An extended access control list for local network protection from insider attacks
The security of Local Area Network (LAN) has become one of the most important interesting areas for researches and this connection is prone to vulnerability caused by the attackers in steeling information from the network and possibly makes damages. Protecting the network can be done through many me...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2011
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/37057/1/An%20extended%20access%20control%20list%20for%20local%20network%20protection%20from%20insider%20attacks.pdf http://umpir.ump.edu.my/id/eprint/37057/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The security of Local Area Network (LAN) has become one of the most important interesting areas for researches and this connection is prone to vulnerability caused by the attackers in steeling information from the network and possibly makes damages. Protecting the network can be done through many mechanisms among the most effective one is the network firewall. While the firewall focusing on protecting the network from the external attacks, it only limits the internal users accessing the network. Insider attacks can be unauthorized host, application, and/or user backdoor connected to the LAN and reveal information to the outside. These types of attacks can be very dangerous. This thesis proposes solutions for these problems by creating two programs one at each client and the other at the server. At client, the program will provide each outgoing packet destined outside the network with Host Identifier, Application Identifier and User Identifier responsible for sending the current outgoing packet. It also authenticates these Identifiers in order to ensure that it is trustworthy and valid for the second program. The server will receive the authenticated packets and verifies them before passing them to the external network, while dropping and track the unauthorized one. This work based on TCP/IP protocol suite because it is the leading and important current communication protocols. Both programs operate under Microsoft Windows operating system environment. The performance of the new system is computed and the results show that the security aspects have been enhanced with respect to a slight impact in speed (decreased by 1.96 % in download, 2.35% in uploading). Finally, the proposed system implementation was developed using Visual Basic.NET language. |
|---|