The present invention relates to the field of network security.
There are many new hazards that result from institutions' use of a growing number of physical security elements. Surveillance cameras, access control systems, sensor and controller are all connected using TCP/IP (Transmission Control Protocol/Internet Protocol) and networking technology and rely on unsecure communication networks that are laid across the site and in the field. The use of these unsecure networks exposes the site to combined cyber and physical attacks.
Cyber security is an evident threat to any organization. Providing both security and connectivity creates a conflicting case in the computing and networking arena of many enterprises and organization such as homeland security, safe city, utilities, industrial, transportation, etc. The typical network architecture consists of multiple network appliances connected through a network infrastructure providing a large set of services to the users and organization. Having a reliable and consistent network is a top priority item for any organization worldwide.
U.S. Patent Application Publication No. 20050193429 to Demopoulos et al. discloses an integrated data traffic monitoring system monitoring data traffic received from a communication network and destined for a protected network. The monitoring system includes a security appliance and one or more security and monitoring technologies such as hardware and open source and proprietary software products. The security appliance and the security and monitoring technologies may be implemented as separate and distinct modules or combined into a single security appliance. The security and monitoring technologies monitor network data traffic on, or directed to, the protected network. The monitoring system collects data from each of the technologies into an event database and, based on the data, automatically generates rules directing one or more of the technologies to prevent subsequent communications traffic from specific sources from entering the protected network.
U.S. Patent Application Publication No. 2013127618 to Sheleheda et al. discloses a method, non-transitory computer readable medium and apparatus for providing network security monitoring in a communications network are disclosed. For example, the method receives communications traffic associated with a sensor network from a sensor that is a member of the sensor network, analyzes the communications traffic to determine if an attack is occurring on the sensor network, and generates an alarm if the attack is occurring on the sensor network.
Japanese Patent Application Publication No. 2004086880 to Atsou discloses a system for detecting illegal access at respective connection points and notifying warning information, a means for storing the notified warning information, a monitor for extracting access state of the network from communication contents at every connection point, and a means for storing the extracted access state. Additionally, it comprises a gate node provided to every connection point and executing access control, a system for analyzing and notifying invasion path of the detected illegal access on the basis of the stored access state and warning information, a means for generating an access control rule at the gate node on the basis of the analyzed invasion path and the warning information, and a means for distributing it to the gate node.
Japanese Patent Application Publication No. 206244141 to Seiji discloses a system with a plurality of sensors for monitoring unauthorized access to a network by checking a packet on the network and generating unauthorized access information when the unauthorized access is detected, and a management device for collectively managing the plurality of the sensors and monitoring the unauthorized access to the network based on the unauthorized access information. The management device is provided with a storing part wherein management tables grouped in accordance with attributes of the plurality of the sensors are stored, and collectively transmits signature information required for monitoring the unauthorized access to the sensor belonging to the identical group based on the management table, and the plurality of the sensors monitor the unauthorized access based on the signature information.
The foregoing examples of the related art and limitations related therewith are intended to be illustrative and not exclusive. Other limitations of the related art will become apparent to those of skill in the art upon a reading of the specification and a study of the figures.