Evaluating the Security Threat of Firewall Data Corruption Caused by Instruction Transient Errors
نویسندگان
چکیده
This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations of two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a SAN model. The error injection experiments show that about 2% of errors injected into the firewall code segment cause security vulnerabilities. Two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error/day during a 1-year period in a networked system protected by 20 firewalls, 2 machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threats to a highly secure system.
منابع مشابه
Modeling and evaluating the security threats of transient errors in firewall software
This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations on two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a Stochastic Activity Network ...
متن کاملA New Method for Intrusion Detection Using Genetic Algorithm and Neural network
Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorit...
متن کاملDesign and Implementation of a Network Security Model for Cooperative Network
In this paper a design and implementation of a network security model was presented, using routers and firewall. Also this paper was conducted the network security weakness in router and firewall network devices, type of threats and responses to those threats, and the method to prevent the attacks and hackers to access the network. Also this paper provides a checklist to use in evaluating wheth...
متن کاملNetwork Security using Firewall and Cryptographic Authentication
The network Security is the hottest topic in the current research scenario. The information security is really threatened by obnoxious users. With increasing vulnerabilities, caused by port scan attacks, replay attacks and predominantly IP Spoofing, targeting services, the network behavior is getting malevolent. But there is a lack of any clear threat model. The authors have endeavored to consi...
متن کاملA framework for understanding and predicting insider attacks
In this paper an insider attack is considered to be deliberate misuse by those who are authorized to use computers and networks. Applying this definition in real-life settings to determine whether or not an attack was caused by an insider is often, however, anything but straightforward. We know very little about insider attacks, and misconceptions concerning insider attacks abound. The belief t...
متن کامل