SecureDirect: proactive security through content based traffic control

17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003. Pub Date : 2003-03-27 DOI:10.1109/AINA.2003.1192971

J. Stevens, S. Saniepour

{"title":"SecureDirect: proactive security through content based traffic control","authors":"J. Stevens, S. Saniepour","doi":"10.1109/AINA.2003.1192971","DOIUrl":null,"url":null,"abstract":"The exponential growth of Internet traffic has made public servers increasingly vulnerable to unauthorized accesses and intrusions. So far the focus of most studies of this problem has been on either blocking unused ports (fire-walling) or detecting attacks with an intrusion detection system (IDS). In this paper we introduce the design and implementation of SecureDirect, which is an attempt at addressing the problem of intrusion prevention by combining an IDS with a stateful load balancer SecureDirect is a real time load balancer that distinguishes between traffic coming from \"good\" clients and traffic originating from attackers. Based on this, traffic from an identified attacker is redirected to an alternative server where damage can be mitigated. The advantage of this system is that it blocks intrusions in a manner transparent to the attacker and allows for observation and investigation of attacks in order to enable the administrator to take appropriate action. We also suggest possible uses for this type of system, and then present the results of a series of stress tests against our implementation of the idea.","PeriodicalId":382765,"journal":{"name":"17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003.","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINA.2003.1192971","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

The exponential growth of Internet traffic has made public servers increasingly vulnerable to unauthorized accesses and intrusions. So far the focus of most studies of this problem has been on either blocking unused ports (fire-walling) or detecting attacks with an intrusion detection system (IDS). In this paper we introduce the design and implementation of SecureDirect, which is an attempt at addressing the problem of intrusion prevention by combining an IDS with a stateful load balancer SecureDirect is a real time load balancer that distinguishes between traffic coming from "good" clients and traffic originating from attackers. Based on this, traffic from an identified attacker is redirected to an alternative server where damage can be mitigated. The advantage of this system is that it blocks intrusions in a manner transparent to the attacker and allows for observation and investigation of attacks in order to enable the administrator to take appropriate action. We also suggest possible uses for this type of system, and then present the results of a series of stress tests against our implementation of the idea.

查看原文本刊更多论文

SecureDirect:通过基于内容的流量控制实现主动安全

互联网流量的指数级增长使得公共服务器越来越容易受到未经授权的访问和入侵。到目前为止，对这个问题的大多数研究都集中在阻止未使用的端口(防火墙)或使用入侵检测系统(IDS)检测攻击上。在本文中，我们介绍了SecureDirect的设计和实现，它是一种通过将IDS与状态负载平衡器相结合来解决入侵防御问题的尝试。SecureDirect是一种实时负载平衡器，可以区分来自“良好”客户端的流量和来自攻击者的流量。基于此，来自已识别攻击者的流量被重定向到可减轻损害的替代服务器。该系统的优点是它以一种对攻击者透明的方式阻止入侵，并允许对攻击进行观察和调查，以便管理员采取适当的行动。我们还建议了这种类型系统的可能用途，然后给出了针对我们实施该想法的一系列压力测试的结果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003.

自引率

0.00%

发文量