ISP-operated protection of home networks with FIDRAN
作者: A. Hess , G. Schafer
DOI: 10.1109/CCNC.2004.1286830
关键词:
摘要: In order to fight against the increasing number of network security incidents due mal-protected home networks permanently connected Internet via DSL, TV cable or similar technologies, we propose that service providers (ISP) operate and manage intrusion prevention systems (IPS) which are a large extend executed on consumer's gateway (e.g., DSL router). The paper analyses requirements ISP-operated presents our approach for an IPS runs top active networking environment is automatically configured by vulnerability scanner. We call system FIDRAN (Flexible Intrusion Detection Response framework Active Networks). autonomously correspondingly configures IPS. Furthermore, detects adjusts itself changes in (new service, new host, etc.). First performance comparisons show - while offering more flexibility being able support continuous updating principles competes well with conventional like Snort-Inline.
sci-hub.se 参考文章(6)
Andreas Hess, Michael Jung, Günter Schäfer, Combining Multiple Intrusion Detection and Response Technologies in an Active Networking Based Architecture DFN-Arbeitstagung über Kommunikationsnetze. pp. 153- 165 ,(2003)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Thomas Fuhrmann, Till Harbaum, Marcus Schöller, Martina Zitterbart, AMnet 2.0: An Improved Architecture for Programmable Networks Lecture Notes in Computer Science. pp. 162- 176 ,(2002) , 10.1007/3-540-36199-5_13
W. La Cholter, P. Narasimhan, D. Sterne, R. Balupari, K. Djahandari, A. Mani, S. Murphy, IBAN: intrusion blocker based on active networks Proceedings DARPA Active Networks Conference and Exposition. pp. 182- 192 ,(2002) , 10.1109/DANCE.2002.1003492
D. Sterne, K. Djahandari, R. Balupari, W. La Cholter, B. Babson, B. Wilson, P. Narasimhan, A. Purtell, D. Schnackenberg, S. Linden, Active network based DDoS defense Proceedings DARPA Active Networks Conference and Exposition. pp. 193- 203 ,(2002) , 10.1109/DANCE.2002.1003493
A. Hess, M. Jung, G. Schafer, FIDRAN: a flexible intrusion detection and response framework for active networks international symposium on computers and communications. pp. 1219- 1224 ,(2003) , 10.1109/ISCC.2003.1214281