带有分布式入侵检测的动态网络安全微防火墙

Proceedings IEEE International Symposium on Network Computing and Applications. NCA 2001 Pub Date : 2001-10-08 DOI:10.1109/NCA.2001.962517

K. Hwang, Muralidaran Gangadharan

{"title":"带有分布式入侵检测的动态网络安全微防火墙","authors":"K. Hwang, Muralidaran Gangadharan","doi":"10.1109/NCA.2001.962517","DOIUrl":null,"url":null,"abstract":"This paper reports the design experiences and research findings of a new distributed security architecture for protecting exposed Intranets or clusters of computers from malicious attacks. We present a new approach of building micro-firewalls on network hosts to enable distributed intrusion detection with dynamic policy change, as the threat pattern changes. This distributed security can effectively counteract attacks from intruders or insiders. Three policy-update mechanisms are evaluated for achieving dynamic security. Mobile agents are shown most scalable and robust for policy update, but prone to attacks by other agents or hosts. The CORBA has the best speed performance with lower overhead The Java-based RMI demonstrates the highest security based on the sandbox model. The optimal choice depends on the tradeoffs among operating speed, Intranet scalability, host robustness, and the security level demanded by specific network applications.","PeriodicalId":385607,"journal":{"name":"Proceedings IEEE International Symposium on Network Computing and Applications. NCA 2001","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"33","resultStr":"{\"title\":\"Micro-firewalls for dynamic network security with distributed intrusion detection\",\"authors\":\"K. Hwang, Muralidaran Gangadharan\",\"doi\":\"10.1109/NCA.2001.962517\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper reports the design experiences and research findings of a new distributed security architecture for protecting exposed Intranets or clusters of computers from malicious attacks. We present a new approach of building micro-firewalls on network hosts to enable distributed intrusion detection with dynamic policy change, as the threat pattern changes. This distributed security can effectively counteract attacks from intruders or insiders. Three policy-update mechanisms are evaluated for achieving dynamic security. Mobile agents are shown most scalable and robust for policy update, but prone to attacks by other agents or hosts. The CORBA has the best speed performance with lower overhead The Java-based RMI demonstrates the highest security based on the sandbox model. The optimal choice depends on the tradeoffs among operating speed, Intranet scalability, host robustness, and the security level demanded by specific network applications.\",\"PeriodicalId\":385607,\"journal\":{\"name\":\"Proceedings IEEE International Symposium on Network Computing and Applications. NCA 2001\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2001-10-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"33\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings IEEE International Symposium on Network Computing and Applications. NCA 2001\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NCA.2001.962517\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings IEEE International Symposium on Network Computing and Applications. NCA 2001","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NCA.2001.962517","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 33

摘要

本文报告了一种新的分布式安全体系结构的设计经验和研究成果，用于保护暴露的内部网或计算机集群免受恶意攻击。本文提出了一种在网络主机上构建微防火墙的新方法，使分布式入侵检测能够随着威胁模式的变化而动态改变策略。这种分布式安全性可以有效地抵御来自入侵者或内部人员的攻击。为了实现动态安全性，评估了三种策略更新机制。移动代理在策略更新方面具有最高的可伸缩性和健壮性，但容易受到其他代理或主机的攻击。CORBA具有最佳的速度性能和较低的开销，基于java的RMI基于沙盒模型展示了最高的安全性。最佳选择取决于在操作速度、Intranet可伸缩性、主机健壮性和特定网络应用程序所需的安全级别之间的权衡。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Micro-firewalls for dynamic network security with distributed intrusion detection

This paper reports the design experiences and research findings of a new distributed security architecture for protecting exposed Intranets or clusters of computers from malicious attacks. We present a new approach of building micro-firewalls on network hosts to enable distributed intrusion detection with dynamic policy change, as the threat pattern changes. This distributed security can effectively counteract attacks from intruders or insiders. Three policy-update mechanisms are evaluated for achieving dynamic security. Mobile agents are shown most scalable and robust for policy update, but prone to attacks by other agents or hosts. The CORBA has the best speed performance with lower overhead The Java-based RMI demonstrates the highest security based on the sandbox model. The optimal choice depends on the tradeoffs among operating speed, Intranet scalability, host robustness, and the security level demanded by specific network applications.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings IEEE International Symposium on Network Computing and Applications. NCA 2001

自引率

0.00%

发文量