Loading
IA-REDI | Information Assurance - Research, Education, and Development Institute

Research | Network Security

Research

Network Security We live in a networked world. It is very rare to utilize any standalone device in this day and age. Networks span the globe and are connected by cable, satellite microwave and various radio frequency methods. These connections provide numerous opportunities for anonymous attackers to gain access to computer systems. Our Network Security research group investigates the use of wireless devices in a classified environment and intelligent intrusion detection techniques for both wired and wireless networks.

Design a Network Security Test Bed

Travis Wilson

Abstract

This project will develop a Network test bed for both the Linux and Microsoft Windows environment. The servers in the network test bed will provide the functionality of servers in a real network. The clients of the network will contain a suite of tools to allow the students to perform ethical hacking on the network. This network test bed will make the following contributions:

  • Serve as a prototype to be used in other institutions.
  • Will be used for certification training.
  • Provide a hands-on-experience for students in Information Assurance courses at Norfolk State University.

A Look Into the Unethical World of Hacking

John Ellis and Jermain Moses

Abstract

 Over the past fifty years, the world has become more technical than ever. With the rise of hackers, it is important that people learn about different hacking methods in order to protect themselves. The goal of this research is to educate people, specifically high school students and the elderly, on how to protect themselves from malicious activities. We provided demonstrations of the most common hacking and cyber attack methods, and designed and implemented a keylogger. These modules provide hands-on experience for the users in protecting themselves.




Addressing Security Issues in an Advanced Metering Infrastructure

Jacque Lee

Abstract

 With the rapid growth of our growing population the conservation of energy is a growing concern. The Obama Administration has been pushing for more efficient energy usage and cleaner energy. Researchers are currently developing ways to address this problem. An innovative technology to address this issue is the smart meter. Readings from the meter are sent from the customer to power companies, providing a two-way communication. Further work must be performed to prevent threats to the energy infrastructure that can cause major blackouts and vital information can be stolen.

 This project was focused on researching security issues and wireless communication protocols within the advanced metering infrastructure. Some communication protocols studied were Power Line Communications (PLC), WiMax (IEEE 802.20), and WiFi (IEEE 802.11). This research was conducted to determine which communication protocol would be most feasible for future smart meter technologies. In addition to this, research was performed in the development of the AACV algorithm by implementing a wireless mobile node to test its location determination capabilities in a simulation framework called NS-3.




Prototype Implementation of a Self-Protecting Security Framework for CDA/CCD Documents

Ebelechukwu C. Nwafor

Abstract

 Clinical Document Architecture (CDA) is a standard for the exchange of electronic medical records (EMRs). This standard has been widely accepted in many countries including United States, Finland, Australia, and Great Britain. One of the major issues as to sharing documents is security. Since an EMR may contain sensitive and vital patient information, the need to provide self-protecting security, regardless of where the document is stored, is of utmost importance.

 This thesis research is designed to extend a self-protecting security framework for securing CDA/CCD documents by integrating eXtensible Access Control Markup Language (XACML) in an embedded and fine-grained manner. It focuses on the design and prototype software implementation of two critical logical components of XACML architecture: a Policy Administration Point (PAP) which generates access control policies and a Policy Decision Point (PDP) which renders authorization decisions based on the request contexts and the applicable access control policies.

 The PAP generates an XACML policy document based on the code attribute of the confidentialityCode element contained in a CDA document, which has already been created. It embeds this XACML policy document within the CDA document. The original content within the scope of the confidentialityCode element is encoded with base64 format and embedded into a ResourceContent element of the XACML policy document. This ResourceContent element is then encrypted and the whole CDA document is digitally signed, with the results of these operations also embedded within the CDA document. For each confidentialityCode element contained in the CDA document, a separate XACML policy document is generated and embedded into the CDA document.

 The PDP verifies the digital signature and decrypts the policy elements. It then evaluates the policies based on the request context provided, and renders a decision along with the content that is permitted for access, if any, for this request.




