Tracing Based Active Intrusion Response
作者: Douglas S. Reeves , Xinyuan Wang , S. Felix Wu
DOI:
关键词: Intrusion 、 Computer security 、 Information system 、 Root cause 、 Tracing 、 Intrusion response 、 Intrusion prevention system 、 Computer science
摘要: Network-based intrusion has become a serious threat to today’s highly networked information systems, existing defense approaches such as prevention, detection, tolerance and response are “passive” in network-based intrusions that their countermeasures limited being local the target there is no automated, network-wide counteraction against detected intrusions. While they all play an important role counteracting intrusion, do not, however, effectively address root cause of problem – intruders.
columbia.edu 参考文章(27)
B. Schwartz, A.W. Jackson, W.T. Strayer, Wenyi Zhou, R.D. Rockwell, C. Partridge, Smart Packets for active networks 1999 IEEE Second Conference on Open Architectures and Network Programming. Proceedings. OPENARCH '99 (Cat. No.99EX252). pp. 90- 97 ,(1999) , 10.1109/OPNARC.1999.758557
Biswanath Mukherjee, L Todd Heberlein, Karl N Levitt, None, Network intrusion detection IEEE Network. ,vol. 8, pp. 26- 41 ,(1994) , 10.1109/65.283931
Vern Paxson, Yin Zhang, Detecting stepping stones usenix security symposium. pp. 13- 13 ,(2000)
Dan Schnackenburg, Dynamic, Cooperating Boundary Controllers Defense Technical Information Center. ,(2002) , 10.21236/ADA402346
Van C. Van, A Defense Against Address Spoofing Using Active Networks Massachusetts Institute of Technology. ,(1997)
Tom Karygiannis, Peter Mell, Wayne Jansen, Don Marks, Applying Mobile Agents to Intrusion Detection and Response ,(1999)
John Ioannidis, Matt Blaze, The Architecture and Implementation of Network Layer Security in UNIX. usenix security symposium. ,(1993)
L.H. Lehman, S.J. Garland, D.L. Tennenhouse, Active reliable multicast international conference on computer communications. ,vol. 2, pp. 581- 589 ,(1998) , 10.1109/INFCOM.1998.665078
Stephen E. Smaha, Terrance L. Goan, James Brentano, Daniel M. Teal, Karl N. Levitt, Biswanath Mukherjee, Steven R. Snapp, L. Todd Heberlein, Gihan V. Dias, Tim Grance, Che-Lin Ho, Doug Mansur, DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype Internet besieged. pp. 211- 227 ,(1997)
Kunikazu Yoda, Hiroaki Etoh, Finding a Connection Chain for Tracing Intruders european symposium on research in computer security. pp. 191- 205 ,(2000) , 10.1007/10722599_12