Comprehensive security exploration in internet service providers networks: A systematic literature review

Authors

  • Chrystian Viteri Hernández Pontificia Universidad Católica del Ecuador Sede Ambato
  • Diego Ávila Escuela Superior Politécnica de Chimborazo (ESPOCH)

DOI:

https://doi.org/10.47187/perspectivas.6.1.215

Keywords:

Detección de amenazas, proveedores de internet, seguridad en redes, revisión sistemática de literatura

Abstract

Network security in Internet Service Providers
(ISPs) is paramount for safeguarding essential
online information and services, particularly in an era where reliance on the internet is more
pronounced than ever. In response to increasingly
sophisticated cyber-attacks, ISPs must implement
effective security measures. This study provides a
comprehensive insight into ISP network security,
grounded in a systematic review of 57 documents
from SpringerLink, Scopus, and Web of Science,
employing Kitchenham's methodology. It was
found that ISPs deploy a variety of security
mechanisms, including firewalls, intrusion
detection and prevention systems, and penetration
testing. These approaches are critical for effectively
countering cyber threats. The research concludes
that an integrated security strategy, combining
various measures such as advanced firewalls, data
encryption, and regular penetration testing, is
crucial in the infrastructure of ISPs.

Métricas

References

C. Hesselman et al., “A Responsible Internet to Increase Trust in the Digital World,” Journal of Network and Systems Management, vol. 28, no. 4, 2020, doi: 10.1007/s10922-020-09564-7.

M. Alanazi and A. Aljuhani, “Anomaly Detection for Internet of Things Cyberattacks,” Computers, Materials and Continua, vol. 72, no. 1, 2022, doi: 10.32604/cmc.2022.024496.

F. E. Catota, M. Granger Morgan, and D. C. Sicker, “Cybersecurity incident response capabilities in the Ecuadorian financial sector,” J Cybersecur, vol. 4, no. 1, 2018, doi: 10.1093/cybsec/tyy002.

C. W. Lee and S. Madnick, “Cybersafety approach to cybersecurity analysis and mitigation for mobility-as-a-service and internet of vehicles,” Electronics (Switzerland), vol. 10, no. 10, 2021, doi: 10.3390/electronics10101220.

Z. Wenhua et al., “Data security in smart devices: Advancement, constraints and future recommendations,” IET Networks. 2023. doi: 10.1049/ntw2.12091.

O. S. Althobaiti and M. Dohler, “Cybersecurity challenges associated with the internet of things in a post-quantum world,” IEEE Access, vol. 8, 2020, doi: 10.1109/ACCESS.2020.3019345.

R. Tapiero, A. Gonzalez, and N. Novoa, “Seguridad en redes SDN y sus aplicaciones,” Revista colombiana de tecnologias de avanzada (RCTA), vol. 1, no. 37, 2023, doi: 10.24054/rcta.v1i37.1262.

P. Kumar, R. Kumar, A. Aljuhani, D. Javeed, A. Jolfaei, and A. K. M. N. Islam, “Digital twin-driven SDN for smart grid: A deep learning integrated blockchain for cybersecurity,” Solar Energy, vol. 263, 2023, doi: 10.1016/j.solener.2023.111921.

M. Á. Álvarez Roldán and H. F. Montoya Vargas, “Ciberseguridad en las redes móviles de telecomunicaciones y su gestión de riesgos,” Ingeniería y Desarrollo, vol. 38, no. 2, pp. 279–297, 2020, doi: https://doi.org/10.14482/inde.38.2.006.31.

G. Carrión-Barco, M.-J. Sánchez-Chero, C. I. Del Castillo Castro, F. W. Campos Flores, and M. Timaná Alvarez, “Modelo de seguridad informática para un medio de conexión pública,” Revista de la Universidad del Zulia, vol. 12, no. 32, 2021, doi: 10.46925//rdluz.32.21.

J. J. Cano M., “Seguridad y ciberseguridad 2009-2019. Lecciones aprendidas y retos pendientes,” Revista SISTEMAS, no. 155, 2020, doi: 10.29236/sistemas.n155a6.

