EXTRACT NETWORK AND SYSTEM RESOURCE FOR ANALYSIS OF NETWORK SECURITY MODELING

CONTENTS

ABSTRACTINTRODUCTIONLITERATURE SURVEYARCHITECTURE DIAGRAMPROBLEM DEFINITIONCONCLUSION

ABSTRACT

Te c h n o l o g i c a l e n h a n c e m e n t b r i n g s u n k n o w n t h r e a t s .

E x t r a c ti n g a n d a n a l y z i n g t h e n e t w o r k a n d s y s t e m r e s o u r c e s fo r m o d e l i n g n e t w o r k s e c u r i t y.

A n a l y s i s o n s a fe t y r e q u i r e m e n t a n d m a i n c o n n e c ti o n r e l a ti o n s h i p m o d e l i n g

INTRODUCTION

Network is interconnection of node for data communication.

Internet is the common playground for hacker.

National level concern Network Security .

Network components should be analyzed properly for effective security modeling.

LITERATURE SURVEY

S.NO NAME AUTHOR Year Issue1. RESEARCH AND

ANALYSIS ON NETWORK SECURITY MODELLING

Kehao Cao 2016/IEEE a) Safety Requirement modeling

b) Main Connection Relationship modeling

2. ANALYSIS OF NETWORK AND FIREWALL POLICIES IN DYNAMIC AND HETEROGEBOUS NETWORKS

Kirori Mindo et. al

2016/IJARCSSE a) Heterogenous network environment and infrastructures

b) Firewall policies

3. Use of attack graphs in security systems

Vivek Sandilya et. al

2014/IEEE a) Use of attack graph for security detection violation and control

ARCHITECTURE DIAGRAM

Host1 Host2Protocol

req1

req2 req3

req1

req2

Fig:Basic Network Components

Transmission medium

COMPONENTSSecurity Requirements : R={r(1),r(2),r(3),…,r(n)} where r(i) represents individual security strategy.

Hosts :H={h(1),h(2),h(3),…,h(n)} where h(i) represents the individual hosts.

Protocols:P={pro(1),pro(2),pro(3),…,pro(n)} where pro(i) represents the individual protocols. If the host is on same computer then P={localhost} If there is no connection then P={NULL}

MODELLING THE NETWORK

SECURITY REQUIREMENTSConfidentiality • Protection from disclosure to unauthorised persons

Integrity• Maintaining data consistency

Authentication • Assurance of identity of person or originator of data

Availability • Legitimate users have access when they need it

HOSTS

Host computers are routes,switch,firewall,server,PC and so on

A host computer of security network can be represented asa) Host IDb) OSc) SVCSd) VULS

PROTOCOLSRules that governs the data communication.

The set P={pro(1),pro(2),…,pro(n)} defines the connection relationship between hosts.

Internet uses TCP/IP protocol stack.

The TCP/IP protocol stack consists of four layers.

LINK LAYER

First layer of TCP/IP stack

Network resources associated:a) HUBb) SWITCHc) PROTOCOLS(ARP & RARP)

Vulnerabilitiesa) Packet sniffingb) ARP cheating

Main connection relationshipa) ARP

INTERNET LAYERSecond layer for TCP/IP Stack

Network resources associateda) Routerb) Protocol(IP,ICMP & IGMP)c) IP address

Vulnerabilitiesa) IP Spoofing

Main Connection Relationshipa) ICMP_Service Type

TRANSPORT LAYERThird layer of TCP/IP stackConsists of 65535 ports for providing services

Network resources associateda) Portsb) Protocols(TCP/UDP)

Vulnerabilitiesa) SYN DOS attack

Main Connection Relatioshipa) TCP_Portno.

APPLICATION LAYERTop-most layer of TCP/IP stack.

Network resources associated:a) Applications(Browsers)b) Protocols(HTTP,HTTPS)

Vulnerabilitiesa) SQL injectionb) Session hijacking

Main Connection Relationship:a) TCP (UDP) _ the number of port _ the type of service _ the name of

application

DEFENSES

LINK LAYERUse of Encryption and VPN for protection against packet sniffing.

Replacement of HUB with Switch.

Static ARP entries.

ARP spoof detection software arpON Arp_antidote

INTERNET LAYERUse of RPF technique against IP spoofing for reverse path detection

Use of Access control list for reverse path finding.

Use of Firewall for inbound and outbound filtering.

TRANSPORT LAYER

Use of SYN cache

Use of SYN cookies

Filtering requests through firewall

APPLICATION LAYER

Use of advanced firewalls

Use tools like URLScan

CONCLUSION

The connection relationship between hosts can be defined with a triple set of (Hsrc,Hdst,Protocol).

Network provides different services through different layers

All the services have different security attributes

Proper defense mechanism should be applied in each layer for effective security to obtain a safe security model.

THANK YOU