Modelling computer networks for further security research

Bederna, Zsolt; Szádeczky, Tamás

doi:10.35467/sdq/141572

Artykuł - szczegóły

Tytuł artykułu

Modelling computer networks for further security research

Autorzy

Bederna Zsolt , Szádeczky Tamás

Wybrane pełne teksty z tego czasopisma

http://securityanddefence.pl

Identyfikatory

DOI

10.35467/sdq/141572

Warianty tytułu

Języki publikacji

Abstrakty

Computer networks are usually modelled from one aspect, e.g., the physical layer of the network, although this does not allow the researcher to understand all usage of that device. We aim to develop a model which leverages all aspects of a networked computer and, therefore, provides complete information to the scientist for all further security research, especially that related to the social sciences. Network science is about the analysis of any network, from social to protein. It is much easier to analyse computer networks with technical tools than protein networks. It is, therefore, a straightforward way to crawl the web as Albert-Laszlo Barabasi did to model its connections, nodes, and links in graph theory to analyse its internal connections. His analysis was based solely on the network layer. Our methodology uses graph theory and network science and integrates all ISO/OSI (computer networking) layers into the model. Each layer of the ISO/OSI model has its topology separately, but all of them also work as part of the complex system to operate the network. It therefore creates a multipartite graph of the network under analysis. Furthermore, the virtual private networks (VPNs) and application usage are also integrated as nodes and links. With this model, the computer network infrastructure and usage data can be used for further non-computing related research, e.g., social science research, as it includes the usage patterns of the network users.

Słowa kluczowe

graph computer network network science network modelling

Wydawca

Akademia Sztuki Wojennej

Czasopismo

Security and Defence Quarterly

Rocznik

2021

Tom

Vol. 36, No. 4

Strony

51--66

Opis fizyczny

Bibliogr. 31 poz., rys.

Twórcy

autor

Bederna Zsolt

bederna.zsolt@stud.uni-obuda.hu

Doctoral School for Safety and Security Sciences, Obuda University, Hungary

https://orcid.org/10.35467/sdq/141572

autor

Szádeczky Tamás

243116@mail.muni.cz

Czech CyberCrime Centre of Excellence C4e, Masaryk University, Czech Republic
Department of Management and Business Economics, Budapest University of Technology and Economics, Hungary