B. Kitchenham, O. Pearl Brereton, D. Budgen, M. Turner, J. Bailey, and S. Linkman, “Systematic literature reviews in software engineering – A systematic literature review,” Inf Softw Technol, vol. 51, no. 1, pp. 7–15, 2009, doi: https://doi.org/10.1016/j.infsof.2008.09.009.

E. Henríquez Fierro and M. I. Zepeda Gonzales, “Elaboración de un artículo científico de investigación,” Ciencia y enfermería, vol. 10, pp. 17–21, 2004, doi: https://dx.doi.org/10.4067/S0717-95532004000100003.

E. Serna M. and D. Morales V., “La investigación en verificación formal- un estado del arte,” Revista Cubana de Ciencias Informáticas, vol. 7, no. 3, pp. 114–126, 2013, [Online]. Available: https://www.redalyc.org/articulo.oa?id=378334198010

Y. Li and Q. Liu, “A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments,” Energy Reports, vol. 7, pp. 8176–8186, 2021, doi: https://doi.org/10.1016/j.egyr.2021.08.126.

P. R. Kshirsagar, H. Manoharan, H. A. Alterazi, N. Alhebaishi, O. B. J. Rabie, and S. Shitharth, “Construal Attacks on Wireless Data Storage Applications and Unraveling Using Machine Learning Algorithm,” J Sens, vol. 2022, p. 9386989, 2022, doi: 10.1155/2022/9386989.

M. Husák, N. Neshenko, M. S. Pour, E. Bou-Harb, and P. eleda, “Assessing Internet-wide Cyber Situational Awareness of Critical Sectors,” Proceedings of the 13th International Conference on Availability, Reliability and Security, 2018, [Online]. Available: https://api.semanticscholar.org/CorpusID:51981620

L. Megouache, A. Zitouni, and M. Djoudi, “Ensuring user authentication and data integrity in multi-cloud environment,” Human-centric Computing and Information Sciences, vol. 10, no. 1, p. 15, 2020, doi: 10.1186/s13673-020-00224-y.

Y. Lee, S. Rathore, J. H. Park, and J. H. Park, “A blockchain-based smart home gateway architecture for preventing data forgery,” Human-centric Computing and Information Sciences, vol. 10, no. 1, p. 9, 2020, doi: 10.1186/s13673-020-0214-5.

Swati, S. Roy, J. Singh, and J. Mathew, “Design and analysis of DDoS mitigating network architecture,” Int J Inf Secur, vol. 22, no. 2, pp. 333–345, 2023, doi: 10.1007/s10207-022-00635-1.

S. O. Tumbo, K. M. Villalba, Siler, and A. Donado, “An adaptable Intelligence Algorithm to a Cybersecurity Framework for IIOT Un algoritmo de inteligencia adaptable a un marco de ciberseguridad para IIOT,” 2022. doi: DOI: 10.25100/iyc.v24i2.11762.

S. Creese, W. H. Dutton, and P. Esteve-González, “The social and cultural shaping of cybersecurity capacity building: a comparative study of nations and regions,” Pers Ubiquitous Comput, vol. 25, no. 5, pp. 941–955, 2021, doi: 10.1007/s00779-021-01569-6.

J. Singh, “Mitigating Cyber-Attacks in Cloud Environments: Hardware-Supported Multi-Point Conceptual Framework,” International Journal of Cyber Warfare and Terrorism (IJCWT), vol. 11, no. 4, pp. 43–57, 2021, doi: 10.4018/IJCWT.2021100103.

D. S. Pacheco, “Seguridad en redes de comunicaciones: Perspectivas y desafíos,” Ingeniare. Revista chilena de ingeniería, vol. 30, pp. 215–217, 2022, doi: https://dx.doi.org/10.4067/S0718-33052022000200215.

S. K. Kodali and C. H. Muntean, “An Investigation into Deep Learning Based Network Intrusion Detection System for IoT Systems,” in 2021 IEEE International Conference on Data Science and Computer Application (ICDSCA), 2021, pp. 374–377. doi: 10.1109/ICDSCA53499.2021.9650111.

