Analysis of Network Security and Design of Proactive

smileybloatNetworking and Communications

Nov 20, 2013 (4 years and 5 months ago)


Research Abstract


Analysis of Network Security and Design of Proactive
Network Surveillance Framework

Submitted by :


Dept. of Computer Science,

H.N.G.University. PATAN(N.G.)


The security in computer networks is a rapidly growing area of concern. Most of the
valuable information resides on the networks, making the network an inevitable entity for
survival. All these small networks are connected further to wide area networks
which in turn
forms the basis of Internet. The Internet is the “world’s largest collection of networks that
reaches universities, government labs, commercial enterprises, and military installations in many
countries”. Internet consists primarily of local a
rea networks. The principle method of
communication on the Internet is the TCP/IP protocol suite. The Internet, however, is
increasingly becoming an environment with multiple protocols

The Internet was an experiment begun in 1968 by the Defense Departmen
ts Information
Processing Techniques Office to connect computers over a network in order to ensure command
and control communications in the event of a nuclear war. The original network was known as
the ARPAnet, and the project quickly became a
traight r
esearch project without a specific
application‟. In the 1980s, the number of local area networks increased significantly and this
stimulated rapid growth of interconnections to the ARPAnet and other networks. These networks
and interconnections are known t
oday as the Internet. Keeping all this in consideration, it is
proposed to design and develop a proactive network surveillance framework. This Framework
aims to provide learning vision to the network attacks.

The main objective of this research is to brin
g improved network security through:

Exploring and analyzing various exploit and their detrimental effects on network security,

xploring various honeypots and analyze their working,

evelopment of a proactive network surveillance framework

So that w
e can enhance the security at various layers through proposed framework and
specifically implement a research honey pot to uncover tools and tactics of black hat community.
research will also review

temporal relation of network and internet technologi
es followed
by in depth review of the work related to network threats and security. “A network is a conduit
for information; it can be as simple as two tin cans tied together with a string or as complicated
as the internet”. Networks can develop at various

levels i.e. individual (social network),
organizational, inter
organizational, and international etc.

In 1969, the Defense Advanced Research Projects Agency solicited the efforts of computer
institutions, mainly university of California at Santa Barbara
., University of Utah and SRI to
design a network through which data could be passed and received. The network was called
ARPAnet, and the project quickly became a “straight research proj
ect without a specific
application‟. Few years after this effort, the number of loca1 area networks increased
significantly and this stimulated rapid growth of interconnections to the ARPAnet and other
networks. These networks and interconnections are know
n today as the internet. 1980 also saw
the birth of the personal computer followed by the local area Network. Apple computer released
the first personal computer in the early 1980s, and then IBM followed the race.

The evolution of the internet has been w
idely chronicled. Resulting from a research project that
established communications among a handful of geographically distributed systems, the Internet
now covers the globe as a vast collection of networks made up of millions of systems. The
Internet has b
ecome one of the most powerful and widely available communications mediums on
the earth, and our reliance on it increases daily. Government corporations, banks, and schools
conduct their day
day business over the Internet. With such widespread use, the
data that
resides on and flows across the network varies from banking and securities transactions to
medical records, proprietary data, and personal correspondence. The Internet is the


largest collection of networks that reaches universities, gove
rnment labs, commercial enterprises,
and military installations in many countries


Every network security implementation is based on some model, which could be either specified
or assumed. Based on the literature survey it is apparent that mostly perime
ter security model
based on firewalls and IDS, is in use: which is reactive in nature. Reactive approach, obviously
with above mentioned risks lacks the robustness and provides false sense of security
infrastructure. With tremendous complexity and hacking
ease looming around; challenge is to
build security into the network itself. This will lead to self healing and self defending network
infrastructure. To achieve this security has to be proactive i.e. should be part of the switching
fabric that carries all

the traffic: benign and malicious. There is compelling need to combine
reactive and proactive security measures in order to have an integrated approach to the security
ss the information value chain.

Keeping this view, it is proposed to design and de
velop, A surveillance framework. This
Framework targets to provide learning vision to the network attacks thus exhibiting ability to
react intelligently. This proposed network security framework will be based on a “
Doctrine” which would address an
d eradicate major shortcomings of existing security system
Research Work will be defense depth sometimes also called elastic defense concept for
implementation purposes. This research can give an engineering solution which emphasizes

a system
that keeps working even when a single component fails, no matter how
much effort goes into making the single engine reliable. Different security vectors within the
network, helps to prevent a shortfall in any one defense leading to total system failure.

In this research,

will also review

the research work in the field of network security as
reported in the literature. Important reactive (firewalls and IDS) and proactive (honey

patching and vulnerability assessment) strategies to secure the netwo
rks. Much needed emphasis

given to the literature pertaining to Proactive strategies. Gaps
will be

identified and finally,
based on
this, problem will be

formulated. Under this research various exploits and their
detrimental on network security
will b

explored, analyzed and reported. Working of some
severely clams

aging exploits
will be

explained and countermeasures
will be
Correlation among the software engineering principles and practices and their use amongst
software development commun



cited. Complete life cycle of an exploit
will be

explained with help of live snapshots.

In this research



unfold the tile design and development methodology for the said
framework. A layered architecture with five layers
will be

proposed. In the research

elaborate upon the deployment and testing methodology. The newly designed framework
will be

tested against various hacking tools and techniques and the responses of the framework when
tested and deployed under vario
us circumstances and conditions
will be

reported. Analogy

drawn with respect to existing defensive approaches. Finally this
research will conclude

draw the final results. Although this research
will be

an attempt to give a secure framework but
there is a always a scope of improvement so future scope of the work to be carried out for further