Spelling suggestions: "subject:"networksecurity"" "subject:"keyword:security""
51 |
Um sistema para análise ativa de comportamento de firewall. / A system for active analysis of firewall behavior.Ákio Nogueira Barbosa 23 October 2006 (has links)
Devido à importância dos firewalls para proteção de redes de computadores, muito se estuda no sentido do aprimoramento das técnicas de proteção e no desenvolvimento de novas técnicas para serem utilizadas na análise destes. Com enfoque neste tema, esta dissertação trata a respeito da viabilidade da técnica de injeção de pacotes e observação dos resultados para analisar o comportamento de firewalls de rede para a pilha TCP/IP, resultando em uma técnica alternativa para análise de firewalls. Para mostrar a validade da técnica foi proposta uma arquitetura e, como prova de conceito, foi implementado um protótipo do sistema de análise. Foram também efetuados alguns testes. A técnica de injeção de pacotes e observação dos resultados mostrou-se viável para algumas situações. Para outras, são necessárias estudos adicionais para redução da explosão combinatória. / Due to the importance of the firewalls for protection of network computers, a lot of studies has been done in order of the improvement of the protection techniques and in the development of new techniques to be used in the analysis of them. With focus in this theme, this thesis considers the viability of the technique of injection of packages and observation of the results to analyze the behavior of network firewalls for stack TCP/IP, resulting in an alternative technique for analysis of firewalls. To show the validity of the technique an architecture was proposed and, as a concept proof, a prototype of the analysis system was implemented. Also was implemented some tests. The technique of injection of packages and observation of the results reveled viable for some situations. For others, addictionals studies are necessary for reduction of the combinatory explosion.
|
52 |
Develop a Secure Network – A Case StudyRayapati, Habeeb January 2010 (has links)
<p>In recent years, so many networks are being built and some of the organizations are able to provide security to their networks. The performance of a network depends on the amount of security implemented on the network without compromising the network capabilities. For building a secure network, administrators should know all the possible attacks and their mitigation techniques and should perform risk analysis to find the risks involved in designing the network. And they must also know how to design security policies for implement the network and to educate the employees, to protect the organization’s information. The goal behind this case-study is to build a campus network which can sustain from reconnaissance attacks.</p><p>This thesis describes all the network attacks and explores their mitigation techniques. This will help an administrator to be prepared for the coming attacks. This thesis explains how to perform risk analysis and the two different ways to perform risk analysis. It also describes the importance of security policies and how security policies are designed in real world.</p>
|
53 |
A Survey, Taxonomy, and Analysis of Network Security Visualization TechniquesKasemsri, Rawiroj Robert 12 January 2006 (has links)
Network security visualization is a relatively new field and is quickly gaining momentum. Network security visualization allows the display and projection of the network or system data, in hope to efficiently monitor and protect the system from any intrusions or possible attacks. Intrusions and attacks are constantly continuing to increase in number, size, and complexity. Textually reading through log files or other textual sources is currently insufficient to secure a network or system. Using graphical visualization, security information is presented visually, and not only by text. Without network security visualization, reading through log files or other textual sources is an endless and aggravating task for network security analysts. Visualization provides a method of displaying large volume of information in a relatively small space. It also makes patterns easier to detect, recognize, and analyze. This can help security experts to detect problems that may otherwise be missed in reading text based log files. Network security visualization has become an active research field in the past six years and a large number of visualization techniques have been proposed. A comprehensive analysis of the existing techniques is needed to help network security designers make informed decisions about the appropriate visualization techniques under various circumstances. Moreover, a taxonomy of the existing visualization techniques is needed to classify the existing network security visualization techniques and present a high level overview of the field. In this thesis, the author surveyed the field of network security visualization. Specifically, the author analyzed the network security visualization techniques from the perspective of data model, visual primitives, security analysis tasks, user interaction, and other design issues. Various statistics were generated from the literatures. Based on this analysis, the author has attempted to generate useful guidelines and principles for designing effective network security visualization techniques. The author also proposed a taxonomy for the security visualization techniques. To the author’s knowledge, this is the first attempt to generate a taxonomy for network security visualization. Finally, the author evaluated the existing network security visualization techniques and discussed their characteristics and limitations. For future research, the author also discussed some open research problems in this field. This research is a step towards a thorough analysis of the problem space and the solution space in network security visualization.
