Computer Science & Electrical
Volume: 130 , Issue: 1 , August Published Date: 12 August 2023
Publisher Name: IJRP
Views: 489 , Download: 364 , Pages: 372 - 382
DOI: 10.47119/IJRP1001301820235295
Publisher Name: IJRP
Views: 489 , Download: 364 , Pages: 372 - 382
DOI: 10.47119/IJRP1001301820235295
Authors
# | Author Name |
---|---|
1 | Castro A. Yoga |
2 | Anthony J. Rodrigues |
3 | Silvance O. Abeka |
Abstract
The issue of network security holds significant importance in the contemporary interconnected global landscape, as networks encounter a wide range of both internal and external threats that can result in severe ramifications. The task of protecting networks continues to pose challenges, despite the implementation of security measures. These challenges arise from the growing complexity and rapidity of attacks, as well as misconceptions held by users. Current security solutions frequently focus on individual layers of the OSI model in isolation, resulting in potential weaknesses within the broader network. This study introduces a comprehensive conceptual model that integrates security patterns to effectively tackle network security concerns. The proposed model expands upon the OSI model by incorporating a human layer and dividing the network into three distinct layers: organization, host, and media. The systematic analysis of potential threats is facilitated through the utilization of anti-goals and attack surface identification. The retrieval of relevant attack patterns and the derivation of defensive control patterns are facilitated through the integration of the Comprehensive Attack Pattern Enumeration Classification Repository (CAPEC), enabling the performance of risk assessment. The proposed model presents a comprehensive and organized methodology for network security, offering network administrators practical recommendations for integrating security measures throughout all layers and improving overall network safeguarding.