HTTP Packet Inspection Policy for Improvising Internal Network Security

Full Text (PDF, 519KB), PP.35-42

Views: 0 Downloads: 0

Author(s)

Kuldeep Tomar 1,* S.S. Tyagi 1

1. Department of CSE, MRIU, Faridabad, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2014.11.05

Received: 6 Feb. 2014 / Revised: 19 May 2014 / Accepted: 15 Jul. 2014 / Published: 8 Oct. 2014

Index Terms

Security, Traffic, Policy, HTTP, ASA, GNS3

Abstract

Past few years the use of Internet and its applications has increased to a great extent. There is also an enormous growth in the establishment of computer networks by large, medium and small organizations, for data transfer and information exchange. Due to this huge growth, incidents of cyber-attacks and security breaches have also increased. Data on a network is transferred using protocols such as Hyper Text Transfer Protocol, which is very vulnerable. Many types of malicious contents are hidden in packets that are transferred over a network or system, which may can to get it slow, crash or buffer overflow etc. Thus it is very important to secure networks from such types of attacks. There are lots of mechanisms available but still they are not good enough because of dynamic environment. Such kind of attacks can be countered by applying appropriate policies on network edge devices like Adaptive Security Appliance, firewalls, web servers, router etc. Also the packets which are transferred between networks, they should deeply inspect for malicious or any insecure contents. In this paper firstly we would study Network security issues and available mechanism to counter them our focus would be on inspecting the HTTP packets deeply by applying policies on ASA. Finally we would use Graphical Network Simulator (GNS3) to test such a policy.

Cite This Paper

Kuldeep Tomar, S.S. Tyagi, "HTTP Packet Inspection Policy for Improvising Internal Network Security", International Journal of Computer Network and Information Security(IJCNIS), vol.6, no.11, pp.35-42, 2014. DOI:10.5815/ijcnis.2014.11.05

Reference

[1]Zili Shao, Chun Xue, Qingfeng Zhuge, Meikang Qiu, Bin Xiao, Edwin H.-M Sha, “Security Protection and Checking for Embedded System Integration against Buffer Overflow Attacks via Hardware/Software”, IEEE Transactions on Computers, Vol. 55, NO. 4, April 2006.
[2]E.H. Spafford, “The Internet Worm Program: An Analysis,” Technical Report TR823, Purdue Univ., 1988.
[3]Ralf Bendrath, European Parliament,Milton Mueller, “Deep Packet Inspection and Internet Governance”.
[4]A white paper on “Stateful Inspection Firewalls” by Chris Roeckl Director, Corporate Marketing.
[5]E. Al-Shaer, H. Hamed, R. Boutaba, and M. Hasan, “Conflict classification and analysis of distributed firewall policies,” IEEE J. Sel. Areas Commun., vol. 23, no. 10, pp. 2069–2084, Oct. 2005.
[6]Cataldo Basile, Antonio Lioy, “Analysis of Application-Layer Filtering Policies With Application to HTTP”, IEEE/ ACM Transactions on Networking, 1063-6692, 2013 IEEE.
[7]Akbas?, E., Hakem Bilisim, Istanbul, “Next generation filtering: Offline filtering enhanced proxy architecture for web content filtering”, Computer and Information Sciences, 2008. ISCIS '08. 23rd International Symposium.
[8]A. X. Liu, M. G. Gouda, “Complete redundancy detection in firewalls,” in Proc. IFIP Data Appl. Security Conf., Storrs,CT, USA, Aug. 7–10, 2005, pp. 193–206.
[9]E. Al-Shaer, H. Hamed, R. Boutaba, and M. Hasan, “Conflict classification and analysis of distributed firewall policies,” IEEE J. Sel. Areas Commun., vol. 23, no. 10, pp. 2069–2084, Oct. 2005.
[10]Anja Feldmann, Jennifer Rexford, and Ramon Caceres, “Efficient Policies for Carrying Web Traffic Over Flow-Switched Networks”, IEEE/ACM transactions on networking, vol. 6, no. 6, December 1998.
[11]Zhibin Zhang, Yanjun Zhang, Li Guo, Binxing Fang, “LASF: A Flow Scheduling Policy in Stateful Packet Inspection Systems” ,Computers and Communications, 2007. ISCC 2007. 12th IEEE Symposium.
[12]A. Mayer, A. Wool and E. Ziskind. “Fang: A Firewall Analysis Engine.” Proceedings of 2000 IEEE Symposium on Security and Privacy, May 2000.
[13]Wool, A. ;Tel Aviv Univ., Tel Aviv, Israel, “Trends in Firewall Configuration Errors: Measuring the Holes in Swiss Cheese “Internet Computing, IEEE (Volume:14 , Issue: 4 ).
[14]Check Point FireWall-1, version 3.0. White paper, June 1997.http://www.checkpoint.com/products/whitepapers/wp30.pdf.
[15]Mohamed Ibrahim AK, Lijo George, Kritika Govind, S. Selvakumar, “Threshold Based Kernel Level HTTP Filter (TBHF) for DDoS Mitigation”, I. J. Computer Network and Information Security, 2012, 12, 31-39 Published Online November 2012 in MECS.
[16]Kannaiyaraja, Babu, Senthamaraiselvan, Arulandam, “Routers Sequential Comparing Two Sample Packets for Dropping Worms”, I. J. Computer Network and Information Security, 2012, 9, 38-46, Published Online August 2012 in MECS.
[17]Akbas?, E., Hakem Bilisim, Istanbul, “Next generation filtering: Offline filtering enhanced proxy architecture for web content filtering”, Computer and Information Sciences, 2008. ISCIS '08. 23rd International Symposium.
[18]Al-Shaer, E.S., Hamed, H.H., “Firewall policy advisor for anomaly discovery and rule editing”, Integrated Network Management, 2003. IFIP/IEEE Eighth International Symposium.
[19]Harshita B, N Ramesh, “A Survey of Different Types of Network Security Threats and its Countermeasures”, International Conference on Electrical, Electronics and Computer Engineering, May 2013. Mysore, ISBN: 978-81-927147-3-8.
[20]D. Moore, G. Voelker and S. Savage, “Inferring Internet Denial of Service Activity”, Proceedings of UNIX Security Symposium’ 2001, August 2001.
[21]D. Moore, G. Voelker, and S. Savage, “Inferring internet denial-of-service activity, Technical report, DTIC Document”, 2001.
[22]Mitko Bogdanoski, Tomislav Shuminoski, Aleksandar Risteski, “Analysis of the SYN Flood DoS Attack”, I. J. Computer Network and Information Security, 2013, 8, 1-11 Published Online June 2013 in MECS.
[23]A white paper on “Stateful Inspection Firewalls” by Chris Roeckl Director, Corporate Marketing.
[24]Christopher Parsons, “Literature Review of Deep Packet Inspection,” Prepared for the New Transparency Project’s Cyber- Surveillance Workshop, Version 4.1: March 6, 2011.