Tracing Based Active Intrusion Response
نویسندگان
چکیده
Network-based intrusion has become a serious threat to today’s highly networked information systems, existing intrusion defense approaches such as intrusion prevention, detection, tolerance and response are “passive” in response to network-based intrusions in that their countermeasures are limited to being local to the intrusion target and there is no automated, network-wide counteraction against detected intrusions. While they all play an important role in counteracting network-based intrusion, they do not, however, effectively address the root cause of the problem – intruders.
منابع مشابه
Sleepy Watermark Tracing: An Active Network-Based Intrusion Response Framework
Network-based intrusion has become a serious threat to today’s highly networked information systems, yet the overwhelming majority of current network security mechanisms are “passive” in response to network-based attacks. In particular, tracing and detection of the source of network-based intrusion has been left largely untouched in existing intrusion detection mechanisms. The fact that intrude...
متن کاملIP Tracing and Active Network Response
Active security is mainly concerned with performing one or more security functions when a host in a communication network is subject to an attack. Such security functions include appropriate actions against attackers. To properly afford active security actions a set of software subsystems should be integrated together so that they can automatically detect and appropriately address any vulnerabi...
متن کاملCombining Multiple Intrusion Detection and Response Technologies in an Active Networking Based Architecture
With the ever growing number of hosts connected to the Internet, representing potential sources of malicious attacks, and increasing sophistication of attacking techniques and automated attacking tools, network intrusion detection and response has evolved into a very active field of research in recent years and a wide variety of approaches has been developed [LFG00, NN01]. However, isolated ope...
متن کاملPublic Information Server for Tracing Intruders in the Internet
The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still di...
متن کاملDesign of an Active Intrusion Monitor System
As the number of network intrusions emerges, intrusion defense mechanisms are required urgently for providing a highly secure network environment. The intrusion detection system (IDS) is such a system to detect possible intrusions of networks, and to minimize the response time between intrusion detection and defense reaction as much as possible. In this paper, we propose a network-based intrusi...
متن کامل