Review
Version 1
Preserved in Portico This version is not peer-reviewed
The Critical Role of SNMP in Enabling Network Security
Version 1
: Received: 8 October 2023 / Approved: 9 October 2023 / Online: 9 October 2023 (11:53:56 CEST)
How to cite: alkasassbeh, M. The Critical Role of SNMP in Enabling Network Security. Preprints 2023, 2023100512. https://doi.org/10.20944/preprints202310.0512.v1 alkasassbeh, M. The Critical Role of SNMP in Enabling Network Security. Preprints 2023, 2023100512. https://doi.org/10.20944/preprints202310.0512.v1
Abstract
Simple Network Management Protocol (SNMP) is extensively utilized for monitoring and managing computer networks. This paper synthesizes and reviews recent research on harnessing SNMP data for developing effective network security solutions driven by artificial intelligence and machine learning techniques. The comprehensive device-level visibility and timely data provided by SNMP offers significant potential to enable high-performance intrusion detection systems, security analytics, and real-time monitoring capabilities to protect against evolving cyber threats. However, inherent vulnerabilities in versions like SNMP v1/v2c persist, especially due to default community strings allowing uncontrolled access. A number of techniques like newer SNMPv3 standard have been proposed to improve security through encryption, authentication, and fine-grained access control. Additionally, general best practices around firewalling, traffic monitoring, and compliance audits are recommended for robust SNMP deployment. The literature reviewed demonstrates SNMP’s capabilities in enabling anomaly detection with over 99% accuracy by applying supervised learning methods like random forests and neural networks to SNMP Management Information Base (MIB) data. The network-centric visibility offered by SNMP's extensive statistics on traffic configurations and behaviors provides an invaluable advantage over packetlevel data for developing intelligent detection models. Beyond intrusion detection systems, SNMP data has also shown significant utility for security analytics like attack pattern discovery, bandwidth modeling, and large-scale threat intelligence by aggregating data from distributed network devices. Further research opportunities exist in areas like feature engineering, model optimization, and continued evaluation of evolving attacks patterns. In conclusion, with appropriate secure configurations, SNMP provides the comprehensive and real-time data needed by modern artificial intelligence security applications in a scalable manner due to its device-centric focus, standardized schema, and ubiquitous deployment
Keywords
SNMP; IDS; Security
Subject
Computer Science and Mathematics, Computer Networks and Communications
Copyright: This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Comments (0)
We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.
Leave a public commentSend a private comment to the author(s)
* All users must log in before leaving a comment