Skip to main content

An investigation to cybersecurity countermeasures for global internet infrastructure.

Hammood, H., 2021. An investigation to cybersecurity countermeasures for global internet infrastructure. Doctoral Thesis (Doctoral). Bournemouth University.

Full text available as:

[img]
Preview
PDF
HAMMOOD, Hayder _Ph.D._2021.pdf
Available under License Creative Commons Attribution Non-commercial.

4MB

Abstract

The Internet is comprised of entities. These entities are called Autonomous Systems (ASes). Each one of these ASes is managed by an Internet Service Provider (ISP). In return each group of ISPs are managed by Regional Internet Registry (RIR). Finally, all RIRs are managed by Internet Assigned Number Authority (IANA). The different ASes are globally connected via the inter-domain protocol that is Border Gateway Protocol (BGP). BGP was designed to be scalable to handle the massive Internet traffic; however, it has been studied for improvements for its lack of security. Furthermore, it relies on Transmission Control Protocol (TCP) which, in return, makes BGP vulnerable to whatever attacks TCP is vulnerable to. Thus, many researchers have worked on developing proposals for improving BGP security, due to the fact that it is the only external protocol connecting the ASes around the globe. In this thesis, different security proposals are reviewed and discussed for their merits and drawbacks. With the aid of Artificial Immune Systems (AIS), the research reported in this thesis addresses Man-In-The-Middle (MITM) and message replay attacks. Other attacks are discussed regarding the benefits of using AIS to support BGP; however, the focus is on MITM and message replay attacks. This thesis reports on the evaluation of a novel Hybrid AIS model compared with existing methods of securing BGP such as S-BGP and BGPsec as well as the traditional Negative Selection AIS algorithm. The results demonstrate improved precision of detecting attacks for the Hybrid AIS model compared with the Negative Selection AIS. Higher precision was achieved with S-BGP and BGPsec, however, at the cost of higher end-to-end delays. The high precision shown in the collected results for S-BGP and BGPsec is largely due to S-BGP encrypting the data by using public key infrastructure, while BGPsec utilises IPsec security suit to encapsulate the exchanged BGP packets. Therefore, neither of the two methods (S-BGP and BGPsec) are considered as Intrusion Detection Systems (IDS). Furthermore, S-BGP and BGPsec lack in the decision making and require administrative attention to mitigate an intrusion or cyberattack. While on the other hand, the suggested Hybrid AIS can remap the network topology depending on the need and optimise the path to the destination.

Item Type:Thesis (Doctoral)
Additional Information:If you feel that this work infringes your copyright please contact the BURO Manager.
Uncontrolled Keywords:Border Gateway Protocol; BGP; Artificial Immune Systems; AIS; Transmission Control Protocol; TCP; IPsec; Encryption; message digest; MD5; Hashing function; Network Security; Machine Learning
Group:Faculty of Science & Technology
ID Code:36020
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:16 Sep 2021 09:44
Last Modified:16 Sep 2021 09:44

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -