Virus and Content Filtering
As the size of global computer networks expands and the use of the Internet skyrockets, the security issues do manifest themselves not only in the security of computer networks but also in individual user security on individual PCs connected to the Intern
- PDF / 198,868 Bytes
- 20 Pages / 439.37 x 666.142 pts Page_size
- 47 Downloads / 148 Views
15.1
15
Definitions
As the size of global computer networks expands and the use of the Internet skyrockets, the security issues do manifest themselves not only in the security of computer networks but also in individual user security on individual PCs connected to the Internet either via an organization’s gateway or an Internet service provider (ISP). The security of every user, therefore, is paramount whether the user is a member of an organization network or a user of a home PC via an independent ISP. In either case, the effort is focused on protecting not only the data but also the user. The most effective way to protect such a user and the data is through content filtering. Content filtering is a process of removing unwanted, objectionable, and harmful content before it enters the user network or the user PC. The filtering process can be located in several locations including on a user’s PC, on a server within an organization, as a service provided by an ISP, or by means of a third-party site that provides the basis of a closed community. In their report to the Australian Government on Content Filtering, Paul Greenfield et al. [1] divide the process of content filtering into two approaches: inclusion filtering and exclusion filtering.
15.2
Scanning, Filtering, and Blocking
Scanning is a systematic process of sweeping through a collection of data looking for a specific pattern. In a network environment, the scanning process may involve a program that sweeps through thousands of IP addresses looking for a particular IP address string or a string that represents a vulnerability or a string that represents a vulnerable port number. Filtering, on the other hand, is a process of using a computer program to stop an Internet browser on a computer from being able to load certain Web pages based upon predetermined criteria such as IP addresses. Blocking, like filtering, is also a process of preventing certain types of information # Springer International Publishing AG 2017 J.M. Kizza, Guide to Computer Network Security, Computer Communications and Networks, DOI 10.1007/978-3-319-55606-2_15
331
332
15
Virus and Content Filtering
from being viewed on a computer’s screen or stored on a computer’s disk. In this section, we are going to look at these three processes and see how they are used in computer networks and personal computers as a way to enhance security.
15.2.1 Content Scanning All Internet content inbound into and outbound from either an organization’s network, an ISP gateway, or a user PC is always scanned before it is filtered. So scanning is very important in content filtering. Let us look at the ways scanning is done on the content of the Internet, either inbound or outbound. There are two forms of scanning: pattern-based and heuristic scanning.
15.2.1.1 Pattern-Based Scanning In pattern-based scanning, all content coming into or leaving the network, an ISP gateway, or user PC is scanned and checked against a list of patterns, or definitions, supplied and kept up to date by the vendor. The techniq
Data Loading...
