8ZhbYE63QpNQa860bw='

‚úÖ Message Successfully Decrypted:
Network security ensures confidentiality, integrity, and availability.
