资源描述:
《fidran a flexible intrusion detection and response framework for active networks》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、FIDRAN:AFlexibleIntrusionDetectionandResponseFrameworkforActiveNetworksA.Hess,M.Jung,G.SchäferTelecommunicationNetworksGroup,TechnischeUniversitätBerlinEinsteinufer25,10587Berlin,GermanyEmail:[hess,mjung,schaefer]@ee.tu-berlin.deAbstractmachinesortheyarejust
2、overstrainedpatchingthese.Fur-thermore,manyusersbelievethattheywillneverbecomeSecuringcommunicationnetworkscannolongerbeen-thetargetofanattack,duetoirregularon-linetimes,chang-suredbysingularandisolatedsecuritytechnologieslikeingIP-addressesorhavingthepercep
3、tionthattheirsystemInternetfirewallsorintrusiondetectionsystemsbutratherordata,respectively,isnotofvalueforpotentialhackers.callsforacombinationofexistingandemergingdetec-Unfortunately,thisisnottrue:As,forexample,Lancetionandresponsemechanisms,e.g.DDoSrespons
4、emech-Spitznerwritesinhisbook[10]:“OnFebruary28,1999,anisms,anomalydetection,honeypots,etc.Today,mostat20:15Iputthehoneypotonline...Within15minutescurrentsystemsprovetobetoostatictoprovideanade-ofmyconnectingthehoneypottotheInternet,anattackerquateplatformfo
5、raconstructiveteamworkofdifferentse-identified,probed,andexploitedit”.Beyondthis,hestatescuritytechnologies.Therefore,wedevelopedtheFIDRANthatahomenetworkwasscannedonaverageby31differentframeworkforflexibleintrusiondectionandresponsethatissystemsadayinthebegin
6、ningof2002.basedonanunderlyingactivenetworkingenvironmentandAnotherreasonfortherisingdangerarisingofmaliciousthatallowstodynamicallycombineexistingandemergingactivitiesisthealarmingevolutionoftheexecutionspeedsecuritytechnologies.ofcomputerattacks.Consequent
7、ly,thetimewindowtoin-FIDRANfollowsahighlymodularapproachthatallowsvokecountermeasuresinordertolimittheharmofanattacktoextendthefunctionalityoftheframeworkbytheinte-isshrinking[4].Weaverclaimsin[12]thatitispossiblegrationofnewsecuritymoduleswhichareimplemente
8、dastoconstructhyper-virulentactivewormswhicharecapableactivenetworkingservices,makinguseofnextgenerationofinfectingallvulnerablehostsoftheInternetinapproxi-networkscapabilitieslikedynamicdistrib