A stateful mechanism for the tree-rule firewall

© 2014 IEEE. In this paper, we propose a novel connection tracking mechanism for Tree-rule firewall which essentially organizes firewall rules in a designated Tree structure. A new firewall model based on the proposed connection tracking mechanism is then developed and extended from the basic model of Net filter's Conn Track module, which has been used by many early generation commercial and open source firewalls including IPTABLES, the most popular firewall. To reduce the consumption of memory space and processing time, our proposed model uses one node per connection instead of using two nodes as appeared in Net filter model. This can reduce memory space and processing time. In addition, we introduce an extended hash table with more hashing bits in our firewall model in order to accommodate more concurrent connections. Moreover, our model also applies sophisticated techniques (such as using static information nodes, and avoiding timer objects and memory management tasks) to improve its processing speed. Finally, we implement this model on Linux Cent OS 6.3 and evaluate its speed. The experimental results show that our model performs more efficiently in comparison with the Net filter/IPTABLES

Router security effect on performance of a network

Recently many of the devices that create a computer network offer security to help protect networks from hackers, such as computers, servers, firewalls and even routers. In most cases when protecting a network from hackers having more security is not always the best, because the more resources of the device is used by the security in inspecting connections, and it can compromise performance of the network. This thesis investigates performance benefit of having security on a router and its impact on the connection rate of the network when it is under security attacks. In this thesis, different security features and configurations offered by the router are tested to see how they affect the connection rate of the network under different security attacks, and compare with the benchmark network performance when there was no security used at all in the router

Cyber Security Evaluation of CentOS Red Hat Based Operating System Under Cyber Attack with Increasing Magnitude

The increasing interest in ‘always-connected’ devices and the Internet of Things has led to electronic devices with Internet connectivity becoming a staple in modern household and workplace. Consequently, this increase has also led to an increase in vulnerable devices, ripe for hijacking by a malicious third party. Distributed Denial of Service (DDoS) attacks have consistently been an issue since the birth of the Internet. With the large number of devices available today, the strength and consistency of these attacks has only grown and will continue to grow. Since, depending on certain variables, these DDoS attacks can effectively render a target system inoperable, precautions must be taken in order to prevent these attacks. Not all devices are created equal; Many harbor flaws that allow them to be used by a separate, malicious host without the knowledge of the owner. There is a myriad of devices on the market today, any of which can be used in a network of zombie machines meant to carry out an attack, a botnet. These botnets are used to flood a system with information, ideally consuming large amounts of resources, such as memory or processing power. If the attack is successful, operation within the target system is effectively halted, often for long periods of time in the more severe attacks. Just like the variety in devices, there is a variety in the software that operates these devices. In this experiment, I focus efforts on comparing the ability of CentOS 15 with Windows Server 2012R to function under attack. I analyze four popular DDoS attacks using simulated network traffic consisting of botnets ranging from of over 16 million systems, 65 thousand systems and 254 systems in a controlled, closed environment

Security Evaluation of Virtualized Computing Platforms

In this thesis, security experiments were conducted to evaluate embedded security protocol performance of two leading server operating systems, Apple’s MAC OS server LION Vs. Microsoft’s Windows server 2012 R2 OS under different types of security attack. Furthermore, experiments were conducted to understand and evaluate the effect of virtualization using Hyper-V with Windows 2012 R2 OS on MAC hardware platform. For these experiments, connection rate, connection latency, non-paged pool allocations and processor core utilization for different OS, virtual machines, and under different traffic types were measured