|
54 |
Embedded network firewall on FPGAAjami, Raouf 22 November 2010
The Internet has profoundly changed todays human being life. A variety of information and online services are offered by various companies and organizations via the Internet. Although these services have substantially improved the quality
of life, at the same time they have brought new challenges and difficulties. The information security can be easily tampered by many threats from attackers for different purposes. A catastrophe event can happen when a computer or a computer network is exposed to the Internet without any security protection and an attacker
can compromise the computer or the network resources for destructive intention.<p>
The security issues can be mitigated by setting up a firewall between the inside network and the outside world. A firewall is a software or hardware network device used to enforce the security policy to the inbound and outbound network traffic, either installed on a single host or a network gateway. A packet filtering firewall controls the header field in each network data packet based on its configuration and
permits or denies the data passing thorough the network.<p>
The objective of this thesis is to design a highly customizable hardware packet filtering firewall to be embedded on a network gateway. This firewall has the ability to process the data packets based on: source and destination TCP/UDP port number, source and destination IP address range, source MAC address and combination of source IP address and destination port number. It is capable of accepting configuration changes in real time. An Altera FPGA platform has been used for implementing and evaluating the network firewall.
|
55 |
Evaluate Security on the Internet CafeAkinola, Azeez Paul, Zhang, Chong January 2013 (has links)
Internet security (Network security) is a big topic that is very important in our society communication system, but it is extremely dynamic and wide in scope. This is the reason that many companies and organizations invest heavily in a dedicated infrastructure security and highly trained specialists.The aim of security monitoring and preventing the network from cyber threats requires vigilance over the network equipment. The case study of this thesis is to provide the possible solution to the problems encountered by the namely network users such as: Internet Game Center (Centrum Halmstad, Sweden) and, the Blueville Internet Cafe (Ede, Nigeria).Our research and information collected over the telephone and a visit at the nearest office. We concluded that both companies mentioned above experienced similar cyber threats. The two companies have internal and external threats such as accessing the network via ssh by using it brute force attack, network war-driver, the installation of spyware, password sniffer, viruses, SQL injection and PHP attacks (web attacks) on the networks. The cyber threats virus and spyware are among the big internet threat to users, organization and companies.We carry out experiments in the lab to tests for threats such as brute force (ssh) attack, password sniffer and war-driver in the Wireless environment. From the results, we are able to the select WPA2 using 802.1x as the best possible way to limit and reduce the strength of cyber-attacks, and as a suggested solution to the namely café problems in our report. We also list different suggestion and solution to the cyber café attacks from our research papers and information gathers from different sources such as library, internet, seminar and textbooks.
|
56 |
Embedded network firewall on FPGAAjami, Raouf 22 November 2010 (has links)
The Internet has profoundly changed todays human being life. A variety of information and online services are offered by various companies and organizations via the Internet. Although these services have substantially improved the quality
of life, at the same time they have brought new challenges and difficulties. The information security can be easily tampered by many threats from attackers for different purposes. A catastrophe event can happen when a computer or a computer network is exposed to the Internet without any security protection and an attacker
can compromise the computer or the network resources for destructive intention.<p>
The security issues can be mitigated by setting up a firewall between the inside network and the outside world. A firewall is a software or hardware network device used to enforce the security policy to the inbound and outbound network traffic, either installed on a single host or a network gateway. A packet filtering firewall controls the header field in each network data packet based on its configuration and
permits or denies the data passing thorough the network.<p>
The objective of this thesis is to design a highly customizable hardware packet filtering firewall to be embedded on a network gateway. This firewall has the ability to process the data packets based on: source and destination TCP/UDP port number, source and destination IP address range, source MAC address and combination of source IP address and destination port number. It is capable of accepting configuration changes in real time. An Altera FPGA platform has been used for implementing and evaluating the network firewall.
|
57 |
Modeling and Defending Against Internet Worm AttacksChen, Zesheng 09 April 2007 (has links)
As computer and communication networks become prevalent, the Internet has been a battlefield for attackers and defenders. One of the most powerful weapons for attackers is the Internet worm. Specifically, a worm attacks vulnerable computer systems and employs self-propagating methods to flood the Internet rapidly. The objective of this research is to characterize worm attack behaviors, analyze Internet vulnerabilities, and develop effective countermeasures. More specifically, some fundamental factors that enable a worm to be designed with advanced scanning methods are presented and investigated through mathematical modeling, simulations, and real measurements.
