A Proactive Network Surveillance Framework for Improving Network Security Across Information Value Chain

Maninder Singh(1*), Seema Bawa(2), S. C. Saxena(3)

(1) Assistant Professor, Computer Science and Engineering Department, Thapar Institute of Engineering & Technology, India
(2) IIT Khargpur and Ph.D. from Thapar Institute of Engineering & Technology, Patiala, India
(3) Allahabad University, Uttar Pradesh, India
(*) Corresponding author


DOI's assignment:
the author of the article can submit here a request for assignment of a DOI number to this resource!
Cost of the service: euros 10,00 (for a DOI)

Abstract


This research analyzes trends in network security through an investigation of reactive and proactive network security strategies. Many of common practices have been studied, analyzed, compared and reported in this work. A proactive network surveillance framework is proposed. The framework consists of five layers addressing security at various levels following the onion model of defense.  Successive layers of defense use different technologies. The inner layers of defense can support the outer layer and an attacker must breach each line of defense in turn. This gives an engineering solution, which emphasizes redundancy - a system that keeps working even when a single component fails. This will lead to self-healing and self-defending network infrastructure thus emphasizing preventive mode of security.
Copyright © 2013 Praise Worthy Prize - All rights reserved.

Keywords


Network Security; Network Surveillance; Proactive Security; Honeynets

Full Text:

PDF


References


Zhang F, Zhou S, Qin Z, Liu J, Honeypot: a supplemented active defense system for network security, Proc. 4th International Conference on Parallel and Distributed Computing applications and technologies, pp. 231-5, 2003.

S M Bellovin, W R Cheswick, Firewalls and Internet Security: Repelling the Wily Hacker, (Addison-Wesley, 1994).
http://dx.doi.org/10.1002/adma.19960080319

Sotiris Ioannidis, Angelos D. Keromytis, Steve M. Bellovin, et al., Implementing a Distributed Firewall, ACM Communications, 2000.
http://dx.doi.org/10.1145/352600.353052

Eskin E, Anomaly detection over noisy data using learned probability distributions. In: Proceedings of 17th international conference on machine learning, 2000.

Paul Innella, A Brief History of Network Security and the Need for Adherence to the Software Process Model, Tetrad Digital Integrity, 2000.

Salvatore J Stolfo, Wenke Lee, A Framework for Constructing Features and Models for Intrusion Detection Systems. ACM Transactions on Information and System Security, Vol. 3, No. 4., 2000.
http://dx.doi.org/10.1145/382912.382914

Spafford E H, Kumar S, A software architecture to support misuse intrusion detection. In Proceedings of the 18th National Conference on Information Security, 1995.
http://dx.doi.org/10.1016/0167-4048(96)81671-3

Gupta S, Yeldi S, Enhancing network intrusion detection system with honeypot. Conference on Convergent Technologies for Asia-Pacific Region Tencon 2003, 2003.
http://dx.doi.org/10.1109/tencon.2003.1273174

Biondi P, Raynal F, Berthier Y, Honeypot forensics part I: analyzing the network, IEEE Security & Privacy, 2004.
http://dx.doi.org/10.1109/msp.2004.47

Lance Spitzner, Know your enemy: Revealing the security tools, tactics and motives of the blackhat community, (Addison-Wesley, 2002).

Lance Spitzner, Honeypots: tracking hackers, (Addison-Wesley, 2003).

Cliff Stoll, The Cuckoo”s Egg: Tracking a spy through the maze of computer espionage, (Pocket Books, NY, 1990).
http://dx.doi.org/10.1063/1.2810663

Cheswick Bill, An Evening with Berferd in Which a Craker Is Lured, Endured, and Studied, Find out from Net., 1991.

Fred Cohen, Deception Toolkit, (http://www.all.net/dtk).

Ryan Talabis, Honeypots 101: A Brief History of Honeypots, (The Philippine Honeynet Project, 2005).

Fyodor, Nmap active fingerprinting tool, http://www.inscure.org

Marty Roesch, NetFacade Honeypot, www.itsecure.bbn.com

Marcus R, BackOfficer Friendly, http://www.nfr.com/

Lance S, The Honeynet Project, http://www.honeynet.org

CERT Advisory CA-2001-19, CodeRed Worm Exploiting Buffer Overflow In IIS Indexing Service DLL, http://www.cert.org/advisories/CA-2001-19.html

CERT Advisory CA-2001-31, Buffer Overflow in CDE Subprocess Control Service, http://www.cert.org/advisories/CA-2001-31.html

CERT Advisory CA-2002-01, Exploitation of Vulnerability in CDE Subprocess Control Service, http://www.cert.org/advisories/CA-2002-01.html

Lance Spitzner et al., Honeynet Project Research Alliance, http://www.honeynet.org/alliance/

Honeynet research alliance. Snort-inline, Snort augmentation tool, http://snort-inline.sourceforge.net/

Honeynet research alliance, Sebek- keylogging tool, http://www.honeynet.org/tools/sebek/

Honeynet research alliance, Virtual Honeynets, http://www.honeynet.org/papers/virtual/

Marty Roesch, Snort, OpenSource Instrusion Detetction System, http://www.snort.org

The Honeynet Project Lance Spitzner, Know your enemy: Laerning about security threats, (Addison-Wesley, 2004).


Refbacks

  • There are currently no refbacks.



Please send any question about this web site to info@praiseworthyprize.com
Copyright © 2005-2022 Praise Worthy Prize