Transparent Peer Review By Scholar9

A METHOD FOR ENDPOINT AWARE INSPECTION IN A NETWORK SECURITY SOLUTION

Abstract

Due to the flood in remote work after the episode of Covid, network security has gained a giant fixation. The issue of mixed-up audit decisions in network security plans has for quite a while been reprimanded, but the meaning of the decision precision has never been overall around as critical as today. In this paper we offer a response for additional fostering the assessment decision accuracy by deciding a method for endpoint careful survey in an association security plan prepared for performing significant package examination. The method utilizes a subset of the protected association to gather hash fingerprints from the endpoint application network traffic plans. The information collected from this subset is then utilized for procuring endpoint care for the rest of the protected organization. We use strategies that work on the application layer of the show stack. This makes the strategy fitting not only for neighborhood executions, as NGFWs and IPSs, yet also for SaaS and SASE game plans. The methodology is, regardless, conveniently utilized with lower layer information, for instance, association and transport layer information, for working system care too. We similarly present a proof-of-thought context-oriented examination where that is the thing we see, of the relevant association affiliations, 100% could be recognized while the functioning system and endpoint application were accessible in the source pack. All things considered, this is the primary method to redesign the assessment cycle accuracy by using a subset of the protected association to secure endpoint care.

Shreyas Mahimkar Reviewer

Review Request Accepted

Shreyas Mahimkar Reviewer
27 Aug 2024 09:10 AM

Approved Rating

Relevance and Originality

Methodology

Validity & Reliability

Clarity and Structure

Results and Analysis

Comment

Introduction and Relevance: The paper addresses the heightened importance of network security, particularly in the context of increased remote work due to the COVID-19 pandemic. This sets a clear and relevant foundation for the research, making the focus on improving audit decision accuracy highly pertinent.
Proposed Solution: The method proposed for enhancing assessment decision accuracy by using endpoint inspection within a network security plan is well-introduced. The approach of utilizing hash fingerprints from network traffic to gather endpoint awareness is innovative and practical, especially in the current cybersecurity landscape.
Methodology: The explanation of how the method operates at the application layer and its adaptability for different network security implementations (e.g., NGFWs, IPSs, SaaS, and SASE solutions) is detailed and demonstrates a thorough understanding of network security frameworks. The flexibility of the approach to work with lower-layer information adds value to the methodology.
Proof-of-Concept: The proof-of-concept case study is a strong addition, showcasing the practical application of the proposed method. The claim of achieving 100% recognition of relevant network connections when the operating system and endpoint application were present is impressive and substantiates the method's effectiveness.
Areas for Improvement: While the proposed method and results are compelling, the paper could benefit from further discussion on potential limitations or challenges in real-world implementation. Additionally, comparisons with existing network security methods could provide a better context for understanding the advancements made.

Overall, the paper presents a valuable contribution to network security by offering a novel method for improving audit decision accuracy, supported by a solid proof-of-concept.