04-07-2012, 04:57 PM
Selective Data Stream Blocking Mechanism for Networks
Selective Data Stream Blocking Mechanism for Networks.pdf (Size: 215.75 KB / Downloads: 51)
INTRODUCTION
A ``network'' has been defined [1] as ``any set of
interlinking lines resembling a net, a network of
roads, an interconnected system, a network of
alliances.'' A computer network is simply a system of
interconnected computers. The data streams being
transmitted on a network as data or as result of
operation of an application over the network are
required to be monitored and in adverse
circumstances blocked. The network nodes can
interrupt the communication path at the application
layer and force the data packets to identify
themselves. Alternatively, the nodes can try to extract
the information by analyzing the application layer
part of the communication data [2]. Both methods
have drawbacks:
TECHNIQUES USED AT PRESENT
A. Manual closing down of network switches
This is the crudest form of prohibition of
particular applications or data streams from
being circulated over the network. Several
educational institutions still practice this owing
to lack of awareness and initiative.
B. Putting blanket ban on data transfer which is
often commonly called as Limited Connectivity:
This is another of the rudimentary techniques
wherein the administrators stop all network
transmission to block the data streams intended
to be blocked and thereby hampering other
transmissions as well.
C. Employing network sniffer
It is computer software or hardware that can
intercept and log traffic passing over a digital
network or part of a network. [4] As data streams
flow across the network, the sniffer captures
each packet and eventually decodes and analyzes
its content according to the appropriate
specifications.
NEED FOR MECHANISM
There exists a need of a middle path between the
active and passive approaches wherein the
applications and data packets can be effectively
monitored while overcoming the glitches and
disadvantages prevalent in the existing techniques
and methodologies.
SUGGESTED MECHANISM
A) Goal
To detect, monitor and block network based
applications like LAN Games, broadcasting software
etc.
B) Strategy
We have our target applications identified. Their
sample data packets are taken to create the definition
bank, which then shall be checked with data packets
to identify their status.
1) Header Check
The data packets to be checked will be inspected in
two stages. The first stage will be header inspection
and in the second stage the detailed contents of the
packet will be matched with sample packets. Only
those data packets whose header contents are
doubtful get their data inspected thoroughly. Thus a
two tier checking mechanism is deployed for
transmission permission.