The Challenges, Gaps and Future Trends: Network Security
1. The Challenges, Gaps and
Future Trends: Network Security
Deris Stiawan. Ph.D
(C|EH. C|HFI)
Communication Network and Security Research Lab (COMNETS)
Faculty of Computer Science
Universitas Sriwijaya
www.comnets.unsri.ac.id
@2014
2. 1. Network Attack
• Existing dataset or developing the data
• Analysis of attack
– How to sniffing and read the packet from RAW
data
– Classification, Clustering and statistical of data
• How to extraction the data to
– Features extraction and selection the raw data to
human readable
• Alert management / correlation
– How to analysis, compare and process of alert
5. Normal & Attack Traffic
DoS
Normal / Attack ?
Normal Access:
Web 2.0 ( Video, Blog, Chat)
Penetration Testing:
Probe: Scanning, Network Mapping
U2R: Rooting, Escalating Privilege
R2L: Malware, SQL Injection, ARP
Man in the Middle Attack
DoS: ICMP Flooding
7. • Research opportunity ;
– Network Defense : Firewall, IDS / IPS (hybrid,
accuracy, prediction, active, smart and extensible)
– Email protection, spam filtering, malware
identification, etc
– Statistical data
– Clustering / classification data with Soft
computing approach (SOM, PSO, AI, fuzzy, etc)
– The results : algorithm, method or systems
8. 2. Forensic Investigator
• Existing dataset or developing our data
• Mobile Device / Phone
– File system
• Network / Host
– Analysis the worm, DoS, XSS, SQL injection attack
– Log, traffic, alert, etc
– RAM, Card, HD, File system (IOS, NTFS, HFS+, Ext, FAT, etc)
• Evidence
– How to evidence the sources
– How to find the malicious and analyzing the intrusion
– How to get the old data, corrupted data, or erased data
– Recover the data
9. Network forensics based on fuzzy logic and expert system
Computer Communications, Volume 32, Issue 17, 15 November 2009, Pages 1881-1892
Niandong Liao, Shengfeng Tian, Tinghua Wang
10. • Research opportunity ;
– Expert in tools : FTK, ENCASE, etc
– Forensic in network
• Log system, log from host, etc
• File system: MBR, images, registry, kernel, etc
– Forensic in mobile phone
• SIM Card, RIM, RAM, Phone contact
• Operating system: android, J2ME, etc
• Messages, history log, firware,
11. 3. Cloud Computing
• Development of previously technology
– Grid computing, Distributed Systems, ASP
(Application Service Provider)
– Service Oriented Architecture (SOA)
– Web services : XML, Jason, WSDL, J2ME, Cross
platform, etc
– Mobile computing, real time
12. A survey on security issues in service delivery models of cloud computing
Journal of Network and Computer Applications, Volume 34, Issue 1, January 2011, Pages 1-11
S. Subashini, V. Kavitha
14. A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud
computing
Future Generation Computer Systems, Volume 28, Issue 6, June 2012, Pages 833-851
Md. Tanzim Khorshed, A.B.M. Shawkat Ali, Saleh A. Wasimi
16. • Security question by Dawei Sun et al.
– how to provide safety mechanisms,
– how to keep data confidentiality for all the individual and
sensitive information,
– how to avoid malicious insiders illegal operation under the
general lack of transparency into provider process and
procedure environments,
– how to avoid service hijacking, where phishing, fraud and
exploitation are well known issues in IT,
– how to management multi-instance in multi-tenancy
virtual environments,
– how to develop appropriate law and implement legal
jurisdiction
Surveying and Analyzing Security, Privacy and Trust Issues in Cloud Computing Environments
Procedia Engineering, Volume 15, 2011, Pages 2852-2856
Dawei Sun, Guiran Chang, Lina Sun, Xingwei Wang
17. • According Dawei Sun et al. Privacy Issue :
– how to make users remain control over their data
when it is stored and processed in cloud
– how to guarantee data replications in a
jurisdiction and consistent state
– which party is responsible for ensuring legal
requirements for personal information,
– what extent cloud sub-contractors involved in
processing can be properly identified, checked
and ascertained.
18. • Research opportunity ;
– Security sides :
• Infrastructure as a services
• Hardware as a services
– Surveying and Analyzing Security, Privacy and
Trust
– Integrity: Certificate Authority, Certificate digital,
PKI, ISAKMP, LDAP, etc
– QoS: Session key, Scheduling algorithm,
– Authentication method: physical, AAA, RADIUS
19. 4. Heterogeneous Network
• Integrated and combined the “cloud”
• Unified communication: voice, images and video
multicast
• Integrated mobile tech, real time and reliable
• Quality of services & cross platform
– traffic, bandwidth, services, etc
• Broker’s as a middleware, to connected the node
to cloud
• How to management it (monitoring, access and
control)
20. Capability adaptation algorithm based on joint network and terminal selection inheterogeneous networks
The Journal of China Universities of Posts and Telecommunications, Volume 18, Supplement 1,September 2011, Pages
76-82
21. Resource competition in a converged heterogeneous networking
Computer Networks, Volume 55, Issue 7, 16 May 2011, Pages 1549-1559
Abbas Jamalipour, Farshad Javadi, Kumudu S. Munasinghe
22. • Research opportunity ;
– Develop a topology of network to create the dataset,
combining technology of Cloud, wireless and mobile
– SLA
– Protocol : integrated IPv4 – IPv6 & how to integrated
the devices with heterogeneous network
– Result : the new system, improved from existing,
implementation framework based on open sources
23. 5. Network Graph
• How to shows the vulnerability for dynamic
attacks
• Graph the correlation and interconnections
• Easy to manages and maintenance network
• Extensible and hybrid
24. Network analysis of temporal trends in scholarly research productivity
Journal of Informetrics, Volume 6, Issue 1, January 2012, Pages 97-110
Hyoungshick Kim, Ji Won Yoon, Jon Crowcroft
26. Fast detection and visualization of network attacks on parallel
Computers & Security, Volume 28, Issue 5, July 2009, Pages 276-288
Hyunsang Choi, Heejo Lee, Hyogon Kim
27. • Research opportunity ;
– Graph based on bayesian, SOM, etc
– Socket programming, tools matlab, etc
– Graph of DoS, malware, scanning attack
28. 6. Network Management
• Unified Threat Management
• Early system & monitoring for security officer
= network monitoring center / network
operating center
• How to get SNMP from different devices
29. • Research opportunity ;
– One stop monitoring & management network
• Tools : Netflow, MRTG, OPManager, the dude
– Integrated network management and control
– Network coordinate, analytic & behavior based on
soft computing
34. 7. Big Data Processing
• Networking: Capturing, storing, processing
packet data in real-time / online traffic
• Data analytic in GB / TB of Data
• Grid / Parallel / distributed computing
– Extract
– Reduce
– Optimized
– Search
• Requirement: Python or Java
35. 8. Internet of Things
• Semantically means ‘‘a world-wide network of
interconnected objects uniquely addressable,
based on standard communication protocols
• Is not just wireless communications
• The basic idea of this concept is the pervasive
presence around us of a variety of things
or objects : RFID, tags, sensors, actuators,
mobile phones, etc
36. Luigi Atzori , et al. The Internet of Things: A survey, Computer Networks 54 (2010) 2787–2805
37. Mu-Sheng Lin, et al. Zigbee-based Internet of Things in 3D Terrains.
Computers and Electrical Engineering 39 (2013) 1667–1683