Archive | 2021
Trusted transaction secure network : agent-based distributed security control system for traffic on the Internet
Abstract
To secure Internet transactions from being threatened or attacked, various technologies have been developed. It is reported that current technologies still cannot comprehend various threats and attacks. Inspired by this situation, the work described in this thesis aims to contribute in a better approach in securing Internet transactions including its framework. A control system model based on a systems approach for Internet transactions is proposed, and the functionalities of the model are also specified in the thesis. The research has identified that the difficult part of securing Internet transactions lies in analysing threat and attack patterns. As most Internet transactions are carried out in real time, an Internet security system should analyse in real time patterns of both conditions the transaction traffic and the system itself. To analyse patterns of threats and attacks within Internet transactions, this research has developed an artificial intelligent patterns recogniser. The conditions of transaction traffic and the security system are first translated into patterns. With the patterns recogniser, those patterns can then be memorised, recognised, and ultimately analysed. Despite potentially handling a great amount of patterns, the accuracy of the patterns recogniser is not affected by the number of memorised or recognised patterns. Unlike existing patterns recognition approaches, this approach works fast, hence it is suitable for real time processes of Internet transactions. To establish the real time functionalities of the framework, three essential real-time tasks: monitoring traffic and system, analysing it through the patterns recogniser, and responding to suspicious or abnormal activities, need to be deployed. For that purpose, this research has developed and embedded a control system model in the framework. With this model, the traffic and the system can be monitored rigorously, and be analysed accurately and efficiently, and the control system can respond to abnormal or suspicious Internet transactions effectively. The research has also identified that the difficulty in dealing with threats and attacks are also caused by the complexity and the dynamicity of Internet environment. Researchers recommend that to deal with the complexity of Internet environment, the six security properties, i.e. authentication, authorisation, confidentiality, integrity, non-repudiation, and availability, should be handled properly. Results of the current security solutions show that an analytical approach in dealing with such a complexity through all those properties was not yet successful. As an alternative to an analytical approach, this research, therefore, has applied a systems approach in the framework. Using a systems approach, this research has developed an interdependency model for the security properties. With this model, the complex requirements of Internet security can be handled more flexibly. To make the framework be viable to various applications, and be appropriate for the dynamic condition of the Internet environment, software agents have been developed to perform the functionalities of both, the security properties and the modules in the control system model. To validate the usefulness and the efficiency of the approach, the functionalities and a prototype based on the proposed framework, has been implemented and tested. The design and the implemented functionalities show that the framework can be applied as a security control system for Internet transaction.