Design & development of an Embedded Network Security System (ENSS)

Abstract

Embedded system is becoming an interesting solution to various applications due to high stability, minimal power consumption, and portability. This thesis describes the design and development of an embedded system for Network Security Applications (ENSS), which is based on Single Board Computer (SBC) utilizing GNU/Linux Operating System (OS). The ENSS software is structured in three modules namely Port Scan, Port Scan Attack and Smurf Attack Detection. The approach is to develop software which performs port scan using half-open, UDP, and horizontal techniques as well as to detect the possible port scan attack and Smurf Attack. The software is executed on an x86 based TS-Linux Single Board Computer (SBC). ENSS is designed to operate Port scan, which is used for discovering hosts weaknesses by sending port probes. Port scan attack detection is to identify port scan attempts and find out information about the machine. The Smurf Attack Detection is used to identify Smurf based attack (Broadcast Duplicate Packet and analyze ICMP traffic information). Results show that the system performance on the embedded platform is almost similar to other port scanners running on a much better performance PC. The ENSS performance in terms of CPU utilization and memory usage indicate that embedded GNU/Linux platform is suitable for network security applications although under hardware limitations of memory and processing speed. Lower cost of the Single Board Computer and the extra benefit of portability make ENSS a good alternative system for network security detection system.