Logo des Repositoriums
 

Combining multiple intrusion detection and response technologies in an active networking based architecture

dc.contributor.authorHess, Andreas
dc.contributor.authorJung, M.
dc.contributor.authorSchäfer, Günter
dc.contributor.editorKnop, Jan Von
dc.contributor.editorHaverkamp, Wilhelm
dc.contributor.editorJessen, Eike
dc.date.accessioned2019-10-16T09:34:40Z
dc.date.available2019-10-16T09:34:40Z
dc.date.issued2003
dc.description.abstractWith the ever growing number of hosts connected to the Internet, representing potential sources of malicious attacks, and increasing sophistication of attacking techniques and automated attacking tools, network intrusion detection and response has evolved into a very active field of research in recent years and a wide variety of approaches has been developed [LFG+00, NN01]. However, isolated operation of specific intrusion detection and defense technologies generally exhibits only the specific strengths and drawbacks of one particular approach. In order to allow for a co-ordinated combination of existing and emerging security technologies (e.g. signature based detection, anomaly detection, DDoS response mechanisms, honeypots, etc.) we propose a flexible intrusion detection and response framework called FIDRAN [HJS03] that is based on active networking technology. Principal findings so far are that active networking proves to be a well suited technology for intrusion detection and response, that the load of intrusion detection can be distributed among multiple systems with this approach, and that the overhead stays in acceptable ranges.en
dc.identifier.isbn3-88579-373-3
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/29317
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSecurity, E-learning, E-Services, 17. DFN-Arbeitstagung über Kommunikationsnetze
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-44
dc.titleCombining multiple intrusion detection and response technologies in an active networking based architectureen
dc.typeText/Conference Paper
gi.citation.endPage165
gi.citation.publisherPlaceBonn
gi.citation.startPage153
gi.conference.date2003
gi.conference.locationDüsseldorf
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
GI-Proceedings.44.innen-6.pdf
Größe:
295.34 KB
Format:
Adobe Portable Document Format