Countrywide virtual siege in the new era of cyberwarfare: remedies from the cyber-firewall: Seddulbahir

Abstract

ABSTRACTThis research details a country-wide cyber-attack and proposes a cyber-firewall called ‘Seddulbahir’ to defend against future attacks. The country-wide dual-phased cyber-attack scenario includes two separate phases. First, the attack spreads the malicious malware and second it creates botnets to generate malicious traffic from local subnets against the country’s DNS servers to disrupt internet connections and the communication infrastructure of the country. This research paper simulates and exposes the impact of one of the most popular National Security Agency (NSA)’s leaked tools called the FuzzBunch toolkit that can spread a proposed malware within a country’s local subnets and networks. The proposed national cyber firewall named ‘Seddulbahir’ will be used by the Cyber Emergency Response Team (CERT) to detect malicious traffic and clear proposed malware from the subnets through Network Address Translation (NAT) maps and prevent a botnet attack to protect against disruption of DNS servers and country’s communication infrastructure. The simulation results show that a country-wide cyber-attack would have a significant effect on DNS, HTTP response time, server CPU utilization, and link utilization metrics on communication servers. The performance results based on these metrics indicated that Seddulbahir mitigated the country-wide cyber-attack significantly and the interference of Seddulbahir (configured on simulation time) kept the CPU utilization level of DNS servers stable at 4%. This research highlights the importance and necessity of national cyber firewall systems to protect the critical communication infrastructure of the country through this proposed cyber-firewall mechanism.