Development of a Network Monitoring System for Ship's Network Security Using SNMP

Abstract

Nowadays, the risk of unauthorized access or malicious attacks on ship’s systems onboard internally or externally is possible to be a threat to the safe operation of ship’s network. According to the requirements of IEC (International Electro-Technical Commission) 61162-460 network standard, a secure 460-Network is designed for safety and security of networks on board ships and developed a network monitoring software application for monitoring the 460-Network.

Therefore, in this thesis to secure the ship’s network, ship’s security network is designed and implemented by using 460-Switch, 460-Nodes, 460-gateway that contains firewalls and DMZ (Demilitarized Zone) with various security application servers in compliance with IEC 61162-460. Also, 460-firewall is used to permit/deny traffic to/from unauthorized networks. 460-NMS (Network Monitoring System) is a network monitoring software application, developed by using SNMP (Simple Network Management Protocol) SharpNet library with.Net 4.5 frameworks and backhand SQLite database management which are used to manage the network information. 460-NMS configures 460-Switch and communicates by SNMP, SNMP Trap, and Syslog to gather the network information and status of each 460-Switch interface. 460-NMS analyze and monitors the 460-Network load, traffic flow, current system status, network failure, or detect unknown device connection. It notifies the system administrator via alarms, notifications or warnings in case if any network problem occurs. To confirm the performance of the designed 460-Network according to the requirements of IEC 61162-460 standard: First, the laboratory is composed of the dedicated network with CISCO 460-Switch, 460-Gateway, Fortigate 460-Firewall, and lab computers. These network devices exclude from external networks such as the internet. The 460-NMS is connected with configured laboratory network to analyze and monitor the network traffic flow, load and device connections by using SNMP.

Second, the test of 460-NMS is carried out in a company’s network. That is very complex network environment which includes IEC 61162-460, IEC 61162-450, IEC 61162-3 (NMEA 2000), IEC 61162-1, -2 (NMEA 0183) data networks with 450-Gateway, Gateway 450 to 0183, Gateway N2K to 0183, and Gateway 0183 to N2K and excludes from unauthorized networks.

Finally after testing, it is confirmed that the 460-NMS analyzes, monitors the whole 460-network and notifies and warns abnormal status of 460-network as the requirements of IEC 61162-460 international standards.