Extract Network and System resource for analysis of Network Security Modeling
-
Upload
dhiraj-gajurel -
Category
Engineering
-
view
24 -
download
1
Transcript of Extract Network and System resource for analysis of Network Security Modeling
Te c h n o l o g i c a l e n h a n c e m e n t b r i n g s u n k n o w n t h r e a t s .
E x t r a c ti n g a n d a n a l y z i n g t h e n e t w o r k a n d s y s t e m r e s o u r c e s fo r m o d e l i n g n e t w o r k s e c u r i t y.
A n a l y s i s o n s a fe t y r e q u i r e m e n t a n d m a i n c o n n e c ti o n r e l a ti o n s h i p m o d e l i n g
Network is interconnection of node for data communication.
Internet is the common playground for hacker.
National level concern Network Security .
Network components should be analyzed properly for effective security modeling.
S.NO NAME AUTHOR Year Issue1. RESEARCH AND
ANALYSIS ON NETWORK SECURITY MODELLING
Kehao Cao 2016/IEEE a) Safety Requirement modeling
b) Main Connection Relationship modeling
2. ANALYSIS OF NETWORK AND FIREWALL POLICIES IN DYNAMIC AND HETEROGEBOUS NETWORKS
Kirori Mindo et. al
2016/IJARCSSE a) Heterogenous network environment and infrastructures
b) Firewall policies
3. Use of attack graphs in security systems
Vivek Sandilya et. al
2014/IEEE a) Use of attack graph for security detection violation and control
COMPONENTSSecurity Requirements : R={r(1),r(2),r(3),…,r(n)} where r(i) represents individual security strategy.
Hosts :H={h(1),h(2),h(3),…,h(n)} where h(i) represents the individual hosts.
Protocols:P={pro(1),pro(2),pro(3),…,pro(n)} where pro(i) represents the individual protocols. If the host is on same computer then P={localhost} If there is no connection then P={NULL}
SECURITY REQUIREMENTSConfidentiality • Protection from disclosure to unauthorised persons
Integrity• Maintaining data consistency
Authentication • Assurance of identity of person or originator of data
Availability • Legitimate users have access when they need it
HOSTS
Host computers are routes,switch,firewall,server,PC and so on
A host computer of security network can be represented asa) Host IDb) OSc) SVCSd) VULS
PROTOCOLSRules that governs the data communication.
The set P={pro(1),pro(2),…,pro(n)} defines the connection relationship between hosts.
Internet uses TCP/IP protocol stack.
The TCP/IP protocol stack consists of four layers.
LINK LAYER
First layer of TCP/IP stack
Network resources associated:a) HUBb) SWITCHc) PROTOCOLS(ARP & RARP)
Vulnerabilitiesa) Packet sniffingb) ARP cheating
Main connection relationshipa) ARP
INTERNET LAYERSecond layer for TCP/IP Stack
Network resources associateda) Routerb) Protocol(IP,ICMP & IGMP)c) IP address
Vulnerabilitiesa) IP Spoofing
Main Connection Relationshipa) ICMP_Service Type
TRANSPORT LAYERThird layer of TCP/IP stackConsists of 65535 ports for providing services
Network resources associateda) Portsb) Protocols(TCP/UDP)
Vulnerabilitiesa) SYN DOS attack
Main Connection Relatioshipa) TCP_Portno.
APPLICATION LAYERTop-most layer of TCP/IP stack.
Network resources associated:a) Applications(Browsers)b) Protocols(HTTP,HTTPS)
Vulnerabilitiesa) SQL injectionb) Session hijacking
Main Connection Relationship:a) TCP (UDP) _ the number of port _ the type of service _ the name of
application
LINK LAYERUse of Encryption and VPN for protection against packet sniffing.
Replacement of HUB with Switch.
Static ARP entries.
ARP spoof detection software arpON Arp_antidote
INTERNET LAYERUse of RPF technique against IP spoofing for reverse path detection
Use of Access control list for reverse path finding.
Use of Firewall for inbound and outbound filtering.
The connection relationship between hosts can be defined with a triple set of (Hsrc,Hdst,Protocol).
Network provides different services through different layers
All the services have different security attributes
Proper defense mechanism should be applied in each layer for effective security to obtain a safe security model.