J. Steinberger, A. Sperotto, H. Baier, and A. Pras, “Distributed DDoS Defense: A collaborative Approach at Internet Scale,” in NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium, 2020, pp. 1–6. doi: 10.1109/NOMS47738.2020.9110300.

P. Benlloch-Caballero, Q. Wang, and J. M. Alcaraz Calero, “Distributed dual-layer autonomous closed loops for self-protection of 5G/6G IoT networks from distributed denial of service attacks,” Computer Networks, vol. 222, p. 109526, 2023, doi: https://doi.org/10.1016/j.comnet.2022.109526.

I. Ko, D. Chambers, and E. Barrett, “Feature dynamic deep learning approach for DDoS mitigation within the ISP domain,” Int J Inf Secur, vol. 19, no. 1, pp. 53–70, 2020, doi: 10.1007/s10207-019-00453-y.

M. S. Alkatheiri, M. A. Alqarni, and S. H. Chauhdary, “Cyber security framework for smart home energy management systems,” Sustainable Energy Technologies and Assessments, vol. 46, p. 101232, 2021, doi: https://doi.org/10.1016/j.seta.2021.101232.

B. Ayodele and V. Buttigieg, “SDN as a defence mechanism: a comprehensive survey,” Int J Inf Secur, 2023, doi: 10.1007/s10207-023-00764-1.

S. Kaur, A. K. Sandhu, and A. Bhandari, “Investigation of application layer DDoS attacks in legacy and software-defined networks: A comprehensive review,” Int J Inf Secur, vol. 22, no. 6, pp. 1949–1988, 2023, doi: 10.1007/s10207-023-00728-5.

I. Ko, D. Chambers, and E. Barrett, “Unsupervised learning with hierarchical feature selection for DDoS mitigation within the ISP domain,” ETRI Journal, vol. 41, no. 5, pp. 574–584, Oct. 2019, doi: https://doi.org/10.4218/etrij.2019-0109.

F. S. de Lima Filho, F. A. F. Silveira, A. de Medeiros Brito Junior, G. Vargas-Solar, and L. F. Silveira, “Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning,” Security and Communication Networks, vol. 2019, p. 1574749, 2019, doi: 10.1155/2019/1574749.

N. A. Ugochukwu, S. B. Goyal, A. S. Rajawat, S. M. N. Islam, J. He, and M. Aslam, “An Innovative Blockchain-Based Secured Logistics Management Architecture: Utilizing an RSA Asymmetric Encryption Method,” Mathematics, vol. 10, no. 24, 2022, doi: 10.3390/math10244670.

I. Ko, D. Chambers, and E. Barrett, “Adaptable feature-selecting and threshold-moving complete autoencoder for DDoS flood attack mitigation,” Journal of Information Security and Applications, vol. 55, p. 102647, 2020, doi: https://doi.org/10.1016/j.jisa.2020.102647.

T. Gangavarapu, C. D. Jaidhar, and B. Chanduka, “Applicability of machine learning in spam and phishing email filtering: review and approaches,” Artif Intell Rev, vol. 53, no. 7, pp. 5019–5081, 2020, doi: 10.1007/s10462-020-09814-9.

A. Papanikolaou, A. Alevizopoulos, C. Ilioudis, K. Demertzis, and K. Rantos, “An autoML network traffic analyzer for cyber threat detection,” Int J Inf Secur, vol. 22, no. 5, pp. 1511–1530, 2023, doi: 10.1007/s10207-023-00703-0.

M. Repetto, D. Striccoli, G. Piro, A. Carrega, G. Boggia, and R. Bolla, “An Autonomous Cybersecurity Framework for Next-generation Digital Service Chains,” Journal of Network and Systems Management, vol. 29, no. 4, p. 37, 2021, doi: 10.1007/s10922-021-09607-7.

