Network intrusion and eavesdropping is a significant security concern to private, public, government, and military establishments. The ability to physically intrude or eavesdrop on various network based systems has long been a concern. As more users access the Internet and as companies expand their networks, the challenge to provide security for computer networks becomes increasingly difficult. A physical intrusion into a system may involve connecting into a communication path or link or inserting a tap into the link, for example.
In a packet/frame/cell (PFC) network, intrusions and eavesdropping can be performed on a physical or logical level. PFC network intrusion prevention has focused on prevention of logical network intrusion using techniques such as data encryption. Physical intrusion security measures on PFC networks are left to securing areas which provide access to network infrastructure devices. Conventional attempts to secure network systems from compromised communications have focused on prevention through limited physical access to the systems and interconnections using locked facilities and cabling conduits. However, networks such as wide area networks, which are used to extend the corporate Intranet to many remote areas, include cabling that typically passes through public zones. Physical access to a network link usually allows a person to tap that link or inject traffic into it.
Detection of compromised communications has been generally limited to discrete temporarily deployed devices that do not communicate directly with the network or system users. Conventional detection systems typically require manual intervention to close off or reroute traffic past the compromised link. Communications may therefore be compromised for an extended period of time before action is taken to avoid the intrusion. As such, the loss of confidential information may be significant since the users have no immediate notification that their communications have been compromised.
While detection schemes may be equally viable for circuit-switched and PFC based network systems, detection alert generation and intrusion remediation techniques that work in circuit-switched network systems generally do not work in a PFC based network. Conventional security methods for PFC based networks do not provide a comprehensive solution for rapid response to a physical intrusion.
There is, therefore, a need for a system and method which alerts users or devices of a PFC network of a possible physical intrusion so that measures can be taken to prevent or minimize loss of secure data or damage to the network due to unauthorized access.