Research

• IPv6

• MoWiSat

  • Satellite Communications

  • Ubiquitous Wireless Communications

  • Mobile Technologies

• Real Time Multimedia Communications

• Network Monitoring

• Network Security

• Publications

Network Security

Autonomous intrusion agents, commonly referred to as 'worms', are fast becoming a popular method of compromise in terms of security in computer systems and networks. The infamous network worm that made history was the "Morris" worm, which quickly crippled a substantial portion of the Internet in 1988. Worms have been a persistent security threat on the Internet though, for mostly they have been focused to attack Windows hosts. Recent variations of the worm afflictions have been made using email viruses, which abuse the MUA API's to propagate quickly. Other than flooding the network and queuing at the mail server, they usually do not do any damage to the system they reside on. They rarely provide for unauthorized external control of the system or the release of sensitive information.

Today, viruses and worms have become a common phenomenon and we have to cope with this phenomenon by finding ways to overcome it. Worms and viruses are a real threat to the corporate world, and the consequences of an infection can be dramatic in a working environment, especially when more and more people are "wired". Protection against attack from worms has become a booming software industry owing to its importance and vulnerability. Major worm attacks have caused companies and institutions to spend large amounts of money, and it is a big industry to be tapped into. Protection currently available is on the actual user's PCs (antivirus) and in the gateways in the form of IDS or firewall.

The fundamental problem today is the user's inability to cope with the rising number of virus and worm intrusions. Users are always required to patch their systems as new vulnerabilities are discovered and new worms released every day. The two categories of protection currently available are insufficient in an internal network environment because of the dependency on all users to be ever vigilant. In fact, one or two users with an infected machine can bring down the whole network. The process of detecting such infected machines is cumbersome and needs advanced troubleshooting tools. The Network Security team at NAV6 strives to overcome these shortcomings by actively detecting the worm in the internal network environment.

Network Security is one of the most demanding research areas in the field of Computer Networks, and it is of great importance to the rapid increasing demands in network technologies, education, industry, as well as research and development. For educational institutions it can open a lot of opportunities in the area of network security. Skills can be grown locally to develop the new network administrators who are capable of running the network optimally and fix security holes. Furthermore, since Internet is open to the world, it acts as a honey pot to the black hat users to play around and get access to others PC's. Hence, network security can be useful in the areas of education, training, industries, business community, communications, and almost every networked environment to ensure the safety and continuity of the network services and applications provided.