Article: A novel architecture for an integrated enterprise network security system Journal: International Journal of Security and Networks (IJSN) 2019 Vol.14 No.1 pp.47 - 60 Abstract: Securing an enterprise network has become a challenging task as the cyber malware attacks are improving in sophistication. Traditional centralised gateway solutions such as firewall and intrusion detection systems fail to detect highly sophisticated cyber malwares and are no longer helpful for complete protection of large sized enterprise networks. In this paper, we propose a novel architecture, integrated enterprise network security system (IENSS), that consists of distributed security agents and a central controller. Each network segment is covered by one or more agents which operate based on instructions from the controller. The agents gather network traffic as well as other information and process the inputs before sending them to the controller. The controller receives the information collected by agents and processes the data in order to detect various malwares, attacks, or back doors to the enterprise network. Controller utilises machine learning, data mining, and traffic analysis to accomplish various detection approaches. We have presented the IENSS architecture and five detection techniques those are implemented over it. New solutions can be incorporated in our architecture. Inderscience Publishers - linking academia, business and industry through research

Title: A novel architecture for an integrated enterprise network security system

Authors: B. Thanudas; S. Sreelal; V. Cyril Raj; Anugolu Purnesh Sairam; Vinay Gajmoti; Palash Joshi

Addresses: Dr. M.G.R. Educational and Research Institute, Chennai 600095, India; Vikram Sarabhai Space Centre, ISRO, Thiruvananthapuram 695022, India ' Vikram Sarabhai Space Centre, ISRO, Thiruvananthapuram 695022, India ' Dr. M.G.R. Educational and Research Institute, Chennai 600095, India ' Indian Institute of Space Science and Technology, Thiruvananthapuram, Kerala 695547, India ' Indian Institute of Space Science and Technology, Thiruvananthapuram, Kerala 695547, India ' Indian Institute of Space Science and Technology, Thiruvananthapuram, Kerala 695547, India

Abstract: Securing an enterprise network has become a challenging task as the cyber malware attacks are improving in sophistication. Traditional centralised gateway solutions such as firewall and intrusion detection systems fail to detect highly sophisticated cyber malwares and are no longer helpful for complete protection of large sized enterprise networks. In this paper, we propose a novel architecture, integrated enterprise network security system (IENSS), that consists of distributed security agents and a central controller. Each network segment is covered by one or more agents which operate based on instructions from the controller. The agents gather network traffic as well as other information and process the inputs before sending them to the controller. The controller receives the information collected by agents and processes the data in order to detect various malwares, attacks, or back doors to the enterprise network. Controller utilises machine learning, data mining, and traffic analysis to accomplish various detection approaches. We have presented the IENSS architecture and five detection techniques those are implemented over it. New solutions can be incorporated in our architecture.

Keywords: integrated enterprise network security system; IENSS; distributed architecture; agent design; controller design; botnet detection techniques; http bot; P2P bot; DNS; unauthorized OS; rogue access point; advanced malware.

DOI: 10.1504/IJSN.2019.098919

International Journal of Security and Networks, 2019 Vol.14 No.1, pp.47 - 60

Received: 11 Mar 2018
Accepted: 18 Oct 2018
Published online: 09 Apr 2019 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: A novel architecture for an integrated enterprise network security system

Keep up-to-date