Defining the Rules and Basic Set of Funtional Elements for Effective Modeling of Communication Networks

Communication networks are complex information systems influenced by a vast amount of factors. It is critically important to forecast the paths that data take to verify the network, check its security and plan its updates. Model allows exploring processes that take place in the network without affecting performance and availability of a real network itself. With modelling it becomes possible to investigate the results of infrastructural changes introduced to the network before actually implementing them. It is important to be able to formally convert real network description into the model definition which preserves all data that is significant for network operation and skip data which is not. Outlining the rules for such conversion and using a limited set of basic functional components provide the ground for automatic model creation for the network of different levels of complexity.Proposed approach to modelling of communication networks is based on decomposition of the overall function of every particular real network component into a set of functions that belong to some predefined basic set. Functions of the basic set include L3 routing, L2 switching, packet filtering, NAT, etc. Model of a real network component is defined as a group of functional nodes each of which implements some function from the basic set.Configuration and current state of network components that influence its operation are also decomposed into elements each of which relates to some particular functional node. Configuration of network components is modelled as a set of configuration storage elements and current state is modelled as a set of current state storage elements.Links that connect real network components and links that connect functional nodes in the model are presented as singledirection channels that implement propagation of L2 frames thus simplifying the model due to excluding physical layer (L1) from the scope.Using the proposed approach to modelling may allow to formalize conversion of a real network descrip- tion to a model thus making automated modelling possible. By using a sufficient basic set of functional nodes it is possible to model the network containing components of any complexity level.

Implementasi Keamanan Jaringan dengan Packet Filtering Berbasis Mikrotik Untuk Internet Positif Di SMKN 1 Praya

SMKN 1 Praya is one of the schools in NTB with national standards. This school has a very broad environment. In addition, this school also has a fairly good internet network. This can be seen by the breadth of the internet network that almost covers the entire school environment. At SMKN 1 Praya the main problem is the use of internet network data by students to be used to play games and social media during study hours so we need a system that is capable of being a protection so that users cannot use the internet to play games and social media during study hours. . Based on this, the study aims to examine the implementation of network security with mikrotic-based packet filtering at SMKN 1 Praya. In general, this study shows the success of blocking several online game applications such as mobile legend, free fire, TOT and social media such as facebook.

Design and Research of Firewall System of Communication Department Based on Network Information Technology

In the past, the structure of traditional firewalls was similar to that of checkpoints, and the design structure was relatively simple. At the same time, it is also convenient for subsequent maintenance. As an isolation technology, it can be accessed by people with consistent identity information. But for some relatively high-level data information, using traditional firewalls, foreign intruders can easily obtain relevant information. This article chooses to use the working mechanism of network information technology, and then analyzes the hardware structure of the firewall based on the IPX2400 processor. Finally, a preliminary design of a firewall system for the communications department based on the IPX2400 processor is implemented, and its packet filtering function is realized.

Multimedia Filtering Analysis of Massive Information Combined with Data Mining Algorithms

With the advent of the big data era, information presentation has exploded. For example, rich methods such as audio and video have integrated more information, but with it, a lot of bad information has been brought. In view of this situation, this paper relies on data mining algorithms, builds a multimedia filtering system model for massive information, and integrates content recognition, packet filtering, and other technologies to match the two to ensure the integrity and real time of filtering. Practice results prove that the method is effective.

ANALYSIS OF LINUX OS SECURITY TOOLS FOR PACKET FILTERING AND PROCESSING

Open-source software and its components are widely used in various products, solutions, and applications, even in closed-source. Majority of them are made on Linux or Unix based systems. Netfilter framework is one of the examples. It is used for packet filtering, load-balancing, and many other manipulations with network traffic. Netfilter based packet filter iptables has been most common firewall tool for Linux systems for more than two decades. Successor of iptables – nftables was introduced in 2014. It was designed to overcome various iptables limitations. However, it hasn’t received wide popularity and transition is still ongoing. In recent years researchers and developers around the world are searching for solution to increase performance of packet processing tools. For that purpose, many of them trying to utilize eBPF (Extended Berkeley Packet Filter) with XDP (Express Data Path) data path. This paper focused on analyzing Linux OS packet filters and comparing their performances in different scenarios.

Defense mechanisms against Distributed Denial of Service attacks: Comparative Review

Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks. This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism. The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location. The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.

Deep Packet Filtering Mechanism for Secure Internetworks

In this paper, we propose a Deep Packet Filtering Mechanism (DPFM) to analyze and filter malicious data packets moving between network environments. DPFM analyzes the behavior of malicious packets on the network and extracts information about the network as a sequence. After performing the word embedding process on the extracted sequence data using the word2vec technique, it detects malicious packets on the network by learning the LSTM model. In the past, research on filters to prevent malicious packets from entering the network by converting packets into data at the sending and receiving destinations and analyzing their purpose and maliciousness is insufficient. Since DPFM proceeds at the network boundary to analyze and extract malicious packets, primary detection is possible. In this paper, more accurate identification is possible by deep learning of network packets as well as OPcode and system calls, which are static analysis data.

IMPLEMENTASI TEKNOLOGI FIREWALL SEBAGAI KEAMANAN SERVER DARI SYN FLOOD ATTACK

During the Covid-19 pandemic, the centralized academic information system is very vulnerable to various forms of attacks, such as SYN Flood, ICMP Flood, DoS, etc. This attack will cause the server to slow down, so that it takes a long time to access the application. For this reason, a method is needed so that server security is guaranteed. The method used is packet filtering firewall. The results obtained from this study can improve server security and capturing traffic that leads to the server. So this method can be used to increase security on the server. Keywords: DoS; Firewall; ICMP Flood; Packet Filtering; SYN Flood; Server Abstrak: Dimasa pandemi Covid-19 saat ini sistem informasi akademik secara terpusat sangat rawan terhadap berbagai bentuk serangan, seperti SYN Flood, ICMP Flood, DoS, dll. Serangan ini akan mengakibatkan server menjadi lambat, sehingga lama dalam mengakses aplikasi. Untuk itu, dibutuhkan suatu metode agar keamanan server lebih terjamin. Metode yang digunakan adalah packet filtering firewall. Hasil yang diperoleh dari penelitian ini dapat meningkatan kemanan server dan capturing traffic yang mengarah kepada server. Sehingga metode ini dapat digunakan untuk meningkatkan keamanan pada server. Kata kunci: DoS; Firewall; ICMP Flood; Packet Filtering; SYN Flood; Server