https://orcid.org/0000-0001-7191-4924

Bibliografia

1. Anyasi, F.I., Uzairue, S.I., Enehizena, O.N., Matthews, V.O., Amaize, P. and Nkordeh, N. (2018) ‘Design and analysis of a broadcast network using logical segmentation’, Telkomnika, 16(2), pp. 803–810. doi: 10.12928/telkomnika.v16i2.8461.
2. Cisco (2014) ‘Hierarchical network design’, in Cisco Networking Academy, Connecting Networks Companion Guide. Hoboken: Pearson Education, Cisco Press, pp. 4–7.
3. Cisco Systems (2017) ‘Spanning tree protocol – Cisco’, Cisco Support. Available at: https://www.cisco.com/c/en/us/... (Accessed: 15 August 2021).
4. Ekelhart, A., Fenz, S., Klemen, M.D. and Weippl, E.R. (2006) ‘Security ontology: Simulating threats to corporate assets’, in A. Bagchiand and V. Atluri (eds.), Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Berlin, Heidelberg, Springer, pp. 249–259. doi: 10.1007/11961635_17.
5. IEEE (Institute of Electrical and Electronics Engineers) (2000) ‘IEEE 802.3ad-2000 – IEEE standard for information technology – Local and metropolitan area networks’. IEEE.
6. IEEE (Institute of Electrical and Electronics Engineers) (2001) ‘IEEE standard for local and metropolitan area networks – Common specification. Part 3: Media access control (MAC) bridges – Amendment 2: Rapid reconfiguration’, IEEE Std 802.1w- 2001. IEEE. doi: 10.1109/IEEESTD.2001.93287.
7. IEEE (Institute of Electrical and Electronics Engineers) (2002) ‘IEEE standards for local and metropolitan area networks – Virtual bridged local area networks – Amendment 3: Multiple spanning trees’, IEEE Std 802.1s-2002 (Amendment to IEEE Std 802.1Q, 1998 Edition). IEEE. doi: 10.1109/IEEESTD.2002.94223.
8. IEEE (Institute of Electrical and Electronics Engineers) (2012) ‘IEEE standard for local and metropolitan area networks-media access control (MAC) bridges and virtual bridged local area networks –Amendment 20: Shortest path bridging’, IEEE Std 802.1aq-2012 (Amendment to IEEE Std 802.1Q-2011 as amended by IEEE Std 802.1Qbe-2011, IEEE Std 802.1Qbc-2011, IEEE Std 802.1Qbb-2011, IEEE Std 802.1Qaz-2011, and IEEE Std 802.1Qbf-2011). doi: 10.1109/IEEESTD.2012.6231597.
9. IEEE (Institute of Electrical and Electronics Engineers) (2014a) ‘IEEE standard for local and metropolitan area networks-bridges and bridged networks’, IEEE Std 802.1Q-2014 (Revision of IEEE Std 802.1Q-2011). doi: 10.1109/IEEESTD.2014.6991462.
10. IEEE (Institute of Electrical and Electronics Engineers). (2014b) ‘IEEE 802.1AX-2014 – IEEE standard for local and metropolitan area networks – Link aggregation’. IEEE.
11. IETF (Internet Engineering Task Force) (1981) RFC 791. Available at: https://tools.ietf.org/html/rf... (Accessed: 15 August 2021).
12. IETF (Internet Engineering Task Force) (1999) RFC 2663. Available at: https://tools.ietf.org/html/rf... (Accessed: 15 August 2021).
13. IETF (Internet Engineering Task Force) (2010) RFC 5798. Available at: https://tools.ietf.org/html/rf... (Accessed: 15 August 2021).
14. IETF (Internet Engineering Task Force) (2017) RFC 8200. Available at: https://tools.ietf.org/html/rf... (Accessed: 15 August 2021).
15. Imran, M., Alghamdi, A. and Ahmad, B. (2015) ‘Role of firewall technology in network security’, International Journal of Innovation & Advancement in Computer Science, 4(12), pp. 3–6.
16. International Organization for Standardization (2013) ‘ISO/IEC 2382-36:2013 – Information technology – Vocabulary’. ISO.
17. Jaha, A.A., Shatwan, F.B. and Ashibani, M. (2008) ‘Proper virtual private network (VPN) solution’, in Proceedings – The 2nd International Conference on Next Generation Mobile Applications, Services, and Technologies, NGMAST 2008. doi: 10.1109/NGMAST.2008.18.
18. Jeffree, T., Congdon, P. and Seaman, M. (2010) ‘802.1X-2010 IEEE standard for local and metropolitan area networks – Port-based network access control’, IEEE Std 802.1X-2010. IEEE. doi: 10.1109/IEEESTD.2010.5409813.
19. Joint Task Force Transformation Initiative (2011) SP800-39 Managing information security risk: Organization, mission, and information system view. NIST Special Publication. Gaithersburg: National Institute of Standards and Technology, Gaithersburg. doi: 10.6028/NIST.SP.800-39.
20. Kadry, S. and Hassan, W. (2008) ‘Design and Implementation of system and network security for an enterprise with worldwide branches’, Journal of Theoretical & Applied Information Technology, 4(11), pp. 1361–1370.
21. Lantto, H., Åkesson, B., Suojanen, M., Tuukkanen, T., Huopio, S., Nikkarila, J-P. and Ristolainen, M. (2019) ‘Wargaming the cyber resilience of structurally and technologically different networks’, Security and Defence Quarterly, 24(2), pp. 51–64. doi: 10.35467/sdq/103346.
22. National Institute of Standards and Technology (2020) Zero Trust Architecture –Draft, 2nd ed. NIST Special Publication 800-207. Gaithersburg: National Institute of Standards and Technology. doi: 10.6028/NIST.SP.800-207-draft2.
23. Perlman, R. (2004) ‘Routing protocols’, in Computer Science Handbook, 2nd ed. Boca Raton: CRC Press. doi: 10.1201/b16812-53.
24. Pilarski, G. (2016) ‘Tackling cyberspace threats – The international approach’, Security and Defence Quarterly, 12(3), pp. 100–117. doi: 10.35467/sdq/103238.
25. Ravali, P. (2013) ‘A comparative evaluation of OSI and TCP/IP models’, International Journal of Science and Research, 4(7), pp. 514–521.
26. Rueda, D.F., Calle, E. and Marzo, J.L. (2017) ‘Robustness comparison of 15 real telecommunication networks: Structural and centrality measurements’, Journal of Network and Systems Management, 25, pp. 269–289. doi: 10.1007/s10922-016-9391-y.
27. von Roessing, R. (2010) ‘The ISACA business model for information security: An integrative and innovative approach’, in N. Pohlmann, H. Reimerand W. Schneider (eds.), ISSE 2009 Securing Electronic Business Processes, Vieweg+Teubner, Wiesbaden. pp. 37-47. doi: 10.1007/978-3-8348-9363-5_4.
28. Singh, S., Mudgal, P., Chaudhary, P. and Tripathi, A.K. (2015) ‘Comparative analysis of packet loss in LAN’, International Research Journal of Computers and Electronics Engineering, 3(1), pp. 12–16. doi: 10.5120/20525-2858.
29. Stadler, R., Pasquini, R. and Fodor, V. (2017) ‘Learning from network device statistics’, Journal of Network and Systems Management, 25(4), pp. 672–698. doi: 10.1007/s10922-017-9426-z.
30. Voloshin, V.I. (2009) Introduction to Graph Theory. New York: Nova Science. doi: 10.2307/3620453.
31. White, R. and Donohue, D. (2014) The Art of Network Architecture, The: Business-Driven Design. Indianapolis: Cisco Press.

Uwagi

Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2021).

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-8697f6b7-5477-44de-abcc-aabb0f2220b7