Qureshi et al., 2025 - Google Patents
An Empirical Study of Hardening Network Access Control Systems.Qureshi et al., 2025
- Document ID
- 7181995869840264887
- Author
- Qureshi K
- Al-Shamali M
- Abd-El-Barr M
- Publication year
- Publication venue
- International Journal for Computers & Their Applications
External Links
Snippet
Abstract Network Access Control (NAC) is one of many solutions that plays a critical role in defining security policies in networking. Three open-source NAC solutions were analyzed and compared: OpenNAC, FreeNAC, and PacketFence. The results showed that the …
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/25—Network arrangements or network protocols for addressing or naming mapping of addresses of the same type; address translation
- H04L61/2503—Internet protocol [IP] address translation
- H04L61/2507—Internet protocol [IP] address translation translating between special types of IP addresses
- H04L61/2517—Internet protocol [IP] address translation translating between special types of IP addresses involving port numbers
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sallam et al. | On the security of SDN: A completed secure and scalable framework using the software-defined perimeter | |
| Maleh et al. | A comprehensive survey on SDN security: threats, mitigations, and future directions | |
| Pradhan et al. | Solutions to vulnerabilities and threats in software defined networking (SDN) | |
| Varadharajan et al. | A policy-based security architecture for software-defined networks | |
| De Donno et al. | DDoS‐capable IoT malwares: comparative analysis and Mirai investigation | |
| DeCusatis et al. | Implementing zero trust cloud networks with transport access control and first packet authentication | |
| Bhushan et al. | Security challenges in cloud computing: state-of-art | |
| Kampanakis et al. | SDN-based solutions for moving target defense network protection | |
| US9838356B2 (en) | Encrypted peer-to-peer detection | |
| US10447710B1 (en) | Self-shielding dynamic network architecture | |
| Bays et al. | Virtual network security: threats, countermeasures, and challenges | |
| Hussein et al. | Software-Defined Networking (SDN): the security review | |
| Yackoski et al. | A self-shielding dynamic network architecture | |
| US10021070B2 (en) | Method and apparatus for federated firewall security | |
| OConnor et al. | PivotWall: SDN-based information flow control | |
| Yackoski et al. | Applying self-shielding dynamics to the network architecture | |
| Lu et al. | An SDN‐based authentication mechanism for securing neighbor discovery protocol in IPv6 | |
| Tseng et al. | A comprehensive 3‐dimensional security analysis of a controller in software‐defined networking | |
| Tripathy et al. | Risk based security enforcement in software defined network | |
| US11570149B2 (en) | Feedback mechanism to enforce a security policy | |
| Akbaş et al. | A preliminary survey on the security of software-defined networks | |
| DeCusatis et al. | Zero trust cloud networks using transport access control and high availability optical bypass switching | |
| Combe et al. | An sdn and nfv use case: Ndn implementation and security monitoring | |
| Garg et al. | Review on architecture and security issues in SDN | |
| Sharma et al. | Security Enhancement in Software Defined Networking (SDN): A Threat Model |