Home // International Journal On Advances in Telecommunications, volume 13, numbers 3 and 4, 2020 // View article
Authors:
Hirokazu Hasegawa
Yuya Sato
Hiroki Takakura
Keywords: Targeted Attacks, Network Separation, Access Control, Statistical Analysis
Abstract:
Recent sophistication of cyber attacks targeting organizations such as companies, governments, and so on, have made the complete protection of our network very difficult. However, with the conventional measures including intrusion detection systems or firewalls, our network is not completely safe from intrusion because the dedicated malwares can slip through such measures. Thus, the separated network is one of the most effective countermeasures. In the separated network, an organization's internal network is divided into multiple segments, and fine access control among separated segments is conducted. To support a separated network construction, an automated ACL generation system has been previously proposed because the separated network is difficult to construct. However, this method focuses on the business continuity of the organization, and ACL will unconditionally permit the communication of a section where traffic is observed to maintain business continuity. Therefore, we have proposed a communication classifying system to judge the necessity of communication and its protocol by a two-step investigation. First, the system judges the consistency of the communication permitted by conventional systems. Second, if inconsistent communication is detected, the system judges the validity of the communication by checking the waiting state of its destination terminal. However, the system misjudges the necessity of communication in several conditions. In this paper, to resolve the misjudgment of the conventional communication classifying system, we improve it to conduct statistical analysis as a third investigation. In the experiment, the proposed system detected and terminated unintended communication between clients and servers. Thus, the proposed system outperformed the conventional communication classifying system.
Pages: 21 to 32
Copyright: Copyright (c) to authors, 2020. Used with permission.
Publication date: December 30, 2020
Published in: journal
ISSN: 1942-2601