DecIdUouS: Decentralized Source Identification for Network-Based Intrusions
نویسندگان
چکیده
DECIDUOUS is a security management framework for identifying the sources of network-based intrusions. The rst key concept in DECIDUOUS is dynamic security associations, which e ciently and collectively provide location information for attack sources. DECIDUOUS is built on top of IETF's IPSEC/ISAKMP infrastructure, and it does not introduce any new network protocol for source identi cation in a single administrative domain. It de nes a collaborative protocol for inter-domain attack source identi cation. The second key concept in DECIDUOUS is the management information integration of the intrusion detection system (IDS) and attack source identi cation system (ASIS) across di erent protocol layers. For example, in DECIDUOUS, it is possible for a network-layer security control protocol (e.g., IPSEC) to collaborate with an application-layer intrusion detection system module (e.g., IDS for the SNMP engine). In this paper, we present the motivations, design, and prototype implementation of the DECIDUOUS framework.
منابع مشابه
Network Intruder Location Using Markov Decision Processes Extended Abstract for Raid 2000: Third International Workshop on Recent Advances in Intrusion Detection Topic Category: Innovative Approaches/new Ids Methodologies and Technologies 1 Intrusion and Misuse Location
In recent years, there has been considerable progress in developing systems for the detection of network intrusion and misuse. In contrast to the large amount of work on intrusion/misuse detection, there has been much less research reported on the crucial related problem of locating the source(s) of an attack once it is detected. Because of IP spooong, the source address in an attack packet can...
متن کاملA decentralized multi-level leader-follower game for network design of a competitive supply chain
This paper develops a decentralized leader-follower game for network design of a competitive supply chain problem in which a new chain as the leader enters a market with one existing supply chain as a follower. Both chains produce an identical product, customer demand is inelastic and customer utility function is based on Huff gravity-based model. The leader wants to shape his network and set a...
متن کاملDecentralized Routing and Power Allocation in FDMA Wireless Networks based on H∞ Fuzzy Control Strategy
Simultaneous routing and resource allocation has been considered in wireless networks for its performance improvement. In this paper we propose a cross-layer optimization framework for worst-case queue length minimization in some type of FDMA based wireless networks, in which the the data routing and the power allocation problem are jointly optimized with Fuzzy distributed H∞ control strategy ....
متن کاملCalculation of Leakage in Water Supply Network Based on Blind Source Separation Theory
The economic and environmental losses due to serious leakage in the urban water supply network have increased the effort to control the water leakage. However, current methods for leakage estimation are inaccurate leading to the development of ineffective leakage controls. Therefore, this study proposes a method based on the blind source separation theory (BSS) to calculate the leakage of water...
متن کاملAn approach for Anomaly based Intrusion detection System using SNORT
We all know that today we are dependent on computer technologies in any manner. As the use of technology is increases, risk associated with computer technology is also increases. Network security is the big challenge among the researchers. People are working in the field of network security from 1987 when Dorothy Denning published an intrusion detection model [2]. But till now we did not get an...
متن کامل