DECIDUOUS: decentralized source identification for network-based intrusions
作者: HY Chang , R Narayan , SF Wu , BM Vetter , X Wang
关键词:
摘要: DECIDUOUS is a security management framework for identifying the sources of network-based intrusions. The first key concept in dynamic associations, which efficiently and collectively provide location information attack sources. built on top IETF's IPSEC/ISAKMP infrastructure, it does not introduce any new network protocol source identification single administrative domain. It defines collaborative inter-domain identification. second integration intrusion detection system (IDS) (ASIS) across different layers. For example, DECIDUOUS, possible network-layer control (e.g., IPSEC) to collaborate with an application-layer module IDS SNMP engine). In this paper, we present motivations, design, prototype implementation framework.
sci-hub.se 参考文章(5)
D. Maughan, M. Schneider, M. Schertler, J. Turner, Internet Security Association and Key Management Protocol (ISAKMP) RFC. ,vol. 2408, pp. 1- 86 ,(1998)
Franco P. Preparata, Gernot Metze, Robert T. Chien, On the Connection Assignment Problem of Diagnosable Systems IEEE Transactions on Electronic Computers. ,vol. 16, pp. 848- 854 ,(1967) , 10.1109/PGEC.1967.264748
Brian Vetter, Feiyi Wang, Shyhtsun Felix Wu, An experimental study of insider attacks for OSPF routing protocol international conference on network protocols. pp. 293- 300 ,(1997) , 10.1109/ICNP.1997.643735
Diheng Qu, Brian M Vetter, Feiyi Wang, Ravindar Narayan, Shyhtsun Felix Wu, YF Hou, Fengmin Gong, Chandramouli Sargor, Statistical anomaly detection for link-state routing protocols international conference on network protocols. pp. 62- 70 ,(1998) , 10.1109/ICNP.1998.723726
Shyhtsun F. Wu, Sleepy Network-Layer Authentication Service for IPSEC european symposium on research in computer security. pp. 146- 159 ,(1996) , 10.1007/3-540-61770-1_34