Y. Palmo, S. Tanimoto, H. Sato, and A. Kanai, “IoT Reliability Improvement Method for Secure Supply Chain Management,” in 2021 IEEE 10th Global Conference on Consumer Electronics (GCCE), 2021, pp. 364–365. doi: 10.1109/GCCE53005.2021.9622088.

N. Yakin, M. Zhitkov, A. Chernikov, and P. Pepelyaev, “Security Threats and Service Degradation Detection in LoRaWAN Networks,” in 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), 2021, pp. 455–458. doi: 10.1109/USBEREIT51232.2021.9455123.

D. Mendez Mena and B. Yang, “Decentralized Actionable Cyber Threat Intelligence for Networks and the Internet of Things,” IoT, vol. 2, no. 1, pp. 1–16, 2021, doi: 10.3390/iot2010001.

B. Rodrigues, E. Scheid, C. Killer, M. Franco, and B. Stiller, “Blockchain Signaling System (BloSS): Cooperative Signaling of Distributed Denial-of-Service Attacks,” Journal of Network and Systems Management, vol. 28, no. 4, pp. 953–989, 2020, doi: 10.1007/s10922-020-09559-4.

P. M. Santos et al., “Towards a Distributed Learning Architecture for Securing ISP Home Customers,” in Artificial Intelligence Applications and Innovations. AIAI 2021 IFIP WG 12.5 International Workshops, I. Maglogiannis, J. Macintyre, and L. Iliadis, Eds., Cham: Springer International Publishing, 2021, pp. 311–322.

D. Mustefa and S. Punnekkat, “Cybersecurity Analysis for a Remote Drug Dosing and Adherence Monitoring System,” in IoT Technologies for HealthCare, R. Goleva, N. R. da C. Garcia, and I. M. Pires, Eds., Cham: Springer International Publishing, 2021, pp. 162–178. Accessed: Dec. 18, 2023. [Online]. Available: https://doi.org/10.1007/978-3-030-69963-5_12

A. U. Sudugala, W. H. Chanuka, A. M. N. Eshan, U. C. S. Bandara, and K. Y. Abeywardena, “WANHEDA: A Machine Learning Based DDoS Detection System,” in 2020 2nd International Conference on Advancements in Computing (ICAC), 2020, pp. 380–385. doi: 10.1109/ICAC51239.2020.9357130.

F. M. Isiaka, S. A. Audu, and M. A. Umar, “Developing a fail-safe culture in a cyber environment using MySQL replication technique,” International Journal of Crowd Science, vol. 4, no. 2, pp. 149–170, Jan. 2020, doi: 10.1108/IJCS-04-2018-0008.

D. Suvarna and S. Pathak, “Threat Modeling for Breaking of CAPTCHA System,” in Intelligent Computing, Information and Control Systems, A. P. Pandian, K. Ntalianis, and R. Palanisamy, Eds., Cham: Springer International Publishing, 2020, pp. 94–104. Accessed: Dec. 18, 2023. [Online]. Available: https://bv.unir.net:2133/10.1007/978-3-030-30465-2_12

Downloads

Published

2024-02-21

How to Cite

[1]
C. Viteri Hernández and D. Ávila, “Comprehensive security exploration in internet service providers networks: A systematic literature review”, Perspectivas, vol. 6, no. 1, Feb. 2024.

Issue

Vol. 6 No. 1 (2024): Revista Perspectivas

Section

Artículos arbitrados

License

Copyright (c) 2024 Chrystian Viteri Hernández, Diego Ávila

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Copyright

The authors of the manuscripts will retain their copyright on their articles published in Pespectivas Journal. These rights allow the authors to present their manuscripts in public, prepare derivative works, reproduce them physically by printing and distribute them on their social or research networks. These rights will remain unchanged as long as the authors respect the publication and free access policy of Perspectivas Journal.

 

Publication Rights

Perspectivas Journal reserves all first publication rights on each of the articles that the authors have sent to its review and publication process. It implies that authors will only exercise their copyright if they state the source and origin of the publication correctly, mainly when they distribute, share, present, or use their articles' total or partial content.