Enhancing Syslog Message Security and Reliability over Unidirectional Fiber Optics

Standard log transmission protocols do not offer a robust way of segregating the log network from potential threats. A secure log transmission system and the realization of a data diode using affordable components are proposed. Unidirectional data flow prevents unauthorized access and eavesdropping,...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Sensors (Basel, Switzerland) Switzerland), 2024-10, Vol.24 (20), p.6537
Hauptverfasser: Anton, Alin-Adrian, Csereoka, Petra, Capota, Eugenia Ana, Cioargă, Răzvan-Dorel
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Standard log transmission protocols do not offer a robust way of segregating the log network from potential threats. A secure log transmission system and the realization of a data diode using affordable components are proposed. Unidirectional data flow prevents unauthorized access and eavesdropping, ensuring the integrity and confidentiality of sensitive log data. The system uses an encryption protocol that requires that the upstream and the downstream of the data diode are perfectly synchronized, mitigating replay attacks. It has been shown that message amplification can mitigate UDP packet loss, but this is only required when the data diode traffic is congested. The implementation of the encryption algorithm is suitable for resource-constrained devices and it has been shown to produce random-looking output even on a reduced number of rounds when compared to the parent cipher. Several improvements have been made to the original encryption algorithm for which an actual implementation was missing. Free software and datasets have been made available to reproduce the results. The complete solution is easy to reproduce in order to secure the segregation of a log network inside any scenario where logging is required by the law and log tampering must be prevented.
ISSN:1424-8220
1424-8220
DOI:10.3390/s24206537