Implementing Cisco Adaptive Security Appliance in a Small-Medium

Zengraft V. Grimes

Abstract

This project describes the implementation of the Cisco Adaptive Security Appliance (ASA) in a Small-Medium Business (SMB) environment. The Cisco ASA 5500 Series ASA is a comprehensive security solution. The Appliance provides vulnerabilities protection, stateful inspection firewall, Virtual Private Network (VPN) functionality, routing, and other services all within one device. For these reasons, the Cisco ASA is one of the most well known network security solutions implemented by businesses.

The main purpose of this research project is to build upon existing knowledge of Cisco equipment, and specifically focus on the design and implementation of the Cisco ASA features of threat prevention, VPN, application inspections, and routing services within a SMB environment. In addition, this research project examines some of the management, monitoring, and troubleshooting options provides by the Cisco ASA. Furthermore, to demonstrate the Cisco ASA functionality in a SMB environment, Directory Services, Domain Services, Dynamic-Host Configuration Protocol (DHCP), and Voice-over Internet Protocol (VOIP) service are implemented as part of the network architecture.

The network topology design for this project includes a headquarters office, one branch office, and a telecommuting staff. Two different models from the Cisco 5500 series ASA product family are used to implement this topology. The Cisco 5510 series ASA is located at the headquarters office and the Cisco 5505 series ASA at the branch office. The two offices are connected using a secure link via the public internet. In addition, the SMB enterprise network includes a Windows Server 2008 domain controller, an open source VOIP gateway, Cisco Catalyst Switches and Cisco VOIP telephones.





People

Faculty

  • Dr. Jonathan Graham
  • Dr. Luay Wahsheh
  • Dr. Felicia Doswell

Graduate Students

  • Tonya Fields

Undergraduate Students

  • Travis Wilson

Publications, Presentation, & Student Productivity

  • E. Nwafor. "A Prototype Implementation of a Self-Portecting Security Frramework for CDS/CCD Documents," M.S. Thesis, Department of Computer Science, Norfolk State University, July 2013. Advisor: Dr. George Hsieh.
  • Z. V. Grimes. "Implementing Cisco Adaptive SEcurity Appliance in a Small-Medium Business Environment," M.S. Project, Department of Computer Science, Norfolk State University, March 2013. Advisor: Dr. George Hsieh.
  • D. Thomas. "Automatic Incident Response Wireless LANs (AIR-WLANs) for Advanced Metering Infrastructure (AMI)," M.S. Thesis, Department of Computer Science, Norfolk State University, May 2012. Advisor: Dr. Aftab Ahmad.
  • T. Fields. "Futuristic Intrusion Detection Enhanced Learning System (FIDELS)," M.S. Thesis, Department of Computer Science, Norfolk State University, May 2012. Advisor: Dr. Jonathan Graham.
  • J. Powell. Digital Forensics Investigation in Secure Cloud Computing Environments. ADMI 2011. April 2011. Clemson, SC.
  • B. Herring. Development of a Cloud Environment using vSphere. (Poster). ADMI 2011. April 2011. Clemson, SC.
  • C. Lanclos & D. Thomas. Combination of iPads and Cloud Computing to Reduce Desktop Computer Usage. (Poster). ADMI 2011. April 2011. Clemson, SC.
  • F. Doswell and A. Williams. Cloud Computing Standards and Education. Lecture. ADMI 2011. April 2011. Clemson, SC.
  • G. Hsieh. Towards an Integrated Embedded Fine-Grained Information Protection Framework. ICISA 2011. April 2011. Jeju, Korea.

Resources

The Network Test Bed lab is currently operational with six PC's, three wireless routers, and network cabling. The PC's contain two Linux Clients, one Linux Server, two Windows Clients, and one Windows server. They also include Windows 2008 Server. The security software tools for the Window OS include: NMAP, Cain and Abel, Ophcrack, Metasploit, Retina Nessus, Wireshark, Nemesis, etc. The security software tools used for Ubuntu was NMAP, John the Ripper, Ophcrack, Nessus, Metasploit, Etherape, Wireshark, TShark, Root Kit Hunter, and ChKroot Kit. Network Security also includes a Virtual Machine of Library of Labs.