Automating Firewall Testing Using Network Traffic Simulation Tools
Pysyvä osoite
Kuvaus
Opinnäytetyö kokotekstinä PDF-muodossa.
As cybersecurity is increasingly emerging as a critical aspect across the technology industry, Wärtsilä engine network systems cyber-resilience is recognized as a significant factor in ensuring the cybersecurity of engines and the engine auxiliaries. As Wärtsilä marine engine network systems rely on firewalls as core defence mechanism against external threats, it is crucial to ensure both the bidirectional traffic between the engine and engine auxiliaries and to prevent access by unauthorized devices that are separated from each other by firewalls.
Thus far, Wärtsilä firewall testing is primarily performed manually. Therefore, the objective of this thesis is to investigate as well as discover tools to automate the firewall testing process. As the objective of this thesis is not to redesign firewall configuration but centres its efforts on discovering a traffic simulation tool combination to simulate end-to-end communication between client and server hosts. This study examines which tools can send and receive network traffic along with which tools are limited to one-way packet generation
In the methodology section of this research the literature review is combined with the experimental work conducted in a lab environment. In the methodology section traffic generation tools are reviewed. Tools which were not found to be effective were subsequently excluded. In addition, a Scapy based answering machine was implemented to enable the solution on the server host side, while Nmap appeared to solve the client host side traffic generation problem.
This thesis contributes to Wärtsilä engines cybersecurity through the approach invented during the experimental work conducted by the author. The automated firewall testing results demonstrate how the simulation tools can minimize manual efforts.
In conclusion, this work delivers a solution to automatically test all ports, which may extend to 60000 per device, in comparison with the preceding tests that were conducted only for ports in use. The automation proposed in this research provides a convenient solution for testing new system updates, such as firmware or configuration updates.