资源描述:
《fidran a flexible intrusion detection and response framework for active networks27845》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、FIDRAN:AFlexibleIntrusionDetectionandResponseFrameworkforActiveNetworksA.Hess,M.Jung,G.SchäferTelecommunicationNetworksGroup,TechnischeUniversitätBerlinEinsteinufer25,10587Berlin,GermanyEmail:[hess,mjung,schaefer]@ee.tu-berlin.deAbstractmachinesortheyarejustoverstrainedpatchin
2、gthese.Fur-thermore,manyusersbelievethattheywillneverbecomeSecuringcommunicationnetworkscannolongerbeen-thetargetofanattack,duetoirregularon-linetimes,chang-suredbysingularandisolatedsecuritytechnologieslikeingIP-addressesorhavingtheperceptionthattheirsystemInternetfirewallsori
3、ntrusiondetectionsystemsbutratherordata,respectively,isnotofvalueforpotentialhackers.callsforacombinationofexistingandemergingdetec-Unfortunately,thisisnottrue:As,forexample,Lancetionandresponsemechanisms,e.g.DDoSresponsemech-Spitznerwritesinhisbook[10]:“OnFebruary28,1999,anis
4、ms,anomalydetection,honeypots,etc.Today,mostat20:15Iputthehoneypotonline...Within15minutescurrentsystemsprovetobetoostatictoprovideanade-ofmyconnectingthehoneypottotheInternet,anattackerquateplatformforaconstructiveteamworkofdifferentse-identified,probed,andexploitedit”.Beyondt
5、his,hestatescuritytechnologies.Therefore,wedevelopedtheFIDRANthatahomenetworkwasscannedonaverageby31differentframeworkforflexibleintrusiondectionandresponsethatissystemsadayinthebeginningof2002.basedonanunderlyingactivenetworkingenvironmentandAnotherreasonfortherisingdangeraris
6、ingofmaliciousthatallowstodynamicallycombineexistingandemergingactivitiesisthealarmingevolutionoftheexecutionspeedsecuritytechnologies.ofcomputerattacks.Consequently,thetimewindowtoin-FIDRANfollowsahighlymodularapproachthatallowsvokecountermeasuresinordertolimittheharmofanatta
7、cktoextendthefunctionalityoftheframeworkbytheinte-isshrinking[4].Weaverclaimsin[12]thatitispossiblegrationofnewsecuritymoduleswhichareimplementedastoconstructhyper-virulentactivewormswhicharecapableactivenetworkingservices,makinguseofnextgenerationofinfectingallvulnerablehosts
8、oftheInternetinapproxi-networkscapabilitieslikedynamicdistrib
