Home // SECURWARE 2019, The Thirteenth International Conference on Emerging Security Information, Systems and Technologies // View article
An Evaluation on Feasibility of a Communication Classifying System
Authors:
Yuya Sato
Hirokazu Hasegawa
Hiroki Takakura
Keywords: Targeted Attacks, Network Separation, Access Control
Abstract:
Recently, sophisticated cyber attacks targeting companies or governments have frequently occurred. With conventional measures, e.g., intrusion detection system or firewalls, we cannot protect our network completely because attackers act carefully to pass through such conventional measures. Against such situation, separated network is one of the effective countermeasures. It divides an organization's internal network into multiple segments and performs fine access control among separated segments. We have proposed an automated ACL generation system to support constructing separated networks previously. However, this method focuses on the business continuity of the organization, and ACL will unconditionally permit communication of a section where traffic is observed. Therefore, we proposed a communication classifying system to judge the necessity of communication and its protocol by two-step investigation. In the first investigation, the system judges consistency of observed communication by referring the reasons why conventional systems permitted the communication. In addition, the system judges validity of the communication by checking waiting state of its destination terminal in the second investigation. In this paper, we implement a communication classifying system we have proposed, and verify the feasibility of the system. In the experiment, we applied the implemented system to prototype network consists of nine clients and one file sharing server (SMB protocol). As a result, our system terminated almost unintended communication between clients and server precisely.
Pages: 9 to 15
Copyright: Copyright (c) IARIA, 2019
Publication date: October 27, 2019
Published in: conference
ISSN: 2162-2116
ISBN: 978-1-61208-746-7
Location: Nice, France
Dates: from October 27, 2019 to October 31, 2019