Journal of Network and Systems Management

, Volume 13, Issue 3, pp 253–267 | Cite as

A Framework for Unified Network Security Management: Identifying and Tracking Security Threats on Converged Networks

  • J. Dawkins
  • K. Clark
  • G. Manes
  • M. Papa


A comprehensive network security management system must coordinate detection and scanning tools for converged networks; derive fully-integrated attack and network models; perform vulnerability and multi-stage attack analysis; support large-scale attack visualization; and possibly orchestrate strategic responses to unwarranted actions that cross network boundaries. We present an architecture that embodies these principles. The unified network security management system described in this paper gleans data from a suite of detection tools for various networking domains. Aggregate real-time network data supplies a comprehensive modeling framework used for further analysis, correlation, and visualization. The resulting system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.


Converged networks security architecture network modeling attack visualization attack management 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    N. Muller, Convergence: The Next Revolution in Telecommunications, Artech, 1999.Google Scholar
  2. 2.
    Fyodor, The Art of Port Scanning,, 2002.
  3. 3.
    T. Kosloff, Attacks on public telephone networks: Technologies and challenges. Proceedings of the SPIE Conference on Sensors and C3I Technologies for Homeland Defense and Law Enforcement, 2003.Google Scholar
  4. 4.
    G. Vigna, F. Valeur, J. Zhou, and R. A. Kemmerer, Comoposable Tools for Network Discovery and Security Analyses. Proceedings of the Annual Computer Security Applications Conference, 2002.Google Scholar
  5. 5.
    B. Skaggs, B. Blackburn, G. Manes, and S. Shenoi, Network Vulnerability Analysis. Proceedings of the IEEE 45gh Midwest Symposium on Circuits and Systems, 2002.Google Scholar
  6. 6.
    General Dynamic, Inc. Motorola Intrusion Vision.Google Scholar
  7. 7.
    Ringneck Technologies, Inc. Ringneck Security Console.Google Scholar
  8. 8.
    G. Lorenz, Public Telephone Network Vulnerabilities. Advances in Data and Applications Security.Google Scholar
  9. 9.
    C. Campbell, J. Dawkins, R. Larson, K. Fitch, and T. Tidwell, Network Modeling for Vulnerability Analysis. Proceedings of the Third Annual International Systems Security Engineering Association Conference, 2002, 2002.Google Scholar
  10. 10.
    J. Dawkins, C. Campbell, R. Larson, K. Fitch, and T. Tidwell, Modeling Network Attacks: Extending the Attack Tree Paradigm. Proceedings of the Third Annual International Systems Security Engineering Association Conference, 2002.Google Scholar
  11. 11.
    B. Schneier, Secrets and Lies, Wiley, San Francisco, CA, 2000.Google Scholar
  12. 12.
    American Nation Standards Institute. SS7 Integrated Services Digital Network User Part.Google Scholar
  13. 13.
    GR-82: Signaling Transfer Point Generic Reuirements, Telcordia, 2001.Google Scholar
  14. 14.
    J. Somesh, J. Wing, and O. Sheyner, Minimization and reliability analysis of attack graphs, Carnegie Mellon University, 2002.Google Scholar
  15. 15.
    O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. Wing, Automated Generation and Analysis of Attack Graphs. Proceedings of the IEEE Symposium on Security and Privacy, June, 2002.Google Scholar
  16. 16.
    J. Andrews, T. Reliability Moss, and Risk Assesment, The American Society of Mechanical Engineers, 2002.Google Scholar
  17. 17.
    N. Leveson, Safeware: System Safety and Computers, New York, 1995.Google Scholar

Copyright information

© Springer Science + Business Media, Inc. 2005

Authors and Affiliations

  1. 1.Center for Information SecurityUniversity of TulsaTulsa
  2. 2.Center for Information SecurityTulsaUSA

Personalised recommendations