Intrusion and misuse deterrence system employing a virtual network
作者: Ronald J. Gula , Martin F. Roesch
DOI:
关键词: Exploit 、 Computer security 、 Engineering 、 Intrusion detection system 、 Attack model 、 Virtual network 、 Server 、 Class (computer programming) 、 Identification (information) 、 Application software
摘要: A method and apparatus is disclosed for increasing the security of computer networks through use an Intrusion Misuse Deterrence System (IMDS) operating on network. The IMDS a system that creates synthetic network complete with hosts routers. It comprised server associated application software appears to be legitimate portion real intruder. consequently invites inquiry entices intruder away from Simulated services are configured appear running virtual clients globally unique, class “C” IP addresses. Since there no users simulated by IMDS, all such activity must inappropriate can treated as such. Consequently, entire set transactions collected identified rather than just those meet predefined attack profile. Also, new exploits attacks handled effectively known attacks, resulting in better identification methodologies well analysis types. only has concerned traffic going its it additionally eliminates bandwidth limitation plagues traditional intrusion detection (IDS).
lens.org 参考文章(20)
E. Amoroso, R. Kwapniewski, A selection criteria for intrusion detection systems annual computer security applications conference. pp. 280- 288 ,(1998) , 10.1109/CSAC.1998.738648
Staffan Winell, Use of lower IP-address bits ,(1998)
Ashok P. Nadkarni, Alan J. Kirby, Controlling passage of packets or messages via a virtual connection or flow ,(1995)
Stephen E. Smaha, Steven R. Snapp, Method and System for Detecting Intrusion Into and Misuse of a Data Processing System ,(1995)
Julie Lynn Huff, Sheila Ann Jackson, Tracy Glenn Shelanskey, Dynamic system defence for information warfare ,(1999)
James R. Maricondo, Robert F. Ross, Michael P. Lyle, System and method for computer security ,(2000)
Fred Cohen, Method and apparatus for network deception/emulation ,(2000)
Niels Christiansen, Albert T. Rowan, James N. Chen, Joseph C. Ross, System and method for dynamically controlling remote processes from a performance monitor ,(1992)