Automatic Traffic Control System for SOHO Computer Networks

Abstract

One can say without a shred of doubt that network security plays a significant role in the modern world. The problem with information security lies in the imperfection of the TCP/IP technology stack and software vulnerabilities. Major manufacturers of network equipment do not pay enough attention to the security infrastructure of the SOHO class network, which is mostly based on the hardware platform MIPS or ARM. To help solve this issue, one of the solutions is outlined in this article—an algorithm that ensures information security of small computer networks. This algorithm allows to identify suspicious network activity and eliminate threats through remote control of network equipment L3. Traffic processing is performed on a personal computer using an intrusion detection and prevention system, along with a system for analysis and information security events correlation. Information flows are redirected using port mirroring technology on a router. The traffic control system of the SOHO class computer network, which has weak computational capabilities at getaway hosts, functions on the basis of the client-server model using such programming languages as Python and C++. The combined use of these tools provided greater efficiency in the completion of a wide range of different tasks. Both manual and automated testing techniques were involved in the final evaluation of the solution. As part of evaluating the effectiveness of the proposed product, several experiments were conducted on the modelling of malicious network activity such as DoS and IP-spoofing. As a result, the system has successfully identified and eliminated all threats. It is recommended to use this solution for SOHO networks that have weak computational power at internetwork hosts and are lacking a comprehensive firewall.