First, one factor is an uneven vulnerable-host distribution that leads to an optimal scanning method called importance scanning. Such a new method is developed from and named after importance sampling in statistics and enables a worm to spread much faster than both random and routable scanning. The information of vulnerable-host distributions, however, may not be known before a worm is released. To overcome this, worms using two sub-optimal methods are then investigated. One is a self-learning worm that can accurately estimate the underlying vulnerable-host distribution while propagating. The other is a localized-scanning worm that has been exploited by Code Red II and Nimda worms. The optimal localized scanning and three variants of localized scanning are also studied. To fight against importance-scanning, self-learning, and localized-scanning worms, defenders should scatter applications uniformly in the entire IP-address space from the viewpoint of game theory. Next, a new metric, referred to as the non-uniformity factor, is presented to quantify both the unevenness of a vulnerable-host distribution and the spreading ability of network-aware worms. This metric is essentially the Renyi information entropy and better characterizes the non-uniformity of a distribution than the Shannon entropy. Finally, another fundamental factor is topology information that enables topological-scanning worms. The spreading dynamics of topological-scanning worms are modeled through a spatial-temporal random process and simulated with both real and synthesized topologies.
|
58 |
Management and Control of Scalable and Resilient Next-Generation Optical NetworksLiu, Guanglei 10 January 2007 (has links)
Two research topics in next-generation optical networks with wavelength-division multiplexing (WDM) technologies were investigated: (1) scalability of network management and control, and (2) resilience/reliability of networks upon faults and attacks.
In scalable network management, the scalability of management information for inter-domain light-path assessment was studied. The light-path assessment was formulated as a decision problem based on decision theory and probabilistic graphical models. It was found that partial information available can provide the desired performance, i.e., a small percentage of erroneous decisions can be traded off to achieve a large saving in the amount of management information.
In network resilience under malicious attacks, the resilience of all-optical networks under in-band crosstalk attacks was investigated with probabilistic graphical models. Graphical models provide an explicit view of the spatial dependencies in attack propagation, as well as computationally efficient approaches, e.g., sum-product algorithm, for studying network resilience. With the proposed cross-layer model of attack propagation, key factors that affect the resilience of the network from the physical layer and the network layer were identified. In addition, analytical results on network resilience were obtained for typical topologies including ring, star, and mesh-torus networks.
In network performance upon failures, traffic-based network reliability was systematically studied. First a uniform deterministic traffic at the network layer was adopted to analyze the impacts of network topology, failure dependency, and failure protection on network reliability. Then a random network layer traffic model with Poisson arrivals was applied to further investigate the effect of network layer traffic distributions on network reliability. Finally, asymptotic results of network reliability metrics with respect to arrival rate were obtained for typical network topologies under heavy load regime.
The main contributions of the thesis include: (1) fundamental understandings of scalable management and resilience of next-generation optical networks with WDM technologies; and (2) the innovative application of probabilistic graphical models, an emerging approach in machine learning, to the research of communication networks.
|
59 |
A NetFlow Based Internet-worm Detecting System in Large NetworkWang, Kuang-Ming 04 September 2005 (has links)
Internet-worms are a major threat to the security of today¡¦s Internet and cause significant worldwide disruptions, a huge number of infected hosts generating overwhelming traffic will impact the performance of the Internet. Network managers have the duty to mitigate this issue . In this paper we propose an automated method for detecting Internet-worm in large network based on NetFlow. We also implement a prototype system ¡V FloWorM which can help network managers to monitor suspect Internet-worms activities and identify their species in their managed networks. Our evaluation of the prototype system on real large and campus networks validates that it achieves pretty low false positive rate and good detecting rate.
|
60 |
Secure Communication Channel Mechanisms For Isolated NetworksKaradag, Gokdeniz 01 December 2009 (has links) (PDF)
Current network security solutions are consisted of a single host, with network
interfaces of the host connected to protected and external networks at the same
time. This design ensures security by restricting traffic flow to a single
point, where it can be examined and acted on by a set of rules. However, this
design also has a flaw and a single point of failure, that being the
vulnerabilities in the security device itself. An adversary would have unhindered access
to protected networks if a vulnerability in the security device itself leads to its
compromise. To prevent this possibility, high-security networks are completely
isolated from external networks, by prohibiting any network connection and
constituting a so-called air gap in between. But, data transfer needs do arise between external
networks and high-security networks, and in current technology this problem
does not have a solution without human intervention. In this
theses, we propose a set of mechanisms that allows near-realtime data transfers between
high-security network and external networks, without requiring any human
intervention. The design consists of two hosts connected via a shared storage,
transferring only application layer data between networks. This prevents
attacks targeting network stacks of the security device' / s OS, and confines a
compromised security device to the network that it is already connected to. In case
of a compromise the amount of possible unwanted traffic to and from the
high-security network is vastly reduced.
|
Page generated in 0.0395 seconds