Skip to main content
SpringerLink
Log in

A Framework for Unified Network Security Management: Identifying and Tracking Security Threats on Converged Networks

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

A comprehensive network security management system must coordinate detection and scanning tools for converged networks; derive fully-integrated attack and network models; perform vulnerability and multi-stage attack analysis; support large-scale attack visualization; and possibly orchestrate strategic responses to unwarranted actions that cross network boundaries. We present an architecture that embodies these principles. The unified network security management system described in this paper gleans data from a suite of detection tools for various networking domains. Aggregate real-time network data supplies a comprehensive modeling framework used for further analysis, correlation, and visualization. The resulting system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. N. Muller, Convergence: The Next Revolution in Telecommunications, Artech, 1999.

  2. Fyodor, The Art of Port Scanning, http://www.insecure.org, 2002.

  3. T. Kosloff, Attacks on public telephone networks: Technologies and challenges. Proceedings of the SPIE Conference on Sensors and C3I Technologies for Homeland Defense and Law Enforcement, 2003.

  4. G. Vigna, F. Valeur, J. Zhou, and R. A. Kemmerer, Comoposable Tools for Network Discovery and Security Analyses. Proceedings of the Annual Computer Security Applications Conference, 2002.

  5. B. Skaggs, B. Blackburn, G. Manes, and S. Shenoi, Network Vulnerability Analysis. Proceedings of the IEEE 45gh Midwest Symposium on Circuits and Systems, 2002.

  6. General Dynamic, Inc. Motorola Intrusion Vision.

  7. Ringneck Technologies, Inc. Ringneck Security Console.

  8. G. Lorenz, Public Telephone Network Vulnerabilities. Advances in Data and Applications Security.

  9. C. Campbell, J. Dawkins, R. Larson, K. Fitch, and T. Tidwell, Network Modeling for Vulnerability Analysis. Proceedings of the Third Annual International Systems Security Engineering Association Conference, 2002, 2002.

  10. J. Dawkins, C. Campbell, R. Larson, K. Fitch, and T. Tidwell, Modeling Network Attacks: Extending the Attack Tree Paradigm. Proceedings of the Third Annual International Systems Security Engineering Association Conference, 2002.

  11. B. Schneier, Secrets and Lies, Wiley, San Francisco, CA, 2000.

    Google Scholar 

  12. American Nation Standards Institute. SS7 Integrated Services Digital Network User Part.

  13. GR-82: Signaling Transfer Point Generic Reuirements, Telcordia, 2001.

  14. J. Somesh, J. Wing, and O. Sheyner, Minimization and reliability analysis of attack graphs, Carnegie Mellon University, 2002.

  15. O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. Wing, Automated Generation and Analysis of Attack Graphs. Proceedings of the IEEE Symposium on Security and Privacy, June, 2002.

  16. J. Andrews, T. Reliability Moss, and Risk Assesment, The American Society of Mechanical Engineers, 2002.

  17. N. Leveson, Safeware: System Safety and Computers, New York, 1995.

Download references

Author information

Authors and Affiliations

  1. Center for Information Security, University of Tulsa, Tulsa, Oklahoma, 74104

    J. Dawkins, K. Clark & M. Papa

  2. Center for Information Security, 600 S, College Avenue, Tulsa, Oklahoma, 74104, USA

    G. Manes & M. Papa

Authors
  1. J. Dawkins
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. Clark
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. G. Manes
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. M. Papa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. Papa.

Additional information

Jerald Dawkins is Founder and Chief Scientist of Digital Enterprise Security Associates, LLC located in Tulsa, Oklahoma. His academic and professional endeavors have provided him with a background in computer security, attack management, risk analysis, and software engineering. He received his B.S. (Computer Science) degree from Fort Lewis College in 1999 and his M.S. and Ph.D. (Computer Science) from the University of Tulsa in 2003 and 2005, respectively.

Kevin Clark is a Masters student at the University of Tulsa. He has been involved with research focusing on Security Risk Metrics, Automated Attack Generation and Analysis, and Attack Visualization.

Gavin Manes is a Research Assistant Professor at the Center for Information Security and the University of Tulsa. His research interests are information assurance, digital forensics, telecommunications security, and critical infrastructure protection.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Dawkins, J., Clark, K., Manes, G. et al. A Framework for Unified Network Security Management: Identifying and Tracking Security Threats on Converged Networks. J Netw Syst Manage 13, 253–267 (2005). https://doi.org/10.1007/s10922-005-6292-x

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10922-005-6292-x

Keywords

Search

Navigation