04-02-2013, 10:18 AM
Selective Data Stream Blocking Mechanism for Networks
1Selective Data Stream.pdf (Size: 215.75 KB / Downloads: 42)
Abstract
A customized mechanism to detect, monitor
and block the data packets according to the definitions
submitted to the mechanism. The mechanism is robust
easy to implement, maintain, update and enhance. The
mechanism takes input as sample data packets which
are to be blocked and checks those definitions with the
data packets according to the protocols and algorithms
which are a part of the mechanism.
INTRODUCTION
A ``network'' has been defined [1] as ``any set of
interlinking lines resembling a net, a network of
roads, an interconnected system, a network of
alliances.'' A computer network is simply a system of
interconnected computers. The data streams being
transmitted on a network as data or as result of
operation of an application over the network are
required to be monitored and in adverse
circumstances blocked. The network nodes can
interrupt the communication path at the application
layer and force the data packets to identify
themselves. Alternatively, the nodes can try to extract
the information by analyzing the application layer
part of the communication data [2].
Circuit Relay[7]
It is a firewall approach that validates
connections before allowing data to be
exchanged. It doesn't simply allow or disallow
packets but also determines whether the connection
between both ends is valid according to configurable
rules, then opens a session and permits traffic only
from the allowed source and possibly only for a
limited period of time. [8]Whether a connection is
valid is dependent on some/all of the following
factors - destination IP address and/or port, source IP
address and/or port, time of day, protocol, user, and
password.
Application Level Gateway [7]
Application-layer firewalls work on the application
level of the TCP/IP stack, and may intercept all
packets traveling to or from an application. They
block other packets (usually dropping them without
acknowledgment to the sender). [8]In principle, they
can prevent all unwanted outside traffic from
reaching protected machines. It does not route traffic
on the network layer. All traffic stops at the firewall,
which may initiate its own connections if the traffic
satisfies the rules.
Intrusion Detection System[9]
It functions as a network packet sniffer
which, based on comparisons of packet contents with
known virus signatures or application signatures
encapsulated as rules, can initiate action and record
events and information related to them in a log file
and/or database.
FUTURE SUGGESTIONS
The mechanism can be made customizable to provide
for making the tradeoff between the security level
and speed dynamic in nature. In other words more
security features like generating of data packets
definition to be checked dynamically from the given
packets, in depth searching of each packet be
introduced and user having the ability to decide
which of these he wishes to deploy because all of
them will have their cost in terms of speed.