An extended access control list for local network protection from insider attacks

Muamer N., Mohammed (2011) An extended access control list for local network protection from insider attacks. Masters thesis, Universiti Malaysia Pahang (Contributors, Thesis advisor: Norrozila, Sulaiman).

[img]
Preview
Pdf
An extended access control list for local network protection from insider attacks.pdf

Download (1MB) | Preview

Abstract

The security of Local Area Network (LAN) has become one of the most important interesting areas for researches and this connection is prone to vulnerability caused by the attackers in steeling information from the network and possibly makes damages. Protecting the network can be done through many mechanisms among the most effective one is the network firewall. While the firewall focusing on protecting the network from the external attacks, it only limits the internal users accessing the network. Insider attacks can be unauthorized host, application, and/or user backdoor connected to the LAN and reveal information to the outside. These types of attacks can be very dangerous. This thesis proposes solutions for these problems by creating two programs one at each client and the other at the server. At client, the program will provide each outgoing packet destined outside the network with Host Identifier, Application Identifier and User Identifier responsible for sending the current outgoing packet. It also authenticates these Identifiers in order to ensure that it is trustworthy and valid for the second program. The server will receive the authenticated packets and verifies them before passing them to the external network, while dropping and track the unauthorized one. This work based on TCP/IP protocol suite because it is the leading and important current communication protocols. Both programs operate under Microsoft Windows operating system environment. The performance of the new system is computed and the results show that the security aspects have been enhanced with respect to a slight impact in speed (decreased by 1.96 % in download, 2.35% in uploading). Finally, the proposed system implementation was developed using Visual Basic.NET language.

Item Type: Thesis (Masters)
Additional Information: Thesis (Master of Science (Computer)) -- Universiti Malaysia Pahang - 2011, SV: DR. NORROZILA SULAIMAN, NO. CD: 5440
Uncontrolled Keywords: Local area networks (Computer networks); Security measures; Computer security
Subjects: Q Science > QA Mathematics > QA76 Computer software
Faculty/Division: Faculty of Computer System And Software Engineering
Depositing User: En. Mohd Ariffin Abdul Aziz
Date Deposited: 20 Feb 2023 07:03
Last Modified: 20 Feb 2023 07:03
URI: http://umpir.ump.edu.my/id/eprint/37057
Download Statistic: View Download Statistics

Actions (login required)

View Item View Item